frightenedfavoriteprogrammer--five-nine.repl.co Open in urlscan Pro
35.201.120.147  Malicious Activity! Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response frightenedfavoriteprogrammer--five-nine.repl.co/	90 KB 90 KB	409ms 239ms	Document text/html	35.201.120.147 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.120.147 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 147.120.201.35.bc.googleusercontent.com Software / Resource Hash e248a659e67d20e5af724da93cb51ac20304a7fcb6975ac705cd04589613bff3 Request headers :method GET :authority frightenedfavoriteprogrammer--five-nine.repl.co :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 access-control-allow-origin * content-type text/html; charset=utf-8 expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" content-length 92321 date Thu, 10 Sep 2020 14:42:01 GMT
GET H2	200	style.css frightenedfavoriteprogrammer--five-nine.repl.co/	23 KB 23 KB	314ms 311ms	Stylesheet text/css	35.201.120.147 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://frightenedfavoriteprogrammer--five-nine.repl.co/style.css Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.120.147 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 147.120.201.35.bc.googleusercontent.com Software / Resource Hash 70900abdc1e975ac6b63a7e5eed369dd031c2f79d1a3dd569028f93c5ef06a67 Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Thu, 10 Sep 2020 14:42:01 GMT access-control-allow-origin * content-length 23065 expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" content-type text/css; charset=utf-8
GET H/1.1	200 OK	fonts.css oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/styles/	820 B 643 B	444ms 110ms	Stylesheet text/css	2001:1890:1c00:6222::4:6 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/styles/fonts.css?v202007183484950 Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:1890:1c00:6222::4:6 , United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software / Resource Hash 0e1a5ab44e620c7a5412e625a748636ade95ad9345392aa621b048375d87b241 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 14:42:01 GMT via 1.1 alpv1579-agjs01-app.aldc.att.com:9011 (Apache/2.4.33) last-modified Fri, 14 Aug 2020 17:44:22 GMT p3p CP="NON CUR OTPi OUR NOR UNI" etag W/"820-1597427062000" x-frame-options SAMEORIGIN content-type text/css transfer-encoding chunked strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-encoding gzip
GET H/1.1	200 OK	jquery-1.12.4.min.js Show response oidc.idp.elogin.att.com/lrrnew/attLRR/resources/js/	95 KB 95 KB	467ms 121ms	Script application/javascript	2001:1890:1c00:6222::4:6 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/js/jquery-1.12.4.min.js?v202007183484950 Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:1890:1c00:6222::4:6 , United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 14:42:01 GMT via 1.1 alpv1580-agjs02-app.aldc.att.com:9011 (Apache/2.4.33) last-modified Fri, 14 Aug 2020 17:44:20 GMT etag W/"97163-1597427060000" x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/javascript content-length 97163
GET H/1.1	200 OK	jquery.blockUI.js Show response oidc.idp.elogin.att.com/lrrnew/attLRR/resources/js/	19 KB 20 KB	471ms 122ms	Script application/javascript	2001:1890:1c00:6222::4:6 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/js/jquery.blockUI.js?v202007183484950 Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:1890:1c00:6222::4:6 , United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software / Resource Hash a106b0f8926e51c250f5055831c1673f12020d3fa1bfcfa4bb14f614dcd31a17 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 14:42:01 GMT via 1.1 alpv1579-agjs01-app.aldc.att.com:9011 (Apache/2.4.33) last-modified Fri, 14 Aug 2020 17:44:20 GMT etag W/"19966-1597427060000" x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/javascript content-length 19966
GET H/1.1	200 OK	mk.js Show response oidc.idp.elogin.att.com/lrrnew/attLRR/resources/js/	21 KB 21 KB	472ms 122ms	Script application/javascript	2001:1890:1c00:6222::4:6 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/js/mk.js?v202007183484950 Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:1890:1c00:6222::4:6 , United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software / Resource Hash 6190bda1eec4b12fcf539f4591e861cd22d50fd593265d3733f67afa59d53ec5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 14:42:01 GMT via 1.1 alpv1582-agjs04-app.aldc.att.com:9011 (Apache/2.4.33) last-modified Tue, 01 Sep 2020 15:06:14 GMT etag W/"21421-1598972774000" x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/javascript content-length 21421
GET H/1.1	200 OK	ua-parser.js Show response oidc.idp.elogin.att.com/lrrnew/attLRR/resources/js/ua-parser-js-master/src/	51 KB 51 KB	474ms 120ms	Script application/javascript	2001:1890:1c00:6222::4:6 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/js/ua-parser-js-master/src/ua-parser.js?v202007183484950 Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:1890:1c00:6222::4:6 , United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software / Resource Hash 5e4b3f7da07ff693285db4cecbb566d82a665853f97f01d83a20d6ab9b840cb7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 14:42:01 GMT via 1.1 alpv1581-agjs03-app.aldc.att.com:9011 (Apache/2.4.33) last-modified Fri, 14 Aug 2020 17:44:20 GMT etag W/"52291-1597427060000" x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/javascript content-length 52291
GET H/1.1	200 OK	json2.js Show response oidc.idp.elogin.att.com/lrrnew/attLRR/resources/js/JSON-js-master/	18 KB 19 KB	486ms 125ms	Script application/javascript	2001:1890:1c00:6222::4:6 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/js/JSON-js-master/json2.js?v202007183484950 Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:1890:1c00:6222::4:6 , United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software / Resource Hash cc7ddc2da053a7b922bc0da7023f734bb80d6e00b87926715206d530664bc415 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 14:42:01 GMT via 1.1 alpv1580-agjs02-app.aldc.att.com:9011 (Apache/2.4.33) last-modified Fri, 14 Aug 2020 17:44:20 GMT etag W/"18876-1597427060000" x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/javascript content-length 18876
GET H/1.1	200 OK	script.js Show response oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/scripts/	86 KB 87 KB	562ms 119ms	Script application/javascript	2001:1890:1c00:6222::4:6 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/scripts/script.js?v202007183484950 Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:1890:1c00:6222::4:6 , United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software / Resource Hash 66e8d6ff6a995fd4c5cb1ec3395803beb2ee6f6d1c976a7d2509ac583ac305ad Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 14:42:01 GMT via 1.1 alpv1581-agjs03-app.aldc.att.com:9011 (Apache/2.4.33) last-modified Wed, 02 Sep 2020 15:35:18 GMT etag W/"88426-1599060918000" x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/javascript content-length 88426
GET H/1.1	200 OK	backEndFunctions.js Show response oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/scripts/	13 KB 13 KB	701ms 121ms	Script application/javascript	2001:1890:1c00:6222::4:6 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/scripts/backEndFunctions.js?v202007183484950 Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:1890:1c00:6222::4:6 , United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software / Resource Hash 6fdd204827a0977a3403898fb51a92173578e5170b4abff5f0419371b1c6d2c6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 14:42:01 GMT via 1.1 alpv1579-agjs01-app.aldc.att.com:9011 (Apache/2.4.33) last-modified Thu, 27 Aug 2020 18:36:56 GMT etag W/"13145-1598553416000" x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/javascript content-length 13145
GET H/1.1	200 OK	ie7.js Show response oidc.idp.elogin.att.com/lrrnew/attLRR/resources/js/	15 KB 16 KB	697ms 118ms	Script application/javascript	2001:1890:1c00:6222::4:6 ATT-INTERNET4
General Check archive.org Show headers Download Go to Full URL https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/js/ie7.js?v202007183484950 Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:1890:1c00:6222::4:6 , United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software / Resource Hash e6e98c7abecc9a86cf66ae13241867166ef3e7e7cafb5df221e6f161603dbdf1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 14:42:01 GMT via 1.1 alpv1582-agjs04-app.aldc.att.com:9011 (Apache/2.4.33) last-modified Wed, 02 Sep 2020 15:56:30 GMT etag W/"15522-1599062190000" x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type application/javascript content-length 15522
GET H/1.1	200 OK	att_logo_97x40.png oidc.idp.elogin.att.com/lrrnew/attLRR/resources/images/	3 KB 4 KB	116ms 115ms	Image image/png	2001:1890:1c00:6222::4:6 ATT-INTERNET4
General Check archive.org Show headers Download Go to Show image Full URL https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/images/att_logo_97x40.png Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:1890:1c00:6222::4:6 , United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software / Resource Hash 5f43c44a03507663f45f0275597874d6ed132cf38a09775d997ba3669f64edb4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 14:42:01 GMT via 1.1 alpv1580-agjs02-app.aldc.att.com:9011 (Apache/2.4.33) last-modified Fri, 14 Aug 2020 17:44:20 GMT etag W/"3312-1597427060000" x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type image/png content-length 3312
GET H/1.1	200 OK	GLO_Question_Icon.png oidc.idp.elogin.att.com/lrrnew/attLRR/resources/images/	223 B 624 B	109ms 109ms	Image image/png	2001:1890:1c00:6222::4:6 ATT-INTERNET4
General Check archive.org Show headers Download Go to Show image Full URL https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/images/GLO_Question_Icon.png Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:1890:1c00:6222::4:6 , United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software / Resource Hash 4a6500fffb1823beca8bd2c203014d05111e97a82dbbb8516a642abb03bf7bf2 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 14:42:01 GMT via 1.1 alpv1581-agjs03-app.aldc.att.com:9011 (Apache/2.4.33) last-modified Fri, 14 Aug 2020 17:44:20 GMT etag W/"223-1597427060000" x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type image/png content-length 223
GET H/1.1	200 OK	flat_down_icon_rgb_blu_modified_12x12.png oidc.idp.elogin.att.com/lrrnew/attLRR/resources/images/	623 B 1 KB	113ms 113ms	Image image/png	2001:1890:1c00:6222::4:6 ATT-INTERNET4
General Check archive.org Show headers Download Go to Show image Full URL https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/images/flat_down_icon_rgb_blu_modified_12x12.png Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:1890:1c00:6222::4:6 , United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software / Resource Hash 46ae8c20ff718133d1b34e09314a6636df03de7a39e84a459ee38bb06c05e885 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 14:42:01 GMT via 1.1 alpv1582-agjs04-app.aldc.att.com:9011 (Apache/2.4.33) last-modified Fri, 14 Aug 2020 17:44:20 GMT etag W/"623-1597427060000" x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type image/png content-length 623
GET H/1.1	200 OK	flat_faq-reverse_icon_rgb_blu_modified_18x18.png oidc.idp.elogin.att.com/lrrnew/attLRR/resources/images/	1023 B 1 KB	115ms 115ms	Image image/png	2001:1890:1c00:6222::4:6 ATT-INTERNET4
General Check archive.org Show headers Download Go to Show image Full URL https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/images/flat_faq-reverse_icon_rgb_blu_modified_18x18.png Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2001:1890:1c00:6222::4:6 , United States, ASN7018 (ATT-INTERNET4, US), Reverse DNS Software / Resource Hash 287e57ae4b394a4912f51899e4537fb4a9c3a9f307ad0e1f539f8aeb46bdb042 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Frame-Options SAMEORIGIN Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 10 Sep 2020 14:42:01 GMT via 1.1 alpv1580-agjs02-app.aldc.att.com:9011 (Apache/2.4.33) last-modified Fri, 14 Aug 2020 17:44:20 GMT etag W/"1023-1597427060000" x-frame-options SAMEORIGIN p3p CP="NON CUR OTPi OUR NOR UNI" strict-transport-security max-age=31536000; includeSubDomains; preload accept-ranges bytes content-type image/png content-length 1023
GET		ATTAleckSans_W_Rg.woff oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/fonts/WOFF/	0 0
GET		ATTAleckSans_W_Md.woff oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/fonts/WOFF/	0 0
GET H2	404	flat_check_icon_rgb_wht_16x16.png frightenedfavoriteprogrammer--five-nine.repl.co/images/	4 KB 4 KB	207ms 207ms	Image text/html	35.201.120.147 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://frightenedfavoriteprogrammer--five-nine.repl.co/images/flat_check_icon_rgb_wht_16x16.png Requested by Host: frightenedfavoriteprogrammer--five-nine.repl.co URL: https://frightenedfavoriteprogrammer--five-nine.repl.co/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.201.120.147 , Ascension Island, ASN15169 (GOOGLE, US), Reverse DNS 147.120.201.35.bc.googleusercontent.com Software / Resource Hash 8015a00ec1b1002139ca96795ca0fdfcb6d3cc0edf22d775c45fd9cf17f4c0a9 Request headers Referer https://frightenedfavoriteprogrammer--five-nine.repl.co/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 404 date Thu, 10 Sep 2020 14:42:02 GMT expect-ct max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791" content-type text/html; charset=utf-8
GET		ATTAleckSans_W_Rg.woff2 oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/fonts/WOFF2/	0 0
GET		ATTAleckSans_W_Md.woff2 oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/fonts/WOFF2/	0 0
GET		ATTAleckSans_W_Rg.ttf oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/fonts/TTF/	0 0
GET		ATTAleckSans_W_Md.ttf oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/fonts/TTF/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

oidc.idp.elogin.att.com

URL

https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/fonts/WOFF/ATTAleckSans_W_Rg.woff

Domain

oidc.idp.elogin.att.com

URL

https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/fonts/WOFF/ATTAleckSans_W_Md.woff

Domain

oidc.idp.elogin.att.com

URL

https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/fonts/WOFF2/ATTAleckSans_W_Rg.woff2

Domain

oidc.idp.elogin.att.com

URL

https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/fonts/WOFF2/ATTAleckSans_W_Md.woff2

Domain

oidc.idp.elogin.att.com

URL

https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/fonts/TTF/ATTAleckSans_W_Rg.ttf

Domain

oidc.idp.elogin.att.com

URL

https://oidc.idp.elogin.att.com/lrrnew/attLRR/resources/static/fonts/TTF/ATTAleckSans_W_Md.ttf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery object| constants function| MobileKeyHandler function| MobileKeyVerifier function| UAParser object| scriptConstants function| getEventTargetElement function| HaloEBrowserInfo object| haloEBrowserInfo object| g_BlockUISettings boolean| g_MockMobile object| g_StateCookieHandler object| g_SessionCookieHandler boolean| g_enterPressed object| g_selectedQuestion function| handleEnterKey function| isPopulated function| trimElementValue function| trimFormUserId function| preventMultipleEnterKeys function| changeVerificationForm function| globalPasswordChangeForm function| mobileKeyChangeForm function| YubiKeyChangeForm function| windowsChangeForm function| changeForm function| genericChangeForm function| doChangeForm function| setFocusOnActiveForm function| setMenuItem object| bdAuthorizationTypes function| toggleBusinessDirectSettings function| hideQuestionSelector function| showQuestionSelector function| setMockMobile function| onMobile boolean| g_isMobileDevice function| isMobileDevice function| isDeskTop function| hardOrSoft function| toggleSelectDiv function| changeSecretQuestion function| generateSecretQuestions function| enableSubmit function| disableSubmit function| formInputHandler function| glopasswordInputHandler function| glopasswordVerificationButtonEnabler function| glopasswordVerificationButtonEnablerOnPaste function| mobileKeyInputHandler function| mobileKeyDeviceATTUIDInputHandler function| mobileKeyMFAButtonEnabler function| mobileKeyMFAButtonEnablerOnPaste function| securIDsoftwareTokenInputHandler function| securIDhardwareTokenInputHandler function| safenetButtonInputHandler function| mtipsButtonInputHandler function| mtipsMFAButtonEnabler function| mtipsMFAButtonEnablerOnPaste function| safenetMFAButtonEnabler function| safenetMFAButtonEnablerOnPaste function| securIDMFAsoftwareTokenButtonEnabler function| securIDMFAsoftwareTokenOnPaste function| securIDMFAhardwareTokenButtonEnabler function| securIDMFAhardwareTokenButtonEnablerOnPaste function| secondaryAuthButtonEnabler function| secondaryAuthButtonEnablerOnPaste function| mobileCancelFrontEnd function| mobileTimeOutFrontEnd function| mobileDeniedFrontEnd function| mobileErrorFrontEnd function| sendPushFrontEnd function| hideDropdown function| showDropdown function| getUserIdErrorMsg function| doPasswordOnClick function| doMobileKeyOnClick function| doSecuridSoftTokenOnClick function| doSecuridHardTokenOnClick function| doSafenetOnClick function| doMtipsOnClick function| verifyMKUserOnClick function| setStrReqLnkCookieForWinAuth function| doWindowsOnClick function| setPageUsedCookie function| setCSPEnvURL function| setStateCookie function| setPageReqCookie function| getWinAuthAlways function| getHardTokenPin function| getSoftOrHardToken function| getUserId function| chkRememberMe function| doFIDO2YubiKeyOnClick function| doSecondaryAuthFormOnClick function| setCookie function| setSecureCookie function| deleteCookie function| enableRememeberMe function| getCookie function| translateToSpanish function| translateToEnglish function| removeError_script function| setBackgroundToDevRed function| changeUserId function| isSliderEnabled function| toggleCheckBoxClass function| toggleRememberMe function| toggleBDUserId function| updateRememberMe function| setRememberMe function| toggleMobileKeyPasscode function| StateCookieHandler function| SessionCookieHandler function| BusinessDirectHandler object| g_BusinessDirectHandler function| switchTokenStepEnabled function| setBDUserId function| sendBDUserId function| getTargetAuthPolicyOrWebsealUrl function| showYubiOTP function| initTabbing function| gloAutoFillChecker function| displayError function| displayInfo function| loginError function| pushDeniedError function| passwordExpirationInfo function| removeError function| displaySecondaryAuth function| enableBusinessDirect function| displayCricketLogo function| displayATTLogo function| mobileCancel function| mobileTimeOut function| mobileDenied function| mobileResend function| setSuccessName function| enableDevStyling function| updateInnerHTML function| displayBanner function| displayPresetBannerMessage function| displayInfoSection function| displayInfoSectionMessage function| changeMobileKeySubmitValue function| getUserIdText function| changeLanguage function| switchLanguage function| setLanguageDisplayText object| g_validLanguages object| g_javascriptMessages function| initLanguage function| initJavascriptMessages function| setLink function| displayMFA function| hasClass function| addClass function| removeClass function| IeVersion object| IE boolean| g_isIECompatablityMode string| strWinAuthErrorNoError string| strWinAuthErrorOccured string| strWinAuthErrorCancelled string| strWinAuthErrorWindowsAuthFailed string| strWinAuthErrorInvalidDomain string| strWinAuthErrorCantFindATTUID string| strWinAuthErrorIDNotInCSP string| strWinAuthErrorInvalidCSPDomain string| strWinAuthErrorPwdExpired string| strWinAuthErrorBlockedAutoAuth string| strWinAuthErrorCantAutoAuth string| strMobileKeyErrorHlte26NotFound string| strMobileKeyErrorRememberMeNotFound string| strMobileKeyErrorExcessiveFailures string| strMobileKeyErrorLoginWithAnotherMethod string| strMobileKeyErrorNoDevicesRegistered string| strMobileKeyErrorUnableToInitiate string| strMobileKeyErrorNoSessionId string| strMobileKeyErrorStatusDenied string| strMobileKeyErrorInvalidAction string| strMobileKeyErrorInvalidValues string| strTokenOnly string| strLogonOption string| strRememberMe string| strPwdPlusStepEnabled string| SQ1 string| SQ2 string| strTokenStepEnabled string| strWinAuthAlwaysEnabled string| strShowBd string| strShowBanner string| strExternalRequest string| strShowCricket string| strHideATT string| strAttOnly string| statusCookieName string| hlte26CookieName boolean| strMobileKeyEnabled boolean| strMobileKeyPasscodeEnabled string| strUser object| elems object| javascriptMessages string| userId undefined| bannerMessage undefined| d undefined| expires undefined| selectobject undefined| hlte26Value undefined| secretQuestionsArr object| g_MobileKeyHandler function| initMobileKeyHandler function| jspSendPush function| jspCancelMobileKey function| verifyMKUser function| getErrorMessage function| doGlobalLoginPasswordOnclick

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

frightenedfavoriteprogrammer--five-nine.repl.co
oidc.idp.elogin.att.com
oidc.idp.elogin.att.com
2001:1890:1c00:6222::4:6
35.201.120.147
0e1a5ab44e620c7a5412e625a748636ade95ad9345392aa621b048375d87b241
287e57ae4b394a4912f51899e4537fb4a9c3a9f307ad0e1f539f8aeb46bdb042
46ae8c20ff718133d1b34e09314a6636df03de7a39e84a459ee38bb06c05e885
4a6500fffb1823beca8bd2c203014d05111e97a82dbbb8516a642abb03bf7bf2
5e4b3f7da07ff693285db4cecbb566d82a665853f97f01d83a20d6ab9b840cb7
5f43c44a03507663f45f0275597874d6ed132cf38a09775d997ba3669f64edb4
6190bda1eec4b12fcf539f4591e861cd22d50fd593265d3733f67afa59d53ec5
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66e8d6ff6a995fd4c5cb1ec3395803beb2ee6f6d1c976a7d2509ac583ac305ad
6fdd204827a0977a3403898fb51a92173578e5170b4abff5f0419371b1c6d2c6
70900abdc1e975ac6b63a7e5eed369dd031c2f79d1a3dd569028f93c5ef06a67
8015a00ec1b1002139ca96795ca0fdfcb6d3cc0edf22d775c45fd9cf17f4c0a9
a106b0f8926e51c250f5055831c1673f12020d3fa1bfcfa4bb14f614dcd31a17
cc7ddc2da053a7b922bc0da7023f734bb80d6e00b87926715206d530664bc415
e248a659e67d20e5af724da93cb51ac20304a7fcb6975ac705cd04589613bff3
e6e98c7abecc9a86cf66ae13241867166ef3e7e7cafb5df221e6f161603dbdf1