jsj-engineering.com Open in urlscan Pro
103.22.181.125 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://jsj-engineering.com/f/att.ran/
Effective URL:
https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=...
Submission: On February 28 via manual (February 28th 2020, 6:29:28 pm UTC) from US

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 6 countries across 9 domains to perform 27 HTTP transactions. The main IP is 103.22.181.125, located in Thailand and belongs to SIAMDATA-TH 408 Fl4 CATTOWER, TH. The main domain is jsj-engineering.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 20th 2020. Valid for: 3 months.

This is the only time jsj-engineering.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
4	103.22.181.125 103.22.181.125	56309 (SIAMDATA-...) (SIAMDATA-TH 408 Fl4 CATTOWER)
2	2a02:26f0:eb:... 2a02:26f0:eb:187::2db1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	144.160.155.70 144.160.155.70	797 (AMERITECH-AS) (AMERITECH-AS)
1	69.168.106.86 69.168.106.86	36271 (SYNACOR-C...) (SYNACOR-CLUSTER)
1	3.248.163.0 3.248.163.0	16509 (AMAZON-02) (AMAZON-02)
1	23.0.39.230 23.0.39.230	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE)
27	10

4 103.22.181.125 (Thailand)

ASN56309 (SIAMDATA-TH 408 Fl4 CATTOWER, TH)
PTR: server43.nsraid.com

jsj-engineering.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:eb:187::2db1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

www.att.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 144.160.155.70 (United States)

ASN797 (AMERITECH-AS, US)

home.secureapp.att.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.168.106.86 (United States)

ASN36271 (SYNACOR-CLUSTER, US)

sadlib.static-app.synacor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.163.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-163-0.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.0.39.230 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-39-230.deploy.static.akamaitechnologies.com

smetrics.att.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	att.net home.secureapp.att.net	176 KB
4	jsj-engineering.com jsj-engineering.com	13 KB
3	att.com www.att.com smetrics.att.com	26 KB
1	doubleclick.net securepubads.g.doubleclick.net	61 KB
1	google.com adservice.google.com	171 B
1	google.de adservice.google.de	171 B
1	googletagservices.com www.googletagservices.com	14 KB
1	demdex.net dpm.demdex.net	1 KB
1	synacor.com sadlib.static-app.synacor.com	20 KB
27	9

	Domain	Requested by
12	home.secureapp.att.net	jsj-engineering.com home.secureapp.att.net
4	jsj-engineering.com	jsj-engineering.com
2	www.att.com	jsj-engineering.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	www.googletagservices.com	sadlib.static-app.synacor.com
1	smetrics.att.com	www.att.com
1	dpm.demdex.net	www.att.com
1	sadlib.static-app.synacor.com	jsj-engineering.com
27	10

This site contains no links.

Subject Issuer	Validity	Valid
jsj-engineering.com cPanel, Inc. Certification Authority	`2020-02-20` - `2020-05-20`	3 months	crt.sh
*.att.com DigiCert SHA2 Secure Server CA	`2020-01-07` - `2021-02-04`	a year	crt.sh
home.secureapp.att.net DigiCert SHA2 Secure Server CA	`2018-09-17` - `2020-09-17`	2 years	crt.sh
*.static-app.synacor.com DigiCert SHA2 High Assurance Server CA	`2019-08-05` - `2021-08-25`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
Frame ID: A02E8E497C230C25E99A0F81A781E480
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

27
Requests

93 %
HTTPS

33 %
IPv6

9
Domains

10
Subdomains

10
IPs

6
Countries

312 kB
Transfer

549 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
jsj-engineering.com/f/att.ran/ 0
863 B 18416ms
2331ms Document
text/html 103.22.181.125
SIAMDATA-TH 408 F...

General

Check archive.org

Show headers Download Go to

Full URL: https://jsj-engineering.com/f/att.ran/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.22.181.125 , Thailand, ASN56309 (SIAMDATA-TH 408 Fl4 CATTOWER, TH),
Reverse DNS: server43.nsraid.com
Software: Apache / PHP/7.2.28
Resource Hash

Request headers

Host: jsj-engineering.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Date: Fri, 28 Feb 2020 18:29:10 GMT
Server: Apache
X-Powered-By: PHP/7.2.28
Refresh: 0; url=controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK Primary Request controller.php Show response
jsj-engineering.com/f/att.ran/ 6 KB
6 KB 217ms
217ms Document
text/html 103.22.181.125
SIAMDATA-TH 408 F...

General

Check archive.org

Show headers Download Go to

Full URL: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.22.181.125 , Thailand, ASN56309 (SIAMDATA-TH 408 Fl4 CATTOWER, TH),
Reverse DNS: server43.nsraid.com
Software: Apache / PHP/7.2.28
Resource Hash: 835113b6e30bef665833ae4cf621c4bd73c1022a4cc812a2d7cabf91d9f1b117

Request headers

Host: jsj-engineering.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Referer: https://jsj-engineering.com/f/att.ran/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://jsj-engineering.com/f/att.ran/

Response headers

Date: Fri, 28 Feb 2020 18:29:12 GMT
Server: Apache
X-Powered-By: PHP/7.2.28
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 detm-container-hdr.js Show response
www.att.com/scripts/adobe/prod/ 88 KB
26 KB 91ms
54ms Script
application/javascript 2a02:26f0:eb:187::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/adobe/prod/detm-container-hdr.js

Requested by

Host: jsj-engineering.com
URL: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:eb:187::2db1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

43634a09ab59b39d49d9ea1f19bd09cb8e3228a79421aa64e93f9aca66f4aec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; preload

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 18:29:13 GMT
content-encoding: gzip
last-modified: Thu, 30 Jan 2020 22:38:24 GMT
server: Apache
etag: "160b4-59d631d647800-gzip"
vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; preload
content-type: application/javascript
status: 200
uxtime: XjNeXJnmtMghDe-rkqFf0AAAAQo D=23435
cache-control: max-age=900
server-timing: cdn-cache; desc=HIT, edge; dur=34
accept-ranges: bytes
content-length: 25708

GET
H/1.1 200
OK _fontface.css
home.secureapp.att.net/css/sso/slid/1201/ 0
960 B 953ms
193ms Stylesheet
text/css 144.160.155.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://home.secureapp.att.net/css/sso/slid/1201/_fontface.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 28 Feb 2020 18:29:14 GMT
Last-Modified: Wed, 06 Jun 2018 16:59:52 GMT
Server: unknown
x-powered-by: unknown
ETag: "54148e-0-56dfc1864d200"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: text/css
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main_syn.css
home.secureapp.att.net/css/sso/slid/1201/ 25 KB
26 KB 953ms
192ms Stylesheet
text/css 144.160.155.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

b9a3d7a9798fe06b2f4aef0bc3bbda08a14fd8a65db34cf864075e8c7ec78367

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Fri, 28 Feb 2020 18:29:14 GMT
Last-Modified: Wed, 06 Jun 2018 16:59:51 GMT
Server: unknown
x-powered-by: unknown
ETag: "54148b-6498-56dfc18558fc0"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: text/css
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25752
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-1.5.1.min.js Show response
home.secureapp.att.net/js/jquery/ 83 KB
84 KB 955ms
194ms Script
application/x-javascript 144.160.155.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 18:29:14 GMT
Last-Modified: Wed, 06 Jun 2018 16:49:55 GMT
Server: unknown
x-powered-by: unknown
ETag: "443d1a-14d0c-56dfbf4cf52c0"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: application/x-javascript
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 85260
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.simplemodal.js Show response
home.secureapp.att.net/js/jquery/simplemodal/ 9 KB
10 KB 969ms
194ms Script
application/x-javascript 144.160.155.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://home.secureapp.att.net/js/jquery/simplemodal/jquery.simplemodal.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

70b5a6613f03d3c015d826185e39839e6dbc2d03871f151bafbed5cc58503f69

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 18:29:14 GMT
Last-Modified: Wed, 06 Jun 2018 16:50:06 GMT
Server: unknown
x-powered-by: unknown
ETag: "54140b-24fd-56dfbf5772b80"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: application/x-javascript
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 9469
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK script_syn.js Show response
home.secureapp.att.net/js/sso/slid/1201/ 41 KB
42 KB 2980ms
2195ms Script
application/x-javascript 144.160.155.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://home.secureapp.att.net/js/sso/slid/1201/script_syn.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

352b4b49c61c544f77a190243d398ea50aff0cce0f1d5d2a518c5f23165ec5d1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 18:29:14 GMT
Last-Modified: Thu, 25 Apr 2019 10:45:54 GMT
Server: unknown
x-powered-by: unknown
ETag: "900023-a40b-5875885ba3c80"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: application/x-javascript
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 41995
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK att.js Show response
sadlib.static-app.synacor.com/client/att/ 72 KB
20 KB 649ms
246ms Script
text/javascript 69.168.106.86
SYNACOR-CLUSTER

General

Check archive.org

Show headers Download Go to

Full URL: https://sadlib.static-app.synacor.com/client/att/att.js
Requested by: Host: jsj-engineering.com
URL: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.168.106.86 , United States, ASN36271 (SYNACOR-CLUSTER, US),
Reverse DNS
Software: nginx /
Resource Hash: 5f9c3f04964304c2d6ea0e0081e82886f0b3c944c8b90c9c84ab69fb8ed935eb

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 28 Feb 2020 18:29:13 GMT
Content-Encoding: gzip
Age: 0
P3P: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Connection: keep-alive
Content-Length: 19673
Via: 1.1 varnish
Last-Modified: Tue, 19 Nov 2019 17:35:23 GMT
Server: nginx
ETag: "12069-597b67d256cc0"
Vary: Accept-Encoding
X-Varnish: 662660597
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Fri, 28 Feb 2020 18:34:13 GMT

GET
H/1.1 200
OK Button.png
jsj-engineering.com/f/att.ran/images/ 2 KB
3 KB 220ms
220ms Image
image/png 103.22.181.125
SIAMDATA-TH 408 F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jsj-engineering.com/f/att.ran/images/Button.png
Requested by: Host: jsj-engineering.com
URL: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.22.181.125 , Thailand, ASN56309 (SIAMDATA-TH 408 Fl4 CATTOWER, TH),
Reverse DNS: server43.nsraid.com
Software: Apache /
Resource Hash: 8e6ec1efd720fba57823309829b05bb57ebb5716c813c88b3c88cf36ab9aa5e9

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 18:29:13 GMT
Last-Modified: Mon, 20 Aug 2018 03:38:08 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2466

GET
H/1.1 200
OK AT&T_logo.png
jsj-engineering.com/f/att.ran/images/ 3 KB
4 KB 220ms
219ms Image
image/png 103.22.181.125
SIAMDATA-TH 408 F...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jsj-engineering.com/f/att.ran/images/AT&T_logo.png
Requested by: Host: jsj-engineering.com
URL: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.22.181.125 , Thailand, ASN56309 (SIAMDATA-TH 408 Fl4 CATTOWER, TH),
Reverse DNS: server43.nsraid.com
Software: Apache /
Resource Hash: a8c89bb3937cdc4a70b3568eae5a390d918433be78f89deba07846932ae7c695

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 18:29:13 GMT
Last-Modified: Mon, 20 Aug 2018 03:38:16 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3383

GET
H2 200 detm-container-ftr.js Show response
www.att.com/scripts/adobe/prod/ 541 B
655 B 18ms
18ms Script
application/javascript 2a02:26f0:eb:187::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/adobe/prod/detm-container-ftr.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:eb:187::2db1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Apache /

Resource Hash

1080ac33c9d5cd5025b7fd3a5d519dfb2f4681ea6ee9073fe65ae6e380d35d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; preload

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 18:29:13 GMT
content-encoding: gzip
last-modified: Thu, 17 Oct 2019 22:16:46 GMT
server: Apache
etag: "21d-5952292b02f80-gzip"
vary: Accept-Encoding
strict-transport-security: max-age=15768000 ; preload
content-type: application/javascript
status: 200
uxtime: XcuTY2CinOQ4t83rIz8HzQAAARg D=80764
cache-control: max-age=900
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 318

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 212 B
1 KB 49ms
49ms XHR
application/json 3.248.163.0
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1582914553521

Requested by

Host: www.att.com
URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.163.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-163-0.eu-west-1.compute.amazonaws.com

Software

Resource Hash

f4bc49a2de0fd9481804dff80959e0e51fdc0e8eb9259993bcbf51fd880198d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
Origin: https://jsj-engineering.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v062-0290b2fa2.edge-irl1.demdex.com 5.65.0.20200212140016 2ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: pZy64by/RAo=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://jsj-engineering.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 212
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET mobile.css
home.secureapp.att.net/css/sso/slid/1201/ 0
0

GET
H2 200 id Show response
smetrics.att.com/ 0
0 145ms
60ms XHR
application/x-javascript 23.0.39.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://smetrics.att.com/id?d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=55633F7A534535110A490D44%40AdobeOrg&mid=36788090920642387853953572490240514219&ts=1582914553574
Requested by: Host: www.att.com
URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.39.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-39-230.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
Origin: https://jsj-engineering.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-credentials: true

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/att/att.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be5272e86f5055c6c836be27c6132ab3d8182b3d14a3b7c89c8cf6285a41adf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 18:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "441 / 34 of 1000 / last-modified: 1582838255"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14498
x-xss-protection: 0
expires: Fri, 28 Feb 2020 18:29:23 GMT

GET
H/1.1 200
OK pageBg.png
home.secureapp.att.net/design/cdls10/img/ui/ 169 B
1001 B 188ms
187ms Image
image/png 144.160.155.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/design/cdls10/img/ui/pageBg.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 18:29:23 GMT
Last-Modified: Tue, 19 Mar 2019 02:26:29 GMT
Server: unknown
x-powered-by: unknown
ETag: "5a05d3-a9-584693b8bbf40"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/png
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 169
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK btnSumbit.png
home.secureapp.att.net/img/sso/slid/ 1 KB
2 KB 184ms
183ms Image
image/png 144.160.155.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/img/sso/slid/btnSumbit.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 18:29:23 GMT
Last-Modified: Mon, 11 Mar 2019 18:27:40 GMT
Server: unknown
x-powered-by: unknown
ETag: "58172d-573-583d5ba465f00"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/png
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1395
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK footerBg.png
home.secureapp.att.net/design/CDLS10/img/ui/ 560 B
1 KB 182ms
182ms Image
image/png 144.160.155.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/design/CDLS10/img/ui/footerBg.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 18:29:23 GMT
Last-Modified: Tue, 19 Mar 2019 01:02:12 GMT
Server: unknown
x-powered-by: unknown
ETag: "5a05cd-230-584680e200d00"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/png
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 560
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK attGlobalNavHeader-bg.gif
home.secureapp.att.net/design/cdls20/img/ui/ 149 B
981 B 190ms
190ms Image
image/gif 144.160.155.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/design/cdls20/img/ui/attGlobalNavHeader-bg.gif

Requested by

Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 18:29:23 GMT
Last-Modified: Tue, 19 Mar 2019 02:29:51 GMT
Server: unknown
x-powered-by: unknown
ETag: "5a05d7-95-58469479605c0"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/gif
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 149
X-XSS-Protection: 1; mode=block

GET att_globe_blue_80x80.png
home.secureapp.att.net/design/CDLS10/img/logos/ 0
0

GET
H/1.1 200
OK support-icon.jpg
home.secureapp.att.net/img/sso/slid/ 2 KB
2 KB 332ms
189ms Image
image/jpeg 144.160.155.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/img/sso/slid/support-icon.jpg

Requested by

Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 18:29:23 GMT
Last-Modified: Mon, 11 Mar 2019 18:27:44 GMT
Server: unknown
x-powered-by: unknown
ETag: "8e05dd-615-583d5ba836800"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/jpeg
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1557
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK txt-clear.png
home.secureapp.att.net/img/sso/slid/ 3 KB
4 KB 324ms
181ms Image
image/png 144.160.155.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/img/sso/slid/txt-clear.png

Requested by

Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 18:29:23 GMT
Last-Modified: Mon, 11 Mar 2019 18:27:44 GMT
Server: unknown
x-powered-by: unknown
ETag: "8e05e0-cda-583d5ba836800"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/png
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3290
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ques.png
home.secureapp.att.net/img/sso/slid/ 363 B
1 KB 327ms
183ms Image
image/png 144.160.155.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/img/sso/slid/ques.png

Requested by

Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/sso/slid/1201/script_syn.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.155.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main_syn.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 28 Feb 2020 18:29:23 GMT
Last-Modified: Mon, 11 Mar 2019 18:27:43 GMT
Server: unknown
x-powered-by: unknown
ETag: "8e05d9-16b-583d5ba7425c0"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/png
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 363
X-XSS-Protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=jsj-engineering.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 18:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=jsj-engineering.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 18:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020022401.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
61 KB 93ms
37ms Script
text/javascript 172.217.23.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020022401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s18-in-f2.1e100.net

Software

sffe /

Resource Hash

6d941ee14efe29bc4859114b4d6c93bd58d9843249a4e9d7603d6f80edb4eadf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://jsj-engineering.com/f/att.ran/controller.php?TAM_OP=login&USERNAME=unauthenticated&ERROR_CODE=0x00000000&ERROR_TEXT=HPDBA0521I%20%20%20Successful%20completion&METHOD=GET&URL=%2FFIM%2Fsps%2Fauth%3FFedName%3DATTsyn%26FedId%3Duuid9a412935-0156-1b6a-b5dc-fe4935913019%26PartnerId%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fbridge%252Fsp%252Fmetadata.php%252Fatt_sp%26AssertionConsumerURL%3Dhttps%253A%252F%252Fatt.auth-gateway.net%252Fsaml%252Fmodule.php%252Fsaml%252Fsp%252Fsaml2-acs.php%252Fatt_sp%3Ftucd567%3Dw&REFERER=https%3A%2F%2Fatt.auth-gateway.net%2F&HOSTNAME=loginprodx.att.net&AUTHNLEVEL=&FAILREASON=&PROTOCOL=https&OLDSESSION=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 28 Feb 2020 18:29:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 Feb 2020 14:08:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 62028
x-xss-protection: 0
expires: Fri, 28 Feb 2020 18:29:23 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: home.secureapp.att.net
URL: https://home.secureapp.att.net/css/sso/slid/1201/mobile.css

Domain: home.secureapp.att.net
URL: https://home.secureapp.att.net/design/CDLS10/img/logos/att_globe_blue_80x80.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
dpm.demdex.net
home.secureapp.att.net
jsj-engineering.com
sadlib.static-app.synacor.com
securepubads.g.doubleclick.net
smetrics.att.com
www.att.com
www.googletagservices.com
home.secureapp.att.net
103.22.181.125
144.160.155.70
172.217.23.130
23.0.39.230
2a00:1450:4001:806::2002
2a00:1450:4001:81e::2002
2a02:26f0:eb:187::2db1
3.248.163.0
69.168.106.86
01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1080ac33c9d5cd5025b7fd3a5d519dfb2f4681ea6ee9073fe65ae6e380d35d21
27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0
352b4b49c61c544f77a190243d398ea50aff0cce0f1d5d2a518c5f23165ec5d1
43634a09ab59b39d49d9ea1f19bd09cb8e3228a79421aa64e93f9aca66f4aec4
5f9c3f04964304c2d6ea0e0081e82886f0b3c944c8b90c9c84ab69fb8ed935eb
5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5
61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263
6d941ee14efe29bc4859114b4d6c93bd58d9843249a4e9d7603d6f80edb4eadf
70b5a6613f03d3c015d826185e39839e6dbc2d03871f151bafbed5cc58503f69
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
835113b6e30bef665833ae4cf621c4bd73c1022a4cc812a2d7cabf91d9f1b117
8e6ec1efd720fba57823309829b05bb57ebb5716c813c88b3c88cf36ab9aa5e9
9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128
a8c89bb3937cdc4a70b3568eae5a390d918433be78f89deba07846932ae7c695
b9a3d7a9798fe06b2f4aef0bc3bbda08a14fd8a65db34cf864075e8c7ec78367
be5272e86f5055c6c836be27c6132ab3d8182b3d14a3b7c89c8cf6285a41adf3
c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4bc49a2de0fd9481804dff80959e0e51fdc0e8eb9259993bcbf51fd880198d6
fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f

jsj-engineering.com Open in urlscan Pro 103.22.181.125 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

27 Requests

93 %HTTPS

33 %IPv6

9 Domains

10 Subdomains

10 IPs

6 Countries

312 kBTransfer

549 kBSize

0 Cookies

0 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

45 JavaScript Global Variables

0 Cookies

Indicators

jsj-engineering.com Open in urlscan Pro
103.22.181.125 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

93 %
HTTPS

33 %
IPv6

9
Domains

10
Subdomains

10
IPs

6
Countries

312 kB
Transfer

549 kB
Size

0
Cookies

27 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!