urlscan.io logo urlscan.io
SecurityTrails logo

atfdt.com Open in urlscan Pro
2a02:4780:3:713:0:1c42:7489:1  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Submission: On August 18 via api from JP — Scanned from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 12 domains to perform 47 HTTP transactions. The main IP is 2a02:4780:3:713:0:1c42:7489:1, located in Cyprus and belongs to AS-HOSTINGER, CY. The main domain is atfdt.com.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on August 18th 2022. Valid for: 3 months.
This is the only time atfdt.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
21 2a02:4780:3:7... 47583 (AS-HOSTINGER)
1 8 175.41.239.204 16509 (AMAZON-02)
5 2600:140b:2:9... 20940 (AKAMAI-ASN1)
1 142.251.42.198 15169 (GOOGLE)
1 1 54.249.253.250 16509 (AMAZON-02)
2 2 103.43.90.19 29990 (ASN-APPNEX)
1 52.192.109.72 16509 (AMAZON-02)
2 2 35.190.60.146 15169 (GOOGLE)
6 34.69.196.104 396982 (GOOGLE-CL...)
1 35.226.2.182 396982 (GOOGLE-CL...)
1 1 172.217.175.226 15169 (GOOGLE)
1 104.244.42.195 13414 (TWITTER)
1 1 34.111.234.236 15169 (GOOGLE)
2 3 52.46.143.56 16509 (AMAZON-02)
47 10
21    2a02:4780:3:713:0:1c42:7489:1 (Cyprus)

ASN47583 (AS-HOSTINGER, CY)
atfdt.com
8    175.41.239.204 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-239-204.ap-northeast-1.compute.amazonaws.com
dpm.demdex.net
att.demdex.net
5    2600:140b:2:9ac::2db1 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
www.att.com
1    142.251.42.198 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f6.1e100.net
fls.doubleclick.net
1    54.249.253.250 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-249-253-250.ap-northeast-1.compute.amazonaws.com
aa.agkn.com
2    103.43.90.19 (Singapore, Singapore)

ASN29990 (ASN-APPNEX, US)
PTR: 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net
ib.adnxs.com
1    52.192.109.72 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-109-72.ap-northeast-1.compute.amazonaws.com
attservicesinc.tt.omtrdc.net
2    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
6    34.69.196.104 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 104.196.69.34.bc.googleusercontent.com
att-app.quantummetric.com
1    35.226.2.182 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 182.2.226.35.bc.googleusercontent.com
att-sync.quantummetric.com
1    172.217.175.226 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s29-in-f2.1e100.net
cm.g.doubleclick.net
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    34.111.234.236 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
3    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
Apex Domain
Subdomains		 Transfer
21 atfdt.com
atfdt.com
513 KB
8 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 201
att.demdex.net — Cisco Umbrella Rank: 19909
10 KB
7 quantummetric.com
att-app.quantummetric.com — Cisco Umbrella Rank: 19693
att-sync.quantummetric.com — Cisco Umbrella Rank: 20281
1 KB
5 att.com
www.att.com — Cisco Umbrella Rank: 12138
smetrics.att.com Failed
signin.att.com Failed
185 KB
3 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 282
2 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 310
512 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
2 KB
2 doubleclick.net
fls.doubleclick.net — Cisco Umbrella Rank: 427
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
1 KB
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1522
406 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 517
355 B
1 omtrdc.net
attservicesinc.tt.omtrdc.net — Cisco Umbrella Rank: 26214
309 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 461
477 B
47 12
Domain Requested by
21 atfdt.com atfdt.com
7 dpm.demdex.net 1 redirects atfdt.com
6 att-app.quantummetric.com atfdt.com
5 www.att.com atfdt.com
3 s.amazon-adsystem.com 2 redirects atfdt.com
2 idsync.rlcdn.com 2 redirects
2 ib.adnxs.com 2 redirects
1 ml314.com 1 redirects
1 analytics.twitter.com atfdt.com
1 cm.g.doubleclick.net 1 redirects
1 att-sync.quantummetric.com atfdt.com
1 attservicesinc.tt.omtrdc.net atfdt.com
1 aa.agkn.com 1 redirects
1 fls.doubleclick.net atfdt.com
1 att.demdex.net atfdt.com
0 signin.att.com Failed atfdt.com
0 smetrics.att.com Failed atfdt.com
47 17

This site contains links to these domains. Also see Links.

Domain
www.att.com
attreg.att.net
about.att.com
Subject Issuer Validity Valid
atfdt.com
ZeroSSL RSA Domain Secure Site CA		 2022-08-18 -
2022-11-16		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.att.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-03 -
2023-01-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.tt.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-11 -
2022-10-12		 a year crt.sh
*.quantummetric.com
Sectigo RSA Domain Validation Secure Server CA		 2022-01-18 -
2023-02-13		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-24 -
2023-01-23		 a year crt.sh

This page contains 4 frames:

Primary Page: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Frame ID: 30EB11EFEC0F863B03CBE6A0E76379D4
Requests: 31 HTTP requests in this frame

Frame: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/saved_resource.html
Frame ID: D17C21253F59E37C64BCD8576050F919
Requests: 1 HTTP requests in this frame

Frame: https://att.demdex.net/dest5.html?d_nsid=0
Frame ID: D9B6399536714DC462B902566E33173D
Requests: 8 HTTP requests in this frame

Frame: https://att-app.quantummetric.com/?T=B&u=https%3A%2F%2Fatfdt.com%2Fcn%2Faccnt%2Fdynamics%2FiamLRR%2Fcontroller.php&t=1660845074811&v=1660845074829&z=1&S=0&N=0&P=0
Frame ID: 206A8B2268612DCD0670200D20BE5DBC
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login Screen

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • https?://fls\.doubleclick\.net

Page Statistics

47
Requests

81 %
HTTPS

14 %
IPv6

12
Domains

17
Subdomains

10
IPs

4
Countries

710 kB
Transfer

2855 kB
Size

21
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=53247482218250425123875068969396428813 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=232173304247015167081
Request Chain 29
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=1336790646523313398
Request Chain 33
  • https://idsync.rlcdn.com/365868.gif?partner_uid=53247482218250425123875068969396428813 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTMyNDc0ODIyMTgyNTA0MjUxMjM4NzUwNjg5NjkzOTY0Mjg4MTMQABoNCJL4-ZcGEgUI6AcQAEIASgA HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=33aa1ef84fb7c248c1d685e0fb4d8aaa1db138093debede6c37c5d0c0809fd45b0da87c991749652
Request Chain 37
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTMyNDc0ODIyMTgyNTA0MjUxMjM4NzUwNjg5NjkzOTY0Mjg4MTM= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKK3HOOk8vCoLbZt4TJxZgo&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 39
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3629429545559392266
Request Chain 40
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=r6JhT732SU2vQBGyDwTvdg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=53247482218250425123875068969396428813

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request controller.php
atfdt.com/cn/accnt/dynamics/iamLRR/ 		18 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.4.30
Resource Hash
602f8b16677c147fc84c606e110e0726cde9e203ec522d816f3fb4a6db6461b7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
5978
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Thu, 18 Aug 2022 17:51:13 GMT
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.4.30
detm-container-hdr.js.download
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		97 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/detm-container-hdr.js.download
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
8e287e882c94515511feeecf37c94926b1a478b37c9b831500c41c3a96f43d0a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:13 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:21:02 GMT
server
LiteSpeed
etag
"183ad-62fe2eae-6f95f01daf3ca82a;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
26623
quantum-att.js.download
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		418 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/quantum-att.js.download
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
01d2e2d1d4c06005908bc418baa8164901351f46882d0c50ee20a9196ad4bf7a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:13 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:25:16 GMT
server
LiteSpeed
etag
"68628-62fe2fac-43964ad07e7ef43f;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
84843
att_common.js.download
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		176 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/att_common.js.download
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
e0dd81249bb9ee1a609a9534446db40d024602928ecdde063eee5bf1792e0734
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:13 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:22:22 GMT
server
LiteSpeed
etag
"2be4e-62fe2efe-f82e89e044b85caf;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
89675
timeout.js.download
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		1 KB
402 B 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/timeout.js.download
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
83f5ed17f46cd4448a02c705214a95e869ecb411c8ea95e1256593c75e178e56
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:13 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:25:14 GMT
server
LiteSpeed
etag
"430-62fe2faa-85ea37f5444b9fee;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
320
styles.css
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		155 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/styles.css
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
9585a6de2c003816b07ae4fd8b535fdba5928fdb2e40ca1a34214c7031a8fa1c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:13 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:25:07 GMT
server
LiteSpeed
etag
"26be7-62fe2fa3-15cd3e1df1bfbc3b;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
23227
expires
Thu, 25 Aug 2022 17:51:13 GMT
ssaf-uc.js.download
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		102 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ssaf-uc.js.download
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
4289a79bc8d9067f22076f7371310e960cdbb85dddd623d6ffb56e471c80ce3d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:24:24 GMT
server
LiteSpeed
etag
"198c5-62fe2f78-63a3f5f0201d7dee;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
21903
f.txt
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		40 B
142 B 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/f.txt
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
121d7327471295d2aa1878ef94c8ab756375856d08ae24d3df11fa549e241633
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
last-modified
Thu, 18 Aug 2022 12:22:24 GMT
server
LiteSpeed
etag
"28-62fe2f00-9a4a23282799c92a;;;"
content-type
text/plain
date
Thu, 18 Aug 2022 17:51:14 GMT
accept-ranges
bytes
content-length
40
edmDataManager.js.download
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		90 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/edmDataManager.js.download
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
d77b871e65dca5b2cd96c005e842108511b744e88ff180621ba501b8ff7f7b19
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:22:24 GMT
server
LiteSpeed
etag
"168f6-62fe2f00-3e1edb21920e1772;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
20851
edmDataDefinition.js.download
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		109 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/edmDataDefinition.js.download
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
559e53a05e7bda97ba6323be20d4ef122d92f8bdf2697df975706f871128c972
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:22:04 GMT
server
LiteSpeed
etag
"1b469-62fe2eec-cefa285d91876470;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
18304
detm_adobe.js.download
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		324 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/detm_adobe.js.download
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
103fc702b1951942fccff3f0d791ac1d81759b75a55fecd58d20f8ec0fc0cdd3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:21:41 GMT
server
LiteSpeed
etag
"51000-62fe2ed5-8e10aa687f45f895;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
70166
att-logo.svg
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/att-logo.svg
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:20:42 GMT
server
LiteSpeed
etag
"20b1-62fe2e9a-2bf5e34b4f8f71fe;br"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=604800
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
3245
expires
Thu, 25 Aug 2022 17:51:14 GMT
runtime.js.download
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		1 KB
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/runtime.js.download
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:23:52 GMT
server
LiteSpeed
etag
"5cd-62fe2f58-cbc9d12ff8620382;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
681
polyfills.js.download
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		45 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/polyfills.js.download
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
404242f2c176ef500776c795d03817ee93ec04b15fa756a4a19d8e288a53377f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:22:37 GMT
server
LiteSpeed
etag
"b3d2-62fe2f0d-8935c0b4391c91df;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
14488
vendor.js.download
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		445 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/vendor.js.download
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
a0c98fd4b30de8c0da998012e49673f84af12a8daf3d170ed2cd3865aeefba63
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:27:31 GMT
server
LiteSpeed
etag
"6f463-62fe3033-6f0ee8462dd7c608;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
121348
main.js.download
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		91 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/main.js.download
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
7fb499762f70ff748a9657f16eaf3fa2e40f29fe1bf9beddbde4673f8ece838e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:22:33 GMT
server
LiteSpeed
etag
"16bee-62fe2f09-46cdd019242e0f81;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
18291
detm-container-ftr.js.download
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		581 B
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/detm-container-ftr.js.download
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
bfb9ce8a55af349aac152bf1ef818376642d93fb4c2ccc3f54332cacbce1ad8f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Thu, 18 Aug 2022 12:20:48 GMT
server
LiteSpeed
etag
"245-62fe2ea0-d543d29e9897cd6e;br"
vary
Accept-Encoding
content-type
text/plain
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
282
id
dpm.demdex.net/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1660845074071
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/detm-container-hdr.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.239.204 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-239-204.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
e84058d96588f430e531088606c948fab7ecdbffe5551cceeecfd84cfa1471eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://atfdt.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-tyo3-1-v036-0d4faa54f.edge-tyo3.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
1PNzrWqKSmc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://atfdt.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
701
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mbox-contents.js
www.att.com/scripts/adobe/prod/ 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.att.com/scripts/adobe/prod/mbox-contents.js
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/detm-container-hdr.js.download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:2:9ac::2db1 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
15d70dd6d2024b7cc2925bcd47aad1a429b08042ebcc15364004c0c887f719d6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

Referer
https://atfdt.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

aka-global-request-id-uxtime
0.4e33ca17.1660781016.332c830b, 0.becc4d17.1660845074.d0ba848
date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
gzip
last-modified
Wed, 20 Jul 2022 23:59:28 GMT
server
AkamaiNetStorage
etag
"5d7d69dc820bd519c4643e02a89c66d9:1658361568.37808"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-cache, private, max-age=7776000
server-timing
cdn-cache; desc=HIT, edge; dur=1
strict-transport-security
max-age=15768000 ; preload
accept-ranges
bytes
content-length
36239
expires
Sat, 17 Sep 2022 17:51:14 GMT
ssaf-uc.js
www.att.com/scripts/ssaf_universal_client/prod/ 		112 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.att.com/scripts/ssaf_universal_client/prod/ssaf-uc.js
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/detm-container-hdr.js.download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:2:9ac::2db1 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Resource Optimizer /
Resource Hash
11e958253de0d94e5697a34e1ad47f9f1fd72a88dd69ae5741f0c496f8ddd1a5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

aka-global-request-id-uxtime
0.5537d517.1660579817.50d568ae, 0.becc4d17.1660845074.d0ba861
date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Mon, 15 Aug 2022 16:10:18 GMT
server
Akamai Resource Optimizer
etag
"28cbf5229384748546d5398a66f9baf5:1658363651.15521"
strict-transport-security
max-age=15768000 ; preload
content-type
application/x-javascript
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
22204
id
smetrics.att.com/ 		0
0
saved_resource.html
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ Frame D17C 		149 B
229 B 		Document
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/saved_resource.html
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

accept-ranges
bytes
content-length
149
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Thu, 18 Aug 2022 17:51:14 GMT
etag
"95-62fe2f64-404172ee0db6b91e;;;"
last-modified
Thu, 18 Aug 2022 12:24:04 GMT
server
LiteSpeed
ATTAleckSans_W_Rg.woff
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ATTAleckSans_W_Rg.woff
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/styles.css
Origin
https://atfdt.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Mon, 04 Jul 2022 16:27:28 GMT
server
LiteSpeed
etag
"999-62c314f0-e817542977aca7f3;br"
vary
Accept-Encoding
content-type
text/html
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
912
zenkey-icon.svg
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/zenkey-icon.svg
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/styles.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Mon, 04 Jul 2022 16:27:28 GMT
server
LiteSpeed
etag
"999-62c314f0-e817542977aca7f3;br"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
912
ATTAleckSans_W_Md.woff
atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ATTAleckSans_W_Md.woff
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/styles.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:3:713:0:1c42:7489:1 , Cyprus, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/styles.css
Origin
https://atfdt.com
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
br
last-modified
Mon, 04 Jul 2022 16:27:28 GMT
server
LiteSpeed
etag
"999-62c314f0-e817542977aca7f3;br"
vary
Accept-Encoding
content-type
text/html
accept-ranges
bytes
content-length
912
dest5.html
att.demdex.net/ Frame D9B6 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://att.demdex.net/dest5.html?d_nsid=0
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/detm-container-hdr.js.download
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.41.239.204 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-239-204.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://atfdt.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language
jp-JP,jp;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-tyo3-2-v036-0db8b8ff3.edge-tyo3.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
d0+yb3E9Tsg=
content-encoding
gzip
date
Thu, 18 Aug 2022 17:51:14 GMT
last-modified
Wed, 3 Aug 2022 12:12:56 GMT
vary
accept-encoding
json
fls.doubleclick.net/ 		40 B
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fls.doubleclick.net/json?spot=6100125&src=&var=s_3_Integrate_DFA_get_0&host=integrate.112.2o7.net%2Fdfa_echo%3Fvar%3Ds_3_Integrate_DFA_get_0%26AQE%3D1%26A2S%3D1&ord=1660845074541
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ssaf-uc.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.42.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f6.1e100.net
Software
cafe /
Resource Hash
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60
x-xss-protection
0
pragma
no-cache
server
cafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ceb36fa5-509e-4ede-a799-82d274a65af4
https://atfdt.com/ 		17 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://atfdt.com/ceb36fa5-509e-4ede-a799-82d274a65af4
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
17143b89bc1d01bed24799f4f4a41ef408bf571270c066a2e8d12b1e26f410d8

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Length
17224
Content-Type
application/javascript
edmDataManager.js
www.att.com/scripts/adobe/prod/ 		90 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.att.com/scripts/adobe/prod/edmDataManager.js
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/detm-container-hdr.js.download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:2:9ac::2db1 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
f781b96d13214f23bea0a15643d25dd691b716ea2ae07a2cd270cfecc254b862
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

aka-global-request-id-uxtime
0.963a2f17.1660781017.4f61fd7, 0.becc4d17.1660845074.d0ba872
date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
gzip
last-modified
Fri, 26 Feb 2021 02:01:51 GMT
server
AkamaiNetStorage
etag
"e8375de081518aea84128517844d4956:1614304911.080527"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-cache, private, max-age=7776000
server-timing
cdn-cache; desc=HIT, edge; dur=138
strict-transport-security
max-age=15768000 ; preload
accept-ranges
bytes
content-length
22254
ibs:dpid=21&dpuuid=232173304247015167081
dpm.demdex.net/ Frame D9B6
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=53247482218250425123875068969396428813
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=232173304247015167081
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=21&dpuuid=232173304247015167081
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
HTTP/1.1
Server
175.41.239.204 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-239-204.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://att.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-2-v036-0ba62ef4a.edge-tyo3.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ldLyFUAxTcc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 18 Aug 2022 17:51:14 GMT
server
AAWebServer
location
https://dpm.demdex.net/ibs:dpid=21&dpuuid=232173304247015167081
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
ibs:dpid=358&dpuuid=1336790646523313398
dpm.demdex.net/ Frame D9B6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=1336790646523313398
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1336790646523313398
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
HTTP/1.1
Server
175.41.239.204 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-239-204.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://att.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-2-v036-0ba62ef4a.edge-tyo3.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6ZJ3rwi1TCQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Thu, 18 Aug 2022 17:51:15 GMT
X-Proxy-Origin
217.138.252.170; 217.138.252.170; 595.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
AN-X-Request-Uuid
41c22679-71f9-41a7-ae55-43347f65d554
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1336790646523313398
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
delivery
attservicesinc.tt.omtrdc.net/rest/v1/ 		49 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://attservicesinc.tt.omtrdc.net/rest/v1/delivery?client=attservicesinc&sessionId=ae61413b2e8047a6a01910ed7ab753bc&version=2.4.0
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/quantum-att.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.109.72 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-109-72.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
70ac34d176f59098e867cd1008c65de5e945ae2ee702444a4e6e9ee10ae314dd

Request headers

Referer
https://atfdt.com/
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://atfdt.com
date
Thu, 18 Aug 2022 17:51:15 GMT
content-encoding
gzip
access-control-allow-credentials
true
vary
origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type
application/json;charset=UTF-8
edmDataDefinition.js
www.att.com/scripts/adobe/prod/ 		109 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.att.com/scripts/adobe/prod/edmDataDefinition.js
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/detm-container-hdr.js.download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:2:9ac::2db1 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b130760d3da82d501221cf9bb0d3bd421968f88877dbd18be42e3241dfa60edd
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

aka-global-request-id-uxtime
0.3533ca17.1660781017.3656175, 0.becc4d17.1660845074.d0ba88c
date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
gzip
last-modified
Fri, 16 Jul 2021 02:16:55 GMT
server
AkamaiNetStorage
etag
"d62524a2ac7ef5562d0a18c28f3db60d:1626401815.791981"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-cache, private, max-age=7776000
server-timing
cdn-cache; desc=HIT, edge; dur=6
strict-transport-security
max-age=15768000 ; preload
accept-ranges
bytes
content-length
19343
att-logo.svg
signin.att.com/static/siam//en/halo_c/images/logos/ 		0
0
ibs:dpid=477&dpuuid=33aa1ef84fb7c248c1d685e0fb4d8aaa1db138093debede6c37c5d0c0809fd45b0da87c991749652
dpm.demdex.net/ Frame D9B6
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=53247482218250425123875068969396428813
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomNTMyNDc0ODIyMTgyNTA0MjUxMjM4NzUwNjg5NjkzOTY0Mjg4MTMQABoNCJL4-ZcGEgUI6AcQAEIASgA
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=33aa1ef84fb7c248c1d685e0fb4d8aaa1db138093debede6c37c5d0c0809fd45b0da87c991749652
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=33aa1ef84fb7c248c1d685e0fb4d8aaa1db138093debede6c37c5d0c0809fd45b0da87c991749652
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
HTTP/1.1
Server
175.41.239.204 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-239-204.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://att.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-2-v036-0af2f11fb.edge-tyo3.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
YtFknxSNS3A=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Thu, 18 Aug 2022 17:51:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=33aa1ef84fb7c248c1d685e0fb4d8aaa1db138093debede6c37c5d0c0809fd45b0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
detm_adobe.js
www.att.com/scripts/adobe/prod/ 		324 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.att.com/scripts/adobe/prod/detm_adobe.js
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/detm-container-hdr.js.download
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:140b:2:9ac::2db1 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3e87d31d9f3ce2a12ccf5e662f71511d054f7e2f1b9f37ca34b8196cb3750a7f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://atfdt.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

aka-global-request-id-uxtime
0.4633ca17.1660781017.386938cd, 0.becc4d17.1660845074.d0ba8a0
date
Thu, 18 Aug 2022 17:51:14 GMT
content-encoding
gzip
last-modified
Thu, 19 May 2022 01:38:54 GMT
server
AkamaiNetStorage
etag
"653583b07844e3da1d6e6d92fda1d29c:1652924334.718319"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
no-cache, private, max-age=7776000
server-timing
cdn-cache; desc=HIT, edge; dur=6
strict-transport-security
max-age=15768000 ; preload
accept-ranges
bytes
content-length
86877
/
att-app.quantummetric.com/ Frame 206A 		90 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://att-app.quantummetric.com/?T=B&u=https%3A%2F%2Fatfdt.com%2Fcn%2Faccnt%2Fdynamics%2FiamLRR%2Fcontroller.php&t=1660845074811&v=1660845074829&z=1&S=0&N=0&P=0
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/quantum-att.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.69.196.104 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.196.69.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
25cb803832b072f92be713018e8336443f5bfcbee407609b0f01896a6a80c439
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 18 Aug 2022 17:51:15 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://atfdt.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
/
att-sync.quantummetric.com/ Frame 206A 		0
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://att-sync.quantummetric.com/?T=B&u=https%3A%2F%2Fatfdt.com%2Fcn%2Faccnt%2Fdynamics%2FiamLRR%2Fcontroller.php&t=1660845074811&v=1660845074837&z=1&Q=1&Y=1&X=b88c6bad33604f79557928add9a2cee7
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/quantum-att.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.226.2.182 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
182.2.226.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://atfdt.com
date
Thu, 18 Aug 2022 17:51:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
strict-transport-security
max-age=31536000
content-type
application/json
ibs:dpid=771&dpuuid=CAESEKK3HOOk8vCoLbZt4TJxZgo&google_cver=1
dpm.demdex.net/ Frame D9B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NTMyNDc0ODIyMTgyNTA0MjUxMjM4NzUwNjg5NjkzOTY0Mjg4MTM=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKK3HOOk8vCoLbZt4TJxZgo&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKK3HOOk8vCoLbZt4TJxZgo&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
HTTP/1.1
Server
175.41.239.204 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-239-204.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://att.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-1-v036-0da8525f9.edge-tyo3.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
5OJMx8vuQBQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 18 Aug 2022 17:51:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKK3HOOk8vCoLbZt4TJxZgo&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ Frame D9B6 		43 B
355 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=53247482218250425123875068969396428813&p_id=38594
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_m /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://att.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-response-time
98
date
Thu, 18 Aug 2022 17:51:16 GMT
server
tsa_m
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
deb71d020e3c79ecb689a59205166852dc399497f6e0237ed588197bcfe5b97c
content-length
43
ibs:dpid=22052&dpuuid=3629429545559392266
dpm.demdex.net/ Frame D9B6
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3629429545559392266
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3629429545559392266
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
HTTP/1.1
Server
175.41.239.204 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-175-41-239-204.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://att.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

DCS
dcs-prod-tyo3-2-v036-0c5928bdf.edge-tyo3.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
DjfCS2ciTas=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Thu, 18 Aug 2022 17:51:14 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3629429545559392266
cache-control
private
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
185
expires
0,Fri, 19 Aug 2022 13:51:15 GMT
ecm3
s.amazon-adsystem.com/ Frame D9B6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433
  • https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t
  • https://dpm.demdex.net/ibs:dpid=139200&dpuuid=r6JhT732SU2vQBGyDwTvdg&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D
  • https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=53247482218250425123875068969396428813
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=53247482218250425123875068969396428813
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
https://att.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 18 Aug 2022 17:51:16 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
3RN3P1H0KB4CR3D7KTFA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

DCS
dcs-prod-tyo3-2-v036-00b3b90f7.edge-tyo3.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
D2pCaUIOR3E=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=53247482218250425123875068969396428813
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
att-app.quantummetric.com/ Frame 206A 		28 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://att-app.quantummetric.com/?s=a81f60dab5c0d33d525ebe667cfe0a9e&H=f2ebbba0956ddde2c009d606&Q=3
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/quantum-att.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.69.196.104 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.196.69.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
jp-JP,jp;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 17:51:15 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://atfdt.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000
/
att-app.quantummetric.com/ Frame 206A 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://att-app.quantummetric.com/?T=B&u=https%3A%2F%2Fatfdt.com%2Fcn%2Faccnt%2Fdynamics%2FiamLRR%2Fcontroller.php&t=1660845074811&v=1660845075428&H=f2ebbba0956ddde2c009d606&s=a81f60dab5c0d33d525ebe667cfe0a9e&U=227e969b5616dc580ceb63d2b4c4b808&z=1&Q=2&S=0&N=0
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/quantum-att.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.69.196.104 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.196.69.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://atfdt.com
date
Thu, 18 Aug 2022 17:51:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
strict-transport-security
max-age=31536000
content-type
application/json
/
att-app.quantummetric.com/ Frame 206A 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://att-app.quantummetric.com/?T=B&u=https%3A%2F%2Fatfdt.com%2Fcn%2Faccnt%2Fdynamics%2FiamLRR%2Fcontroller.php&t=1660845074811&v=1660845075578&H=f2ebbba0956ddde2c009d606&s=a81f60dab5c0d33d525ebe667cfe0a9e&z=1&S=904&N=2&P=1
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/quantum-att.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.69.196.104 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.196.69.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://atfdt.com
date
Thu, 18 Aug 2022 17:51:15 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
strict-transport-security
max-age=31536000
content-type
application/json
/
att-app.quantummetric.com/ Frame 206A 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://att-app.quantummetric.com/?T=B&u=https%3A%2F%2Fatfdt.com%2Fcn%2Faccnt%2Fdynamics%2FiamLRR%2Fcontroller.php&t=1660845074811&v=1660845079829&H=f2ebbba0956ddde2c009d606&s=a81f60dab5c0d33d525ebe667cfe0a9e&z=1&S=1247&N=6&P=2
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/quantum-att.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.69.196.104 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.196.69.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://atfdt.com
date
Thu, 18 Aug 2022 17:51:19 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
strict-transport-security
max-age=31536000
content-type
application/json
/
att-app.quantummetric.com/ Frame 206A 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://att-app.quantummetric.com/?T=B&u=https%3A%2F%2Fatfdt.com%2Fcn%2Faccnt%2Fdynamics%2FiamLRR%2Fcontroller.php&t=1660845074811&v=1660845079974&H=f2ebbba0956ddde2c009d606&s=a81f60dab5c0d33d525ebe667cfe0a9e&z=1&Q=2&S=601&N=1
Requested by
Host: atfdt.com
URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/quantum-att.js.download
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.69.196.104 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
104.196.69.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
accept-language
jp-JP,jp;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://atfdt.com
date
Thu, 18 Aug 2022 17:51:20 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
strict-transport-security
max-age=31536000
content-type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
smetrics.att.com
URL
https://smetrics.att.com/id?d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=55633F7A534535110A490D44%40AdobeOrg&mid=52983112999836954743865547497077372463&ts=1660845074295
Domain
signin.att.com
URL
https://signin.att.com/static/siam//en/halo_c/images/logos/att-logo.svg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| detmScriptLoadType string| mid string| adobe_mc string| href undefined| analytics_app_visitor_id undefined| ts undefined| newurl object| detm_last_link_info function| isIE function| _pageLoadDetector function| _earlyAnalytics function| e boolean| disableAudienceManager object| visitor object| DataMappingInterface string| detm_tag_notification_key string| legacyModeKey object| scripts object| script string| src function| satelliteDetector function| scriptExecutor string| filesadded boolean| monecontwatched function| loadAdsFile function| injectHtmlTag function| executeMonetizationTagInjection function| injectMonetization function| iterateANConfigObj function| findAccurateConfig object| detmScriptLoaderConfig function| detmScriptLoader object| detmLoader boolean| AllowDelayedLoad object| earlyAnalytics object| chatAnalytics function| Visitor object| s_c_il number| s_c_in boolean| detmDisabled object| detmScriptExecutor function| detmDomainMapper object| detmTagControls string| path object| _satellite object| head_ab boolean| pageLoadFired function| targetView function| listAbVariants function| targetPageParams object| targetGlobalSettings function| ab$ function| ABJSFrameworkLibrary object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate string| AB_LOCATION_CHANGE string| sdidUrl object| loginJspEnvVars string| loginLanguage object| HaloCTimeout object| s_3_Integrate_DFA_get_0 function| detmExecuteFooter function| QuantumMetricInstrumentationStart object| QuantumMetricAPI function| qmflate object| ddo function| AnalyticsNotificationFramework boolean| DMviaDM function| edmDataManager function| docReady function| master_ddo function| master_dmf function| emptyObject function| $setCacheVar number| $initTimestamp object| bits string| loadOn string| reqKey number| customerMaxDepth boolean| listnerFlag number| ddoCheckEventInterval object| legacy_ddo string| addressBarFullURL string| viewOnlineBill object| legacy_DataMappingInterface function| setMapUrls object| uc_dfa_val number| dfaSuccess function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap object| j function| E function| AppMeasurement_Module_Media function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq object| s_att object| webpackJsonp function| $localize function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched string| _host object| context object| __zone_symbol__scrollfalse object| __zone_symbol__clickfalse function| _ object| __zone_symbol__DM_DOC_READYfalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__keydownfalse object| __zone_symbol__keyupfalse object| __zone_symbol__messagefalse function| __zone_symbol__ON_PROPERTYerror object| __zone_symbol__errorfalse object| __zone_symbol__loadfalse object| __zone_symbol__DOMContentLoadedfalse object| __zone_symbol__resizefalse object| __zone_symbol__pagehidefalse object| __zone_symbol__orientationchangefalse object| __zone_symbol__focustrue object| __zone_symbol__blurtrue object| __zone_symbol__EA_ANF_NOTIFYfalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

21 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 53247482218250425123875068969396428813
atfdt.com/ Name: AMCVS_55633F7A534535110A490D44%40AdobeOrg
Value: 1
.atfdt.com/ Name: at_check
Value: true
.atfdt.com/ Name: mbox
Value: session#ae61413b2e8047a6a01910ed7ab753bc#1660846935
.agkn.com/ Name: ab
Value: 0001%3AnLv8Yi%2BLTVtYQfLnQwF56suAI6aGDh7i
.dpm.demdex.net/ Name: dpm
Value: 53247482218250425123875068969396428813
.att.com/ Name: s_ecid
Value: MCMID%7C52983112999836954743865547497077372463
atfdt.com/ Name: AMCV_55633F7A534535110A490D44%40AdobeOrg
Value: 1994364360%7CMCIDTS%7C19223%7CMCMID%7C52983112999836954743865547497077372463%7CMCAAMLH-1661449874%7C11%7CMCAAMB-1661449874%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1660852274s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.4.0
.adnxs.com/ Name: uuid2
Value: 1336790646523313398
.doubleclick.net/ Name: IDE
Value: AHWqTUlZJEGa25mVVuHJHf6x0Zt0Er4h0i9DRvd5b7tQKYaZ3bBI1EKpvA-HlNrdV6Q
.rlcdn.com/ Name: rlas3
Value: TuSWIntSyWpxymtVkfTMukZv3utvVIpV3t9gCDJ8dTk=
.rlcdn.com/ Name: pxrc
Value: CJP4+ZcGEgUI6AcQABIGCPHrARAA
.demdex.net/ Name: dextp
Value: 21-1-1660845074572|358-1-1660845074690|477-1-1660845074829|771-1-1660845074930|1123-1-1660845075032|22052-1-1660845075134|139200-1-1660845075236
att-app.quantummetric.com/ Name: s
Value: a81f60dab5c0d33d525ebe667cfe0a9e
att-app.quantummetric.com/ Name: U
Value: 227e969b5616dc580ceb63d2b4c4b808
.atfdt.com/ Name: QuantumMetricUserID
Value: 227e969b5616dc580ceb63d2b4c4b808
.atfdt.com/ Name: QuantumMetricSessionID
Value: a81f60dab5c0d33d525ebe667cfe0a9e
.ml314.com/ Name: pi
Value: 3629429545559392266
.amazon-adsystem.com/ Name: ad-id
Value: A63GSGhvgUpEoVhWR8XlKBY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.twitter.com/ Name: personalization_id
Value: "v1_DKFPcXD180uRBgzu3/0B6A=="

8 Console Messages

Source Level URL
Text
javascript warning URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/detm-container-hdr.js.download(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.att.com/scripts/adobe/prod/mbox-contents.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/detm-container-hdr.js.download(Line 7)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.att.com/scripts/adobe/prod/mbox-contents.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ATTAleckSans_W_Rg.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/ATTAleckSans_W_Md.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/controller.php
Message:
Access to XMLHttpRequest at 'https://smetrics.att.com/id?d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=55633F7A534535110A490D44%40AdobeOrg&mid=52983112999836954743865547497077372463&ts=1660845074295' from origin 'https://atfdt.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://smetrics.att.com/id?d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=55633F7A534535110A490D44%40AdobeOrg&mid=52983112999836954743865547497077372463&ts=1660845074295
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://atfdt.com/cn/accnt/dynamics/iamLRR/index_files/zenkey-icon.svg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://attservicesinc.tt.omtrdc.net/rest/v1/delivery?client=attservicesinc&sessionId=ae61413b2e8047a6a01910ed7ab753bc&version=2.4.0
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
analytics.twitter.com
atfdt.com
att-app.quantummetric.com
att-sync.quantummetric.com
att.demdex.net
attservicesinc.tt.omtrdc.net
cm.g.doubleclick.net
dpm.demdex.net
fls.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
ml314.com
s.amazon-adsystem.com
signin.att.com
smetrics.att.com
www.att.com
signin.att.com
smetrics.att.com
103.43.90.19
104.244.42.195
142.251.42.198
172.217.175.226
175.41.239.204
2600:140b:2:9ac::2db1
2a02:4780:3:713:0:1c42:7489:1
34.111.234.236
34.69.196.104
35.190.60.146
35.226.2.182
52.192.109.72
52.46.143.56
54.249.253.250
01d2e2d1d4c06005908bc418baa8164901351f46882d0c50ee20a9196ad4bf7a
103fc702b1951942fccff3f0d791ac1d81759b75a55fecd58d20f8ec0fc0cdd3
11e958253de0d94e5697a34e1ad47f9f1fd72a88dd69ae5741f0c496f8ddd1a5
121d7327471295d2aa1878ef94c8ab756375856d08ae24d3df11fa549e241633
12d77f615d7df0946899d769baa6094c8060d6006df35a1afb54c152b070871e
15d70dd6d2024b7cc2925bcd47aad1a429b08042ebcc15364004c0c887f719d6
17143b89bc1d01bed24799f4f4a41ef408bf571270c066a2e8d12b1e26f410d8
25cb803832b072f92be713018e8336443f5bfcbee407609b0f01896a6a80c439
3d70ce95eb1eb78620cc57fe1a6a479e6f2d70508bf813238e573863df000d6e
3e87d31d9f3ce2a12ccf5e662f71511d054f7e2f1b9f37ca34b8196cb3750a7f
404242f2c176ef500776c795d03817ee93ec04b15fa756a4a19d8e288a53377f
4289a79bc8d9067f22076f7371310e960cdbb85dddd623d6ffb56e471c80ce3d
559e53a05e7bda97ba6323be20d4ef122d92f8bdf2697df975706f871128c972
602f8b16677c147fc84c606e110e0726cde9e203ec522d816f3fb4a6db6461b7
6982fbe858e30068de9301b49438c83838bc7beb058146703b22b701e6709c7e
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
70ac34d176f59098e867cd1008c65de5e945ae2ee702444a4e6e9ee10ae314dd
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7fb499762f70ff748a9657f16eaf3fa2e40f29fe1bf9beddbde4673f8ece838e
83f5ed17f46cd4448a02c705214a95e869ecb411c8ea95e1256593c75e178e56
8e287e882c94515511feeecf37c94926b1a478b37c9b831500c41c3a96f43d0a
9585a6de2c003816b07ae4fd8b535fdba5928fdb2e40ca1a34214c7031a8fa1c
97f9b10039b05e1af4a3c9b778fc72ba44cf68a376e4ec1d55f2558f16cf3e50
a0c98fd4b30de8c0da998012e49673f84af12a8daf3d170ed2cd3865aeefba63
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b130760d3da82d501221cf9bb0d3bd421968f88877dbd18be42e3241dfa60edd
bfb9ce8a55af349aac152bf1ef818376642d93fb4c2ccc3f54332cacbce1ad8f
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
d77b871e65dca5b2cd96c005e842108511b744e88ff180621ba501b8ff7f7b19
e0dd81249bb9ee1a609a9534446db40d024602928ecdde063eee5bf1792e0734
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84058d96588f430e531088606c948fab7ecdbffe5551cceeecfd84cfa1471eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f781b96d13214f23bea0a15643d25dd691b716ea2ae07a2cd270cfecc254b862