www.shaokao.co.id
Open in
urlscan Pro
192.185.5.15
Malicious Activity!
Public Scan
Submitted URL: http://kanghusada.host/wp-config/mail/Att/
Effective URL: https://www.shaokao.co.id/wp-includes/modules/webmail.login/att/home.php
Submission: On March 27 via manual from US
Effective URL: https://www.shaokao.co.id/wp-includes/modules/webmail.login/att/home.php
Submission: On March 27 via manual from US
Summary
This website contacted 15 IPs
in 4 countries
across 11 domains to perform 41 HTTP transactions.
The main IP is 192.185.5.15, located in
Houston, United States and
belongs to UNIFIEDLAYER-AS-1 - Unified Layer, US.
The main domain is www.shaokao.co.id.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 29th 2019. Valid for: 3 months.
This is the only time www.shaokao.co.id was scanned on urlscan.io!
TLS certificate: Issued by Let's Encrypt Authority X3 on January 29th 2019. Valid for: 3 months.
This is the only time www.shaokao.co.id was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: AT&T (Telecommunication)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 206.189.87.71 206.189.87.71 | 14061 (DIGITALOC...) (DIGITALOCEAN-ASN - DigitalOcean) | |
| 2 | 192.185.5.15 192.185.5.15 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1 - Unified Layer) | |
| 2 | 2a02:26f0:6b:... 2a02:26f0:6b:28d::2db1 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 17 | 144.160.155.70 144.160.155.70 | 797 (AMERITECH-AS) (AMERITECH-AS - AT&T Services) | |
| 1 | 69.168.104.86 69.168.104.86 | 36271 (SYNACOR-C...) (SYNACOR-CLUSTER - Synacor) | |
| 1 | 54.246.133.167 54.246.133.167 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 1 | 104.111.216.57 104.111.216.57 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
| 1 | 52.19.121.121 52.19.121.121 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
| 3 | 2a00:1450:400... 2a00:1450:4001:808::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81e::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:806::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 4 | 216.58.207.66 216.58.207.66 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:816::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 4 | 2a00:1450:400... 2a00:1450:4001:818::2001 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
| 41 | 15 |
1
206.189.87.71
(Los Angeles, United States)
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
| kanghusada.host |
2
192.185.5.15
(Houston, United States)
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: ns8047.hostgator.com
ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: ns8047.hostgator.com
| www.shaokao.co.id |
17
144.160.155.70
(United States)
ASN797 (AMERITECH-AS - AT&T Services, Inc., US)
ASN797 (AMERITECH-AS - AT&T Services, Inc., US)
| home.secureapp.att.net |
1
69.168.104.86
(Buffalo, United States)
ASN36271 (SYNACOR-CLUSTER - Synacor, Inc., US)
ASN36271 (SYNACOR-CLUSTER - Synacor, Inc., US)
| sadlib.static-app.synacor.com |
1
54.246.133.167
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-133-167.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-246-133-167.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
1
104.111.216.57
(Amsterdam, Netherlands)
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-216-57.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-216-57.deploy.static.akamaitechnologies.com
| smetrics.att.com |
1
52.19.121.121
(Dublin, Ireland)
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-121-121.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-121-121.eu-west-1.compute.amazonaws.com
| att.demdex.net |
4
216.58.207.66
(Mountain View, United States)
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s25-in-f2.1e100.net
| securepubads.g.doubleclick.net |
2
2a00:1450:4001:816::2002
(Ireland)
ASN15169 (GOOGLE - Google LLC, US)
ASN15169 (GOOGLE - Google LLC, US)
| pagead2.googlesyndication.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 17 |
att.net
home.secureapp.att.net |
212 KB |
| 6 |
googlesyndication.com
pagead2.googlesyndication.com tpc.googlesyndication.com |
317 KB |
| 4 |
doubleclick.net
securepubads.g.doubleclick.net |
92 KB |
| 3 |
googletagservices.com
www.googletagservices.com |
69 KB |
| 3 |
att.com
www.att.com smetrics.att.com |
23 KB |
| 2 |
demdex.net
dpm.demdex.net att.demdex.net |
1 KB |
| 2 |
shaokao.co.id
www.shaokao.co.id |
3 KB |
| 1 |
google.com
adservice.google.com |
171 B |
| 1 |
google.de
adservice.google.de |
171 B |
| 1 |
synacor.com
sadlib.static-app.synacor.com |
19 KB |
| 1 |
kanghusada.host
kanghusada.host |
774 B |
| 41 | 11 |
| Domain | Requested by | |
|---|---|---|
| 17 | home.secureapp.att.net |
www.shaokao.co.id
home.secureapp.att.net |
| 4 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
|
| 4 | securepubads.g.doubleclick.net |
www.googletagservices.com
securepubads.g.doubleclick.net www.shaokao.co.id |
| 3 | www.googletagservices.com |
sadlib.static-app.synacor.com
securepubads.g.doubleclick.net |
| 2 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
|
| 2 | www.att.com |
www.shaokao.co.id
|
| 2 | www.shaokao.co.id |
www.shaokao.co.id
|
| 1 | adservice.google.com |
www.googletagservices.com
|
| 1 | adservice.google.de |
www.googletagservices.com
|
| 1 | att.demdex.net |
www.att.com
|
| 1 | smetrics.att.com |
www.att.com
|
| 1 | dpm.demdex.net |
www.att.com
|
| 1 | sadlib.static-app.synacor.com |
www.shaokao.co.id
|
| 1 | kanghusada.host | |
| 41 | 14 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.att.net |
| www.att.com |
| uverseonline.att.net |
| elportal.att.net |
| home.secureapp.att.net |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| shaokao.co.id Let's Encrypt Authority X3 |
2019-01-29 - 2019-04-29 |
3 months | crt.sh |
| *.att.com DigiCert SHA2 Secure Server CA |
2019-01-09 - 2020-02-05 |
a year | crt.sh |
| home.secureapp.att.net DigiCert SHA2 Secure Server CA |
2018-09-17 - 2020-09-17 |
2 years | crt.sh |
| *.static-app.synacor.com DigiCert SHA2 High Assurance Server CA |
2016-06-17 - 2019-08-13 |
3 years | crt.sh |
| *.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
| *.g.doubleclick.net Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
| *.google.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
| tpc.googlesyndication.com Google Internet Authority G3 |
2019-03-01 - 2019-05-24 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://www.shaokao.co.id/wp-includes/modules/webmail.login/att/home.php
Frame ID: BF03E50E2EA0BF29BD530B61BD9D5E94
Requests: 34 HTTP requests in this frame
Frame:
https://att.demdex.net/dest5.html?d_nsid=0
Frame ID: B8BEC7FFD8A84ED8D2800A7ECA5DD8AA
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/pagead/js/r20190320/r20110914/abg_lite.js
Frame ID: 500FACCD97E4B319562A30BFDD23ADBE
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://kanghusada.host/wp-config/mail/Att/ Page URL
- https://www.shaokao.co.id/wp-includes/modules/webmail.login/att/home.php Page URL
Detected technologies
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
DoubleClick for Publishers (DFP)
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Google AdSense
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /googlesyndication\.com\//i
- env /^google_ad_/i
- env /^__google_ad_/i
- env /^Goog_AdSense_/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^gaGlobal$/i
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- env /^googletag$/i
Webtrends
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<img[^>]+id="DCSIMG"[^>]+webtrends/i
- env /^(?:WTOptimize|WebTrends)/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
16 Outgoing links
These are links going to different origins than the main page.
URL: http://www.att.net/
Title: att.net
Title: att.net
Search URL Search Domain Scan URL
URL: http://www.att.com/
Title: att.com
Title: att.com
Search URL Search Domain Scan URL
URL: http://uverseonline.att.net/
Title: uverse.com
Title: uverse.com
Search URL Search Domain Scan URL
URL: http://elportal.att.net/
Title: En Español
Title: En Español
Search URL Search Domain Scan URL
URL: https://www.att.com/esupport/index.jsp?App_ID=PBY
Title: AT&T Support
Title: AT&T Support
Search URL Search Domain Scan URL
URL: https://www.att.com/esupport/article.html#!/wireless/KM1187387
Title: Learn about shared passwords for AT&T email and your AT&T Access ID
Title: Learn about shared passwords for AT&T email and your AT&T Access ID
Search URL Search Domain Scan URL
URL: https://www.att.com/olam/unauth/enterEmailForgotId.myworld?origination_point=att.net&Return_URL=https://cprodx.att.net/yportal/attportal/s/userinfo.dll?ep=1062&rdtype=1&Cancel_URL=https://cprodx.att.net/yportal/attportal/s/userinfo.dll?ep=1062&rdtype=1
Title: Forgot User ID?
Title: Forgot User ID?
Search URL Search Domain Scan URL
URL: https://home.secureapp.att.net/attportal/s/context.dll?id=9002001&type=clickthru&name=cgate.Register.Pageviews.kanghusada-host&redirecturl=https://attreg.att.net/PortalRegWeb/PortalRegController?callingAppId=OP&returnUrl=
Search URL Search Domain Scan URL
URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.support&redirecturl=https://www.att.com/esupport/index.jsp?App_ID=PBY
Title: AT&T Support
Title: AT&T Support
Search URL Search Domain Scan URL
URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.adinfo&redirecturl=http://www.att.net/legal/advertising
Title: Advertise with Us
Title: Advertise with Us
Search URL Search Domain Scan URL
URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.TOS&redirecturl=http://www.att.com/shop/internet/att-internet-terms-of-service.jsp
Title: Terms of Service
Title: Terms of Service
Search URL Search Domain Scan URL
URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.copyright&redirecturl=http://info.yahoo.com/copyright/details.html
Title: Copyright
Title: Copyright
Search URL Search Domain Scan URL
URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.privacy&redirecturl=http://att.yahoo.com/privacy
Title: Privacy Policy
Title: Privacy Policy
Search URL Search Domain Scan URL
URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.aboutourads&redirecturl=http://info.yahoo.com/privacy/us/yahoo/attandyahoo/adchoices.html
Title: About Our Ads
Title: About Our Ads
Search URL Search Domain Scan URL
URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.AUP&redirecturl=https://www.att.com/legal/terms.aup.html
Title: Acceptable Use Policy
Title: Acceptable Use Policy
Search URL Search Domain Scan URL
URL: http://www.att.net/s/context.dll?id=1400&type=clickthru&name=global.footer.att.IP&redirecturl=http://www.att.com/gen/privacy-policy?pid=2587
Title: © 2018 AT&T Intellectual Property
Title: © 2018 AT&T Intellectual Property
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://kanghusada.host/wp-config/mail/Att/ Page URL
- https://www.shaokao.co.id/wp-includes/modules/webmail.login/att/home.php Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
41 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
/
kanghusada.host/wp-config/mail/Att/ |
504 B 774 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Primary Request
home.php
www.shaokao.co.id/wp-includes/modules/webmail.login/att/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
detm-container-hdr.js
www.att.com/scripts/adobe/prod/ |
72 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
_fontface.css
home.secureapp.att.net/css/sso/slid/1201/ |
0 199 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
main.css
home.secureapp.att.net/css/sso/slid/1201/ |
28 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-1.5.1.min.js
home.secureapp.att.net/js/jquery/ |
83 KB 84 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.simplemodal.js
home.secureapp.att.net/js/jquery/simplemodal/ |
9 KB 9 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
script.js
home.secureapp.att.net/js/sso/slid/1201/ |
47 KB 48 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
att.js
sadlib.static-app.synacor.com/client/att/ |
68 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Button.png
home.secureapp.att.net/design/CDLS10/img/logos/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
AT&T_logo.png
home.secureapp.att.net/design/CDLS10/img/logos/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
detm-container-ftr.js
www.att.com/scripts/adobe/prod/ |
534 B 543 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
409 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
mobile.css
home.secureapp.att.net/css/sso/slid/1201/ |
4 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
smetrics.att.com/ |
0 322 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
webtrends.min.js
www.shaokao.co.id/commonLogin/igate_edam/staticContent/images/SLID/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
pageBg.png
home.secureapp.att.net/design/cdls10/img/ui/ |
169 B 372 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
btnSumbit.png
home.secureapp.att.net/img/sso/slid/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
footerBg.png
home.secureapp.att.net/design/CDLS10/img/ui/ |
560 B 764 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
dest5.html
att.demdex.net/ Frame B8BE |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
44 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
attGlobalNavHeader-bg.gif
home.secureapp.att.net/design/cdls20/img/ui/ |
149 B 352 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
att_globe_blue_80x80.png
home.secureapp.att.net/design/CDLS10/img/logos/ |
16 KB 16 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
support-icon.jpg
home.secureapp.att.net/img/sso/slid/ |
2 KB 2 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
txt-clear.png
home.secureapp.att.net/img/sso/slid/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ques.png
home.secureapp.att.net/img/sso/slid/ |
363 B 567 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.de/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
integrator.js
adservice.google.com/adsid/ |
109 B 171 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pubads_impl_2019032001.js
securepubads.g.doubleclick.net/gpt/ |
158 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
context.dll
home.secureapp.att.net/attportal/s/ |
0 7 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ |
163 KB 61 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ads
securepubads.g.doubleclick.net/gampad/ |
26 KB 9 KB |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pubads_impl_rendering_2019032001.js
securepubads.g.doubleclick.net/gpt/ |
68 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
abg_lite.js
tpc.googlesyndication.com/pagead/js/r20190320/r20110914/ Frame 500F |
29 KB 11 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
m_window_focus_non_hydra.js
tpc.googlesyndication.com/pagead/js/r20190320/r20110914/client/ext/ Frame 500F |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 500F |
79 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
757763970614006220
tpc.googlesyndication.com/simgad/ Frame 500F |
243 KB 244 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
osd.js
www.googletagservices.com/activeview/js/current/ |
77 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
view
securepubads.g.doubleclick.net/pcs/ Frame 500F |
0 271 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ Frame 500F |
211 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activeview
pagead2.googlesyndication.com/pcs/ Frame 500F |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: AT&T (Telecommunication)106 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| mid string| adobe_mc string| href undefined| analytics_app_visitor_id undefined| ts undefined| newurl object| detm_last_link_info function| e object| visitor function| isIE object| DataMappingInterface string| detm_tag_notification_key object| scripts object| script string| src function| satelliteDetector function| scriptExecutor undefined| detmScriptLoaderConfig function| detmScriptLoader undefined| detmLoader undefined| AllowDelayedLoad function| Visitor object| s_c_il number| s_c_in object| detmScriptExecutor function| detmDomainMapper object| detmTagControls object| antiClickjack undefined| noFrameBusting function| $ function| jQuery string| agent string| ORIGINATION_POINT_URL string| RETURN_URL string| CANCEL_URL function| getWindowWidth function| getWindowHeight function| setRegURL function| logPgvw function| refer function| submitForm function| trimAll function| chkTick function| unchkTick function| getElementsByClassName function| btnChange function| acctSelBtnEnable function| ie6Img function| getYadContents function| init undefined| countdownElement function| overlay function| cancelLoad function| Redirecturl string| focusableElementsString function| trapTabKey function| supportRedirect function| webtrendsAsyncInit object| Sadlib_Config object| TN8 object| SW_Config object| rubicontag object| googletag object| sadlib function| detmExecuteFooter string| q1Zidx string| q2Zidx object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| GPT_jstiming undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id object| google_reactive_ads_global_state object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_show_companion_ad function| google_show_companion_ad_in_slot function| google_get_companion_slot_params function| google_companion_error function| google_companion_loaded function| google_increment_num_ad_mouseovers string| google_ad_output string| google_ad_client string| google_flash_version boolean| google_webgl_support string| google_ad_section string| google_country object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .demdex.net/ | Name: dextp Value: 22052-1-1553711174599 |
|
| .demdex.net/ | Name: demdex Value: 42933360171169401841162135405979618874 |
|
| .shaokao.co.id/ | Name: AMCVS_55633F7A534535110A490D44%40AdobeOrg Value: 1 |
|
| www.shaokao.co.id/ | Name: PHPSESSID Value: 958f6b69326c072124e38eafcf6d25c6 |
|
| www.shaokao.co.id/ | Name: IV_JCT Value: %2FcommonLogin |
|
| .shaokao.co.id/ | Name: AMCV_55633F7A534535110A490D44%40AdobeOrg Value: 1994364360%7CMCIDTS%7C17983%7CMCMID%7C43208719005639192901171665683002480664%7CMCAAMLH-1554315973%7C6%7CMCAAMB-1554315973%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1553718373s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C3.4.0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
att.demdex.net
dpm.demdex.net
home.secureapp.att.net
kanghusada.host
pagead2.googlesyndication.com
sadlib.static-app.synacor.com
securepubads.g.doubleclick.net
smetrics.att.com
tpc.googlesyndication.com
www.att.com
www.googletagservices.com
www.shaokao.co.id
104.111.216.57
144.160.155.70
192.185.5.15
206.189.87.71
216.58.207.66
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:816::2002
2a00:1450:4001:818::2001
2a00:1450:4001:81e::2002
2a02:26f0:6b:28d::2db1
52.19.121.121
54.246.133.167
69.168.104.86
01a7e22fd83c617ff55898233518c54a9ecce7e0de3e8a63c4fa59315b029c6b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
1fa7f2dc541c272f1759c02846a6f1b90efe116840be490b3fd07bb22af90bb8
22319cb3b15cdd7ecfd35159216d2223c53d0127690078f07651d1e46090b4db
23a1c39cfe69cdbeec48c939f896afb87a0bdb415c710802ab33f4b7dd2742ca
27da51ec2023f96407f92161ddda0e290b0661a765822ff03e5d61f3aecf8aa0
305c71efeb6362ad5de9f4a55fc2701c04a8f9a3b0cf33d57e807099a18d68df
30a949cc26cd4f709fa897313f8d448b2cb724a40a170c4b8e8ce6b3aa890fd1
3741524623da0c5e896f350db8eb15f11b1900ac50dbc24bd5ede079c047ceb1
4a0b22e7c3144b2403dc89d4b1997bb6fa5a7720bdb205a322a5b18dd90fd470
4b8a6e7f517f5af0a3d33bb392cb82e099e123138817778fcb470141ce53aeba
4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a
538246ff7fcac9c237211ecef80b82272336903f3319c34e120975e99d9dcb5d
5fd69c4fa9f1a2a6fbdab11ff45053dbd08237e6190dfc9c071fadd08fe9b7d5
61e91515aaf72cba3014a136331a138eca6b27831c8f2e6b0c128825243f5263
70b5a6613f03d3c015d826185e39839e6dbc2d03871f151bafbed5cc58503f69
73aa8ed17343a31465bb84462a14f0b11a7e3b0ee0c75963cb56aa3efd0ae37a
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
8e6ec1efd720fba57823309829b05bb57ebb5716c813c88b3c88cf36ab9aa5e9
9880eb5b6a6b1dec8f568c14a1a5be755c460d2ea2df66fa7b5e6b99227f7128
9c61fde7548776902bd465299ae74d221c8446f1e0aac734585f7fd1dc7481ec
a8c89bb3937cdc4a70b3568eae5a390d918433be78f89deba07846932ae7c695
bdc8bcb85e1e7788db0d066b2d3123a1a7f1d64bc65e63ed8db5d96e01296e25
c3faf8c2197072671e362228c2b0ea5d229d5fbc6d8fd331df890dcbfc11be85
c537cf7e2770d1b4953255dfccff8e0bdbfd4adb4e88d868e353208ae7ff13c1
c8326bbf2a182bc13eb5c230d0046332d605dc34f217458299cebe30eebeb0cb
d8dd44d7b498732301cf8a337c417d195b8125328ffbaf968166132216295d24
db2a3260d580716fb8dae973b1b994f799f545d520b7a1636d473ecbdbdd2223
dfa2be020e3374a4b1c871c88ada990120fb198d4e8ff685ad35cfae88ad3466
dfa35aa4643a991e1d2ec6e3562e1a0465174c7200a7572c92619904bb08530f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f96e088d7039d42428699be2d8e5b76047627d9efb7fe30768b6a448e9479b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45c7dc75dd866a2f6a680c59631108046d44028ccfd72ff128443a086ee0493
fdee766a03e4032897a2cd75326c135d8e938592bfb00f12ed5b4eb223f54c3f