s3.pl-waw.scw.cloud Open in urlscan Pro
2001:bc8:1c10::1  Malicious Activity! Public Scan

8 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response s3.pl-waw.scw.cloud/pqou.qqowuu/	237 KB 237 KB	407ms 322ms	Document text/html	2001:bc8:1c10::1 Online SAS
General Check archive.org Show headers Download Go to Full URL https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2001:bc8:1c10::1 Warsaw, Poland, ASN12876 (Online SAS, FR), Reverse DNS Software / Resource Hash 9142a5d3fc1bdc669d5a9122c906d2bfe93f1b8e6022b203cd6fc3bbfb70f950 Request headers Upgrade-Insecure-Requests 1 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 242253 content-type text/html date Thu, 06 Oct 2022 12:02:29 GMT etag "55dc80ad7b192563768dc724161edc8c" last-modified Wed, 05 Oct 2022 16:17:00 GMT x-amz-id-2 txe9245b8853bd4ecb84bfb-00633ec3d5 x-amz-request-id txe9245b8853bd4ecb84bfb-00633ec3d5 x-amz-version-id 1664986620297109
GET H/1.1	200 OK	att_common.js Show response signin-static-js.att.com/scripts/	427 KB 249 KB	910ms 158ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin-static-js.att.com/scripts/att_common.js?apg Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash c2eb39ee130a5b2f8fc823f8bfa06f527bc9708f024ed5b9904e23039fd1f086 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT content-encoding gzip via 1.1 google strict-transport-security max-age=31536000; includeSubDomains; preload age 718 transfer-encoding chunked iam_on S222 p3p CP="NON CUR OTPi OUR NOR UNI" x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 pragma no-cache last-modified Thu, 01 Sep 2022 03:51:39 GMT vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 access-control-allow-origin https://signin.att.com cache-control no-cache, no-store, must-revalidate accept-ranges bytes expires 0
GET H2	200	detm-container-hdr.js Show response www.att.com/scripts/adobe/prod/	106 KB 30 KB	207ms 52ms	Script application/x-javascript	2a02:26f0:dc:188::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/adobe/prod/detm-container-hdr.js Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:dc:188::2db1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 8d4525f9eee48caf23f5ad073371667114500e8a4f253f888044b585c2421ff1 Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:29 GMT content-encoding gzip strict-transport-security max-age=15768000 ; preload last-modified Thu, 06 Oct 2022 00:07:57 GMT server AkamaiNetStorage etag "65a6adba2e388a7dae6336a32064e957:1665014877.081658" vary Accept-Encoding content-type application/x-javascript cache-control no-cache, private, max-age=7776000 server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes aka-global-request-id-uxtime 0.ed611702.1665057749.1848668c content-length 30014
GET H2	200	quantum-att-loader.js Show response cdn.quantummetric.com/loaders/	2 KB 946 B	207ms 159ms	Script application/javascript	2606:4700:10::ac43:149e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.quantummetric.com/loaders/quantum-att-loader.js Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:149e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 026ec02eb6b28985ccbd45ee015a8dd502b57d47f00b7269ac5601d3c278544f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status EXPIRED last-modified Wed, 20 Jul 2022 16:12:49 GMT server cloudflare etag W/"7e8-1821c62217d" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0 cf-ray 755e3f9e09aa697b-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	att_common.js Show response signin-static-js.att.com/scripts/	235 KB 136 KB	756ms 131ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin-static-js.att.com/scripts/att_common.js Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 6f73475b5eb844494edc83676ddd1804fe9e3b5341985efe6c9df217ebf676a8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers pragma no-cache date Thu, 06 Oct 2022 12:02:30 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload transfer-encoding chunked x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 p3p CP="NON CUR OTPi OUR NOR UNI" iam_on S222 cache-control no-cache, no-store, must-revalidate expires 0
GET H/1.1	200 OK	timeout.js Show response signin.att.com/static/siam/en/halo_c/timeout_redirect/	1 KB 853 B	665ms 121ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/timeout_redirect/timeout.js?v=15.5.3 Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 83f5ed17f46cd4448a02c705214a95e869ecb411c8ea95e1256593c75e178e56 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "430-5ea432bbbf540" transfer-encoding chunked x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" content-type application/javascript access-control-allow-origin * iam_on S222 accept-ranges bytes apser p767
GET H/1.1	200 OK	styles.css signin.att.com/static/siam/en/halo_c/halo-c-login/	154 KB 33 KB	665ms 125ms	Stylesheet text/css	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=15.5.3 Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash db8f928b76604c3c3411437b6df8dcd9017c21758430804a9f2db77f2ae88ffc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "268b5-5ea432bbbf540" transfer-encoding chunked x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" content-type text/css access-control-allow-origin * iam_on S222 accept-ranges bytes apser p770
GET H2	200	quantum-att.js Show response cdn.quantummetric.com/qscripts/	636 KB 133 KB	91ms 43ms	Script text/javascript	2606:4700:10::ac43:149e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.quantummetric.com/qscripts/quantum-att.js Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:149e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cca085a6b777ca9a4a6b633676ff428e2a57fbce434079b707d46a9a8a3ed9c1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT strict-transport-security max-age=31536000 content-encoding br cf-cache-status HIT server cloudflare age 93 etag W/"166505512337416595497553821665043202450" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control public, max-age=300, stale-while-revalidate=21600, stale-if-error=21600 cf-ray 755e3f9e09ad697b-FRA access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	ssaf-uc.js Show response www.att.com/scripts/ssaf_universal_client/prod/	110 KB 22 KB	64ms 61ms	Script application/x-javascript	2a02:26f0:dc:188::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/ssaf_universal_client/prod/ssaf-uc.js Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:dc:188::2db1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Akamai Resource Optimizer / Resource Hash c35c9374b358b069d197d55865a092b7ff2e60bcc0830af921b2c887ad66d95e Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT content-encoding br strict-transport-security max-age=15768000 ; preload last-modified Thu, 06 Oct 2022 03:51:49 GMT server Akamai Resource Optimizer etag "dbd1ab8cacd168d888a2613264899a33:1665027965.747286" content-type application/x-javascript cache-control max-age=3600 aka-global-request-id-uxtime 0.58680117.1665028308.658edfc, 0.ed611702.1665057750.184876c8 accept-ranges bytes server-timing cdn-cache; desc=HIT, edge; dur=1 content-length 21771
GET H2	200	json Show response fls.doubleclick.net/	40 B 723 B	106ms 31ms	Script text/javascript	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fls.doubleclick.net/json?spot=6100125&src=&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=1661763704441 Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:29 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 60 x-xss-protection 0 pragma no-cache server cafe x-frame-options SAMEORIGIN content-type text/javascript; charset=ISO-8859-1 cache-control no-cache, must-revalidate timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	57ms 22ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 56931 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jQJsh4MTYhnnos%2BKprkzXecuPIPbH39k0mB88GuwWONcc5uAVQWz%2BYl5%2FOqh%2B4NSwhXoH5TrP9KnPZwurz2AmvXYl5ZKygNUk8isOGyyseFAsDELxf8v3mlv71WmCYCO%2BoJsUGCUDVfVkGaHY75u546w"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 755e3f968fcf926b-FRA expires Tue, 26 Sep 2023 12:02:29 GMT
GET H/1.1	200 OK	att-logo.svg signin.att.com/static/siam/en/halo_c/images/logos/	8 KB 9 KB	126ms 123ms	Image image/svg+xml	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://signin.att.com/static/siam/en/halo_c/images/logos/att-logo.svg Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "20b1-5ea432bbbf540" x-frame-options SAMEORIGIN iam_on S222 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * content-type image/svg+xml accept-ranges bytes apser p767 content-length 8369
GET H/1.1	200 OK	red-error-icon.svg signin.att.com/static/siam/en/halo_c/cms/login/default/images/	566 B 964 B	356ms 119ms	Image image/svg+xml	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://signin.att.com/static/siam/en/halo_c/cms/login/default/images/red-error-icon.svg Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 9b8659596c575886c9202ec3a8506949e69140b50818ca4fc1e58494f3d4e8c9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "236-5ea432bbbf540" x-frame-options SAMEORIGIN iam_on S222 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * content-type image/svg+xml accept-ranges bytes apser p766 content-length 566
GET H/1.1	200 OK	checkmark.svg signin.att.com/static/siam/en/halo_c/cms/login/default/images/	350 B 748 B	357ms 119ms	Image image/svg+xml	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://signin.att.com/static/siam/en/halo_c/cms/login/default/images/checkmark.svg Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash b589ac98cac6d578082d9d2e8bb354abcab6f41f25a081a613227a37def44c9a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "15e-5ea432bbbf540" x-frame-options SAMEORIGIN iam_on S222 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * content-type image/svg+xml accept-ranges bytes apser p771 content-length 350
GET H2	200	jquery-3.3.1.js Show response code.jquery.com/	265 KB 79 KB	694ms 620ms	Script application/javascript	2001:4de0:ac18::1:a:3b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.js Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad Request headers Referer https://s3.pl-waw.scw.cloud/ Origin https://s3.pl-waw.scw.cloud accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-42587" vary Accept-Encoding x-hw 1665057750.dop219.fr8.t,1665057750.cds153.fr8.hn,1665057750.cds165.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 80268
GET H/1.1	200 OK	polyfills.js Show response signin.att.com/static/siam/en/halo_c/halo-c-login/	45 KB 17 KB	364ms 125ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/polyfills.js?v=15.5.3 Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 782dc57d3fddeb4879f5a973d631b4054fad736cd729d5c3a004609cf1271266 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "b387-5ea432bbbf540" transfer-encoding chunked x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" content-type application/javascript access-control-allow-origin * iam_on S222 accept-ranges bytes apser p766
GET H/1.1	200 OK	vendor.js Show response signin.att.com/static/siam/en/halo_c/halo-c-login/	489 KB 163 KB	366ms 125ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/vendor.js?v=15.5.3 Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 8632be4d936a6b44250274c9663562a4a734b4690ae8b19f3a78e3cc4b9399a2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "7a4ca-5ea432bbbf540" transfer-encoding chunked x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" content-type application/javascript access-control-allow-origin * iam_on S222 accept-ranges bytes apser p770
GET H/1.1	200 OK	main.js Show response signin.att.com/static/siam/en/halo_c/halo-c-login/	115 KB 31 KB	368ms 126ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/main.js?v=15.5.3 Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 03d188255a6f1b49c8aabe7174fc431642965f906a9be9ea9efab3c202c1b080 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "1cdb3-5ea432bbbf540" transfer-encoding chunked x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" content-type application/javascript access-control-allow-origin * iam_on S222 accept-ranges bytes apser p767
GET H2	200	detm-container-ftr.js Show response www.att.com/scripts/adobe/prod/	666 B 744 B	80ms 76ms	Script application/x-javascript	2a02:26f0:dc:188::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/adobe/prod/detm-container-ftr.js Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:dc:188::2db1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 43f774da83292822f54305d69e01286ca018b6f3f0fe86250451ad93d9252f9c Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT content-encoding gzip strict-transport-security max-age=15768000 ; preload last-modified Fri, 30 Jul 2021 00:16:43 GMT server AkamaiNetStorage etag "d5c61c3be97b0718b3548d0ec26dc0ef:1627604203.48042" vary Accept-Encoding content-type application/x-javascript cache-control no-cache, private, max-age=7776000 aka-global-request-id-uxtime 0.2d33ca17.1665014919.300aa60, 0.ed611702.1665057750.18487674 accept-ranges bytes server-timing cdn-cache; desc=HIT, edge; dur=35 content-length 368
GET H2	200	mbox-contents.js Show response www.att.com/scripts/adobe/prod/	110 KB 36 KB	68ms 68ms	Script application/x-javascript	2a02:26f0:dc:188::2db1 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.att.com/scripts/adobe/prod/mbox-contents.js Requested by Host: www.att.com URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:dc:188::2db1 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software AkamaiNetStorage / Resource Hash 15d70dd6d2024b7cc2925bcd47aad1a429b08042ebcc15364004c0c887f719d6 Security Headers Name Value Strict-Transport-Security max-age=15768000 ; preload Request headers Referer https://s3.pl-waw.scw.cloud/ accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Thu, 06 Oct 2022 12:02:29 GMT content-encoding gzip strict-transport-security max-age=15768000 ; preload last-modified Wed, 20 Jul 2022 23:59:28 GMT server AkamaiNetStorage etag "5d7d69dc820bd519c4643e02a89c66d9:1658361568.37808" vary Accept-Encoding content-type application/x-javascript cache-control no-cache, private, max-age=7776000 aka-global-request-id-uxtime 0.9b3a2f17.1665014919.3ab155c, 0.ed611702.1665057749.184867ff accept-ranges bytes server-timing cdn-cache; desc=HIT, edge; dur=20 content-length 36239 expires Sat, 05 Nov 2022 12:02:29 GMT
GET H/1.1	200 OK	att_common.js Show response signin-static-js.att.com/scripts/	427 KB 249 KB	154ms 153ms	Script application/javascript	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin-static-js.att.com/scripts/att_common.js?apg Requested by Host: signin-static-js.att.com URL: https://signin-static-js.att.com/scripts/att_common.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash c2eb39ee130a5b2f8fc823f8bfa06f527bc9708f024ed5b9904e23039fd1f086 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT content-encoding gzip via 1.1 google strict-transport-security max-age=31536000; includeSubDomains; preload age 718 transfer-encoding chunked iam_on S222 p3p CP="NON CUR OTPi OUR NOR UNI" x-envoy-upstream-service-time 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 pragma no-cache last-modified Thu, 01 Sep 2022 03:51:39 GMT vary Accept-Encoding x-frame-options SAMEORIGIN content-type application/javascript; charset=UTF-8 access-control-allow-origin https://signin.att.com cache-control no-cache, no-store, must-revalidate accept-ranges bytes expires 0
GET H/1.1	200 OK	ATTAleckSans_W_Rg.woff2 signin.att.com/static/siam/en/halo_c/halo-c-login/assets/fonts/att/ATTAleckSans/woff2/	18 KB 18 KB	480ms 120ms	Font application/octet-stream	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Rg.woff2 Requested by Host: signin.att.com URL: https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=15.5.3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash e2740c7b209e33aca7176250d80f94b4924e5e5d18076ee3b95f32a0e20d1f58 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=15.5.3 Origin https://s3.pl-waw.scw.cloud accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "4830-5ea432bbbf540" x-frame-options SAMEORIGIN iam_on S222 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * accept-ranges bytes apser p766 content-length 18480
GET H/1.1	200 OK	ATTAleckSans_W_Md.woff2 signin.att.com/static/siam/en/halo_c/halo-c-login/assets/fonts/att/ATTAleckSans/woff2/	19 KB 20 KB	515ms 128ms	Font application/octet-stream	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin.att.com/static/siam/en/halo_c/halo-c-login/assets/fonts/att/ATTAleckSans/woff2/ATTAleckSans_W_Md.woff2 Requested by Host: signin.att.com URL: https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=15.5.3 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 59ea63b5ffe0f060e37c24a44b6406943df9e4fca39e2ef43023c2ae9783f220 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://signin.att.com/static/siam/en/halo_c/halo-c-login/styles.css?v=15.5.3 Origin https://s3.pl-waw.scw.cloud accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:31 GMT strict-transport-security max-age=31536000; includeSubDomains; preload last-modified Wed, 05 Oct 2022 05:51:41 GMT etag "4c8c-5ea432bbbf540" x-frame-options SAMEORIGIN iam_on S222 p3p CP="NON CUR OTPi OUR NOR UNI" access-control-allow-origin * accept-ranges bytes apser p771 content-length 19596
GET H2	200	json Show response fls.doubleclick.net/	40 B 355 B	35ms 34ms	Script text/javascript	142.250.186.38 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fls.doubleclick.net/json?spot=6100125&src=&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=1665057750744 Requested by Host: www.att.com URL: https://www.att.com/scripts/ssaf_universal_client/prod/ssaf-uc.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.38 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s04-in-f6.1e100.net Software cafe / Resource Hash 121d7327471295d2aa1878ef94c8ab756375856d08ae24d3df11fa549e241633 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s3.pl-waw.scw.cloud/ User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers date Thu, 06 Oct 2022 12:02:30 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 60 x-xss-protection 0 pragma no-cache server cafe x-frame-options SAMEORIGIN content-type text/javascript; charset=ISO-8859-1 cache-control no-cache, must-revalidate timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated /	89 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Content-Type image/png
GET BLOB	200 OK	477f2123-0718-476b-8ba6-389ca3db6dc5 https://s3.pl-waw.scw.cloud/	17 KB 0		Other application/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://s3.pl-waw.scw.cloud/477f2123-0718-476b-8ba6-389ca3db6dc5 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 6b939eec497bda2f6fde6541be0e8b378d151160ad677629c9b4be7819ce0ba8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Response headers Content-Length 17224 Content-Type application/javascript
POST H/1.1	200 OK	dip Show response signin-static-js.att.com/__imp_apg__/api/dip/v1/	206 B 935 B	857ms 192ms	XHR text/html	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin-static-js.att.com/__imp_apg__/api/dip/v1/dip Requested by Host: signin-static-js.att.com URL: https://signin-static-js.att.com/scripts/att_common.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash 65f55ce5be65db1c1ec9477297a2e5d9f388fc7f96cba7ef495fc32c5a3fdae8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://s3.pl-waw.scw.cloud/ accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Content-type application/x-www-form-urlencoded Response headers pragma no-cache date Thu, 06 Oct 2022 12:02:33 GMT via 1.1 google strict-transport-security max-age=31536000; includeSubDomains; preload vary Origin x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://s3.pl-waw.scw.cloud iam_on S222 p3p CP="NON CUR OTPi OUR NOR UNI" cache-control no-cache, no-store, must-revalidate x-envoy-upstream-service-time 9 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 206 expires 0
POST H/1.1	200 OK	/ Show response signin-static-js.att.com/__imp_apg__/api/imp/v1.0/report/	265 B 1 KB	1060ms 385ms	Fetch text/plain	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin-static-js.att.com/__imp_apg__/api/imp/v1.0/report/?m&fq=load Requested by Host: signin-static-js.att.com URL: https://signin-static-js.att.com/scripts/att_common.js?apg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash cff06a6749ab5e601b20fcdfeda4f8ef3967be037db47ec874fa83ba2462afa1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept text/plain,*/*;q=0.9 Referer https://s3.pl-waw.scw.cloud/ accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) content-type text/plain;charset=UTF-8 Response headers date Thu, 06 Oct 2022 12:02:33 GMT content-encoding gzip via 1.1 google strict-transport-security max-age=31536000; includeSubDomains; preload transfer-encoding chunked iam_on S222 p3p CP="NON CUR OTPi OUR NOR UNI" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 pragma no-cache x-frame-options SAMEORIGIN access-control-allow-methods OPTIONS, GET, POST content-type text/plain; charset=UTF-8 access-control-allow-origin https://s3.pl-waw.scw.cloud cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires 0
POST		/ att-app.quantummetric.com/ Frame 8F08	0 0
POST H2	200	/ Show response att-sync.quantummetric.com/ Frame 8F08	0 159 B	1263ms 125ms	XHR application/json	35.188.210.33 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://att-sync.quantummetric.com/?T=B&u=https%3A%2F%2Fs3.pl-waw.scw.cloud%2Fpqou.qqowuu%2Findex.html&t=1665057752089&v=1665057752744&z=1&Q=1&Y=1&X=7829b16234b844fb50a4155c92914c04 Requested by Host: cdn.quantummetric.com URL: https://cdn.quantummetric.com/qscripts/quantum-att.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.188.210.33 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 33.210.188.35.bc.googleusercontent.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Content-Type text/plain Response headers access-control-allow-origin https://s3.pl-waw.scw.cloud date Thu, 06 Oct 2022 12:02:33 GMT strict-transport-security max-age=31536000 access-control-allow-credentials true server nginx content-length 0 content-type application/json
POST H/1.1	200 OK	fc09f351-c4e7-46dc-afb8-cd98de60285e Show response dynatrace.att.com/bf/	909 B 1 KB	447ms 106ms	XHR text/plain	20.72.123.232 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dynatrace.att.com/bf/fc09f351-c4e7-46dc-afb8-cd98de60285e?type=js3&sn=v_4_srv_-2D87_sn_RSBMNQ5BQJDBH0TOT1ORBNO99PTM8DMQ&svrid=-87&flavor=cors&vi=ISLMFMELARJEIUKMAAWGBFOCSCMHRSUO-0&modifiedSince=1651582451315&rf=https%3A%2F%2Fs3.pl-waw.scw.cloud%2Fpqou.qqowuu%2Findex.html&bp=3&app=52b8119d19be9235&crc=1634063096&en=910bdnkt&end=1 Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.72.123.232 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8da59e3afa425dd489321c56f7465b76daf1b8885c36acbc1186dd00b558e17c Request headers Referer https://s3.pl-waw.scw.cloud/ accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://s3.pl-waw.scw.cloud Date Thu, 06 Oct 2022 12:02:33 GMT Cache-Control no-cache Connection keep-alive Content-Length 909 Content-Type text/plain;charset=utf-8
POST H/1.1	200 OK	fc09f351-c4e7-46dc-afb8-cd98de60285e Show response dynatrace.att.com/bf/	207 B 431 B	109ms 108ms	XHR text/plain	20.72.123.232 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://dynatrace.att.com/bf/fc09f351-c4e7-46dc-afb8-cd98de60285e?type=js3&sn=v_4_srv_17_sn_RSBMNQ5BQJDBH0TOT1ORBNO99PTM8DMQ_app-3A52b8119d19be9235_1_ol_0_perc_100000_mul_1&svrid=17&flavor=cors&vi=ISLMFMELARJEIUKMAAWGBFOCSCMHRSUO-0&modifiedSince=1665017661900&rf=https%3A%2F%2Fs3.pl-waw.scw.cloud%2Fpqou.qqowuu%2Findex.html&bp=3&app=52b8119d19be9235&crc=558345268&en=910bdnkt&end=1 Requested by Host: s3.pl-waw.scw.cloud URL: https://s3.pl-waw.scw.cloud/pqou.qqowuu/index.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 20.72.123.232 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 64a5056c077bc2349d7e228326cf8843225e79293da4aa71580db4cd135d4047 Request headers Referer https://s3.pl-waw.scw.cloud/ accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) Content-Type text/plain;charset=UTF-8 Response headers Access-Control-Allow-Origin https://s3.pl-waw.scw.cloud Date Thu, 06 Oct 2022 12:02:35 GMT Cache-Control no-cache Connection keep-alive Content-Length 207 Content-Type text/plain;charset=utf-8
POST H/1.1	200 OK	/ Show response signin-static-js.att.com/__imp_apg__/api/imp/v1.0/report/	0 955 B	155ms 155ms	Fetch text/plain	144.160.19.173 AMERITECH-AS
General Check archive.org Show headers Download Go to Full URL https://signin-static-js.att.com/__imp_apg__/api/imp/v1.0/report/?m Requested by Host: signin-static-js.att.com URL: https://signin-static-js.att.com/scripts/att_common.js?apg Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 144.160.19.173 , United States, ASN797 (AMERITECH-AS, US), Reverse DNS clcontent-sf.att.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers accept text/plain,*/*;q=0.9 Referer https://s3.pl-waw.scw.cloud/ accept-language de-DE,de;q=0.9 User-Agent ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com) content-type text/plain;charset=UTF-8 Response headers date Thu, 06 Oct 2022 12:02:36 GMT content-encoding gzip via 1.1 google strict-transport-security max-age=31536000; includeSubDomains; preload transfer-encoding chunked iam_on S222 p3p CP="NON CUR OTPi OUR NOR UNI" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 pragma no-cache x-frame-options SAMEORIGIN access-control-allow-methods OPTIONS, GET, POST content-type text/plain; charset=UTF-8 access-control-allow-origin https://s3.pl-waw.scw.cloud cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-headers Accept,DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range expires 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

att-app.quantummetric.com

URL

https://att-app.quantummetric.com/?T=B&u=https%3A%2F%2Fs3.pl-waw.scw.cloud%2Fpqou.qqowuu%2Findex.html&t=1665057752089&v=1665057752741&z=1&S=0&N=0&P=0

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dT_ object| dtrum string| detmScriptLoadType string| hcc string| mid string| adobe_mc number| ts string| href object| hcc_check undefined| analytics_app_visitor_id undefined| newurl undefined| halo_app_visitor_id object| detm_last_link_info function| isIE function| _pageLoadDetector function| _earlyAnalytics function| e boolean| disableAudienceManager object| visitor object| DataMappingInterface string| detm_tag_notification_key string| legacyModeKey string| retireDLKey object| scripts object| script string| src function| satelliteDetector function| scriptExecutor string| filesadded boolean| monecontwatched function| loadAdsFile function| injectHtmlTag function| executeMonetizationTagInjection function| injectMonetization function| iterateANConfigObj function| findAccurateConfig object| detmScriptLoaderConfig function| detmScriptLoader object| detmLoader boolean| AllowDelayedLoad function| dunBradstreet undefined| dnbvid undefined| andiPresent undefined| scriptFiles undefined| vameg object| earlyAnalytics object| chatAnalytics function| Visitor object| s_c_il number| s_c_in boolean| detmDisabled object| detmScriptExecutor function| detmDomainMapper object| detmTagControls string| path object| _satellite object| head_ab boolean| pageLoadFired function| targetView function| listAbVariants function| targetPageParams object| targetGlobalSettings function| ab$ function| ABJSFrameworkLibrary object| adobe function| mboxCreate function| mboxDefine function| mboxUpdate string| AB_LOCATION_CHANGE string| sdidUrl object| timeoutJspVars object| HaloCTimeout object| s_3_Integrate_DFA_get_0 function| docReady object| ddo object| ssaf function| AnalyticsNotificationFramework object| uc_dfa_val number| dfaSuccess function| QuantumMetricInstrumentationStart object| QuantumMetricAPI boolean| ‮saFelNds‭ function| $ function| detmExecuteFooter number| ‮chXsmTds‭ function| qmflate function| _QuantumMetricSymbol boolean| qmIDPErrSet boolean| qmSetEvent501 boolean| qmSetEvent637 boolean| qmSetEvent759 boolean| qmSetEvent858 boolean| qmSetEvent1096 boolean| qmSetEvent2005 boolean| qm3377 boolean| qmSetEvent3483

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			s3.pl-waw.scw.cloud/	1969-12-31 23:59:59	Name: rxVisitor Value: 1665057749463F06UAU4E02K6KOITTTPIURORS0LK177L
			s3.pl-waw.scw.cloud/	1969-12-31 23:59:59	Name: dtLatC Value: 43
			.doubleclick.net/	1970-01-20 15:52:33	Name: IDE Value: AHWqTUmhDC06TtlnLICWbUl4hhzsRaI-axgFrhnBghSs0IYg4ODAiRWq8Gl7nwKTrYo
			s3.pl-waw.scw.cloud/	1969-12-31 23:59:59	Name: rxvt Value: 1665059551854|1665057749464
			s3.pl-waw.scw.cloud/	1969-12-31 23:59:59	Name: dtPC Value: -87$57749460_719h-vISLMFMELARJEIUKMAAWGBFOCSCMHRSUO-0e0
			s3.pl-waw.scw.cloud/	1970-01-20 15:16:33	Name: _imp_di_pc_ Value: AdnDPmMAAAAApHEDDRGbyMw%2BrMnm6Ffx
			s3.pl-waw.scw.cloud/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_17_sn_RSBMNQ5BQJDBH0TOT1ORBNO99PTM8DMQ_app-3A52b8119d19be9235_1_ol_0_perc_100000_mul_1
			s3.pl-waw.scw.cloud/	1970-01-20 07:14:09	Name: _imp_apg_r_ Value: %7B%22_fr%22%3A20000%2C%22diA%22%3A%22AdnDPmMAAAAApHEDDRGbyMw%2BrMnm6Ffx%22%2C%22diB%22%3A%22AR9vQKi%2F0yll8lRnl6ugx4RtVg3VceSv%22%2C%22fr%22%3A%22pXRkyybhBP51AdLcJgxS1A%3D%3D8hbipPCZyOXCQ5MnEQ-ugkYWXhpzha3YKi-6WqAK8WK1DGjNlGx0PqDMia0_QTwP7ubWtFEmsd7UukJ_yegedveFIuSR4MQYDAy00hVgyYuHq8fbNNABjGn7m7ti-LrhnOEWMyob4-9IofbUy9N4-2lmZbh_cJluCymjvYxoJr4xxlnj08KsJJDN%22%2C%22ct%22%3A%22N0xqfP9dvTHN%2FDf8tmCks8VQDPGd7hym0n0M%2BEo%3D%22%7D

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.att.com/scripts/adobe/prod/mbox-contents.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js(Line 7) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.att.com/scripts/adobe/prod/mbox-contents.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
rendering	warning	URL: https://signin-static-js.att.com/scripts/att_common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
rendering	warning	URL: https://signin-static-js.att.com/scripts/att_common.js Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

att-app.quantummetric.com
att-sync.quantummetric.com
cdn.quantummetric.com
cdnjs.cloudflare.com
code.jquery.com
dynatrace.att.com
fls.doubleclick.net
s3.pl-waw.scw.cloud
signin-static-js.att.com
signin.att.com
www.att.com
att-app.quantummetric.com
142.250.186.38
144.160.19.173
20.72.123.232
2001:4de0:ac18::1:a:3b
2001:bc8:1c10::1
2606:4700:10::ac43:149e
2606:4700::6811:180e
2a02:26f0:dc:188::2db1
35.188.210.33
026ec02eb6b28985ccbd45ee015a8dd502b57d47f00b7269ac5601d3c278544f
03d188255a6f1b49c8aabe7174fc431642965f906a9be9ea9efab3c202c1b080
121d7327471295d2aa1878ef94c8ab756375856d08ae24d3df11fa549e241633
15d70dd6d2024b7cc2925bcd47aad1a429b08042ebcc15364004c0c887f719d6
43f774da83292822f54305d69e01286ca018b6f3f0fe86250451ad93d9252f9c
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
59ea63b5ffe0f060e37c24a44b6406943df9e4fca39e2ef43023c2ae9783f220
64a5056c077bc2349d7e228326cf8843225e79293da4aa71580db4cd135d4047
65f55ce5be65db1c1ec9477297a2e5d9f388fc7f96cba7ef495fc32c5a3fdae8
6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e
6b939eec497bda2f6fde6541be0e8b378d151160ad677629c9b4be7819ce0ba8
6f73475b5eb844494edc83676ddd1804fe9e3b5341985efe6c9df217ebf676a8
782dc57d3fddeb4879f5a973d631b4054fad736cd729d5c3a004609cf1271266
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
83f5ed17f46cd4448a02c705214a95e869ecb411c8ea95e1256593c75e178e56
8632be4d936a6b44250274c9663562a4a734b4690ae8b19f3a78e3cc4b9399a2
8d4525f9eee48caf23f5ad073371667114500e8a4f253f888044b585c2421ff1
8da59e3afa425dd489321c56f7465b76daf1b8885c36acbc1186dd00b558e17c
9142a5d3fc1bdc669d5a9122c906d2bfe93f1b8e6022b203cd6fc3bbfb70f950
9b8659596c575886c9202ec3a8506949e69140b50818ca4fc1e58494f3d4e8c9
b589ac98cac6d578082d9d2e8bb354abcab6f41f25a081a613227a37def44c9a
c2eb39ee130a5b2f8fc823f8bfa06f527bc9708f024ed5b9904e23039fd1f086
c35c9374b358b069d197d55865a092b7ff2e60bcc0830af921b2c887ad66d95e
cca085a6b777ca9a4a6b633676ff428e2a57fbce434079b707d46a9a8a3ed9c1
cff06a6749ab5e601b20fcdfeda4f8ef3967be037db47ec874fa83ba2462afa1
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
db8f928b76604c3c3411437b6df8dcd9017c21758430804a9f2db77f2ae88ffc
e2740c7b209e33aca7176250d80f94b4924e5e5d18076ee3b95f32a0e20d1f58
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855