Submitted URL: https://antlayer.com/1MESSAGES-ATT-RESPONSE.html
Effective URL: https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Submission: On January 31 via automatic , source phishtank

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 14 HTTP transactions.
The main IP is 198.71.233.21, located in Scottsdale, United States and belongs to AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US. The main domain is theultimatesalesperson.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 9th 2018. Valid for: a year.
This is the first time this domain was scanned on urlscan.io!

Verdict: Malicious (Score: 10/100) Show Details

  • urlscan - Score: 0
  • phishtank - Score: 10 (URL submitted from phishtank) -
    phishing

Domain & IP information

IP Address AS Autonomous System
1 54.39.104.224 16276 (OVH)
10 198.71.233.21 26496 (AS-26496-...)
2 144.160.225.140 797 (AMERITECH-AS)
1 193.201.224.70 25092 (OPATELECOM)
14 5
Domain
Subdomains
Transfer
10 theultimatesalesperson.com
298 KB
2 att.net
7 KB
1 getmyconfigplease.com
553 B
1 antlayer.com
556 B
14 4
Domain Requested by
10 theultimatesalesperson.com antlayer.com
theultimatesalesperson.com
2 cprodctnxsf.att.net theultimatesalesperson.com
1 getmyconfigplease.com antlayer.com
1 antlayer.com
14 4

This site contains links to these domains. Also see Links.

Domain
www.wireless.att.com
www.att.com
att.com
www.att.net
Subject / Issuer Validity Valid
antlayer.com
cPanel, Inc. Certification Authority
2019-01-02 -
2019-04-02
3 months
theultimatesalesperson.com
Go Daddy Secure Certificate Authority - G2
2018-06-09 -
2019-08-08
a year
*.att.net
DigiCert SHA2 Secure Server CA
2018-03-15 -
2019-03-16
a year
getmyconfigplease.com
Let's Encrypt Authority X3
2019-01-22 -
2019-04-22
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Web
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

14 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
1MESSAGES-ATT-RESPONSE.html
antlayer.com
410 B
556 B
Document
General
Full URL
https://antlayer.com/1MESSAGES-ATT-RESPONSE.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.39.104.224 Woodbridge, United States, ASN16276 (OVH, FR),
Reverse DNS
ventuari.tepuyserver.net
Software
Apache /
Resource Hash
3f0a9386360ddd34fcc906940d5242b66eda28b36417c2c18263efc363d71fbf

Request headers

Host
antlayer.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 31 Jan 2019 21:11:12 GMT
Server
Apache
Last-Modified
Mon, 21 Jan 2019 15:52:22 GMT
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
267
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
/
/wp-content/uploads/VClMxkVF/gts/ATT
23 KB
6 KB
Document
General
Full URL
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Requested by
Host: antlayer.com
URL: https://antlayer.com/1MESSAGES-ATT-RESPONSE.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.71.233.21 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-198-71-233-21.ip.secureserver.net
Software
ATS/7.1.2 /
Resource Hash
81609e598cf59d6fdff262483e406953050dc39eb2cb1a646a3985119803b86b

Request headers

Host
theultimatesalesperson.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://antlayer.com/1MESSAGES-ATT-RESPONSE.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://antlayer.com/1MESSAGES-ATT-RESPONSE.html

Response headers

Last-Modified
Sat, 30 May 2015 02:59:58 GMT
ETag
"5a0d-51743c9b6c780-gzip"
Content-Encoding
gzip
Content-Type
text/html
X-Port
port_10007
X-Cacheable
YES:Forced
Content-Length
5889
Date
Thu, 31 Jan 2019 21:11:13 GMT
Age
83953
Vary
Accept-Encoding, User-Agent
X-Cache
cached
X-Cache-Hit
HIT
X-Backend
all_requests
Accept-Ranges
bytes
Connection
keep-alive
Via
http/1.1 a2nlwpproxy019.prod.iad2.secureserver.net (ApacheTrafficServer/7.1.2 [uSc sSf pSeN:tOc i p sS])
Server
ATS/7.1.2
script.js
/wp-content/uploads/VClMxkVF/gts/ATT/index_files
1 KB
1 KB
Script
General
Full URL
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/index_files/script.js
Requested by
Host: theultimatesalesperson.com
URL: https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.71.233.21 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-198-71-233-21.ip.secureserver.net
Software
ATS/7.1.2 /
Resource Hash
8da94250b280dc230b5f1dbe3418498f504e42df45ded1d59fd2364a08a20985

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
theultimatesalesperson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 31 Jan 2019 21:11:13 GMT
Content-Encoding
gzip
X-Cacheable
YES
X-Backend
all_requests
Age
450244
X-Cache
cached
X-Port
port_10007
Connection
keep-alive
Content-Length
701
Last-Modified
Sat, 30 May 2015 02:43:32 GMT
Server
ATS/7.1.2
ETag
"596-517438ef19d00-gzip"
X-Cache-Hit
HIT
Content-Type
application/javascript
Via
http/1.1 a2nlwpproxy019.prod.iad2.secureserver.net (ApacheTrafficServer/7.1.2 [uSc sSf pSeN:tOc i p sS])
Cache-Control
max-age=604800
Accept-Ranges
bytes
Expires
Sat, 02 Feb 2019 16:07:09 GMT
style.css
/wp-content/uploads/VClMxkVF/gts/ATT/index_files
125 KB
19 KB
Stylesheet
General
Full URL
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/index_files/style.css
Requested by
Host: theultimatesalesperson.com
URL: https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.71.233.21 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-198-71-233-21.ip.secureserver.net
Software
ATS/7.1.2 /
Resource Hash
163919a5eebfd61edd51ee6fa192faaf4b9526ab661ea8fb9efd66610000ca71

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
theultimatesalesperson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 31 Jan 2019 21:11:13 GMT
Content-Encoding
gzip
X-Cacheable
YES
X-Backend
all_requests
Age
450244
X-Cache
cached
X-Port
port_10007
Connection
keep-alive
Content-Length
19116
Last-Modified
Sat, 30 May 2015 02:45:26 GMT
Server
ATS/7.1.2
ETag
"1f297-5174395bd1d80-gzip"
X-Cache-Hit
HIT
Content-Type
text/css
Via
http/1.1 a2nlwpproxy019.prod.iad2.secureserver.net (ApacheTrafficServer/7.1.2 [uSc sSf pSeN:tOc i p sS])
Cache-Control
max-age=86400
Accept-Ranges
bytes
Expires
Sun, 27 Jan 2019 16:07:09 GMT
cookie.js
/wp-content/uploads/VClMxkVF/gts/ATT/index_files
5 KB
2 KB
Script
General
Full URL
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/index_files/cookie.js
Requested by
Host: theultimatesalesperson.com
URL: https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.71.233.21 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-198-71-233-21.ip.secureserver.net
Software
ATS/7.1.2 /
Resource Hash
d1b8ed4aadb84b2b020a3448868682a2e9d89b34d32ea23994833703024a9425

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
theultimatesalesperson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 31 Jan 2019 21:11:13 GMT
Content-Encoding
gzip
X-Cacheable
YES
X-Backend
all_requests
Age
450244
X-Cache
cached
X-Port
port_10007
Connection
keep-alive
Content-Length
1835
Last-Modified
Sat, 30 May 2015 02:43:32 GMT
Server
ATS/7.1.2
ETag
"1325-517438ef19d00-gzip"
X-Cache-Hit
HIT
Content-Type
application/javascript
Via
http/1.1 a2nlwpproxy019.prod.iad2.secureserver.net (ApacheTrafficServer/7.1.2 [uSc sSf pSeN:tOc i p sS])
Cache-Control
max-age=604800
Accept-Ranges
bytes
Expires
Sat, 02 Feb 2019 16:07:09 GMT
spinner-lightGray-bg-26x26.gif
/wp-content/uploads/VClMxkVF/gts/ATT/index_files
2 KB
3 KB
Image
General
Full URL
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/index_files/spinner-lightGray-bg-26x26.gif
Requested by
Host: theultimatesalesperson.com
URL: https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.71.233.21 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-198-71-233-21.ip.secureserver.net
Software
ATS/7.1.2 /
Resource Hash
cbab8d03db424ffbf23c3f763a2296216262027b1ac4d89240acf7b02b719ae0

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
theultimatesalesperson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 31 Jan 2019 21:11:13 GMT
Via
http/1.1 a2nlwpproxy011.prod.iad2.secureserver.net (ApacheTrafficServer/7.1.2 [uSc sSf pSeN:tOc i p sS])
X-Cacheable
YES
X-Backend
all_requests
Age
98730
X-Cache
cached
X-Port
port_10007
Connection
keep-alive
Content-Length
2076
Last-Modified
Sat, 30 May 2015 02:43:32 GMT
Server
ATS/7.1.2
ETag
"81c-517438ef19d00"
Content-Type
image/gif
X-Cache-Hit
HIT
Cache-Control
max-age=5184000
Accept-Ranges
bytes
Expires
Sun, 31 Mar 2019 17:45:43 GMT
messages1_gfx.txt
/wp-content/uploads/VClMxkVF/gts/ATT/index_files
105 KB
105 KB
Image
General
Full URL
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/index_files/messages1_gfx.txt
Requested by
Host: theultimatesalesperson.com
URL: https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.71.233.21 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-198-71-233-21.ip.secureserver.net
Software
ATS/7.1.2 /
Resource Hash
841990572265e884b091d5c55bf13fc33c9176c220cf74b4db26477d00854e4d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
theultimatesalesperson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 31 Jan 2019 21:11:13 GMT
Content-Encoding
gzip
X-Cacheable
YES
X-Backend
all_requests
Age
450244
X-Cache
cached
X-Port
port_10007
Connection
keep-alive
Content-Length
107367
Last-Modified
Sat, 30 May 2015 02:43:32 GMT
Server
ATS/7.1.2
ETag
"1a5e3-517438ef19d00-gzip"
Content-Type
text/plain
Via
http/1.1 a2nlwpproxy018.prod.iad2.secureserver.net (ApacheTrafficServer/7.1.2 [uSc sSf pSeN:tOc i p sS])
X-Cache-Hit
HIT
Accept-Ranges
bytes
messages2_gfx.txt
/wp-content/uploads/VClMxkVF/gts/ATT/index_files
82 KB
82 KB
Image
General
Full URL
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/index_files/messages2_gfx.txt
Requested by
Host: theultimatesalesperson.com
URL: https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.71.233.21 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-198-71-233-21.ip.secureserver.net
Software
ATS/7.1.2 /
Resource Hash
9c833b31c65659c06b99c9309db79bdae7dc8ce91d578f33c8393a2088693a7e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
theultimatesalesperson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 31 Jan 2019 21:11:13 GMT
Content-Encoding
gzip
X-Cacheable
YES
X-Backend
all_requests
Age
450244
X-Cache
cached
X-Port
port_10007
Connection
keep-alive
Content-Length
83536
Last-Modified
Sat, 30 May 2015 02:43:32 GMT
Server
ATS/7.1.2
ETag
"148d0-517438ef19d00-gzip"
Content-Type
text/plain
Via
http/1.1 a2nlwpproxy019.prod.iad2.secureserver.net (ApacheTrafficServer/7.1.2 [uSc sSf pSeN:tOc i p sS])
X-Cache-Hit
HIT
Accept-Ranges
bytes
jquery.js
/wp-content/uploads/VClMxkVF/gts/ATT/index_files
94 KB
34 KB
Script
General
Full URL
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/index_files/jquery.js
Requested by
Host: theultimatesalesperson.com
URL: https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.71.233.21 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-198-71-233-21.ip.secureserver.net
Software
ATS/7.1.2 /
Resource Hash
648e71b93cb5bb6ceefe291f6405e91ed48cdfd8957e6b1deb034abf6f1e3270

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
theultimatesalesperson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 31 Jan 2019 21:11:13 GMT
Content-Encoding
gzip
X-Cacheable
YES
X-Backend
all_requests
Age
450244
X-Cache
cached
X-Port
port_10007
Connection
keep-alive
Content-Length
34115
Last-Modified
Wed, 23 Jan 2019 11:27:05 GMT
Server
ATS/7.1.2
ETag
"1782b-5801e5fa9b9eb-gzip"
X-Cache-Hit
HIT
Content-Type
application/javascript
Via
http/1.1 a2nlwpproxy011.prod.iad2.secureserver.net (ApacheTrafficServer/7.1.2 [uSc sSf pSeN:tOc i p sS])
Cache-Control
max-age=604800
Accept-Ranges
bytes
Expires
Sat, 02 Feb 2019 16:07:09 GMT
labjs.js
/wp-content/uploads/VClMxkVF/gts/ATT/index_files
4 KB
3 KB
Script
General
Full URL
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/index_files/labjs.js
Requested by
Host: theultimatesalesperson.com
URL: https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.71.233.21 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-198-71-233-21.ip.secureserver.net
Software
ATS/7.1.2 /
Resource Hash
c7010c37b43dc1eb55d9313a033100ea6bafdc67d28ad10fa3583c1e603bce9f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
theultimatesalesperson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 31 Jan 2019 21:11:13 GMT
Content-Encoding
gzip
X-Cacheable
YES
X-Backend
all_requests
Age
450244
X-Cache
cached
X-Port
port_10007
Connection
keep-alive
Content-Length
2179
Last-Modified
Sat, 30 May 2015 02:43:32 GMT
Server
ATS/7.1.2
ETag
"1113-517438ef19d00-gzip"
X-Cache-Hit
HIT
Content-Type
application/javascript
Via
http/1.1 a2nlwpproxy019.prod.iad2.secureserver.net (ApacheTrafficServer/7.1.2 [uSc sSf pSeN:tOc i p sS])
Cache-Control
max-age=604800
Accept-Ranges
bytes
Expires
Sat, 02 Feb 2019 16:07:09 GMT
gfx-s83429d0f09.png
/wp-content/uploads/VClMxkVF/gts/ATT/index_files
42 KB
42 KB
Image
General
Full URL
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/index_files/gfx-s83429d0f09.png
Requested by
Host: theultimatesalesperson.com
URL: https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
198.71.233.21 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS
ip-198-71-233-21.ip.secureserver.net
Software
ATS/7.1.2 /
Resource Hash
04d5fe1a7c458543164d1b80edcf9f3509ba12ac788b604e835785330d45a52b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
theultimatesalesperson.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/index_files/style.css
Connection
keep-alive
Cache-Control
no-cache
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/index_files/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 31 Jan 2019 21:11:13 GMT
Via
http/1.1 a2nlwpproxy021.prod.iad2.secureserver.net (ApacheTrafficServer/7.1.2 [uSc sSf pSeN:tOc i p sS])
X-Cacheable
YES
X-Backend
all_requests
Age
98730
X-Cache
cached
X-Port
port_10007
Connection
keep-alive
Content-Length
42508
Last-Modified
Sat, 30 May 2015 02:44:50 GMT
Server
ATS/7.1.2
ETag
"a60c-517439397cc80"
Content-Type
image/png
X-Cache-Hit
HIT
Cache-Control
max-age=5184000
Accept-Ranges
bytes
Expires
Sun, 31 Mar 2019 17:45:43 GMT
data:truncated
data:truncated
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e659531706ef0e0918e8d7d2db78e6a001b87e3b458e2cb2cf20efdb40553da

Request headers

Response headers

Content-Type
image/png
logo.png
cprodctnxsf.att.net/commonLogin/igate_edam/staticContent/images/attmessages/images
5 KB
5 KB
Image
General
Full URL
https://cprodctnxsf.att.net/commonLogin/igate_edam/staticContent/images/attmessages/images/logo.png
Requested by
Host: theultimatesalesperson.com
URL: https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
144.160.225.140 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
cprodctnxsf.att.net
Software
/ Servlet/3.0
Resource Hash
b647c190704056052f3cb732710cb0e1ccc81b1cbca0ae48953adb8003b37496

Request headers

Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 31 Jan 2019 21:11:14 GMT
last-modified
Sun, 06 Jan 2019 04:19:18 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
x-powered-by
Servlet/3.0
content-length
5057
content-language
en-US
content-type
image/png
data:truncated
data:truncated
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1682cfab59cb4b0a0070ff1d8d7877719e2b26e74723eda860ad21108347ece

Request headers

Response headers

Content-Type
image/png
get.php
getmyconfigplease.com
315 B
553 B
XHR
General
Full URL
https://getmyconfigplease.com/get.php
Requested by
Host: antlayer.com
URL: https://antlayer.com/1MESSAGES-ATT-RESPONSE.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
193.201.224.70 , Ukraine, ASN25092 (OPATELECOM, UA),
Reverse DNS
Software
nginx / PHP/5.6.38
Resource Hash
88a1914840e7517408c45504773ae7169ac39b132d686014e02dff0c058ae836

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
Origin
https://theultimatesalesperson.com

Response headers

Date
Thu, 31 Jan 2019 21:11:13 GMT
Server
nginx
X-Powered-By
PHP/5.6.38
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Connection
keep-alive
Keep-Alive
timeout=60
Content-Length
315
script.js
cprodctnxsf.att.net/commonLogin/igate_edam/staticContent/images/attmessages/js
1 KB
2 KB
Script
General
Full URL
https://cprodctnxsf.att.net/commonLogin/igate_edam/staticContent/images/attmessages/js/script.js
Requested by
Host: theultimatesalesperson.com
URL: https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/index_files/labjs.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
144.160.225.140 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
cprodctnxsf.att.net
Software
/ Servlet/3.0
Resource Hash
94a901d877e01d6045af7ce602b4fce67faf6989e8e585f0a2a924e68b01d268

Request headers

Referer
https://theultimatesalesperson.com/wp-content/uploads/VClMxkVF/gts/ATT/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 31 Jan 2019 21:11:14 GMT
last-modified
Sun, 06 Jan 2019 04:19:18 GMT
p3p
CP="NON CUR OTPi OUR NOR UNI"
x-powered-by
Servlet/3.0
content-length
1496
content-language
en-US
content-type
application/x-javascript

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| utils function| cookie function| validateForm function| toggleRemMe function| RMmessageAns function| toggleRemMe2 function| toggleIPhoneMessage string| staticAssetDir object| _0xb27a object| _0xd61d string| turl string| resp undefined| elem function| $ function| jQuery function| onInputFocus function| onInputBlur number| curCarousel number| cpi number| AUTO_DELAY function| _toggleCarousel function| autoCarousel function| toggleCarousel function| footerToggleBtnClicked object| $LAB

1 Cookies

Domain/Path Name / Value
theultimatesalesperson.com/ Name: IV_JCT
Value: %2FcommonLogin