urlscan.io logo urlscan.io
SecurityTrails logo

www.prssnijabar.or.id Open in urlscan Pro
111.92.169.6  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Submission: On September 25 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 4 countries across 13 domains to perform 42 HTTP transactions. The main IP is 111.92.169.6, located in Jogjakarta, Indonesia and belongs to SIMS-AS-ID PT. Saranainsan Mudaselaras, ID. The main domain is www.prssnijabar.or.id.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 5th 2018. Valid for: 3 months.
This is the only time www.prssnijabar.or.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AT&T (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
1 111.92.169.6 55655 (SIMS-AS-I...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
17 144.160.149.126 797 (AMERITECH-AS)
1 69.168.96.158 36271 (SYNACOR-C...)
3 34.247.143.160 16509 (AMAZON-02)
1 63.140.43.178 15224 (OMNITURE)
1 1 66.117.28.86 15224 (OMNITURE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 172.217.22.34 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
42 13
1    111.92.169.6 (Jogjakarta, Indonesia)

ASN55655 (SIMS-AS-ID PT. Saranainsan Mudaselaras, ID)
PTR: host-111-91-169-6.jabarmaya.net.id
www.prssnijabar.or.id
2    2a02:26f0:6c00:195::2db1 (European Union)

ASN20940 (AKAMAI-ASN1, US)
www.att.com
17    144.160.149.126 (United States)

ASN797 (AMERITECH-AS - AT&T Services, Inc., US)
home.secureapp.att.net
1    69.168.96.158 (Buffalo, United States)

ASN36271 (SYNACOR-CLUSTER - Synacor, Inc., US)
sadlib.static-app.synacor.com
3    34.247.143.160 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-247-143-160.eu-west-1.compute.amazonaws.com
dpm.demdex.net
att.demdex.net
1    63.140.43.178 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: att.com.ssl.d1.sc.omtrdc.net
smetrics.att.com
1    66.117.28.86 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net
1    2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
2    2a00:1450:4001:81f::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
adservice.google.com
4    172.217.22.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s16-in-f34.1e100.net
securepubads.g.doubleclick.net
3    2a00:1450:4001:81a::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
5    2a00:1450:4001:812::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
cdn.ampproject.org
1    2a00:1450:4001:812::2014 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
amp-error-reporting.appspot.com
Domain Requested by
17 home.secureapp.att.net www.prssnijabar.or.id
home.secureapp.att.net
4 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.prssnijabar.or.id
3 cdn.ampproject.org securepubads.g.doubleclick.net
3 pagead2.googlesyndication.com securepubads.g.doubleclick.net
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.prssnijabar.or.id
2 dpm.demdex.net www.att.com
www.prssnijabar.or.id
2 www.att.com www.prssnijabar.or.id
1 amp-error-reporting.appspot.com cdn.ampproject.org
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 www.googletagservices.com sadlib.static-app.synacor.com
1 att.demdex.net www.att.com
1 cm.everesttech.net 1 redirects
1 smetrics.att.com www.att.com
1 sadlib.static-app.synacor.com www.prssnijabar.or.id
1 www.prssnijabar.or.id
42 16

This site contains links to these domains. Also see Links.

Domain
www.att.net
www.att.com
uverseonline.att.net
elportal.att.net
home.secureapp.att.net
Subject Issuer Validity Valid
prssnijabar.or.id
cPanel, Inc. Certification Authority		 2018-08-05 -
2018-11-03		 3 months crt.sh
*.att.com
DigiCert SHA2 Secure Server CA		 2018-03-05 -
2019-02-05		 a year crt.sh
home.secureapp.att.net
DigiCert SHA2 Secure Server CA		 2018-03-08 -
2019-03-08		 a year crt.sh
*.static-app.synacor.com
DigiCert SHA2 High Assurance Server CA		 2016-06-17 -
2019-08-13		 3 years crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
smetrics.att.com
DigiCert SHA2 High Assurance Server CA		 2017-12-09 -
2019-03-14		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
*.googleusercontent.com
Google Internet Authority G3		 2018-08-28 -
2018-11-20		 3 months crt.sh
misc-sni.google.com
Google Internet Authority G3		 2018-09-11 -
2018-12-04		 3 months crt.sh
*.appspot.com
Google Internet Authority G3		 2018-09-11 -
2018-12-04		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Frame ID: 03C9822115793CA7507EBB2EE57CFE0F
Requests: 35 HTTP requests in this frame

Frame: https://att.demdex.net/dest5.html?d_nsid=0
Frame ID: 9872F6CB86676C80294FB455D2303E31
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011809142227020/amp4ads-v0.js
Frame ID: 96FF448754B2E42FE0AB227023939F92
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • html /<img[^>]+id="DCSIMG"[^>]+webtrends/i
  • env /^(?:WTOptimize|WebTrends)/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

42
Requests

98 %
HTTPS

46 %
IPv6

13
Domains

16
Subdomains

13
IPs

4
Countries

774 kB
Transfer

1462 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://cm.everesttech.net/cm/dd?d_uuid=75725305631230717772286567719592655415 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=W6o-AQAACD7k_xN_
Request Chain 28
  • https://home.secureapp.att.net/attportal/s/context.dll?id=9002001&type=clickthru&name=cgate.signIn.Pageviews.www-att-net&redirecturl=/i/s.gif?nocache=4374 HTTP 302
  • http://home.secureapp.att.net/i/s.gif?nocache=4374

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request att.htm
www.prssnijabar.or.id/asset_backend/att/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
111.92.169.6 Jogjakarta, Indonesia, ASN55655 (SIMS-AS-ID PT. Saranainsan Mudaselaras, ID),
Reverse DNS
host-111-91-169-6.jabarmaya.net.id
Software
Apache /
Resource Hash
18b9a39358e5a17b610dc806db1a26c266d5e9c232d8ce632a5fc3bdb0634a4a

Request headers

Host
www.prssnijabar.or.id
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:20 GMT
Server
Apache
Last-Modified
Mon, 24 Sep 2018 19:02:44 GMT
Accept-Ranges
bytes
Content-Length
8255
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
detm-container-hdr.js
www.att.com/scripts/adobe/prod/ 		70 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.att.com/scripts/adobe/prod/detm-container-hdr.js
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:195::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
c8fc42a072ce96f30429517b59f7382168fa771fc23e96cfdeb5418e3ae50c52
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 25 Sep 2018 13:58:24 GMT
content-encoding
gzip
last-modified
Thu, 06 Sep 2018 18:35:43 GMT
server
Apache
etag
"119a2-5753828949dc0"
vary
Accept-Encoding
content-type
application/javascript
status
200
uxtime
W6mwu5CgOd8AARTviD8AAAl@ D=11688
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=0
strict-transport-security
max-age=15768000 ; preload
accept-ranges
bytes
content-length
21630
_fontface.css
home.secureapp.att.net/css/sso/slid/1201/ 		0
223 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/css/sso/slid/1201/_fontface.css
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:25 GMT
Last-modified
Thu, 02 Nov 2017 04:21:10 GMT
Server
""
Etag
"0-59fa9d36"
Content-type
text/css
Connection
keep-alive
Accept-ranges
bytes
Content-length
0
main.css
home.secureapp.att.net/css/sso/slid/1201/ 		28 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/css/sso/slid/1201/main.css
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
dfa2be020e3374a4b1c871c88ada990120fb198d4e8ff685ad35cfae88ad3466

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:25 GMT
Last-modified
Tue, 24 Oct 2017 04:39:16 GMT
Server
""
Etag
"6fd5-59eec3f4"
Content-type
text/css
Connection
keep-alive
Accept-ranges
bytes
Content-length
28629
jquery-1.5.1.min.js
home.secureapp.att.net/js/jquery/ 		83 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:25 GMT
Last-modified
Fri, 11 Mar 2011 22:40:27 GMT
Server
""
Etag
"14d0c-4d7aa4db"
Content-type
application/x-javascript
Connection
keep-alive
Accept-ranges
bytes
Content-length
85260
jquery.simplemodal.js
home.secureapp.att.net/js/jquery/simplemodal/ 		9 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/js/jquery/simplemodal/jquery.simplemodal.js
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
da0f28b0d18d448b29cb3ee6e742952e7247c627d3800d045ba1573ca1fc07f4

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:25 GMT
Last-modified
Tue, 27 Mar 2018 20:03:41 GMT
Server
""
Etag
"255a-5abaa39d"
Content-type
application/x-javascript
Connection
keep-alive
Accept-ranges
bytes
Content-length
9562
script.js
home.secureapp.att.net/js/sso/slid/1201/ 		47 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/js/sso/slid/1201/script.js
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
db2a3260d580716fb8dae973b1b994f799f545d520b7a1636d473ecbdbdd2223

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:25 GMT
Last-modified
Fri, 29 Dec 2017 04:07:49 GMT
Server
""
Etag
"bdff-5a45bf95"
Content-type
application/x-javascript
Connection
keep-alive
Accept-ranges
bytes
Content-length
48639
att.js
sadlib.static-app.synacor.com/client/att/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sadlib.static-app.synacor.com/client/att/att.js
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.168.96.158 Buffalo, United States, ASN36271 (SYNACOR-CLUSTER - Synacor, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
d786451d45253c958e647e3572fe72bbadbabd38f76ab6835c94c5fc649c22b8

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:25 GMT
Content-Encoding
gzip
Age
205
P3P
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Connection
keep-alive
Content-Length
17843
Access-Control-Allow-Origin
*
Last-Modified
Thu, 20 Sep 2018 17:25:18 GMT
Server
nginx
ETag
"10790-57650ce877b80"
Vary
Accept-Encoding
X-Varnish
810400004 809328374
Via
1.1 varnish
Cache-Control
max-age=300
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Tue, 25 Sep 2018 13:59:59 GMT
Button.png
home.secureapp.att.net/design/CDLS10/img/logos/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/CDLS10/img/logos/Button.png
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
8e6ec1efd720fba57823309829b05bb57ebb5716c813c88b3c88cf36ab9aa5e9

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:25 GMT
Last-modified
Tue, 16 Aug 2016 22:02:34 GMT
Server
""
Etag
"9a2-57b38d7a"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
2466
AT&T_logo.png
home.secureapp.att.net/design/CDLS10/img/logos/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/CDLS10/img/logos/AT&T_logo.png
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
a8c89bb3937cdc4a70b3568eae5a390d918433be78f89deba07846932ae7c695

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:25 GMT
Last-modified
Tue, 16 Aug 2016 22:02:34 GMT
Server
""
Etag
"d37-57b38d7a"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
3383
detm-container-ftr.js
www.att.com/scripts/adobe/prod/ 		540 B
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.att.com/scripts/adobe/prod/detm-container-ftr.js
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:195::2db1 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
Apache /
Resource Hash
9e0db7af94ee7bd2d325475edb564226b87d4a0c528f4b69a112f8769ed52ab0
Security Headers
Name Value
Strict-Transport-Security max-age=15768000 ; preload

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 25 Sep 2018 13:58:25 GMT
content-encoding
gzip
last-modified
Thu, 03 May 2018 16:18:06 GMT
server
Apache
etag
"21c-56b4f8c6b8b80"
vary
Accept-Encoding
content-type
application/javascript
status
200
uxtime
W6mwvJCgOd8AARTviEMAAAnd D=8433
cache-control
max-age=900
server-timing
cdn-cache; desc=HIT, edge; dur=132
strict-transport-security
max-age=15768000 ; preload
accept-ranges
bytes
content-length
320
id
dpm.demdex.net/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=55633F7A534535110A490D44%40AdobeOrg&d_nsid=0&ts=1537883904601
Requested by
Host: www.att.com
URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.143.160 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-247-143-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8777e0086aa3b8fe5234fe6c2e56570b5361d61fc8d8a295cffeea18f9bf3812

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
Origin
https://www.prssnijabar.or.id
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v002-02a6df2dd.edge-irl1.demdex.com 5.38.2.20180913102145 5ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
uzKP5H5fTsg=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.prssnijabar.or.id
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
530
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mobile.css
home.secureapp.att.net/css/sso/slid/1201/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/css/sso/slid/1201/mobile.css
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
30a949cc26cd4f709fa897313f8d448b2cb724a40a170c4b8e8ce6b3aa890fd1

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:26 GMT
Last-modified
Wed, 21 Dec 2016 10:14:45 GMT
Server
""
Etag
"fa3-585a5615"
Content-type
text/css
Connection
keep-alive
Accept-ranges
bytes
Content-length
4003
id
smetrics.att.com/ 		49 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://smetrics.att.com/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=55633F7A534535110A490D44%40AdobeOrg&mid=75990197029083783712295051836798856213&ts=1537883904717
Requested by
Host: www.att.com
URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.140.43.178 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
att.com.ssl.d1.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
f5662c83d5c559afd19a374bde2d3a98af07e78e604198e55e7c1f594995dbf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
Origin
https://www.prssnijabar.or.id
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Tue, 25 Sep 2018 13:58:24 GMT
X-Content-Type-Options
nosniff
X-C
ms-6.4.0
P3P
CP="This is not a P3P policy"
Connection
Keep-Alive
Content-Length
49
X-XSS-Protection
1; mode=block
Server
Omniture DC/2.0.0
xserver
www160
Vary
Origin
Access-Control-Allow-Methods
GET, POST, DELETE
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.prssnijabar.or.id
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Keep-Alive
timeout=15
ibs:dpid=411&dpuuid=W6o-AQAACD7k_xN_
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=75725305631230717772286567719592655415
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=W6o-AQAACD7k_xN_
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=W6o-AQAACD7k_xN_
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.143.160 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-247-143-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v002-0bf0a1eac.edge-irl1.demdex.com 5.38.2.20180913102145 4ms
Pragma
no-cache
X-TID
YUNQ6ZEtQUk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Tue, 25 Sep 2018 13:58:24 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=W6o-AQAACD7k_xN_
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
webtrends.min.js
home.secureapp.att.net/commonLogin/igate_edam/staticContent/images/SLID/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://home.secureapp.att.net/commonLogin/igate_edam/staticContent/images/SLID/js/webtrends.min.js
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-type
text/html
footerBg.png
home.secureapp.att.net/design/CDLS10/img/ui/ 		560 B
788 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/CDLS10/img/ui/footerBg.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:26 GMT
Last-modified
Fri, 17 Jul 2009 17:05:33 GMT
Server
""
Etag
"230-4a60af5d"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
560
pageBg.png
home.secureapp.att.net/design/cdls10/img/ui/ 		169 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/cdls10/img/ui/pageBg.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:26 GMT
Last-modified
Tue, 11 Aug 2009 21:10:32 GMT
Server
""
Etag
"a9-4a81de48"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
169
btnSumbit.png
home.secureapp.att.net/img/sso/slid/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/img/sso/slid/btnSumbit.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:26 GMT
Last-modified
Tue, 21 Sep 2010 15:06:50 GMT
Server
""
Etag
"573-4c98ca0a"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
1395
txt-clear.png
home.secureapp.att.net/img/sso/slid/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/img/sso/slid/txt-clear.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:26 GMT
Last-modified
Tue, 29 Jul 2014 15:04:17 GMT
Server
""
Etag
"cda-53d7b7f1"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
3290
support-icon.jpg
home.secureapp.att.net/img/sso/slid/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/img/sso/slid/support-icon.jpg
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:26 GMT
Last-modified
Mon, 26 Jul 2010 21:26:50 GMT
Server
""
Etag
"615-4c4dfd9a"
Content-type
image/jpeg
Connection
keep-alive
Accept-ranges
bytes
Content-length
1557
att_globe_blue_80x80.png
home.secureapp.att.net/design/CDLS10/img/logos/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/CDLS10/img/logos/att_globe_blue_80x80.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:26 GMT
Last-modified
Fri, 20 May 2016 12:43:47 GMT
Server
""
Etag
"40c4-573f0683"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
16580
attGlobalNavHeader-bg.gif
home.secureapp.att.net/design/cdls20/img/ui/ 		149 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/design/cdls20/img/ui/attGlobalNavHeader-bg.gif
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/jquery/jquery-1.5.1.min.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:26 GMT
Last-modified
Thu, 26 Apr 2012 21:04:53 GMT
Server
""
Etag
"95-4f99b875"
Content-type
image/gif
Connection
keep-alive
Accept-ranges
bytes
Content-length
149
ques.png
home.secureapp.att.net/img/sso/slid/ 		363 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.secureapp.att.net/img/sso/slid/ques.png
Requested by
Host: home.secureapp.att.net
URL: https://home.secureapp.att.net/js/sso/slid/1201/script.js
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.160.149.126 , United States, ASN797 (AMERITECH-AS - AT&T Services, Inc., US),
Reverse DNS
Software
"" /
Resource Hash
5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5

Request headers

Referer
https://home.secureapp.att.net/css/sso/slid/1201/main.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 25 Sep 2018 13:58:26 GMT
Last-modified
Mon, 19 Jul 2010 03:35:58 GMT
Server
""
Etag
"16b-4c43c81e"
Content-type
image/png
Connection
keep-alive
Accept-ranges
bytes
Content-length
363
Cookie set dest5.html
att.demdex.net/ Frame 9872 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://att.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.att.com
URL: https://www.att.com/scripts/adobe/prod/detm-container-hdr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.143.160 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-247-143-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
att.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
Accept-Encoding
gzip, deflate
Cookie
demdex=75725305631230717772286567719592655415
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Tue, 18 Sep 2018 17:35:47 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=75725305631230717772286567719592655415;Path=/;Domain=.demdex.net;Expires=Sun, 24-Mar-2019 13:58:26 GMT;Max-Age=15552000
Vary
Accept-Encoding, User-Agent
X-TID
N6Wgs3V3RVU=
Content-Length
2766
Connection
keep-alive
gpt.js
www.googletagservices.com/tag/js/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: sadlib.static-app.synacor.com
URL: https://sadlib.static-app.synacor.com/client/att/att.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
39d704fb385057b46c2781380576a8c4f3a1df6cf5f4c82efbc4830e4ef5449a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 25 Sep 2018 13:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"8 / 584 of 1000 / last-modified: 1537573516"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7934
x-xss-protection
1; mode=block
expires
Tue, 25 Sep 2018 13:58:26 GMT
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.prssnijabar.or.id
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Sep 2018 13:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.prssnijabar.or.id
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Sep 2018 13:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_249.js
securepubads.g.doubleclick.net/gpt/ 		182 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_249.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f34.1e100.net
Software
sffe /
Resource Hash
308b88046da3cb8c99042d803173dee196d6501925fd3c86ccf8f9e2d7f7d04a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 25 Sep 2018 13:58:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Sep 2018 13:39:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
64039
x-xss-protection
1; mode=block
expires
Tue, 25 Sep 2018 13:58:26 GMT
s.gif
home.secureapp.att.net/i/
Redirect Chain
  • https://home.secureapp.att.net/attportal/s/context.dll?id=9002001&type=clickthru&name=cgate.signIn.Pageviews.www-att-net&redirecturl=/i/s.gif?nocache=4374
  • http://home.secureapp.att.net/i/s.gif?nocache=4374
0
0
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		172 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_249.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ab07703c15612fa42136256a077938df85cce793fe087cbdcc63a4c60889b7e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 25 Sep 2018 13:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
64570
x-xss-protection
1; mode=block
server
cafe
etag
3553921820910603278
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 25 Sep 2018 14:49:34 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=256357569049730&correlator=1628579470651188&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21061865%2C21062577&vrg=249&guci=1.2.0.0.2.2.0&sc=1&sfv=1-0-29&iu_parts=5284%2Csyn.att%2Clogin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1440x1024%7C1440x800%7C300x250%7C300x600%7C640x450&eri=4&cookie_enabled=1&bc=7&abxe=1&lmt=1537815764&dt=1537883907474&dlt=1537883904554&idt=1858&frm=20&biw=1585&bih=1200&oid=3&adxs=73&adys=112&adks=2565056540&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&loc=https%3A%2F%2Fwww.prssnijabar.or.id%2Fasset_backend%2Fatt%2Fatt.htm&dssz=17&icsg=10485928&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1440x-1&msz=1440x-1&ga_vid=1780622366.1537883907&ga_sid=1537883907&ga_hid=2084685786&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_249.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f34.1e100.net
Software
cafe /
Resource Hash
12e49a9e6365630be20995a525cc29111f80a7717e4398780c4118f4236b5ae0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
Origin
https://www.prssnijabar.or.id

Response headers

date
Tue, 25 Sep 2018 13:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
4542
x-xss-protection
1; mode=block
google-lineitem-id
4796736654
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138243963659
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://www.prssnijabar.or.id
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_249.js
securepubads.g.doubleclick.net/gpt/ 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_249.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_249.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f34.1e100.net
Software
sffe /
Resource Hash
f7eeefc1dd6f250f4c4b89a1fef2d0fb85b280042059f1f2ee0d11de20c34e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 25 Sep 2018 13:58:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 13 Sep 2018 13:39:46 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
19757
x-xss-protection
1; mode=block
expires
Tue, 25 Sep 2018 13:58:27 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-29/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-29/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_249.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:812::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

expires
Fri, 13 Sep 2019 07:45:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Mon, 11 Jun 2018 14:38:59 GMT
content-type
text/html
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011809142227020/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011809142227020/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_249.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:812::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a974db9973ac2b1766eedd50026483b12c2a7955b9a209913201de78115d1ddf
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
665848
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7566
x-xss-protection
1; mode=block
last-modified
Sat, 15 Sep 2018 00:45:00 GMT
server
sffe
date
Mon, 17 Sep 2018 21:00:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Sep 2019 21:00:59 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011809142227020/ Frame 96FF 		262 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011809142227020/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_249.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:812::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3a3a765973dabc545b40d123d851fc948a629c7c4f5694893e8f596a63beeecb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
665166
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
84906
x-xss-protection
1; mode=block
last-modified
Sat, 15 Sep 2018 00:45:00 GMT
server
sffe
date
Mon, 17 Sep 2018 21:12:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Sep 2019 21:12:21 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011809142227020/v0/ Frame 96FF 		117 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011809142227020/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_249.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:812::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
74cd2a4a115bf7bb7155619565b3bfa6e8b78911abab2a5b7f37586784b7bb7d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
667596
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
38035
x-xss-protection
1; mode=block
last-modified
Sat, 15 Sep 2018 00:45:00 GMT
server
sffe
date
Mon, 17 Sep 2018 20:31:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 17 Sep 2019 20:31:51 GMT
osd.js
pagead2.googlesyndication.com/pagead/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_249.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
f4055bd0cdf467ff6940a20d9284a60987a85578033114820b1dc605dbb70991
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 25 Sep 2018 13:39:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1166
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
26901
x-xss-protection
1; mode=block
server
cafe
etag
11408177114345171100
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 25 Sep 2018 14:39:01 GMT
1477044826857528681
tpc.googlesyndication.com/simgad/ Frame 96FF 		204 KB
204 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1477044826857528681
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:812::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
f9e491d593a45ba3ec2d38f181c8cd25351beb601dd61ee68bbe524bc42ae522
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 21 Sep 2018 10:52:01 GMT
x-content-type-options
nosniff
age
356786
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
208745
x-xss-protection
1; mode=block
last-modified
Thu, 13 Sep 2018 13:27:33 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 21 Sep 2019 10:52:01 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 96FF 		0
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW2ZOPsvPRcuW1NEe1u7zcjhqtylmMOaMEBZu8vlAZURqXBaNEIotqDBSPvCtGPIF8v25KSQcC1qzhRA-MttfxSLGYxPY0byOEwDU5ZS4UDM4PGr9rJSjGzRxQ07M7eWW98s3btbie2K0vhFo6d7FaJGoPsLEGyZg6PTs-l_e-SCv3v0D1OQaa-coX8FCDB3jO3aID-AACM6otAGu804IzRdEFGh4G4JP9gDQgNoP19T5QgEECuzBovwuHrg&sai=AMfl-YS7jdAEZNBEu7_sQtsAHBiRuL9Xp9y8h0RMQYH_MIzz364ze9FlvyJY-ph4ng54fjtOJn84bvaIAv_R8wFKr1cvFjImzU4ByRBTyREc&sig=Cg0ArKJSzGw7J1vxpqbQEAE&adurl=
Requested by
Host: www.prssnijabar.or.id
URL: https://www.prssnijabar.or.id/asset_backend/att/att.htm
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.22.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s16-in-f34.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 25 Sep 2018 13:58:27 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Tue, 25 Sep 2018 13:58:27 GMT
r
amp-error-reporting.appspot.com/ Frame 96FF 		2 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011809142227020/amp4ads-v0.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:812::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
Origin
https://www.prssnijabar.or.id
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 25 Sep 2018 13:58:28 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
2
activeview
pagead2.googlesyndication.com/pcs/ Frame 96FF 		42 B
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsumURVlblRGryC0_7Z3hTTnJK3fEaPbzqDGb3TbCGMp540hZHBdJYxVjt43_g2Ht13iyh_rghiKrBhiJd3KP_J5kArkUY8l6_I&sig=Cg0ArKJSzAKybqHIvR_gEAE&id=ampim&o=73,112&d=1440,1024&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=748&tls=1749&g=100&h=100&r=v&pt=51&tt=1750&adk=2565056540&avms=ampa
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.prssnijabar.or.id/asset_backend/att/att.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Sep 2018 13:58:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
home.secureapp.att.net
URL
http://home.secureapp.att.net/i/s.gif?nocache=4374

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AT&T (Telecommunication)

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| mid string| adobe_mc string| href undefined| analytics_app_visitor_id undefined| ts undefined| newurl object| visitor function| isIE object| DataMappingInterface object| scripts object| script string| src function| scriptExecutor undefined| detmScriptLoaderConfig function| detmScriptLoader undefined| detmLoader undefined| AllowDelayedLoad function| Visitor object| s_c_il number| s_c_in object| detmScriptExecutor function| detmDomainMapper object| detmTagControls object| antiClickjack undefined| noFrameBusting function| $ function| jQuery string| agent string| ORIGINATION_POINT_URL string| RETURN_URL string| CANCEL_URL function| getWindowWidth function| getWindowHeight function| setRegURL function| logPgvw function| refer function| submitForm function| trimAll function| chkTick function| unchkTick function| getElementsByClassName function| btnChange function| acctSelBtnEnable function| ie6Img function| getYadContents function| init undefined| countdownElement function| overlay function| cancelLoad function| Redirecturl string| focusableElementsString function| trapTabKey function| supportRedirect function| webtrendsAsyncInit function| detmExecuteFooter string| q1Zidx string| q2Zidx object| Sadlib_Config object| TN8 object| SW_Config object| rubicontag object| googletag object| sadlib object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| GPT_jstiming object| closure_memoize_cache_ undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_show_companion_ad function| google_show_companion_ad_in_slot function| google_get_companion_slot_params function| google_companion_error function| google_companion_loaded function| google_increment_num_ad_mouseovers string| google_ad_output string| google_ad_client string| google_flash_version boolean| google_webgl_support string| google_ad_section string| google_country number| google_unique_id object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| AMP_CONFIG object| log object| AMPErrors boolean| ampInaboxInitialized object| AMP_MODE function| reportError object| AMP

5 Cookies

Domain/Path Name / Value
.demdex.net/ Name: dextp
Value: 269-1-1537883906404|358-1-1537883906505
www.prssnijabar.or.id/ Name: IV_JCT
Value: %2FcommonLogin
.demdex.net/ Name: demdex
Value: 75725305631230717772286567719592655415
.prssnijabar.or.id/ Name: AMCV_55633F7A534535110A490D44%40AdobeOrg
Value: -330454231%7CMCIDTS%7C17800%7CMCMID%7C75990197029083783712295051836798856213%7CMCAAMLH-1538488704%7C6%7CMCAAMB-1538488704%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1537891104s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-17807%7CvVersion%7C3.1.2
.prssnijabar.or.id/ Name: AMCVS_55633F7A534535110A490D44%40AdobeOrg
Value: 1

2 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/011809142227020/amp4ads-v0.js(Line 538)
Message:
Powered by AMP ⚡ HTML – Version 1809142227020
console-api error URL: https://cdn.ampproject.org/rtv/011809142227020/amp4ads-v0.js(Line 96)
Message:
localStorage not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
amp-error-reporting.appspot.com
att.demdex.net
cdn.ampproject.org
cm.everesttech.net
dpm.demdex.net
home.secureapp.att.net
pagead2.googlesyndication.com
sadlib.static-app.synacor.com
securepubads.g.doubleclick.net
smetrics.att.com
tpc.googlesyndication.com
www.att.com
www.googletagservices.com
www.prssnijabar.or.id
home.secureapp.att.net
111.92.169.6
144.160.149.126
172.217.22.34
2a00:1450:4001:812::2001
2a00:1450:4001:812::2014
2a00:1450:4001:81a::2002
2a00:1450:4001:81f::2002
2a00:1450:4001:825::2002
2a02:26f0:6c00:195::2db1
34.247.143.160
63.140.43.178
66.117.28.86
69.168.96.158
01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
12e49a9e6365630be20995a525cc29111f80a7717e4398780c4118f4236b5ae0
18b9a39358e5a17b610dc806db1a26c266d5e9c232d8ce632a5fc3bdb0634a4a
27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0
308b88046da3cb8c99042d803173dee196d6501925fd3c86ccf8f9e2d7f7d04a
30a949cc26cd4f709fa897313f8d448b2cb724a40a170c4b8e8ce6b3aa890fd1
39d704fb385057b46c2781380576a8c4f3a1df6cf5f4c82efbc4830e4ef5449a
3a3a765973dabc545b40d123d851fc948a629c7c4f5694893e8f596a63beeecb
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5
61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263
74cd2a4a115bf7bb7155619565b3bfa6e8b78911abab2a5b7f37586784b7bb7d
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
8777e0086aa3b8fe5234fe6c2e56570b5361d61fc8d8a295cffeea18f9bf3812
8e6ec1efd720fba57823309829b05bb57ebb5716c813c88b3c88cf36ab9aa5e9
9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128
9e0db7af94ee7bd2d325475edb564226b87d4a0c528f4b69a112f8769ed52ab0
a8c89bb3937cdc4a70b3568eae5a390d918433be78f89deba07846932ae7c695
a974db9973ac2b1766eedd50026483b12c2a7955b9a209913201de78115d1ddf
ab07703c15612fa42136256a077938df85cce793fe087cbdcc63a4c60889b7e4
c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1
c8fc42a072ce96f30429517b59f7382168fa771fc23e96cfdeb5418e3ae50c52
d786451d45253c958e647e3572fe72bbadbabd38f76ab6835c94c5fc649c22b8
da0f28b0d18d448b29cb3ee6e742952e7247c627d3800d045ba1573ca1fc07f4
db2a3260d580716fb8dae973b1b994f799f545d520b7a1636d473ecbdbdd2223
dfa2be020e3374a4b1c871c88ada990120fb198d4e8ff685ad35cfae88ad3466
dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4055bd0cdf467ff6940a20d9284a60987a85578033114820b1dc605dbb70991
f5662c83d5c559afd19a374bde2d3a98af07e78e604198e55e7c1f594995dbf8
f7eeefc1dd6f250f4c4b89a1fef2d0fb85b280042059f1f2ee0d11de20c34e98
f9e491d593a45ba3ec2d38f181c8cd25351beb601dd61ee68bbe524bc42ae522
fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f