| thrlebaran.efiles.my.id/img/icon.png | 172.67.140.109 | 200 OK | 2.0 kB |
URL GET HTTP/3thrlebaran.efiles.my.id/img/icon.png IP172.67.140.109:443
Requested byhttps://thrlebaran.efiles.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectefiles.my.id Fingerprint6C:A5:65:6B:67:95:09:3D:A9:20:4F:A9:82:B3:FE:43:6D:02:8F:5A ValiditySun, 24 Mar 2024 15:54:11 GMT - Sat, 22 Jun 2024 15:54:10 GMT
File typePNG image data, 194 x 194, 8-bit colormap, non-interlaced Hash6bb288b8ba772471f23cee4f99b54c08 f72bf6750892a25cc40b590bafb2038109bd77ad 3899581abcfed9b40b7208bbbca8bdbfe3ae9655980dbf55f04dec9cb3309f27
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp | Quad9 DNS | malicious | Sinkholed |
GET /img/icon.png HTTP/1.1
Host: thrlebaran.efiles.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thrlebaran.efiles.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 05:35:57 GMT
content-type: image/png
content-length: 2043
last-modified: Tue, 16 Apr 2019 00:53:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UcUBH%2FQSaogcNwNe%2B7N51wiH6mE4FSgML6iyYN%2BGmR0KOOgcxdtmyeZtx5VrDHvAyKW6wbIdeaTOZnqWB%2FZ1gaXLWzkqaKap0xRL4Q9tan%2BaMuaDEK6C3vDqFFygiVUBk6C%2FQ0XHUVzIvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a88c0aca756a5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| thrlebaran.efiles.my.id/css/style.build35e635e635e6.css | 172.67.140.109 | 200 OK | 61 kB |
URL GET HTTP/3thrlebaran.efiles.my.id/css/style.build35e635e635e6.css IP172.67.140.109:443
Requested byhttps://thrlebaran.efiles.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectefiles.my.id Fingerprint6C:A5:65:6B:67:95:09:3D:A9:20:4F:A9:82:B3:FE:43:6D:02:8F:5A ValiditySun, 24 Mar 2024 15:54:11 GMT - Sat, 22 Jun 2024 15:54:10 GMT
File typeUnicode text, UTF-8 text, with very long lines (593) Hash0a117ce4351d51e2d1b51947b21cd384 8c223241d543846c17ed1b6ea8f7b866bcf8779e 5d6ebaa0e5f23c2aafea7f738be1a5c88019121c46f497fe8e6c7af7e5f0db4c
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp | Quad9 DNS | malicious | Sinkholed |
GET /css/style.build35e635e635e6.css HTTP/1.1
Host: thrlebaran.efiles.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thrlebaran.efiles.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 05:35:58 GMT
content-type: text/css
last-modified: Tue, 16 Apr 2019 00:53:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JufGrFqRvApgCAZQyjYt%2Fo3xG7GK8eNkgzW7tklbUAg2Q%2FMBriTvTTtVuoJW5BKpSanvp9F48McKtxO9Z5uH4FJ9sFHusainxQUf2dhW81U4jG6YUhxlsX%2Fkjv0u8LkaXO0R4ylhUqeuaA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a88c00c2956a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www-cdn.whatsapp.net/img/v4/whatsapp-logo.svg?v=46fe27fc8 | 31.13.72.52 | 302 Found | 0 B |
URL GET HTTP/2www-cdn.whatsapp.net/img/v4/whatsapp-logo.svg?v=46fe27fc8 IP31.13.72.52:443
Requested byhttps://thrlebaran.efiles.my.id/ CertificateIssuerDigiCert Inc Subject*.whatsapp.net Fingerprint4B:DF:1C:AB:9D:99:4E:AC:8A:8B:76:35:D5:FD:71:56:56:2C:D4:8B ValidityFri, 02 Feb 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/v4/whatsapp-logo.svg?v=46fe27fc8 HTTP/1.1
Host: www-cdn.whatsapp.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thrlebaran.efiles.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
location: https://www.whatsapp.com/img/v4/whatsapp-logo.svg
content-type: text/plain
content-length: 0
server: proxygen-bolt
date: Fri, 19 Apr 2024 05:35:58 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=13, mss=1380, tbw=3294, tp=-1, tpl=-1, uplat=0, ullat=-1
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.whatsapp.com/img/v4/whatsapp-logo.svg | 31.13.72.52 | 400 Bad Request | 2.5 kB |
URL GET HTTP/3www.whatsapp.com/img/v4/whatsapp-logo.svg IP31.13.72.52:443
Requested byhttps://thrlebaran.efiles.my.id/ CertificateIssuerDigiCert Inc Subject*.whatsapp.net Fingerprint4B:DF:1C:AB:9D:99:4E:AC:8A:8B:76:35:D5:FD:71:56:56:2C:D4:8B ValidityFri, 02 Feb 2024 00:00:00 GMT - Fri, 26 Apr 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (2793) Hashf1ac791356b3b6a884f9d3341fabe1da 85c8d6a72ce89e3254dea435474c3ee04d0c8cbd 87d28f909a65f055c786a96751a9e3467ff378c56f9d38f5cffcfdaf0d724f1d
GET /img/v4/whatsapp-logo.svg HTTP/1.1
Host: www.whatsapp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thrlebaran.efiles.my.id/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 400 Bad Request
content-encoding: br
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: text/html; charset="utf-8"
x-fb-debug: uzqhnRiJyuKPXhIiiy6jNn+OP64UTLhlYFug529hVOpIeaSSJ5GlHVPhvJY2P2DLc1qnlqbpnKTUgizsPZoJAg==
content-length: 2460
proxy-status: http_request_error; e_fb_configversion="AcI_Ve0j7E2q_O80F_e02eF37nPR1UFyJwl7QJ1eIp5ziJPDC2VW0iLi9XlV4A"; e_clientaddr="AcI2J8cdFIkhdLTl-nhu7F1nb0SnmuE4NFJaDhJbFi5AtwLzEGAH51icwP24-z2KogVu_Bj459lNrtNS5n4XxiEGTdjk_yDbz-nuwFrmQB1QUAtOOw"; e_fb_vipport="AcL8AhpgCfUfqA5DIbrgFl9EfIcyHRMqUaqR7vJnoF34SsVAB55gFkn2DQOB"; e_upip="AcKmkt-nwxvIP2Nspwq2kqVDiIzfbCRbSTQVudDorHJ-hM_MLPzUEkiq-zoyTq4iNfQOdYunBPm6P6u1cLg60auvp05R1YI9_sI"; e_fb_requestsequencenumber="AcKz6YdCWlDE3Ht4g9z_Hfga0Oq3VSvQJpqp-9bloBlNEM5ytcCuTZzIaW8D"; e_fb_hostheader="AcICNOLHueiSJUBEdDT8c7kyltDTN3BeQnJjM36PnNbBhFL51rDVZUhvRrccbkd12Gd-Fa5Y73xo0A"; e_fb_vipaddr="AcKLEm00HWRZXJK6BfjNdlWpbiHH4SwvLMLHQea_BNj2o1eUyn1XqArzeV8r5b8wxJVM7Y8-gDY2CjF-_V2YlC96aWlIh3Scfg"; e_fb_requesthandler="AcKufkXtPdAHHMn8-IvXB3Kg1PrRLBCOPt2FbbD3Bbmm22eEgI2CjyJGA26DJbXs8W-O3hsJylE"; e_fb_requesttime="AcIbyxvVTSdx_p1zhmh66TUTaDztpd8EKet6ouPtMgzUvIbOnz1wSkllW8LSd-wY9O-BJsZNeA"; e_fb_builduser="AcLAnhPUVfc9OW_8TductmUs5rwWk_iay4V7dQNuBzEHZjU6q9jPF6Sgz4NaWB5sMjo"; e_fb_httpversion="AcKhN5jmg6iUdRC3PcwTRF7GDfBYBFv0QK7iUHovoE9uhYcnQHwKZuSW6rEG"; e_fb_binaryversion="AcJedIvo92wn2mqOk_F9dWD7QNLuVkT0soArLA7dsB6kcpId-xoq5_OixdP8o7WGXifKo_cJPgJGJhQ4odRCcRCjU8X7daUN00U"; e_proxy="AcKGYCXy06JdJ43BW0zUj3h5yMVeut-6DuXBWzxZhV02KCUTl67bh8A0gPmIFGFCbsPu_zFXuPTrdb3qE2P6", http_request_error; e_fb_configversion="AcLXR5s3v_DfopDTf5_SCqrmahCqyRoXSBw1jHDNG6DBOIYllSRmvPz6N3H24A"; e_clientaddr="AcL5QwS4d-Pubsxxdc_qVeNF9c-YFS8eHMTPet3l8tWtIsoXm2JcV6pHG8m_ZeLqj3tMs2u70ClLmY4K"; e_fb_vipport="AcKyjHL26jAHDMx95D4rAA3Uj2iLXtq6KGFyaBRYDio-SlC2Gdl5pkf2HeCa"; e_upip="AcKIc6YlEbFD-WbH0aQFWaQyakbQQhXGyVtqCCHU5cSFdGoD8bJ5jn4JYTFgXERuWZzY75Qkvpodge63K8dZv8QvwJf31zZn2w"; e_fb_requestsequencenumber="AcJ1hQQV4PE3zVjxT52beWjUJ11lNbLR5iMrKuFJlq4VlD7yILntuY_P6g"; e_fb_hostheader="AcJeG_5fDU71WjN5I2GihXUCC4fogdbBsLnA9WeTX3p9wv4rd8Gv07K9bd6JofAdWXS7vRb_FVe44g"; e_fb_vipaddr="AcLWTTjpzasyak-jxfFDVHifes6A_qDzLxK-fPFMV7rAqzNbnV5Ex0YtENNIOdtKaXei_eU"; e_fb_requesthandler="AcKtS4X5HBh9bSChpFbdHyYPBEjeGaiatBayvTFPTpMdBa3NWX-vtZt9MsjCjHeHC1dvuA25cfqJO5SW"; e_fb_requesttime="AcKxQUDlLOk9rOoMXqNuWATqEKav1NFlPvBkPxV2rqP2_RAXJ_kxqZhghPjFQ02za0QSgOHBRg"; e_fb_builduser="AcI9WCMdab1DywQxoKQWK1IGtr4caA0QBaJiD0feWRdjorobXpne_exGs3NHLrgbkjU"; e_fb_httpversion="AcLEiHAMrvnSOkkIIdYrgOdGH0hSFeE_BpPhaVR0HI4BYYH22IwBkh7B3uB6"; e_fb_binaryversion="AcLl1TmAPN4jRiVRiRzv-QO3R0tHWOLNqNmqRgBeR-USfkfWsi4cifzW5cJx0pf-DpdGSMFws7KbWrSGeqePp_iwvWAFp8PPXss"; e_proxy="AcLvYEbSbheedgxuTSUiiWv8TRRuD3tnMWoemEJX3HY1537S8dZu0Egua4NldGMvbXnXQYRXF2XNfgM"
date: Fri, 19 Apr 2024 05:35:58 GMT
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=10, rtx=0, c=14, mss=1232, tbw=5012, tp=9, tpl=0, uplat=41, ullat=0
alt-svc: h3=":443"; ma=86400
priority: u=4
|
|
| thrlebaran.efiles.my.id/img/18.jpg | 172.67.140.109 | 200 OK | 48 kB |
URL GET HTTP/3thrlebaran.efiles.my.id/img/18.jpg IP172.67.140.109:443
Requested byhttps://thrlebaran.efiles.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectefiles.my.id Fingerprint6C:A5:65:6B:67:95:09:3D:A9:20:4F:A9:82:B3:FE:43:6D:02:8F:5A ValiditySun, 24 Mar 2024 15:54:11 GMT - Sat, 22 Jun 2024 15:54:10 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 678x452, components 3 Hash661ba0794cbb4632f04845d99fd8c654 0135b8f33680c6a9bfbb14e5963a8ba6dc5d5a66 85d8e324649eaecd7214fcdea01161ecf25418c5c69097583074ec4aa4219715
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp | Quad9 DNS | malicious | Sinkholed |
GET /img/18.jpg HTTP/1.1
Host: thrlebaran.efiles.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thrlebaran.efiles.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 05:35:58 GMT
content-type: image/jpeg
content-length: 48119
last-modified: Tue, 16 Apr 2024 04:31:56 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I5OdAc4l6GnjD6kAD5Z5MN%2FrpZHlEMyprcaD86AfWl5zTlnfsPzHNwTc42lISccmnH1aoKCL4R%2FKdhnFtsN%2Bcj4NttocH79y5re4vTYgbGuZW%2BitK9SBAcSjhTODfPYp4b9FW7G8eGzskw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a88c59fff56a5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| thrlebaran.efiles.my.id/img/v4/icon-chat.png | 172.67.140.109 | 404 Not Found | 315 B |
URL GET HTTP/3thrlebaran.efiles.my.id/img/v4/icon-chat.png IP172.67.140.109:443
Requested byhttps://thrlebaran.efiles.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectefiles.my.id Fingerprint6C:A5:65:6B:67:95:09:3D:A9:20:4F:A9:82:B3:FE:43:6D:02:8F:5A ValiditySun, 24 Mar 2024 15:54:11 GMT - Sat, 22 Jun 2024 15:54:10 GMT
File typeHTML document, ASCII text, with very long lines (326), with no line terminators Hash97ef40509b73c101d6815511c3adf98d a4242322497ea630ea72e26ba297a95a2bbe5ccd 322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp | Quad9 DNS | malicious | Sinkholed |
GET /img/v4/icon-chat.png HTTP/1.1
Host: thrlebaran.efiles.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://thrlebaran.efiles.my.id/css/style.build35e635e635e6.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 19 Apr 2024 05:35:58 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sa%2FUbvA04my5WfIVJNxp90fgN2YZdP0sfGWudByFznxE0u7Ea40i1Ex4weo9VrVfwmr%2FlxWEbn1%2FVuWywzuVmwI3uH6YUSMTAC5AvYDWd5B7S9Ktk3muz2AtUm0gFGOVo%2BzqqJAT%2F0gGJw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876a88c59ffe56a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 172.67.140.109 | 200 OK | 6.8 kB |
URL User Request GET HTTP/2IP172.67.140.109:443
CertificateIssuerGoogle Trust Services LLC Subjectefiles.my.id Fingerprint6C:A5:65:6B:67:95:09:3D:A9:20:4F:A9:82:B3:FE:43:6D:02:8F:5A ValiditySun, 24 Mar 2024 15:54:11 GMT - Sat, 22 Jun 2024 15:54:10 GMT
File typeHTML document, ASCII text, with very long lines (8081), with no line terminators Hash8db307a8e28118d36bc3740e76885c23 d987b2402c1cd55af6120d349495ea27b13c2fd1 0ef693c576a322acc57085a560a1810e18a85aaa89c97ab553a232351673b215
Analyzer | Verdict | Alert | OpenPhish | phishing | WhatsApp | Quad9 DNS | malicious | Sinkholed |
GET / HTTP/1.1
Host: thrlebaran.efiles.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 05:35:57 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1fWbitybeHV%2BCciPYzgsW62g58trxm%2FiTD%2FhanISSgp92PBDfGSvY%2BfMvNmalCxrdPv7MQ1vame6slSd2RRqFW0SC3V7aXq1xxC79ZKoC6KQRHb5bU9KPaUj4744J0Cj0%2FyPG0EDPKR63Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876a88b9cec3569a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|