urlscan.io logo urlscan.io
SecurityTrails logo

lowongankerjaoke.com Open in urlscan Pro
103.229.72.33  Public Scan

Go To Rescan Add Verdict Report
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-...
Submission: On September 07 via automatic, source phishtank
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 7 countries across 15 domains to perform 25 HTTP transactions. The main IP is 103.229.72.33, located in Jakarta, Indonesia and belongs to MWN-AS-ID PT Master Web Network, ID. The main domain is lowongankerjaoke.com.
This is the only time lowongankerjaoke.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.229.72.33 55660 (MWN-AS-ID...)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2 46.4.115.108 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
3 151.101.134.2 54113 (FASTLY)
1 198.143.177.69 32475 (SINGLEHOP...)
1 1 66.6.33.21 26101 (YAHOO-3)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 138.201.50.135 24940 (HETZNER-AS)
1 103.224.212.222 133618 (TRELLIAN-...)
2 151.101.134.202 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
4 35.190.91.160 15169 (GOOGLE)
2 34.250.101.24 16509 (AMAZON-02)
1 35.190.40.172 15169 (GOOGLE)
2 2 34.255.138.125 16509 (AMAZON-02)
3 3 34.241.15.178 16509 (AMAZON-02)
2 2 136.144.49.28 54825 (PACKET)
2 52.50.55.174 16509 (AMAZON-02)
25 17
1    103.229.72.33 (Jakarta, Indonesia)

ASN55660 (MWN-AS-ID PT Master Web Network, ID)
PTR: cl460101x.i.maintenis.com
lowongankerjaoke.com
1    2400:cb00:2048:1::6819:9d0d (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
icons.iconarchive.com
2    46.4.115.108 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: de-hz5.cubeupload.com
i.cubeupload.com
u.cubeupload.com
1    2a00:1450:4001:818::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
3    151.101.134.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
i770.photobucket.com
i106.photobucket.com
1    198.143.177.69 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: cs09-prod.1g-1t.co
hellox.persiangig.com
1    66.6.33.21 (New York, United States)

ASN26101 (YAHOO-3 - Yahoo!, US)
31.media.tumblr.com
1    2a00:1288:80:800::8000 (United Kingdom)

ASN203220 (YAHOO-DEB, DE)
78.media.tumblr.com
1    138.201.50.135 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.135.50.201.138.clients.your-server.de
www11.0zz0.com
1    103.224.212.222 (Australia)

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-222.above.com
www.elaioun24.com
2    151.101.134.202 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
s.skimresources.com
1    2a00:1450:4001:819::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
1    2a00:1450:4001:818::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    35.190.59.101 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
4    35.190.91.160 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
2    34.250.101.24 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-250-101-24.eu-west-1.compute.amazonaws.com
i.skimresources.com
1    35.190.40.172 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 172.40.190.35.bc.googleusercontent.com
api.skimlinks.mgr.consensu.org
2    34.255.138.125 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-255-138-125.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
3    34.241.15.178 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-241-15-178.eu-west-1.compute.amazonaws.com
x.skimresources.com
2    136.144.49.28 (Netherlands)

ASN54825 (PACKET - Packet Host, Inc., US)
loadeu.exelator.com
2    52.50.55.174 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-55-174.eu-west-1.compute.amazonaws.com
t.skimresources.com
Domain Requested by
4 p.skimresources.com lowongankerjaoke.com
3 x.skimresources.com 3 redirects
2 t.skimresources.com s.skimresources.com
2 loadeu.exelator.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 i.skimresources.com s.skimresources.com
2 s.skimresources.com lowongankerjaoke.com
s.skimresources.com
2 i770.photobucket.com lowongankerjaoke.com
1 api.skimlinks.mgr.consensu.org s.skimresources.com
1 r.skimresources.com s.skimresources.com
1 fonts.gstatic.com lowongankerjaoke.com
1 i106.photobucket.com lowongankerjaoke.com
1 www.youtube.com lowongankerjaoke.com
1 www.elaioun24.com lowongankerjaoke.com
1 www11.0zz0.com lowongankerjaoke.com
1 78.media.tumblr.com lowongankerjaoke.com
1 31.media.tumblr.com 1 redirects
1 hellox.persiangig.com lowongankerjaoke.com
1 fonts.googleapis.com lowongankerjaoke.com
1 u.cubeupload.com lowongankerjaoke.com
1 i.cubeupload.com 1 redirects
1 icons.iconarchive.com lowongankerjaoke.com
1 lowongankerjaoke.com
25 23

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid
u.cubeupload.com
Let's Encrypt Authority X3		 2018-07-27 -
2018-10-25		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2018-08-21 -
2018-11-13		 3 months crt.sh
f6.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2018-09-03 -
2018-09-28		 25 days crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2015-09-15 -
2018-09-19		 3 years crt.sh

This page contains 3 frames:

Primary Page: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Frame ID: 9560317A7B0E88BDA57AC49723829FB1
Requests: 22 HTTP requests in this frame

Frame: https://www.youtube.com/v/qD8OnPC1fLI&autoplay=1?autoplay=1&cc_load_policy=1
Frame ID: 47FC79CFCA5CAB41EC0D05070128F1E1
Requests: 1 HTTP requests in this frame

Frame: https://p.skimresources.com/?provider_id=df1e6a68ac984843050397739f396004&skim_mapping=true
Frame ID: F6327950302576B767C39058A4C96DCE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^Reveal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^Reveal$/i

Page Statistics

25
Requests

16 %
HTTPS

24 %
IPv6

15
Domains

23
Subdomains

17
IPs

7
Countries

1879 kB
Transfer

1920 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://i.cubeupload.com/jVhYLn.gif HTTP 301
  • https://u.cubeupload.com/jVhYLn.gif
Request Chain 5
  • http://31.media.tumblr.com/fd727f88a14cb89cd706bc1561979493/tumblr_msoes3AnHw1qav3uso3_500.gif HTTP 301
  • http://78.media.tumblr.com/fd727f88a14cb89cd706bc1561979493/tumblr_msoes3AnHw1qav3uso3_500.gif
Request Chain 10
  • http://www.youtube.com/v/qD8OnPC1fLI&autoplay=1?autoplay=1&cc_load_policy=1 HTTP 307
  • https://www.youtube.com/v/qD8OnPC1fLI&autoplay=1?autoplay=1&cc_load_policy=1
Request Chain 19
  • http://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
  • http://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D HTTP 302
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=df1e6a68ac984843050397739f396004 HTTP 302
  • https://p.skimresources.com/?provider_id=df1e6a68ac984843050397739f396004&skim_mapping=true
Request Chain 21
  • http://x.skimresources.com/?provider=exelate HTTP 302
  • http://loadeu.exelator.com/load/?p=787&g=001&j=0& HTTP 302
  • http://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1 HTTP 302
  • http://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=0b955dba0b1c0ec6a1d7fb1cec486dad HTTP 302
  • http://p.skimresources.com/?provider_id=0b955dba0b1c0ec6a1d7fb1cec486dad&skim_mapping=true

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login.php
lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/ 		30 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Server
103.229.72.33 Jakarta, Indonesia, ASN55660 (MWN-AS-ID PT Master Web Network, ID),
Reverse DNS
cl460101x.i.maintenis.com
Software
Apache /
Resource Hash
3e28a1bd7c269eec1f05ac09f73f40455d81e2a7a63e527380de37ffde50ee5c

Request headers

Host
lowongankerjaoke.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
9560317A7B0E88BDA57AC49723829FB1

Response headers

Date
Fri, 07 Sep 2018 03:08:12 GMT
Server
Apache
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
social-inside-facebook-icon.png
icons.iconarchive.com/icons/icontexto/social-inside/256/ 		345 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://icons.iconarchive.com/icons/icontexto/social-inside/256/social-inside-facebook-icon.png
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Server
2400:cb00:2048:1::6819:9d0d , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 03:08:13 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Server
cloudflare
Vary
Accept-Encoding
Content-Type
text/html
Cache-Control
public, max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
4565f83a07df9d02-AMS
Expires
Fri, 07 Sep 2018 07:08:13 GMT
jVhYLn.gif
u.cubeupload.com/
Redirect Chain
  • http://i.cubeupload.com/jVhYLn.gif
  • https://u.cubeupload.com/jVhYLn.gif
722 KB
722 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.cubeupload.com/jVhYLn.gif
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
46.4.115.108 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
de-hz5.cubeupload.com
Software
nginx/1.10.1 (Ubuntu) /
Resource Hash
e84a954edbaa68dc178f6a92066f42575b8759b3daebfa3a29df69e6f49a6d06
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 03:08:13 GMT
X-Content-Type-Options
nosniff
X-Delivered-By
Content Library
Server
nginx/1.10.1 (Ubuntu)
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains
Access-Control-Allow-Methods
HEAD, GET, POST, PUT, PATCH, DELETE
Content-Type
image/gif; charset=binary
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive

Redirect headers

Location
https://u.cubeupload.com/jVhYLn.gif
Date
Fri, 07 Sep 2018 03:08:13 GMT
Server
nginx/1.10.1 (Ubuntu)
Connection
keep-alive
Content-Length
194
Content-Type
text/html
css
fonts.googleapis.com/ 		850 B
848 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Orbitron:400,700
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
1bbf173d5c96fd8d525c422bb755b2e0c69338054d156b07a99238f636c1813b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 03:08:13 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Sep 2018 03:08:13 GMT
Server
ESF
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding
chunked
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection
1; mode=block
Expires
Fri, 07 Sep 2018 03:08:13 GMT
kilat1-1_zpsc4089899.gif
i770.photobucket.com/albums/xx349/h6009/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i770.photobucket.com/albums/xx349/h6009/kilat1-1_zpsc4089899.gif?t=1378728840
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Server
151.101.134.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache /
Resource Hash
0cc16a66ad1fb87fce9799822ac44f8e7835a759c865f189a95bce20ca4b5087

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 03:08:13 GMT
Via
1.1 varnish, 1.1 varnish
Age
13246
X-Cache
MISS, HIT
Fastly-Io-Info
ifsz=44727 idim=800x600 ifmt=gif ofsz=44724 odim=800x600 ofmt=gif
Connection
keep-alive
Content-Length
44724
X-Served-By
cache-den19624-DEN, cache-mad9426-MAD
Server
Apache
X-Timer
S1536289694.845776,VS0,VE1
Etag
"Jw3q+I4rUZcjb0CxV2R3wcd0OFgpZoi35jxn5Qph5zY"
Vary
Accept
Content-Type
image/gif
Access-Control-Allow-Origin
*
Fastly-Stats
io=1
Expires
Wed, 05 Sep 2018 01:29:28 GMT
Cache-Control
max-age=21600
Accept-Ranges
bytes
X-Cache-Hits
0, 1
negro.cur
hellox.persiangig.com/DefacePage/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://hellox.persiangig.com/DefacePage/negro.cur
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Server
198.143.177.69 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
cs09-prod.1g-1t.co
Software
Apache/2.2.8 (Unix) /
Resource Hash
b5e6bf00469c3fcbebb1ab4c160bac63d743e51a91d53adaa9175f179bd0340c

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 03:08:13 GMT
Last-Modified
Thu, 05 Jul 2012 10:38:13 GMT
Server
Apache/2.2.8 (Unix)
ETag
"611a770-1225-4c412be990f40"
Content-Type
text/plain; charset=utf-8
Content-Control
private
Cache-Control
max-age=172800
Connection
close
Accept-Ranges
bytes
Content-Length
4645
Expires
Sun, 09 Sep 2018 03:08:13 GMT
tumblr_msoes3AnHw1qav3uso3_500.gif
78.media.tumblr.com/fd727f88a14cb89cd706bc1561979493/
Redirect Chain
  • http://31.media.tumblr.com/fd727f88a14cb89cd706bc1561979493/tumblr_msoes3AnHw1qav3uso3_500.gif
  • http://78.media.tumblr.com/fd727f88a14cb89cd706bc1561979493/tumblr_msoes3AnHw1qav3uso3_500.gif
988 KB
989 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://78.media.tumblr.com/fd727f88a14cb89cd706bc1561979493/tumblr_msoes3AnHw1qav3uso3_500.gif
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Server
2a00:1288:80:800::8000 , United Kingdom, ASN203220 (YAHOO-DEB, DE),
Reverse DNS
Software
ATS /
Resource Hash
7034b8cc5034aec8e4b01bf4e7065a6f9931d2bb9f6abf830851a37344d6600f

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 06 Sep 2018 23:17:42 GMT
Via
http/1.1 sc12.ycpi.bf1.yahoo.com (ApacheTrafficServer [cHs f ]), http/1.1 sc8.ycpi.bf1.yahoo.com (ApacheTrafficServer [cMsSf ]), http/1.1 e2.ycpi.deb.yahoo.com (ApacheTrafficServer [cRs f ]), http/1.1 e19.ycpi.deb.yahoo.com (ApacheTrafficServer [cMsSf ])
Last-Modified
Sun, 26 Feb 2017 00:00:00 GMT
Server
ATS
Age
13831
Etag
"d8e47ab812a3750cc7df5521b66d90a7-1488067200-7058c4e"
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
1012001

Redirect headers

Location
http://78.media.tumblr.com/fd727f88a14cb89cd706bc1561979493/tumblr_msoes3AnHw1qav3uso3_500.gif
Date
Fri, 07 Sep 2018 03:08:13 GMT
Server
openresty
Connection
keep-alive
Content-Length
182
Content-Type
text/html
378319998.jpg
www11.0zz0.com/2011/10/08/08/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www11.0zz0.com/2011/10/08/08/378319998.jpg
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Server
138.201.50.135 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.135.50.201.138.clients.your-server.de
Software
Apache/2.4.6 /
Resource Hash
54936e79045c2d42bc88e84163b1d74b6b2de7dc622535864f6a88684cb9666e

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 03:08:13 GMT
Last-Modified
Sat, 08 Oct 2011 08:42:49 GMT
Server
Apache/2.4.6
ETag
"278d-4aec58ae69440"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10125
numerosid0_zps54e754ad.gif
i770.photobucket.com/albums/xx349/h6009/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i770.photobucket.com/albums/xx349/h6009/numerosid0_zps54e754ad.gif
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Server
151.101.134.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache /
Resource Hash
4078e5e6cb38840b43fa8bf0ac3d17ba0609787588ccc3db60f36891d3d2a762

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 03:08:14 GMT
Via
1.1 varnish, 1.1 varnish
Age
13246
X-Cache
MISS, HIT
Fastly-Io-Info
ifsz=13544 idim=700x8 ifmt=gif ofsz=12975 odim=700x8 ofmt=gif
Connection
keep-alive
Content-Length
12975
X-Served-By
cache-den19620-DEN, cache-mad9435-MAD
Server
Apache
X-Timer
S1536289694.003685,VS0,VE1
Etag
"/wmN1FqGDfT5Wgoks/VBoNqK/bGkpATfLbrlIZSrx+I"
Vary
Accept
Content-Type
image/gif
Access-Control-Allow-Origin
*
Fastly-Stats
io=1
Expires
Mon, 27 Aug 2018 16:20:06 GMT
Cache-Control
max-age=21600
Accept-Ranges
bytes
X-Cache-Hits
0, 1
anonymous-morocco-hackers-300x228.jpg
www.elaioun24.com/wp-content/uploads/2013/04/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.elaioun24.com/wp-content/uploads/2013/04/anonymous-morocco-hackers-300x228.jpg
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.0
Server
103.224.212.222 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS
lb-212-222.above.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
no-cache
Content-Type
text/html
62117X1389296.skimlinks.js
s.skimresources.com/js/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s.skimresources.com/js/62117X1389296.skimlinks.js
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Server
151.101.134.202 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Skimlinks V9.0 /
Resource Hash
7116a3c8020138c2d81d0a2d837c8b115b59ecf77efa4ca54dba6bb193700181

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
UFaUX_H2c19lf9LBBE.OY0hqg3WS3_8w
Content-Encoding
gzip
Server
Skimlinks V9.0
ETag
"532760152d2654245d03f77eb512683e"
X-Served-By
cache-mad9424-MAD
Vary
Accept-Encoding
X-Cache
HIT
P3P
policyref="https://s.skimresources.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=3600
Date
Fri, 07 Sep 2018 03:08:14 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/octet-stream
Content-Length
23276
X-Cache-Hits
2
qD8OnPC1fLI&autoplay=1
www.youtube.com/v/ Frame 47FC
Redirect Chain
  • http://www.youtube.com/v/qD8OnPC1fLI&autoplay=1?autoplay=1&cc_load_policy=1
  • https://www.youtube.com/v/qD8OnPC1fLI&autoplay=1?autoplay=1&cc_load_policy=1
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/v/qD8OnPC1fLI&autoplay=1?autoplay=1&cc_load_policy=1
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:819::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube

Request headers

:method
GET
:authority
www.youtube.com
:scheme
https
:path
/v/qD8OnPC1fLI&autoplay=1?autoplay=1&cc_load_policy=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
9560317A7B0E88BDA57AC49723829FB1
Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit

Response headers

status
404
cache-control
no-cache
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block; report=https://www.google.com/appserve/security-bugs/log/youtube
expires
Tue, 27 Apr 1971 19:44:06 EST
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
date
Fri, 07 Sep 2018 03:08:13 GMT
server
YouTube Frontend Proxy
set-cookie
VISITOR_INFO1_LIVE=hjUk-74e4TE; path=/; domain=.youtube.com; expires=Wed, 06-Mar-2019 03:08:13 GMT; httponly YSC=hl_PNG4s_U0; path=/; domain=.youtube.com; httponly GPS=1; path=/; domain=.youtube.com; expires=Fri, 07-Sep-2018 03:38:13 GMT VISITOR_INFO1_LIVE=hjUk-74e4TE; path=/; domain=.youtube.com; expires=Wed, 06-Mar-2019 03:08:13 GMT; httponly PREF=f1=50000000; path=/; domain=.youtube.com; expires=Wed, 08-May-2019 15:01:13 GMT
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"

Redirect headers

Location
https://www.youtube.com/v/qD8OnPC1fLI&autoplay=1?autoplay=1&cc_load_policy=1
Non-Authoritative-Reason
HSTS
chopnhay.gif
i106.photobucket.com/albums/m280/YukioKenshin/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://i106.photobucket.com/albums/m280/YukioKenshin/chopnhay.gif
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Server
151.101.134.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Apache /
Resource Hash
feb604510a31118b42d630f9f5ce200efb882b6dae0c063315952dbc45cf9de4

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 03:08:14 GMT
Via
1.1 varnish, 1.1 varnish
Age
6274
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=22771 idim=90x68 ifmt=gif ofsz=22741 odim=90x68 ofmt=gif
Connection
keep-alive
Content-Length
22741
X-Served-By
cache-den19621-DEN, cache-mad9427-MAD
Expires
Mon, 27 Aug 2018 04:11:03 GMT
Server
Apache
X-Timer
S1536289694.021005,VS0,VE0
Etag
"otoUb6TAHhU1ORngjzeSxyXtpDLBwPsKvnKKGxfy8So"
Vary
Accept
Content-Type
image/gif
Access-Control-Allow-Origin
*
Fastly-Stats
io=1
X-Pb-Link
TRUE
Cache-Control
max-age=21600
Accept-Ranges
bytes
X-Cache-Hits
2, 1
yMJWMIlzdpvBhQQL_QIAUjh2qtBTWFHy.woff2
fonts.gstatic.com/s/orbitron/v9/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/orbitron/v9/yMJWMIlzdpvBhQQL_QIAUjh2qtBTWFHy.woff2
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Server
2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
da48fa4f147225b661c6f203293d4ef872fea2c6baf8e79f1d6cfb4ea2aac6a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://fonts.googleapis.com/css?family=Orbitron:400,700
Origin
http://lowongankerjaoke.com

Response headers

Date
Fri, 31 Aug 2018 15:53:27 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 10 Oct 2017 23:08:51 GMT
Server
sffe
Age
558886
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
5760
X-XSS-Protection
1; mode=block
Expires
Sat, 31 Aug 2019 15:53:27 GMT
/
r.skimresources.com/api/ 		196 B
842 B 		Script
General
Check archive.org
Download Go to
Full URL
http://r.skimresources.com/api/?callback=skimlinksBeaconCallback&data=%7B%22pubcode%22%3A%2262117X1389296%22%2C%22page%22%3A%22http%3A%2F%2Flowongankerjaoke.com%2Fwp-content%2Fthemes%2Fmagazine-point%2Fen%2Fbankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway%2Findex%2Flogin.php%3Fcmd%3Dlogin_submit%22%2C%22domains%22%3A%5B%22facebook.com%22%5D%7D
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/62117X1389296.skimlinks.js
Protocol
HTTP/1.1
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
8979040d4fa6b7c5e7acdbf6acf60f4a6796c82115681fca5eb59d89c31e1017
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 03:08:14 GMT
Via
1.1 google
X-Content-Type-Options
nosniff
Server
openresty/1.11.2.5
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
http://lowongankerjaoke.com
Access-Control-Allow-Credentials
true
Content-Type
application/javascript
px.gif
p.skimresources.com/ 		43 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.skimresources.com/px.gif?ch=1&rn=2.3230045204456475
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 03:08:14 GMT
Via
1.1 google
Server
Skimlinks Pixel 1.0
P3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
43
Content-Type
image/gif
px.gif
p.skimresources.com/ 		43 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.skimresources.com/px.gif?ch=2&rn=2.3230045204456475
Requested by
Host: lowongankerjaoke.com
URL: http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Protocol
HTTP/1.1
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 03:08:14 GMT
Via
1.1 google
Server
Skimlinks Pixel 1.0
P3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
43
Content-Type
image/gif
/
i.skimresources.com/api/ 		257 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
http://i.skimresources.com/api/?version=10&js=1&callback=instantDataCallback&data=%7B%22instant%22%3A%221%22%2C%22page%22%3A%22http%3A%2F%2Flowongankerjaoke.com%2Fwp-content%2Fthemes%2Fmagazine-point%2Fen%2Fbankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway%2Findex%2Flogin.php%3Fcmd%3Dlogin_submit%22%2C%22pref%22%3A%22%22%2C%22pubcode%22%3A%2262117X1389296%22%7D
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/62117X1389296.skimlinks.js
Protocol
HTTP/1.1
Server
34.250.101.24 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-250-101-24.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
92b148ea07c71170529a92cd52b2e023da70110360795d929b459cf00bbf391b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 03:08:14 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.10.2
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
http://lowongankerjaoke.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript
Content-Length
257
iab
api.skimlinks.mgr.consensu.org/ 		772 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://api.skimlinks.mgr.consensu.org/iab
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/62117X1389296.skimlinks.js
Protocol
HTTP/1.1
Server
35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
172.40.190.35.bc.googleusercontent.com
Software
nginx/1.14.0 /
Resource Hash
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Origin
http://lowongankerjaoke.com

Response headers

Date
Fri, 07 Sep 2018 03:08:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx/1.14.0
Transfer-Encoding
chunked
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
http://lowongankerjaoke.com
Access-Control-Allow-Credentials
true
Content-Type
application/json
Access-Control-Allow-Headers
*
Via
1.1 google
Consent_A_de.js
s.skimresources.com/js/GDPR/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/GDPR/Consent_A_de.js
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/62117X1389296.skimlinks.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.134.202 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Skimlinks V9.0 /
Resource Hash
2446b4675dd60902dd823d55b7797a4c3fd69d009d426dc8fd92b33f3bf11682

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id
s0eZthFSm..aqhcmbBs1RfDTa.1719Fw
content-encoding
gzip
server
Skimlinks V9.0
etag
"5b25dc963cc86b1c56b99f7ed7f76b4b"
x-served-by
cache-mad9429-MAD
vary
Accept-Encoding
x-cache
HIT
p3p
policyref="https://s.skimresources.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
cache-control
public, max-age=3600
date
Fri, 07 Sep 2018 03:08:14 GMT
accept-ranges
bytes
content-type
application/octet-stream
content-length
5264
x-cache-hits
2
/
p.skimresources.com/ Frame F632
Redirect Chain
  • http://sync.crwdcntrl.net/map/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • http://sync.crwdcntrl.net/map/ct=y/c=7505/tp=SKIM/?https%3A%2F%2Fx.skimresources.com%2F%3Fprovider%3Dlotame%26skim_mapping%3Dtrue%26provider_id%3D%24%7Bprofile_id%7D
  • https://x.skimresources.com/?provider=lotame&skim_mapping=true&provider_id=df1e6a68ac984843050397739f396004
  • https://p.skimresources.com/?provider_id=df1e6a68ac984843050397739f396004&skim_mapping=true
43 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/?provider_id=df1e6a68ac984843050397739f396004&skim_mapping=true
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 07 Sep 2018 03:08:14 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
status
200
content-type
image/gif
alt-svc
clear
content-length
43

Redirect headers

Location
https://p.skimresources.com?provider_id=df1e6a68ac984843050397739f396004&skim_mapping=true
Date
Fri, 07 Sep 2018 03:08:14 GMT
Server
TornadoServer/2.4.1
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length
0
Content-Type
text/html; charset=UTF-8
/
i.skimresources.com/api/ 		627 B
989 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://i.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/62117X1389296.skimlinks.js
Protocol
HTTP/1.1
Server
34.250.101.24 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-250-101-24.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.2 /
Resource Hash
0ec22d9a13ab41001e4fbdd4909bc255d5595c5cedac65e09c850f619b44b76a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Origin
http://lowongankerjaoke.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Date
Fri, 07 Sep 2018 03:08:14 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.10.2
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
http://lowongankerjaoke.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
627
/
p.skimresources.com/ Frame F632
Redirect Chain
  • http://x.skimresources.com/?provider=exelate
  • http://loadeu.exelator.com/load/?p=787&g=001&j=0&
  • http://loadeu.exelator.com/load/?p=787&g=001&j=0&&xl8blockcheck=1
  • http://x.skimresources.com/?provider=exelate&skim_mapping=true&provider_id=0b955dba0b1c0ec6a1d7fb1cec486dad
  • http://p.skimresources.com/?provider_id=0b955dba0b1c0ec6a1d7fb1cec486dad&skim_mapping=true
43 B
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://p.skimresources.com/?provider_id=0b955dba0b1c0ec6a1d7fb1cec486dad&skim_mapping=true
Protocol
HTTP/1.1
Server
35.190.91.160 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 03:08:14 GMT
Via
1.1 google
Server
Skimlinks Pixel 1.0
P3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
http://p.skimresources.com?provider_id=0b955dba0b1c0ec6a1d7fb1cec486dad&skim_mapping=true
Date
Fri, 07 Sep 2018 03:08:14 GMT
Server
TornadoServer/2.4.1
Connection
keep-alive
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Length
0
Content-Type
text/html; charset=UTF-8
track.php
t.skimresources.com/api/ 		22 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://t.skimresources.com/api/track.php
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/62117X1389296.skimlinks.js
Protocol
HTTP/1.1
Server
52.50.55.174 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-50-55-174.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Origin
http://lowongankerjaoke.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 07 Sep 2018 03:08:14 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.12.2
Access-Control-Allow-Methods
GET, POST
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
Content-Length
22
link
t.skimresources.com/api/ 		22 B
526 B 		XHR
General
Check archive.org
Download Go to
Full URL
http://t.skimresources.com/api/link
Requested by
Host: s.skimresources.com
URL: http://s.skimresources.com/js/62117X1389296.skimlinks.js
Protocol
HTTP/1.1
Server
52.50.55.174 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-50-55-174.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://lowongankerjaoke.com/wp-content/themes/magazine-point/en/bankofamerica.com-inet-en-logon-securityredirectjsc-success-gateway/index/login.php?cmd=login_submit
Origin
http://lowongankerjaoke.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Pragma
no-cache
Date
Fri, 07 Sep 2018 03:08:14 GMT
X-Content-Type-Options
nosniff
Server
nginx/1.12.2
Access-Control-Allow-Methods
GET, POST
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
Content-Length
22

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| width number| height function| doClickText function| reveal function| initReveal number| clickw number| clickh number| clickb string| clickc string| clickbg string| clickt string| clickFont function| tb5_makeArray number| tb5_counter number| tb5_currMsg string| tb5_stsmsg function| tb5_shuffle function| tb5_init function| tb5_randomizetitle string| txt number| espera number| refresco function| rotulo_title object| tb5_messages string| tb5_rptType number| tb5_rptNbr number| tb5_speed number| tb5_delay object| tb5_arr object| tb5_sts number| temp number| tb5_sp number| tb5_timerID undefined| K2SitePath function| muter2 function| keypressed function| kasih_tau boolean| ieType string| docComp boolean| docMod object| ieRef number| sum function| onoff function| kill function| mouse function| winDims function| ClockAndAssign function| Delay string| dCol string| fCol string| sCol string| mCol string| hCol number| del number| ref object| theDays object| theMonths object| date number| day number| year string| tmpdate object| D object| N number| F object| H object| M object| S number| siz number| eqf number| eqd number| han number| ofy number| ofx number| ofst number| tmr boolean| vis number| mouseY number| mouseX object| dy object| dx object| zy object| zx object| tmps object| tmpm object| tmph object| tmpf object| tmpd object| algn number| winH number| winW number| buffW function| farbschrift function| string2array function| divserzeugen number| a function| farbverlauf number| farbsatz function| farbtauscher object| farbbibliothek object| farben string| text object| Buchstabe number| k function| skimwordsDataCallback function| instantDataCallback function| skimlinksODPCallback object| __SKIM_JS_GLOBAL__ function| skimlinksBeaconCallback function| skimlinksBeaconSecondaryCallback function| skimlinksBeaconAuxCallback object| time number| secs number| sec number| mins number| min number| hrs number| hr

4 Cookies

Domain/Path Name / Value
.youtube.com/ Name: PREF
Value: f1=50000000
.youtube.com/ Name: GPS
Value: 1
.youtube.com/ Name: YSC
Value: hl_PNG4s_U0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: hjUk-74e4TE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

31.media.tumblr.com
78.media.tumblr.com
api.skimlinks.mgr.consensu.org
fonts.googleapis.com
fonts.gstatic.com
hellox.persiangig.com
i.cubeupload.com
i.skimresources.com
i106.photobucket.com
i770.photobucket.com
icons.iconarchive.com
loadeu.exelator.com
lowongankerjaoke.com
p.skimresources.com
r.skimresources.com
s.skimresources.com
sync.crwdcntrl.net
t.skimresources.com
u.cubeupload.com
www.elaioun24.com
www.youtube.com
www11.0zz0.com
x.skimresources.com
103.224.212.222
103.229.72.33
136.144.49.28
138.201.50.135
151.101.134.2
151.101.134.202
198.143.177.69
2400:cb00:2048:1::6819:9d0d
2a00:1288:80:800::8000
2a00:1450:4001:818::2003
2a00:1450:4001:818::200a
2a00:1450:4001:819::200e
34.241.15.178
34.250.101.24
34.255.138.125
35.190.40.172
35.190.59.101
35.190.91.160
46.4.115.108
52.50.55.174
66.6.33.21
0cc16a66ad1fb87fce9799822ac44f8e7835a759c865f189a95bce20ca4b5087
0ec22d9a13ab41001e4fbdd4909bc255d5595c5cedac65e09c850f619b44b76a
1bbf173d5c96fd8d525c422bb755b2e0c69338054d156b07a99238f636c1813b
2446b4675dd60902dd823d55b7797a4c3fd69d009d426dc8fd92b33f3bf11682
3e28a1bd7c269eec1f05ac09f73f40455d81e2a7a63e527380de37ffde50ee5c
4078e5e6cb38840b43fa8bf0ac3d17ba0609787588ccc3db60f36891d3d2a762
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
54936e79045c2d42bc88e84163b1d74b6b2de7dc622535864f6a88684cb9666e
7034b8cc5034aec8e4b01bf4e7065a6f9931d2bb9f6abf830851a37344d6600f
7116a3c8020138c2d81d0a2d837c8b115b59ecf77efa4ca54dba6bb193700181
8979040d4fa6b7c5e7acdbf6acf60f4a6796c82115681fca5eb59d89c31e1017
92b148ea07c71170529a92cd52b2e023da70110360795d929b459cf00bbf391b
b5e6bf00469c3fcbebb1ab4c160bac63d743e51a91d53adaa9175f179bd0340c
beab79184bf1fca1f52ff3761f8a533827106fef3749c6c9c9a3e7eec619a226
da48fa4f147225b661c6f203293d4ef872fea2c6baf8e79f1d6cfb4ea2aac6a7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e84a954edbaa68dc178f6a92066f42575b8759b3daebfa3a29df69e6f49a6d06
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
feb604510a31118b42d630f9f5ce200efb882b6dae0c063315952dbc45cf9de4