mirageinc.net Open in urlscan Pro
2606:4700:3034::681b:90a7 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mirageinc.net/booxx/att.net/att.net/att.htm
Effective URL:
https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-15862...
Submission Tags: @ipnigh
Submission: On April 07 via api (April 7th 2020, 9:35:37 pm UTC) from GB

Summary HTTP 46 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 11 IPs in 5 countries across 10 domains to perform 46 HTTP transactions. The main IP is 2606:4700:3034::681b:90a7, located in United States and belongs to CLOUDFLARENET, US. The main domain is mirageinc.net.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 16th 2020. Valid for: 7 months.

This is the only time mirageinc.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3034::681b:90a7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:6c0... 2a02:26f0:6c00:187::2db1	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
18	144.160.36.70 144.160.36.70	797 (AMERITECH-AS) (AMERITECH-AS)
1	69.168.106.86 69.168.106.86	36271 (SYNACOR-C...) (SYNACOR-CLUSTER)
1	34.247.192.223 34.247.192.223	16509 (AMAZON-02) (AMAZON-02)
1	23.0.39.230 23.0.39.230	16625 (AKAMAI-AS) (AKAMAI-AS)
4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
46	11

4 2606:4700:3034::681b:90a7 (United States)

ASN13335 (CLOUDFLARENET, US)

mirageinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:187::2db1 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

www.att.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 144.160.36.70 (United States)

ASN797 (AMERITECH-AS, US)

home.secureapp.att.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.168.106.86 (United States)

ASN36271 (SYNACOR-CLUSTER, US)

sadlib.static-app.synacor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.192.223 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-192-223.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.0.39.230 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-39-230.deploy.static.akamaitechnologies.com

smetrics.att.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	att.net home.secureapp.att.net	220 KB
9	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	943 KB
4	ampproject.org cdn.ampproject.org	146 KB
4	doubleclick.net securepubads.g.doubleclick.net	104 KB
4	mirageinc.net mirageinc.net	15 KB
3	att.com www.att.com smetrics.att.com	24 KB
1	google.com adservice.google.com	171 B
1	google.co.uk adservice.google.co.uk	839 B
1	demdex.net dpm.demdex.net	1 KB
1	synacor.com sadlib.static-app.synacor.com	84 KB
46	10

	Domain	Requested by
18	home.secureapp.att.net	mirageinc.net home.secureapp.att.net
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net mirageinc.net tpc.googlesyndication.com cdn.ampproject.org
4	cdn.ampproject.org	securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	securepubads.g.doubleclick.net	sadlib.static-app.synacor.com securepubads.g.doubleclick.net mirageinc.net
4	mirageinc.net	mirageinc.net
2	www.att.com	mirageinc.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	smetrics.att.com	www.att.com
1	dpm.demdex.net	www.att.com
1	sadlib.static-app.synacor.com	mirageinc.net
46	12

This site contains links to these domains. Also see Links.

Domain
www.att.net
www.att.com
watch.att.com
envivo.att.yahoo.com
attreg.att.net
about.att.com
www.xandr.com
survey.foreseeresults.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-16` - `2020-10-09`	7 months	crt.sh
*.att.com DigiCert SHA2 Secure Server CA	`2020-01-07` - `2021-02-04`	a year	crt.sh
home.secureapp.att.net DigiCert SHA2 Secure Server CA	`2018-09-17` - `2020-09-17`	2 years	crt.sh
*.static-app.synacor.com DigiCert SHA2 High Assurance Server CA	`2019-08-05` - `2021-08-25`	2 years	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
Frame ID: F0B3D0719747F61955E1D07260170728
Requests: 38 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js
Frame ID: C68C1DE3932EC3D2BC335D369C3C4AE0
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 64CF34084F4033ABC60EB7B63FDCD37F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mirageinc.net/booxx/att.net/att.net/att.htm Page URL
https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Webtrends (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<img[^>]+id="DCSIMG"[^>]+webtrends/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

46
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

12
Subdomains

11
IPs

5
Countries

1538 kB
Transfer

2459 kB
Size

5
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: http://www.att.net/
Title: att.net

Search URL Search Domain Scan URL

URL: http://www.att.com/
Title: att.com

Search URL Search Domain Scan URL

URL: https://watch.att.com/uverse-tv/
Title: uverse.com

Search URL Search Domain Scan URL

URL: https://envivo.att.yahoo.com/
Title: En Español

Search URL Search Domain Scan URL

URL: https://www.att.com/esupport/index.jsp?App_ID=PBY
Title: AT&T Support

Search URL Search Domain Scan URL

URL: https://www.att.com/esupport/article.html#!/wireless/KM1187387
Title: Learn about shared passwords for AT&T email.

Search URL Search Domain Scan URL

URL: https://www.att.com/olam/unauth/enterEmailForgotId.myworld?origination_point=att.net&Return_URL=https://cprodctnxsf.att.net/inqChat.html?IFRAME&Cancel_URL=https://cprodctnxsf.att.net/inqChat.html?IFRAME
Title: Forgot User ID?

Search URL Search Domain Scan URL

URL: https://attreg.att.net/PortalRegWeb/PortalRegController?callingAppId=OP&returnUrl=

Search URL Search Domain Scan URL

URL: https://www.att.com/legal/terms.attNetTermsOfUse.html
Title: Terms

Search URL Search Domain Scan URL

URL: https://about.att.com/csr/home/privacy.html
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.xandr.com/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://about.att.com/csr/home/privacy/full_privacy_policy.html#obc
Title: Advertising Choices

Search URL Search Domain Scan URL

URL: https://www.att.com/legal/terms.aup.html
Title: Acceptable Use Policy

Search URL Search Domain Scan URL

URL: https://survey.foreseeresults.com/survey/display?cid=JxTg9PsUYKor4P5i9ne0Ug==&sid=s-feedback-en
Title: Feedback

Search URL Search Domain Scan URL

URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.IP&redirecturl=http://www.att.com/gen/privacy-policy?pid=2587
Title: © 2020 AT&T Intellectual Property

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mirageinc.net/booxx/att.net/att.net/att.htm Page URL
https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 503 att.htm Show response
mirageinc.net/booxx/att.net/att.net/ 11 KB
11 KB 68ms
28ms Document
text/html 2606:4700:3034::681b:90a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mirageinc.net/booxx/att.net/att.net/att.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:90a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be473488952323325afb4c617b047e4d068a6ad0e081ffb97585bf193bebeb10

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: mirageinc.net
:scheme: https
:path: /booxx/att.net/att.net/att.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 503
date: Tue, 07 Apr 2020 21:35:05 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d87caf40293bfb1071a9f804dbfc9c8811586295305; expires=Thu, 07-May-20 21:35:05 GMT; path=/; domain=.mirageinc.net; HttpOnly; SameSite=Lax; Secure
x-frame-options: SAMEORIGIN
cache-control: no-cache
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 5806e05a1851d6bd-FRA

GET
H2 200 transparent.gif
mirageinc.net/cdn-cgi/images/trace/jschal/nojs/ 42 B
190 B 7ms
7ms Image
image/gif 2606:4700:3034::681b:90a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mirageinc.net/cdn-cgi/images/trace/jschal/nojs/transparent.gif?ray=5806e05a1851d6bd

Requested by

Host: mirageinc.net
URL: https://mirageinc.net/booxx/att.net/att.net/att.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:90a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 07 Apr 2020 21:35:05 GMT
last-modified: Thu, 02 Apr 2020 11:44:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e85d016-2a"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 5806e05a48d4d6bd-FRA
content-length: 42
expires: Tue, 07 Apr 2020 23:35:05 GMT

GET
H2 200 transparent.gif
mirageinc.net/cdn-cgi/images/trace/jschal/js/ 42 B
100 B 8ms
8ms Image
image/gif 2606:4700:3034::681b:90a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mirageinc.net/cdn-cgi/images/trace/jschal/js/transparent.gif?ray=5806e05a1851d6bd

Requested by

Host: mirageinc.net
URL: https://mirageinc.net/booxx/att.net/att.net/att.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:90a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 07 Apr 2020 21:35:05 GMT
last-modified: Thu, 02 Apr 2020 11:44:22 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5e85d016-2a"
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=7200, public
accept-ranges: bytes
cf-ray: 5806e05a48dfd6bd-FRA
content-length: 42
expires: Tue, 07 Apr 2020 23:35:05 GMT

POST
H2 200 Primary Request att.htm Show response
mirageinc.net/booxx/att.net/att.net/ 8 KB
3 KB 57ms
57ms Document
text/html 2606:4700:3034::681b:90a7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA

Requested by

Host: mirageinc.net
URL: https://mirageinc.net/booxx/att.net/att.net/att.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::681b:90a7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

860ea0e8e0af4a83dd3fb8b2606542acccfd78a65e8afd07a850cb658099cb70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: mirageinc.net
:scheme: https
:path: /booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
content-length: 2029
pragma: no-cache
cache-control: no-cache
origin: https://mirageinc.net
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
referer: https://mirageinc.net/booxx/att.net/att.net/att.htm
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d87caf40293bfb1071a9f804dbfc9c8811586295305
Origin: https://mirageinc.net
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm

Response headers

status: 200
date: Tue, 07 Apr 2020 21:35:09 GMT
content-type: text/html
set-cookie: cf_clearance=17400ded4b9b31b5d233bb9f25bb0aa33c5bb6f2-1586295309-0-150; path=/; expires=Wed, 08-Apr-20 22:35:09 GMT; domain=.mirageinc.net; HttpOnly; Secure; SameSite=None __cfduid=d69bba0105f4a12dfb9ea1a9a0a4303df1586295309; expires=Thu, 07-May-20 21:35:09 GMT; path=/; domain=.mirageinc.net; HttpOnly; SameSite=Lax; Secure
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5806e0735cbed6bd-FRA
content-encoding: gzip

GET
H2 200 detm-container-hdr.js Show response
www.att.com/scripts/adobe/prod/ 92 KB
23 KB 45ms
23ms Script
application/javascript 2a02:26f0:6c00:187::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/adobe/prod/detm-container-hdr.js

Requested by

Host: mirageinc.net
URL: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:187::2db1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

8c62a894138e480536c72a3c9a4b1e554aa6e8724396e16c33457f15d3c948b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; preload

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 07 Apr 2020 21:35:09 GMT
content-encoding: br
last-modified: Fri, 03 Apr 2020 18:49:48 GMT
server: Akamai Resource Optimizer
etag: "171aa-5a2428a46f2c0-gzip"
strict-transport-security: max-age=15768000 ; preload
content-type: application/javascript
status: 200
uxtime: XoeFS6b@0EAHO5hNrVtMTAAAAM0 D=16147
cache-control: max-age=900
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 23239

GET
H/1.1 200
OK _fontface.css
home.secureapp.att.net/css/sso/slid/1201/ 0
960 B 571ms
118ms Stylesheet
text/css 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://home.secureapp.att.net/css/sso/slid/1201/_fontface.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 07 Apr 2020 21:35:09 GMT
Last-Modified: Wed, 06 Jun 2018 16:59:52 GMT
Server: unknown
x-powered-by: unknown
ETag: "bc105c-0-56dfc1864d200"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: text/css
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK main.css
home.secureapp.att.net/css/sso/slid/1201/ 28 KB
29 KB 575ms
120ms Stylesheet
text/css 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://home.secureapp.att.net/css/sso/slid/1201/main.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

a5182fbd8bbbbc358b704a5a070ffad58bd079b7800803935d9e3b2b8b9c5d87

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 07 Apr 2020 21:35:09 GMT
Last-Modified: Wed, 06 Nov 2019 08:39:34 GMT
Server: unknown
x-powered-by: unknown
ETag: "bc04d1-6fe1-596a97cfabd80"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: text/css
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 28641
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery-1.5.1.min.js Show response
home.secureapp.att.net/js/jquery/ 83 KB
84 KB 577ms
121ms Script
application/x-javascript 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 07 Apr 2020 21:35:09 GMT
Last-Modified: Wed, 06 Jun 2018 16:49:55 GMT
Server: unknown
x-powered-by: unknown
ETag: "ba19b5-14d0c-56dfbf4cf52c0"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: application/x-javascript
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 85260
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK jquery.simplemodal.js Show response
home.secureapp.att.net/js/jquery/simplemodal/ 9 KB
10 KB 578ms
120ms Script
application/x-javascript 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://home.secureapp.att.net/js/jquery/simplemodal/jquery.simplemodal.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

70b5a6613f03d3c015d826185e39839e6dbc2d03871f151bafbed5cc58503f69

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 07 Apr 2020 21:35:09 GMT
Last-Modified: Wed, 06 Jun 2018 16:50:06 GMT
Server: unknown
x-powered-by: unknown
ETag: "bc0fc0-24fd-56dfbf5772b80"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: application/x-javascript
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 9469
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK script.js Show response
home.secureapp.att.net/js/sso/slid/1201/ 53 KB
54 KB 584ms
123ms Script
application/x-javascript 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://home.secureapp.att.net/js/sso/slid/1201/script.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

1c592a51351836456628c2cb9a7dd86d41257d821f8926b137c8f5c63aaf0ca3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 07 Apr 2020 21:35:09 GMT
Last-Modified: Thu, 05 Mar 2020 21:38:09 GMT
Server: unknown
x-powered-by: unknown
ETag: "b00d1a-d2d3-5a0225a5e1240"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: application/x-javascript
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 53971
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK att.js Show response
sadlib.static-app.synacor.com/client/att/ 273 KB
84 KB 534ms
179ms Script
text/javascript 69.168.106.86
SYNACOR-CLUSTER

General

Check archive.org

Show headers Download Go to

Full URL: https://sadlib.static-app.synacor.com/client/att/att.js
Requested by: Host: mirageinc.net
URL: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.168.106.86 , United States, ASN36271 (SYNACOR-CLUSTER, US),
Reverse DNS
Software: nginx /
Resource Hash: 57da70e0abcd4edd4f5f1cb48af1808d6f40e3f988bbf549f48ec690cc114cf3

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Tue, 07 Apr 2020 21:35:09 GMT
Content-Encoding: gzip
Age: 266
P3P: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Connection: keep-alive
Content-Length: 85890
Via: 1.1 varnish
Last-Modified: Tue, 31 Mar 2020 22:41:34 GMT
Server: nginx
ETag: "44213-5a22e45098380"
Vary: Accept-Encoding
X-Varnish: 57056504 56702642
Access-Control-Allow-Origin: *
Cache-Control: max-age=300
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Tue, 07 Apr 2020 21:35:43 GMT

GET
H/1.1 200
OK Button.png
home.secureapp.att.net/design/CDLS10/img/logos/ 2 KB
3 KB 584ms
122ms Image
image/png 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/design/CDLS10/img/logos/Button.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

8e6ec1efd720fba57823309829b05bb57ebb5716c813c88b3c88cf36ab9aa5e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 07 Apr 2020 21:35:09 GMT
Last-Modified: Mon, 11 Mar 2019 18:21:09 GMT
Server: unknown
x-powered-by: unknown
ETag: "c00864-9a2-583d5a2f82f40"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/png
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 2466
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK AT&T_logo.png
home.secureapp.att.net/design/CDLS10/img/logos/ 3 KB
4 KB 123ms
122ms Image
image/png 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/design/CDLS10/img/logos/AT&T_logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

a8c89bb3937cdc4a70b3568eae5a390d918433be78f89deba07846932ae7c695

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 07 Apr 2020 21:35:10 GMT
Last-Modified: Mon, 11 Mar 2019 18:21:08 GMT
Server: unknown
x-powered-by: unknown
ETag: "b2081e-d37-583d5a2e8ed00"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/png
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3383
X-XSS-Protection: 1; mode=block

GET
H2 200 detm-container-ftr.js Show response
www.att.com/scripts/adobe/prod/ 485 B
588 B 19ms
18ms Script
application/javascript 2a02:26f0:6c00:187::2db1
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.att.com/scripts/adobe/prod/detm-container-ftr.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a02:26f0:6c00:187::2db1 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

cdda804f5bc3e5e92c8b19e500d72b4b833de11250129e301641e4b0b6017b5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; preload

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 07 Apr 2020 21:35:10 GMT
content-encoding: br
last-modified: Fri, 03 Apr 2020 21:38:18 GMT
server: Akamai Resource Optimizer
etag: "1e5-5a11439effbc0-gzip"
strict-transport-security: max-age=15768000 ; preload
content-type: application/javascript
status: 200
uxtime: XoesyZ807OEBej-7tXocNgAAAQQ D=11195
cache-control: max-age=900
server-timing: cdn-cache; desc=HIT, edge; dur=1, aka_stats;desc="1|8|214753|gJV|oSTK|sP|358591|6be40e31|23.58.92.116|29581|9"
accept-ranges: bytes
content-length: 235

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 212 B
1 KB 134ms
35ms XHR
application/json 34.247.192.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=3.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1586295309464

Requested by

Host: www.att.com
URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.192.223 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-192-223.eu-west-1.compute.amazonaws.com

Software

Resource Hash

34991a8a05dafe171bb2720e21fc2957d90a762e8a6546618f5a8129c6ef737e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
Origin: https://mirageinc.net
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-v064-0f00fe905.edge-irl1.demdex.com 5.66.0.20200310121811 2ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: QHD26yebSQY=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://mirageinc.net
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 212
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK mobile.css
home.secureapp.att.net/css/sso/slid/1201/ 4 KB
5 KB 127ms
126ms Stylesheet
text/css 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://home.secureapp.att.net/css/sso/slid/1201/mobile.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

601f450bfc37544f6ebbdcbecf66d18121b3a6c99ff9ab31994769f1b08f6e86

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Tue, 07 Apr 2020 21:35:10 GMT
Last-Modified: Mon, 25 Nov 2019 20:24:59 GMT
Server: unknown
x-powered-by: unknown
ETag: "b00bdd-fa1-598318ebb1cc0"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: text/css
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4001
X-XSS-Protection: 1; mode=block

GET
H2 200 id Show response
smetrics.att.com/ 0
0 678ms
596ms XHR
application/x-javascript 23.0.39.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://smetrics.att.com/id?d_visid_ver=3.4.0&d_fieldgroup=A&mcorgid=55633F7A534535110A490D44%40AdobeOrg&mid=31208814826598121544374461749692978421&ts=1586295309602
Requested by: Host: www.att.com
URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.0.39.230 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-39-230.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
Origin: https://mirageinc.net
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-credentials: true

GET
H/1.1 400
Bad Request webtrends.min.js
home.secureapp.att.net/commonLogin/igate_edam/staticContent/images/SLID/js/ 0
0 121ms
121ms Script
text/html 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://home.secureapp.att.net/commonLogin/igate_edam/staticContent/images/SLID/js/webtrends.min.js
Requested by: Host: mirageinc.net
URL: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 44 KB
15 KB 147ms
70ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/att/att.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

5ad02936f4bfd375dd0dd508cec653db63ea5b5e16d009d0d68d4cae246bf242

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 07 Apr 2020 21:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "480 / 375 of 1000 / last-modified: 1586189426"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14697
x-xss-protection: 0
expires: Tue, 07 Apr 2020 21:35:10 GMT

GET
H/1.1 200
OK pageBg.png
home.secureapp.att.net/design/cdls10/img/ui/ 169 B
1001 B 121ms
121ms Image
image/png 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/design/cdls10/img/ui/pageBg.png

Requested by

Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 07 Apr 2020 21:35:10 GMT
Last-Modified: Tue, 19 Mar 2019 02:26:29 GMT
Server: unknown
x-powered-by: unknown
ETag: "b20a88-a9-584693b8bbf40"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/png
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 169
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK btnSumbit.png
home.secureapp.att.net/img/sso/slid/ 1 KB
2 KB 120ms
119ms Image
image/png 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/img/sso/slid/btnSumbit.png

Requested by

Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 07 Apr 2020 21:35:10 GMT
Last-Modified: Mon, 11 Mar 2019 18:27:40 GMT
Server: unknown
x-powered-by: unknown
ETag: "b20b44-573-583d5ba465f00"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/png
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1395
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK footerBg.png
home.secureapp.att.net/design/CDLS10/img/ui/ 560 B
1 KB 123ms
123ms Image
image/png 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/design/CDLS10/img/ui/footerBg.png

Requested by

Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 07 Apr 2020 21:35:10 GMT
Last-Modified: Tue, 19 Mar 2019 01:02:12 GMT
Server: unknown
x-powered-by: unknown
ETag: "b20997-230-584680e200d00"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/png
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 560
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK attGlobalNavHeader-bg.gif
home.secureapp.att.net/design/cdls20/img/ui/ 149 B
981 B 122ms
121ms Image
image/gif 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/design/cdls20/img/ui/attGlobalNavHeader-bg.gif

Requested by

Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 07 Apr 2020 21:35:10 GMT
Last-Modified: Tue, 19 Mar 2019 02:29:51 GMT
Server: unknown
x-powered-by: unknown
ETag: "b20b1e-95-58469479605c0"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/gif
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 149
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK att_globe_blue_80x80.png
home.secureapp.att.net/design/CDLS10/img/logos/ 16 KB
17 KB 120ms
120ms Image
image/png 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/design/CDLS10/img/logos/att_globe_blue_80x80.png

Requested by

Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 07 Apr 2020 21:35:10 GMT
Last-Modified: Mon, 11 Mar 2019 18:21:09 GMT
Server: unknown
x-powered-by: unknown
ETag: "b20897-40c4-583d5a2f82f40"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/png
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 16580
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK support-icon.jpg
home.secureapp.att.net/img/sso/slid/ 2 KB
2 KB 227ms
121ms Image
image/jpeg 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/img/sso/slid/support-icon.jpg

Requested by

Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 07 Apr 2020 21:35:10 GMT
Last-Modified: Mon, 11 Mar 2019 18:27:44 GMT
Server: unknown
x-powered-by: unknown
ETag: "c00cbe-615-583d5ba836800"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/jpeg
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1557
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK txt-clear.png
home.secureapp.att.net/img/sso/slid/ 3 KB
4 KB 225ms
120ms Image
image/png 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/img/sso/slid/txt-clear.png

Requested by

Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 07 Apr 2020 21:35:10 GMT
Last-Modified: Mon, 11 Mar 2019 18:27:44 GMT
Server: unknown
x-powered-by: unknown
ETag: "c00cc0-cda-583d5ba836800"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/png
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 3290
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK ques.png
home.secureapp.att.net/img/sso/slid/ 363 B
1 KB 228ms
119ms Image
image/png 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://home.secureapp.att.net/img/sso/slid/ques.png

Requested by

Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/sso/slid/1201/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),

Reverse DNS

Software

unknown / unknown

Resource Hash

5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Frame-Options	ALLOW-FROM http://.att.com/ https://.att.com/ http://.att.com:/ https://.att.com:/ http://.att.net/ https://.att.net/ http://.att.net:/ https://.att.net:/
X-Xss-Protection	1; mode=block

Request headers

Referer: https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 07 Apr 2020 21:35:10 GMT
Last-Modified: Mon, 11 Mar 2019 18:27:43 GMT
Server: unknown
x-powered-by: unknown
ETag: "c00cbc-16b-583d5ba7425c0"
X-Frame-Options: ALLOW-FROM http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Content-Type: image/png
x-generator: unknown
Content-Security-Policy: frame-ancestors http://*.att.com/ https://*.att.com/ http://*.att.com:*/ https://*.att.com:*/ http://*.att.net/ https://*.att.net/ http://*.att.net:*/ https://*.att.net:*/
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 363
X-XSS-Protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 109 B
839 B 36ms
16ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=mirageinc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 07 Apr 2020 21:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 17ms
17ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mirageinc.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 07 Apr 2020 21:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020040201.js Show response
securepubads.g.doubleclick.net/gpt/ 231 KB
84 KB 70ms
70ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

sffe /

Resource Hash

0bb2044642cf1dac316e8958bf7bdc8f3729d19aa7d07fd0a3d16cac150237f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 07 Apr 2020 21:35:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 02 Apr 2020 22:05:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 85399
x-xss-protection: 0
expires: Tue, 07 Apr 2020 21:35:10 GMT

GET
H/1.1 400
Bad Request context.dll
home.secureapp.att.net/attportal/s/ 0
0 120ms
120ms Image
text/html 144.160.36.70
AMERITECH-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://home.secureapp.att.net/attportal/s/context.dll?id=9002001&type=clickthru&name=cgate.signIn.Pageviews.mirageinc-net&redirecturl=/i/s.gif?nocache=6398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.160.36.70 , United States, ASN797 (AMERITECH-AS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 179 KB
66 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a9042dce0b8f077fc91cac7cc7eb51629bd551d877ce19c3ff1b46915bc3280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 07 Apr 2020 21:07:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1660
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 67459
x-xss-protection: 0
server: cafe
etag: 12495054366238627258
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 07 Apr 2020 22:07:31 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
5 KB 73ms
73ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2103080106128509&correlator=1443004352747909&output=ldjh&impl=fifs&adsid=NT&eid=21065814%2C21062452%2C21065391&vrg=2020040201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200407&iu_parts=5284%2Csyn.att%2Clogin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1440x1024%7C1440x800%7C300x250%7C300x600&eri=4&cookie_enabled=1&cdm=mirageinc.net&bc=31&abxe=1&lmt=1586295311&dt=1586295311690&dlt=1586295309403&idt=1233&frm=20&biw=1585&bih=1200&oid=3&adxs=73&adys=112&adks=3592017840&ucis=1&ifi=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmirageinc.net%2Fbooxx%2Fatt.net%2Fatt.net%2Fatt.htm&loc=https%3A%2F%2Fmirageinc.net%2Fbooxx%2Fatt.net%2Fatt.net%2Fatt.htm%3F__cf_chl_jschl_tk__%3Dcf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA&ref=https%3A%2F%2Fmirageinc.net%2Fbooxx%2Fatt.net%2Fatt.net%2Fatt.htm&dssz=16&icsg=10485928&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1440x-1&msz=1440x-1&ga_vid=863488260.1586295312&ga_sid=1586295312&ga_hid=1041860620&fws=4&ohw=1440

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

ecb07472ed3628df3c9e77ee1733dd86b7a2d20ad73075f48ddc9ec827e45b71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
Origin: https://mirageinc.net
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 07 Apr 2020 21:35:11 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 4682
x-xss-protection: 0
google-lineitem-id: 4525080858
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138266575465
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mirageinc.net
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 26ms
6ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003171848440/ Frame C68C 200 KB
56 KB 33ms
5ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
Origin: https://mirageinc.net
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10883
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55861
x-xss-protection: 0
server: sffe
date: Tue, 07 Apr 2020 18:33:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "66e23296f665ec26"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Apr 2021 18:33:48 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003171848440/ Frame C68C 200 KB
55 KB 41ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10883
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55861
x-xss-protection: 0
server: sffe
date: Tue, 07 Apr 2020 18:33:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "66e23296f665ec26"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Apr 2021 18:33:48 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003171848440/v0/ Frame C68C 92 KB
28 KB 35ms
8ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003171848440/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 28447
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28362
x-xss-protection: 0
server: sffe
date: Tue, 07 Apr 2020 13:41:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6205ff224420b8da"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Apr 2021 13:41:04 GMT

GET
DATA 200
OK truncated
/ Frame C68C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11d7ce7c9130082987823fbe169d6896f5afbc1cede6deb7b0221e9da4e1540a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012003171848440/ 20 KB
8 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003171848440/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

064282bdfcb1d589a67f8940076741fd9b90c43baaae421a71a5a96a226b9e71

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10891
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 7178
x-xss-protection: 0
server: sffe
date: Tue, 07 Apr 2020 18:33:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8728c2475be0528f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Apr 2021 18:33:40 GMT

GET
H2 200 14212054452429429752
tpc.googlesyndication.com/simgad/ Frame C68C 432 KB
433 KB 8ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14212054452429429752

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28143f7d9f1ad0289aa6d1ae6dceaaec0031d23c076cf217ae78b95f88984269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 04 Feb 2020 16:19:11 GMT
x-content-type-options: nosniff
age: 5462160
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 442736
x-xss-protection: 0
last-modified: Tue, 02 Apr 2019 16:49:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 16:19:11 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame C68C 0
330 B 45ms
45ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst30IX4TwJhxTO5vyPGZtIjvOV61X2WSbw67JI6Q4OmxceJAAsYQ3yKJAKgPhCQDyf-dYCK0ifYIs9O8kvgR0_HRKjxwzBbhttIKEG6ZT956Q4dhbS46OUH5PcBBtDM6RxQVH9JKwSsgU66ZJjYgVtX9GtIdKPTFCobZjXlYoofNxCnrQtDkdLT1QMRTu69T0YTOnpbcRWoIfVO-p_MF-Q9C4wkzs3QRAYX7SEvjmcDzNeJvG7Tm-m-b-MJo4IZfQ&sai=AMfl-YSpN0lLcgo89ZB6SO8IpQ8fLbOcr8qazk0qLn8n0jWF6aS0PV0fCkw6_WcexUwypDrra5IWofD_O6Wv5MAvvy2BaiRQLVuYAPDTqVP9Bg&sig=Cg0ArKJSzKiOsYQvTbetEAE&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 07 Apr 2020 21:35:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 07 Apr 2020 21:35:11 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 41ms
22ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020040201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7d287e060a2c19fd31e1f1aaf5ef5ef2050d4e23c65dd90101c76b5efd4c4cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
Origin: https://mirageinc.net
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 07 Apr 2020 21:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5263
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
5 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 07 Apr 2020 21:35:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Tue, 07 Apr 2020 21:35:11 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 64CF 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Tue, 07 Apr 2020 20:58:41 GMT
expires: Wed, 07 Apr 2021 20:58:41 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2190
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 14212054452429429752
tpc.googlesyndication.com/simgad/ Frame C68C 432 KB
433 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14212054452429429752

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28143f7d9f1ad0289aa6d1ae6dceaaec0031d23c076cf217ae78b95f88984269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 04 Feb 2020 16:19:11 GMT
x-content-type-options: nosniff
age: 5462160
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 442736
x-xss-protection: 0
last-modified: Tue, 02 Apr 2019 16:49:57 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 16:19:11 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
114 B 18ms
17ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020040201&jk=2103080106128509&bg=!y8ilyNBYBUEhvZrpWuICAAAAM1IAAAAKmQFZN1JcwK4UGzxQ2g5ZxV2v7l87q7ZzT04D4byN5madlHr1D0oKnMcSXSf4PeY8gFm7EBmRApUGzLz8tnk7qMYuMMtE3iEcygmKwpCvyKIemvxD9uPWBTiDMHYHx1mrClCDj4MmKWBuGxA7LwAIgutiejqqsa0FQj5_7xcMepih7r5V_KG3eiMUiuqap1TUpzQqUAbnHgNH4Zuo1p7txLLJFU_UVEtxnRf6PZAv65OKvAdLnR9f54tkqt0GIC008L53NZu16z0VQcAdhbyjZ05m7KQpzX28jotN-0mKv3ecY_x8pqXxIEJ3x1nvtipATd1GuCwZHsVPrlQykUDkN4T8vIROIQTZ3Bv4hmoRxMl2TXdmw07y2DqhMtqEgmVdtTlS7OpoUQVKTtfQq7YyVWl12MjcYp7yyScgapNIMP95vs5O7017JynN21JajndotXtwiiMSBjXcBAXd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 07 Apr 2020 21:35:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame C68C 42 B
115 B 14ms
14ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTXK2BHrqO592I_0RlSYOmkrRTdQJgpKeMyTu06Fjvm3qAz6B3zkAUtM6rr0inHqBTEwtigXVSz-skwc_XTlLdVOm00xH7oQn6plUFkMc&sig=Cg0ArKJSzGgzZMG-ruLQEAE&id=ampim&o=73,112&d=1440,1024&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=107&tls=1107&g=100&h=100&tt=1107&r=v&adk=3592017840&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 07 Apr 2020 21:35:12 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
mirageinc.net/	1970-01-20 02:09:27	Name: AMCV_55633F7A534535110A490D44%40AdobeOrg Value: 1994364360%7CMCIDTS%7C18360%7CMCMID%7C31208814826598121544374461749692978421%7CMCAAMLH-1586900109%7C6%7CMCAAMB-1586900109%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1586302509s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.4.0
mirageinc.net/	1969-12-31 23:59:59	Name: IV_JCT Value: %2FcommonLogin
mirageinc.net/	1969-12-31 23:59:59	Name: AMCVS_55633F7A534535110A490D44%40AdobeOrg Value: 1
.mirageinc.net/	1970-01-19 09:21:27	Name: __cfduid Value: d69bba0105f4a12dfb9ea1a9a0a4303df1586295309
.mirageinc.net/	1970-01-19 08:39:45	Name: cf_clearance Value: 17400ded4b9b31b5d233bb9f25bb0aa33c5bb6f2-1586295309-0-150

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://sadlib.static-app.synacor.com/client/att/att.js(Line 1) Message: Targeting Providers Timeout,1311ms
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040201.js(Line 6) Message: getName on googletag.Slot is deprecated and will be removed. Use getAdUnitPath instead.
console-api	info	URL: https://cdn.ampproject.org/rtv/012003171848440/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003171848440 https://mirageinc.net/booxx/att.net/att.net/att.htm?__cf_chl_jschl_tk__=cf764a644b7c763d22d6408592171ac6e5c0c205-1586295305-0-AbAAh10RY16Am0DZfVOTk3gymKU9ojjhttLp7f3NSXa_YuL_dINNh3MOOS0hVrabXyfKL8FkRYzNVTY8xV3lZcmUOuj-ma7IGwbDhABH8IiepH_v0p3PQq4W-3aeQXoiSbbXmkbnZJvoyMiWkEPUg6svqzzwr8QpfAMqzdz6a7uQnf2ZWiJSgUfZpd6lZxbOHGlqnjuDGPcd7DuceebPTGoY4ECc8NQsiPY2HdzmuyEuLf6IFivqvi77d9YOXckySt6TBe39gtk5LUQiNTFGprw33ZImOLdawEy3jOt_QcCjRMpXhjd3vtrwfheUUjzRAA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
cdn.ampproject.org
dpm.demdex.net
home.secureapp.att.net
mirageinc.net
pagead2.googlesyndication.com
sadlib.static-app.synacor.com
securepubads.g.doubleclick.net
smetrics.att.com
tpc.googlesyndication.com
www.att.com
144.160.36.70
172.217.18.98
23.0.39.230
2606:4700:3034::681b:90a7
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:81d::2002
2a02:26f0:6c00:187::2db1
34.247.192.223
69.168.106.86
01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
064282bdfcb1d589a67f8940076741fd9b90c43baaae421a71a5a96a226b9e71
0bb2044642cf1dac316e8958bf7bdc8f3729d19aa7d07fd0a3d16cac150237f0
11d7ce7c9130082987823fbe169d6896f5afbc1cede6deb7b0221e9da4e1540a
1c592a51351836456628c2cb9a7dd86d41257d821f8926b137c8f5c63aaf0ca3
27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0
28143f7d9f1ad0289aa6d1ae6dceaaec0031d23c076cf217ae78b95f88984269
34991a8a05dafe171bb2720e21fc2957d90a762e8a6546618f5a8129c6ef737e
4a9042dce0b8f077fc91cac7cc7eb51629bd551d877ce19c3ff1b46915bc3280
57da70e0abcd4edd4f5f1cb48af1808d6f40e3f988bbf549f48ec690cc114cf3
5ad02936f4bfd375dd0dd508cec653db63ea5b5e16d009d0d68d4cae246bf242
5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5
601f450bfc37544f6ebbdcbecf66d18121b3a6c99ff9ab31994769f1b08f6e86
61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263
70b5a6613f03d3c015d826185e39839e6dbc2d03871f151bafbed5cc58503f69
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
7d287e060a2c19fd31e1f1aaf5ef5ef2050d4e23c65dd90101c76b5efd4c4cd5
860ea0e8e0af4a83dd3fb8b2606542acccfd78a65e8afd07a850cb658099cb70
8c62a894138e480536c72a3c9a4b1e554aa6e8724396e16c33457f15d3c948b4
8e6ec1efd720fba57823309829b05bb57ebb5716c813c88b3c88cf36ab9aa5e9
9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a5182fbd8bbbbc358b704a5a070ffad58bd079b7800803935d9e3b2b8b9c5d87
a8c89bb3937cdc4a70b3568eae5a390d918433be78f89deba07846932ae7c695
be473488952323325afb4c617b047e4d068a6ad0e081ffb97585bf193bebeb10
c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1
cdda804f5bc3e5e92c8b19e500d72b4b833de11250129e301641e4b0b6017b5e
d61b6fa5a24a2cc4b7aa62a2a6271a13800b99d30016c4e09f38cf47f8490ea3
dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb07472ed3628df3c9e77ee1733dd86b7a2d20ad73075f48ddc9ec827e45b71
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9fd34967713bfb93d2edcf4eac2d5436be891f32f6c80a09b17c42b0246a004
fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f

mirageinc.net Open in urlscan Pro 2606:4700:3034::681b:90a7 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

50 %IPv6

10 Domains

12 Subdomains

11 IPs

5 Countries

1538 kBTransfer

2459 kBSize

5 Cookies

15 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mirageinc.net Open in urlscan Pro
2606:4700:3034::681b:90a7 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

50 %
IPv6

10
Domains

12
Subdomains

11
IPs

5
Countries

1538 kB
Transfer

2459 kB
Size

5
Cookies

46 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!