| code.jquery.com/jquery-3.5.1.min.js | 151.101.66.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.5.1.min.js IP151.101.66.137:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 29 Mar 2024 04:44:02 GMT
age: 1644284
x-served-by: cache-lga21981-LGA, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 36, 677856
x-timer: S1711687442.328076,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2
|
|
| pl22821308.profitablegatecpm.com/69/cc/0d/69cc0dc0484a760a174a34fe994616d0.js | 172.240.108.84 | 200 OK | 16 kB |
URL GET HTTP/1.1pl22821308.profitablegatecpm.com/69/cc/0d/69cc0dc0484a760a174a34fe994616d0.js IP172.240.108.84:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint36:46:92:AF:08:F4:24:63:89:19:91:4A:4B:F7:89:31:A2:09:27:10 ValidityMon, 05 Feb 2024 13:08:41 GMT - Sun, 05 May 2024 13:08:40 GMT
File typeJavaScript source, ASCII text, with very long lines (44093), with no line terminators Hash8bd8fe611fab1214b5471c8f6c4bed6d ea10e204cb74ae451c51e1eb2525d35b8cd637bb 6258a14119e8ad6d0f2048132c4cf1194c0e7060e6db3b80d23f07cf75a03612
GET /69/cc/0d/69cc0dc0484a760a174a34fe994616d0.js HTTP/1.1
Host: pl22821308.profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 29 Mar 2024 04:44:02 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7881758afaf61542a75e0931475db838
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| claimgiveaway10jt.dydd67.biz.id/ | 172.67.203.19 | 200 OK | 3.3 kB |
URL User Request GET HTTP/2claimgiveaway10jt.dydd67.biz.id/ IP172.67.203.19:443
CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typeHTML document, ASCII text, with very long lines (9484) Hash6414260979b8dabcb963c50c8ebb49d7 7c60e15226aeba7c91ae63393cfbe05263e07ee8 2d7be030da340b8585343c318a52881505d710f08c1d0109e6d8a679aefef496
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET / HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:44:02 GMT
content-type: text/html
last-modified: Mon, 18 Mar 2024 13:51:34 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kD%2FC7j5uouXnOuYfIef21APG1HLvgT5LhH7Fw2hk76pFs%2F3T%2BHTbO8Qv2tpNJrE22LJXMWqyIUjm2wse5BPDScD5QrQX%2FQBMFBRaAob2DKasOl9RM8kaaxQ40czv51QkRcefMHmYOWjxv5TigW8klaCG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd33cced5bb4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap | 142.250.74.106 | 200 OK | 2.2 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap IP142.250.74.106:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typegzip compressed data, max compression Hash33bafc2c13f3b4ef127c95d43fdf8cb8 850a1f0fc64ad4c4ad89eb427cef4c94fccdf5c4 76ca71d1c9d2e61c45f230184fcbb3fbf8550ec03c79a37699299afe3edc3e08
GET /css2?family=Open+Sans:wght@400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 04:44:03 GMT
date: Fri, 29 Mar 2024 04:44:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/img/bi.png | 172.67.203.19 | 200 OK | 16 kB |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/img/bi.png IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typePNG image data, 360 x 200, 8-bit/color RGBA, non-interlaced Hash6e77df79b301b9fb95fdf50d66e3ceb7 1c93476fccf582d5ea0fa88ec8b1becc00d9edb5 4262dc8d42209d7e2a597f7f1098880e75ad0f6a53a66da1a7bd094a5f778199
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/img/bi.png HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:03 GMT
content-type: image/png
content-length: 16542
last-modified: Thu, 27 Apr 2023 19:18:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6cevgSx%2Ftg4bl%2FNpQgeGniMRoe%2FT3THe1%2BD%2BFyJ1cPR057TALcC03NC3JBYdx920KVgf3EGsZ9f1EtgTpwezWpVuDmHwCIOCsBwKIQs1CgyrsiHzLjTh%2FKEAwxvukxOTHC9%2BqDC73lFdYxVVAD6mwRl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d23ed156bf-OSL
alt-svc: h3=":443"; ma=86400
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/img/kom.png | 172.67.203.19 | 200 OK | 8.5 kB |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/img/kom.png IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced Hash74adb66e545a68df7e5a0442a02fa8e7 a1692d3bfbde3c0cb3a8bc9b9b1fb2de4d570e85 4285db40c51cc53230cab0490df40566e285b48fb2b2e4729b42ff2a26c74480
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/img/kom.png HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:03 GMT
content-type: image/png
content-length: 8484
last-modified: Thu, 27 Apr 2023 19:11:54 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Iq%2Fs1JICuQ10TxpujrDF%2BKRLARDRwb12eaWVYlFBBDcsHN5ozryt0iYFNWc0chciPcH1DptqKtTeTBakAkt%2Fz5ccUdIZLeKMkt%2Btj%2F9mNPyQWEsbMzElnX6gP0ykXH1BYA2UN%2BSwYFThTNPHh7Zpw54"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d23ed256bf-OSL
alt-svc: h3=":443"; ma=86400
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/img/load_spin.png | 172.67.203.19 | 200 OK | 5.1 kB |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/img/load_spin.png IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typePNG image data, 200 x 200, 8-bit gray+alpha, non-interlaced Hashe8e4e4432355a07040a7327673850223 b07f6cfaacb6a2093778b08dd8d9b8f7d718c119 50b4bad00572d07c6158459a5cb93b1b3f9bdea95d393aa56970afded2f58913
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/img/load_spin.png HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:03 GMT
content-type: image/png
content-length: 5078
last-modified: Tue, 01 Nov 2022 13:12:06 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Px68bqPwdRdrhNbRN0ipexric5Mh75apuN3wI4fDIdbp9t%2FcFHMaviZ0a7rx06Dj0Xb6Q%2BRrpJxqITPEC40NBFHE4HcNr66L9kTyllDH7xctBGSwn2Qc%2Bohw62dikyWOAEjrSIwbQqszkDjmvvhB1ANf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d24ed556bf-OSL
alt-svc: h3=":443"; ma=86400
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/img/load_bg.png | 172.67.203.19 | 200 OK | 7.9 kB |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/img/load_bg.png IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typePNG image data, 300 x 300, 8-bit gray+alpha, non-interlaced Hashbf1d4a90de7e29b2be55237982cb30b4 ef942049631b598767fda52d54458b9f9680ee87 46518758f002d85cff9220609163f23b7e9f8f2721561d1e0ba79c4f17425c58
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/img/load_bg.png HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:04 GMT
content-type: image/png
content-length: 7863
last-modified: Tue, 01 Nov 2022 13:12:02 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5WDDUNqeikajI8D9iX6QY404d%2BrVa55adWBGq%2FO4MCz1yqzRs1bFc47v1uMpkypvcRrxTdYMDGeHy1NsP9Itn94Q7X2FZbjl%2B4J1DaXisR6NFlHNVqxPhl8C9kciirh8ZTqrmqyg55wBo%2BxPMbbywF1I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d23ed356bf-OSL
alt-svc: h3=":443"; ma=86400
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/img/indo.png | 172.67.203.19 | 200 OK | 741 B |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/img/indo.png IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typePNG image data, 80 x 45, 8-bit colormap, non-interlaced Hashc15c95b8db17f44e5826bb7839278578 5be0ab5aba6201a0a3a3423f9db8008ed2385430 af52bfb0ab7606d185db1457ddc3edceb61c7fe9675e099cae3e3be1eccf152c
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/img/indo.png HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:04 GMT
content-type: image/png
content-length: 741
last-modified: Sat, 29 Oct 2022 11:42:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9p8DlbkuAr%2B9%2Fj1mbBqkWQT45TjPkku%2B%2FD0TNZ3OG4z69OHd4YmuMjc%2BQaLBrwg2V8FsgnVuoVauDizYaSpN7L%2Fo%2BqFRpPRNQ%2BTyxiEIojYL6dlm1vvA8SErOoYiW5saqvPD%2BCwu%2FCnPDOy7NEgrNKXq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d24ed756bf-OSL
alt-svc: h3=":443"; ma=86400
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/img/dana_text.png | 172.67.203.19 | 200 OK | 11 kB |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/img/dana_text.png IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typePNG image data, 480 x 118, 8-bit/color RGBA, non-interlaced Hash3dc459976e4f7086419105435a80fc25 4a79a70ae98be7b6386ddde8609d83eee4777373 8af7f1691e018bfc400432dfc61455f26f63226ab369e675c80cef5a93334e87
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/img/dana_text.png HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:04 GMT
content-type: image/png
content-length: 10588
last-modified: Sat, 05 Nov 2022 21:15:06 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpqfubVWFJn%2Bf%2BS9rZT0MzEB1lY1wQnX9KXTlmNbr2PTT8%2F6kQCevzd35OdDtScrPTuXNaWH3sfLLW4iNIaT68YUx6eOA2ZpLlcxrWQPcvOjQ%2BM%2FtduntozjynyfB4fAIImr8B%2BiKeoX0%2F0GwhtnPNUb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d23ed056bf-OSL
alt-svc: h3=":443"; ma=86400
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/8d62ea654fcf0e4cae001e344ee2592c.css | 172.67.203.19 | 200 OK | 1.5 kB |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/8d62ea654fcf0e4cae001e344ee2592c.css IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typeASCII text, with very long lines (3850), with no line terminators Hash6a47026eae042cc9152e2ba28cae1688 11f91794ddadcd088a8e78720abd5cce59700198 a2a6e6317012a338c0dc67124f68f969166edc9f7c3f75d54ff48942d785e709
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/8d62ea654fcf0e4cae001e344ee2592c.css HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:03 GMT
content-type: text/css
last-modified: Fri, 28 Apr 2023 17:53:16 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7xz%2F38%2BHvy%2BQcSKQjH6aS2qffXRnVpvSit0yvIAB285lJ%2Bg60ARe1VCXN7nUgR1IFwG2OBd4KUHYm3qZSQxRK9NYRh%2BV8vONl9X1MveVMCCbdvOCmMPjFdURLUwlfyu%2B7oD4L9cTVcbdqj38gAL7Jev"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d22ebd56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://claimgiveaway10jt.dydd67.biz.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:27:06 GMT
expires: Fri, 28 Mar 2025 17:27:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 40619
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.r2m03.amazontrust.com/ | 143.204.53.97 | | 471 B |
URL ocsp.r2m03.amazontrust.com/ IP143.204.53.97:0
Hashe0720567b89e85a074c0401003b4b7fb 4c9bd983308c50da9266d2d5a4a5e010b6736408 520b6f66e6827aed3facc07d0cdeb0f06ac5785dbf68439e82a20face8555e5c
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 29 Mar 2024 04:44:05 GMT
Last-Modified: Fri, 29 Mar 2024 03:00:44 GMT
Server: ECAcc (ska/F6AF)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1Dk5yjoBhCFfBdzN5BP_QC7ej6oq3IUGFRQ6ZM_lIWVan0CLzxAWXQ==
Age: 6201
|
|
| proftrafficcounter.com/stats | 3.72.189.164 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP3.72.189.164:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashde8806c3ab00357e85a3942334b62f08 41bbfb61dd858e6d539dc2acb443eba5140ba7eb 4fd7e3cec52e148904b6926eab0131f6cf296b129bf24f4a10f7a4b0a6c35b66
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://claimgiveaway10jt.dydd67.biz.id
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:44:05 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://claimgiveaway10jt.dydd67.biz.id
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=89d57aae-227c-4356-badb-38ce58b0fbc2:3:1; expires=Mon, 27 Mar 2034 04:44:05 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/img/dana_logo.png | 172.67.203.19 | 200 OK | 13 kB |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/img/dana_logo.png IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typePNG image data, 382 x 112, 8-bit/color RGBA, interlaced Hash6fd5a7d18a8f7c04bc5effcdc5235987 c4852c577f44fcdf78fb439a30ea2c6c6983b140 c67e5431f9c00bb690ea8b8add63d5ca9250bf2925f2c2a691eeee498ac75853
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/img/dana_logo.png HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:05 GMT
content-type: image/png
content-length: 12786
last-modified: Sun, 30 Oct 2022 23:38:08 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=liYxelu16KxIKz8kzLuMTVxtGtGsoGO9OH14OXAXnsHxxxzSk23roXG1ft%2BwwiTCA%2BKdqJdJRe2TBKrzEMkP0zKRkEKHogXJ0u%2B0spgZNuiZH%2F4i0wc8VKHnu3T0tYW71rkEg0fm1XrydBfq0HCwM5QT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d23ecd56bf-OSL
alt-svc: h3=":443"; ma=86400
|
|
| itundermineoperative.com/sbar.json?key=69cc0dc0484a760a174a34fe994616d0&uuid=89d57aae-227c-4356-badb-38ce58b0fbc2%3A3%3A1 | 172.240.108.84 | 200 OK | 8.3 kB |
URL GET HTTP/1.1itundermineoperative.com/sbar.json?key=69cc0dc0484a760a174a34fe994616d0&uuid=89d57aae-227c-4356-badb-38ce58b0fbc2%3A3%3A1 IP172.240.108.84:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerLet's Encrypt Subjectitundermineoperative.com FingerprintEE:B8:AE:DB:36:43:DB:D4:B5:2E:93:DC:47:90:06:50:99:5A:96:9A ValidityThu, 28 Mar 2024 18:40:46 GMT - Wed, 26 Jun 2024 18:40:45 GMT
Hash36b2d9ea171fd94829b352464cc1b142 3cc1c7198da8b5b7b9fdca92b72331f5e80eca05 2a85b0de9796ab4c5ea84009f412478b3c4c75c87a7219943c227171672da239
GET /sbar.json?key=69cc0dc0484a760a174a34fe994616d0&uuid=89d57aae-227c-4356-badb-38ce58b0fbc2%3A3%3A1 HTTP/1.1
Host: itundermineoperative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://claimgiveaway10jt.dydd67.biz.id
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 29 Mar 2024 04:44:06 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://claimgiveaway10jt.dydd67.biz.id
Access-Control-Allow-Origin: https://claimgiveaway10jt.dydd67.biz.id
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22720809; expires=Sat, 30 Mar 2024 04:44:06 GMT; secure; SameSite=None
uid_id2=89d57aae-227c-4356-badb-38ce58b0fbc2:3:1; expires=Fri, 05 Apr 2024 04:44:06 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 30 Mar 2024 04:44:06 GMT; secure; SameSite=None
uncs=1; expires=Sat, 30 Mar 2024 04:44:06 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 30 Mar 2024 04:44:06 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 30 Mar 2024 04:44:06 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 80e5d073f19954376f506a4aee077105
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/00b9d2e9f52e505c013c16bb638a42a4.css | 172.67.203.19 | 200 OK | 757 B |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/00b9d2e9f52e505c013c16bb638a42a4.css IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typeASCII text, with very long lines (666), with no line terminators Hashf04c34e455649c317cbfe449a7c5b10e 07c192cd6c0d6b6a96ddd3fe56ffc5762c2f6eb7 963ee000ea25a124a63e7dd4ded8a9adc4d3501de7d0bf47f78f6fa4bc4ee472
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/00b9d2e9f52e505c013c16bb638a42a4.css HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:04 GMT
content-type: text/css
last-modified: Fri, 28 Apr 2023 17:53:58 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bhkVWrV%2BVGtQk6skYPtZHPQt2xc2jDYAq2vcp3meXmwMd61RlmjDlTGjajqFZ8apDDc5P38OjRRgXkk3ScMCcfV1BdNKdlLgprmK6w3zaZAiREqrk6kfhTXa56PoWS%2BYJCqnIcQLLyFNxddT4uxP5rar"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d22ebe56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| itundermineoperative.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWsbxxeetc3v8oOWlpBLKOjQQwK1vLuSdqXmEJqmDqauHRKXll7K7MxInnh2Z5nZ1co6mQZKjqJ%2FwfqTHdM2lPhaaFrWgR4MhagnH%2BpL%2F4MWci5SRdW%2Bw7z35vsGvvne%2B%2FIwvyQ%2Bcnpx5yM9lErRtVbdrV3%2F1PNu1jZlkg9qg3bwedC8WTP9dztB3b1RuyvYnl7zXc91PderrUsjunqwNgUh06cdr95x602%2F7rWaGJj%2F9jZ3YKkD3r8kb0LyycoL5wokq5DEz%2B4Iu5fp9J0P4lzRTBv0%2BcnHyV6iiwTxouwaB93kZM6Gti%2FXn0MnxzO50P1%2FiJGcEOfn54iSk7lIRP2jmc5IQSSI%2BP9R9CsIVUHSCkw%2FguQvCcA4traRxE%2B2tCno%2Ft8onaITsvLqT8hiQlZ%2Bu4Ik%2Fu62koPaA63yTOrEYtAtIQcVZK9Cmp8hGzqQxRlY9gUk%2F4WsvdpEEh9tW6Uh%2BcXb7Q5vhZSKVd8P2Wqz0QpWI8qj1UabiVY7crsR82cGSVlBdisoMQK1y8itg1w6yLsO8tRBzC9qzPO80OWMuu0OYw0eiijgrkfDrkc9N2gjZ9M%2FjJClIzA1AjMHSM0B9uQIJv8JdreE5Q5sRtDnJQpBUFiCghIUkqDICIp%2BecyV9W35hCubR948%2B%2FPcKMc66x3SY531REJAzQiGl4fpJXljaqDz2ekN7ImLWtBhzOXMbbabNAxc6oVN2mh2RafTDLyAu7CyhLRLoNbBUE5I%2B%2FUxUjkhV3e2ENEzWHUGJpdB87dAixJ0t8Qw%2BZEpKuOe7Ata0H3PfZjV%2BT7nQViP5LAuObgukWYryPadQ3VJrs2murH9DIKd3%2Fq9MQswUyI1JR7KFwQ99Xh8Xxfk6L4uLDndTjMZyyGdTvxBRjOx%2FM2HYr%2FQhm%2FcsaOv32NTYFo%2B3RE226QJl0nPkm9vS86FWdeGCfLDhv1ERPdyu3s7N0mebt57f30jTo2wVuqkAp0u7x8GTE7Ia9d2Zst8%2FfttSFPB5CXi%2FJzMA1JXYOkBbLrQbzWBUQtOlDoo8nJs%2FGhxqSSBEoueRiXsv%2FpoUY8Nnb6msjy0j9EzS6DZIyRxib4p0VclqBrB5svjLDXnt36dy4jU0jhSZukoUkZ9NbN5epzCyota2Gi4NOi0vDCkIoyafrsbeJxSvxn4QUAbyOyk%2B7%2B7V%2F8CAAD%2F%2FwEAAP%2F%2F1173EKYEAAA%3D | 172.240.108.84 | 200 OK | 7 B |
URL GET HTTP/1.1itundermineoperative.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSwWsbxxeetc3v8oOWlpBLKOjQQwK1vLuSdqXmEJqmDqauHRKXll7K7MxInnh2Z5nZ1co6mQZKjqJ%2FwfqTHdM2lPhaaFrWgR4MhagnH%2BpL%2F4MWci5SRdW%2Bw7z35vsGvvne%2B%2FIwvyQ%2Bcnpx5yM9lErRtVbdrV3%2F1PNu1jZlkg9qg3bwedC8WTP9dztB3b1RuyvYnl7zXc91PderrUsjunqwNgUh06cdr95x602%2F7rWaGJj%2F9jZ3YKkD3r8kb0LyycoL5wokq5DEz%2B4Iu5fp9J0P4lzRTBv0%2BcnHyV6iiwTxouwaB93kZM6Gti%2FXn0MnxzO50P1%2FiJGcEOfn54iSk7lIRP2jmc5IQSSI%2BP9R9CsIVUHSCkw%2FguQvCcA4traRxE%2B2tCno%2Ft8onaITsvLqT8hiQlZ%2Bu4Ik%2Fu62koPaA63yTOrEYtAtIQcVZK9Cmp8hGzqQxRlY9gUk%2F4WsvdpEEh9tW6Uh%2BcXb7Q5vhZSKVd8P2Wqz0QpWI8qj1UabiVY7crsR82cGSVlBdisoMQK1y8itg1w6yLsO8tRBzC9qzPO80OWMuu0OYw0eiijgrkfDrkc9N2gjZ9M%2FjJClIzA1AjMHSM0B9uQIJv8JdreE5Q5sRtDnJQpBUFiCghIUkqDICIp%2BecyV9W35hCubR948%2B%2FPcKMc66x3SY531REJAzQiGl4fpJXljaqDz2ekN7ImLWtBhzOXMbbabNAxc6oVN2mh2RafTDLyAu7CyhLRLoNbBUE5I%2B%2FUxUjkhV3e2ENEzWHUGJpdB87dAixJ0t8Qw%2BZEpKuOe7Ata0H3PfZjV%2BT7nQViP5LAuObgukWYryPadQ3VJrs2murH9DIKd3%2Fq9MQswUyI1JR7KFwQ99Xh8Xxfk6L4uLDndTjMZyyGdTvxBRjOx%2FM2HYr%2FQhm%2FcsaOv32NTYFo%2B3RE226QJl0nPkm9vS86FWdeGCfLDhv1ERPdyu3s7N0mebt57f30jTo2wVuqkAp0u7x8GTE7Ia9d2Zst8%2FfttSFPB5CXi%2FJzMA1JXYOkBbLrQbzWBUQtOlDoo8nJs%2FGhxqSSBEoueRiXsv%2FpoUY8Nnb6msjy0j9EzS6DZIyRxib4p0VclqBrB5svjLDXnt36dy4jU0jhSZukoUkZ9NbN5epzCyota2Gi4NOi0vDCkIoyafrsbeJxSvxn4QUAbyOyk%2B7%2B7V%2F8CAAD%2F%2FwEAAP%2F%2F1173EKYEAAA%3D IP172.240.108.84:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerLet's Encrypt Subjectitundermineoperative.com FingerprintEE:B8:AE:DB:36:43:DB:D4:B5:2E:93:DC:47:90:06:50:99:5A:96:9A ValidityThu, 28 Mar 2024 18:40:46 GMT - Wed, 26 Jun 2024 18:40:45 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSwWsbxxeetc3v8oOWlpBLKOjQQwK1vLuSdqXmEJqmDqauHRKXll7K7MxInnh2Z5nZ1co6mQZKjqJ%2FwfqTHdM2lPhaaFrWgR4MhagnH%2BpL%2F4MWci5SRdW%2Bw7z35vsGvvne%2B%2FIwvyQ%2Bcnpx5yM9lErRtVbdrV3%2F1PNu1jZlkg9qg3bwedC8WTP9dztB3b1RuyvYnl7zXc91PderrUsjunqwNgUh06cdr95x602%2F7rWaGJj%2F9jZ3YKkD3r8kb0LyycoL5wokq5DEz%2B4Iu5fp9J0P4lzRTBv0%2BcnHyV6iiwTxouwaB93kZM6Gti%2FXn0MnxzO50P1%2FiJGcEOfn54iSk7lIRP2jmc5IQSSI%2BP9R9CsIVUHSCkw%2FguQvCcA4traRxE%2B2tCno%2Ft8onaITsvLqT8hiQlZ%2Bu4Ik%2Fu62koPaA63yTOrEYtAtIQcVZK9Cmp8hGzqQxRlY9gUk%2F4WsvdpEEh9tW6Uh%2BcXb7Q5vhZSKVd8P2Wqz0QpWI8qj1UabiVY7crsR82cGSVlBdisoMQK1y8itg1w6yLsO8tRBzC9qzPO80OWMuu0OYw0eiijgrkfDrkc9N2gjZ9M%2FjJClIzA1AjMHSM0B9uQIJv8JdreE5Q5sRtDnJQpBUFiCghIUkqDICIp%2BecyV9W35hCubR948%2B%2FPcKMc66x3SY531REJAzQiGl4fpJXljaqDz2ekN7ImLWtBhzOXMbbabNAxc6oVN2mh2RafTDLyAu7CyhLRLoNbBUE5I%2B%2FUxUjkhV3e2ENEzWHUGJpdB87dAixJ0t8Qw%2BZEpKuOe7Ata0H3PfZjV%2BT7nQViP5LAuObgukWYryPadQ3VJrs2murH9DIKd3%2Fq9MQswUyI1JR7KFwQ99Xh8Xxfk6L4uLDndTjMZyyGdTvxBRjOx%2FM2HYr%2FQhm%2FcsaOv32NTYFo%2B3RE226QJl0nPkm9vS86FWdeGCfLDhv1ERPdyu3s7N0mebt57f30jTo2wVuqkAp0u7x8GTE7Ia9d2Zst8%2FfttSFPB5CXi%2FJzMA1JXYOkBbLrQbzWBUQtOlDoo8nJs%2FGhxqSSBEoueRiXsv%2FpoUY8Nnb6msjy0j9EzS6DZIyRxib4p0VclqBrB5svjLDXnt36dy4jU0jhSZukoUkZ9NbN5epzCyota2Gi4NOi0vDCkIoyafrsbeJxSvxn4QUAbyOyk%2B7%2B7V%2F8CAAD%2F%2FwEAAP%2F%2F1173EKYEAAA%3D HTTP/1.1
Host: itundermineoperative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Cookie: u_pl=22720809; uid_id2=89d57aae-227c-4356-badb-38ce58b0fbc2:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 29 Mar 2024 04:44:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aeac636e1bd392a90425420cbb8710c8
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| unseenreport.com/pxf.gif?uuid=89d57aae-227c-4356-badb-38ce58b0fbc2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=69cc0dc0484a760a174a34fe994616d0&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 | 192.243.61.225 | 200 OK | 1 B |
URL GET HTTP/1.1unseenreport.com/pxf.gif?uuid=89d57aae-227c-4356-badb-38ce58b0fbc2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=69cc0dc0484a760a174a34fe994616d0&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 IP192.243.61.225:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerLet's Encrypt Subject*.unseenreport.com Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13 ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT
File typevery short file (no magic) Hash93b885adfe0da089cdf634904fd59f71 5ba93c9db0cff93f52b521d7420e43f6eda2784f 6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pxf.gif?uuid=89d57aae-227c-4356-badb-38ce58b0fbc2&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=69cc0dc0484a760a174a34fe994616d0&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=4 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 29 Mar 2024 04:44:06 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 98685569f6a08d816634d3dfe39e2a83
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| itundermineoperative.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=94 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1itundermineoperative.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=94 IP172.240.108.84:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerLet's Encrypt Subjectitundermineoperative.com FingerprintEE:B8:AE:DB:36:43:DB:D4:B5:2E:93:DC:47:90:06:50:99:5A:96:9A ValidityThu, 28 Mar 2024 18:40:46 GMT - Wed, 26 Jun 2024 18:40:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=94 HTTP/1.1
Host: itundermineoperative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Cookie: u_pl=22720809; uid_id2=89d57aae-227c-4356-badb-38ce58b0fbc2:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 29 Mar 2024 04:44:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/img/hero.svg | 172.67.203.19 | 200 OK | 18 kB |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/img/hero.svg IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typeSVG Scalable Vector Graphics image Hashbc0ceea50591f74883dd9b92b19b852c 5617f0be48b9a0973c24ff0e1d200201549a4a50 a3d7991adee411105f2ddd533c34d0f0afd141187bc13503fd035de014f954d8
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/img/hero.svg HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:03 GMT
content-type: image/svg+xml
last-modified: Fri, 28 Apr 2023 12:19:38 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZxjebzWCUhX50qN78Vo55m5gy2hJm%2FIMlcQURHChF%2BA1g5ldTeRmm9KgVBLrig1U7%2FgXs6%2FNxqJiA3Blpz7%2FvEEDGWLzM9ZR0AzePfKaoClzPUoZF%2BGls%2FLTKQ9ptEPm9rmuQelHqCt1nvpnm1GqtteF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d23ece56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png | 45.133.44.10 | 200 OK | 14 kB |
URL GET HTTP/2cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png IP45.133.44.10:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerLet's Encrypt Subjectcdn.cloudimagesb.com FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0 ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced Hash962ac416cce3fad636d4904386c8d3d4 811166fceb971353dc6a9ea3a153367f20b47592 ec6c8e1c030499a846897265d0c1f66dedc6ece17c1ea6006b700faf37e73555
GET /si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:44:06 GMT
content-type: image/png
content-length: 14496
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:05:10 GMT
etag: "656d25c6-38a0"
expires: Sun, 31 Mar 2024 04:44:06 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 717 B |
URL GET HTTP/3fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
Hash5e48f11f5e65274412215f94f73f8c49 4dd35e5b5136df76bd7ff9da1f119d0ec0e57ff7 40992eb57d95a0165a6d56399cd9afd60cc2cac6f06579b8d87079ccaab91e29
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 04:44:06 GMT
date: Fri, 29 Mar 2024 04:44:06 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| itundermineoperative.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=320 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1itundermineoperative.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=320 IP172.240.108.84:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerLet's Encrypt Subjectitundermineoperative.com FingerprintEE:B8:AE:DB:36:43:DB:D4:B5:2E:93:DC:47:90:06:50:99:5A:96:9A ValidityThu, 28 Mar 2024 18:40:46 GMT - Wed, 26 Jun 2024 18:40:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=320 HTTP/1.1
Host: itundermineoperative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Cookie: u_pl=22720809; uid_id2=89d57aae-227c-4356-badb-38ce58b0fbc2:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 29 Mar 2024 04:44:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.131:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://claimgiveaway10jt.dydd67.biz.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:37:01 GMT
expires: Fri, 28 Mar 2025 02:37:01 GMT
cache-control: public, max-age=31536000
age: 94025
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 142.250.74.131 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP142.250.74.131:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://claimgiveaway10jt.dydd67.biz.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:38:52 GMT
expires: Fri, 28 Mar 2025 02:38:52 GMT
cache-control: public, max-age=31536000
age: 93914
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js | 172.64.131.3 | 200 OK | 190 B |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js IP172.64.131.3:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22 ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT
Hash4f5f05ab032dd8fc0db448fcf51a35e2 78f94f93fdb792d95ea3ac293ac1b8e3bc13d609 7fd8e9c0e5ca0c7123954a109fa8b7e8368c7e1262880925e2ac7b8c877a9e38
GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://claimgiveaway10jt.dydd67.biz.id
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:44:06 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:08 GMT
etag: W/"62134c64-17e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cYrQK5AdAX9oRpHvxyteHqbaY7hW6Ssm83ojRQBPpqJ66c99WNlhm3K9HW79IkrtoIx3gwmMe%2BIN1G%2BD2gAJnjGQRfXnSAt3bAPTfJrH7WIgEwsCbVytbCYQ54elENoHIXS1NZd2kiLS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33ecbf5f416a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| itundermineoperative.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=261 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1itundermineoperative.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=261 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerLet's Encrypt Subjectitundermineoperative.com FingerprintEE:B8:AE:DB:36:43:DB:D4:B5:2E:93:DC:47:90:06:50:99:5A:96:9A ValidityThu, 28 Mar 2024 18:40:46 GMT - Wed, 26 Jun 2024 18:40:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=261 HTTP/1.1
Host: itundermineoperative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Cookie: u_pl=22720809; uid_id2=89d57aae-227c-4356-badb-38ce58b0fbc2:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 29 Mar 2024 04:44:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| itundermineoperative.com/pixel/sbs?c=1 | 192.243.61.227 | 200 OK | 0 B |
URL GET HTTP/1.1itundermineoperative.com/pixel/sbs?c=1 IP192.243.61.227:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerLet's Encrypt Subjectitundermineoperative.com FingerprintEE:B8:AE:DB:36:43:DB:D4:B5:2E:93:DC:47:90:06:50:99:5A:96:9A ValidityThu, 28 Mar 2024 18:40:46 GMT - Wed, 26 Jun 2024 18:40:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbs?c=1 HTTP/1.1
Host: itundermineoperative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Cookie: u_pl=22720809; uid_id2=89d57aae-227c-4356-badb-38ce58b0fbc2:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 29 Mar 2024 04:44:07 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://claimgiveaway10jt.dydd67.biz.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:27:06 GMT
expires: Fri, 28 Mar 2025 17:27:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 40623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 IP142.250.74.131:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48236, version 1.0 Hash015c126a3520c9a8f6a27979d0266e96 2acf956561d44434a6d84204670cf849d3215d5f 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://claimgiveaway10jt.dydd67.biz.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:27:06 GMT
expires: Fri, 28 Mar 2025 17:27:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
age: 40623
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/47e4c58f6b9789b8a33f2525cf084599.css | 172.67.203.19 | 200 OK | 790 B |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/47e4c58f6b9789b8a33f2525cf084599.css IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typeASCII text, with very long lines (790), with no line terminators Hash8308d2ea1d6ea02c0cb00f298799633e 6deedbf3eea7d45bd140179d681c8f78613073d6 fe9df1a47b206f90c0f6a9bd88239d8eb22313978376f04d9e3fab4a35317380
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/47e4c58f6b9789b8a33f2525cf084599.css HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:03 GMT
content-type: text/css
last-modified: Fri, 28 Apr 2023 17:52:26 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P7xTZ2F2lBQq%2BXDlGT%2Bf0fwSTKtkSCy3No%2B%2FXUyUb5zj6wBxF5%2BUYt1NAsPRrR6Y0tzCUIh0%2FIrP3Qg7bkfTbxJEY58wuHVw83EKF0AmlCnsxW3Kf7GTnFGltfdwR014ZlOECGxcmdnZwXbtw3gFLegn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d23ecc56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 188.114.97.1 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP188.114.97.1:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:44:05 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 20809d38237d5d47dd5668fd9992d386
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 29 Mar 2024 04:44:05 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=56p1v%2B2jYQAg6FtBOs9N4nge%2FYKYyIDB3oP5t0mG7h7xvD2Em1nQcfhJIWYERSfBLOsvd2As3mpIqDPqK3eMjm8d01apPnpjsV%2BWqfWBxAONWf%2F%2Fvu%2BY0ho%2F9Ze6EOPH%2BQN1JBRa7CsoSys8Kv1nIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33e39c6fb524-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/6990a7033bbaeadc2040ac863ff124fd.css | 172.67.203.19 | 200 OK | 1.3 kB |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/6990a7033bbaeadc2040ac863ff124fd.css IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typeASCII text, with very long lines (1257), with no line terminators Hash796bea86fc60b4c910fdf85827a336c7 65488a6086a885e21a54a69760fd0f3ca1b54988 3d8b3158ea0217ce63a3fd40b132ac3c621b5012817e77fb20459ed67cc6b99c
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/6990a7033bbaeadc2040ac863ff124fd.css HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:03 GMT
content-type: text/css
last-modified: Sat, 29 Apr 2023 19:38:08 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9NeHCJbE%2Bcx77l07KbEpP%2By4dk3dzqlkNrIfZp%2Fez%2F16RKNuzGZlg1AAhP%2B%2FoZRwK96LGf37QdBPapP6x4Uz8evH%2F0FQDalT3%2Fc9B20LQB%2BjHqygDB3msWQiPp5zj82lvIDqwxZTanPFOCfhiW0%2BdNo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d22ebf56bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/3fadc676582b9542004b502ee03df3a3.css | 172.67.203.19 | 200 OK | 1.6 kB |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/3fadc676582b9542004b502ee03df3a3.css IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typeASCII text, with very long lines (1561), with no line terminators Hash553a4feacebe4a339e3f83b082684ff8 7334803536f6429c43ad344da92e22414e5882c2 94e570a73c7171a271962b2c59739196b2101bba6ce3257e1e60743013cdaf32
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/3fadc676582b9542004b502ee03df3a3.css HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:04 GMT
content-type: text/css
last-modified: Fri, 28 Apr 2023 17:52:48 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F9DAKb73PW4%2F20d6CynQjqCEEXkipOCuKKocg2LGeYcDgrGtBBC8GSUuhFaamYlUKh2VIstIo1hOK0COqYYBVw6Gg21aozoSslYPJHa9HW%2FGb8rChhuNzbbnH9cQVvnGwI94M0YNs4%2Fyv7bCutW8Vlzd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d22ec156bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| itundermineoperative.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=318 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1itundermineoperative.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=318 IP172.240.108.84:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerLet's Encrypt Subjectitundermineoperative.com FingerprintEE:B8:AE:DB:36:43:DB:D4:B5:2E:93:DC:47:90:06:50:99:5A:96:9A ValidityThu, 28 Mar 2024 18:40:46 GMT - Wed, 26 Jun 2024 18:40:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=318 HTTP/1.1
Host: itundermineoperative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Cookie: u_pl=22720809; uid_id2=89d57aae-227c-4356-badb-38ce58b0fbc2:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 29 Mar 2024 04:44:06 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| itundermineoperative.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2tc1Rs%2BNwm%2FzQ8UpXRThFm4aMFM7p3%2FYxfFWlOCMSltRHEj59%2BdnObcey7n3Dt3MqtgQboc%2FAQ3zyQNapFmK1jlpuAiIHRcZWE2fgOFrmXGwdF3cd73Pc9z4DnP%2B355mF2SGjJ6cecjM1Ra07Vm1a9c%2FzQIblY2VZwNKoNO6%2FNW42bF9t%2Fttqr%2BjcpdyffMWs0PfD%2Fwg8q6sjI0g7UpCJU87QbVrl9t1KpBs4GB%2FW%2FvMg%2BOehD9S%2FImlJisvPCuQPEScfTsjnR7qUne%2BSDKNE2NRV%2BcfBzvxSaPES3K0HoI45M5G8a9XH8OEx%2FP5ML0%2FyEyNSHez8%2FB4pO5SLD%2B0Uwn05AxmPg%2F8n4JqUsoWoKbR1DiJQG4wNY24ujJlrE53f8bpVN0QlZe%2FQmVT8jKb1cQR9%2Fd1mpQeWB0lioTOwzCAmpQQvVKJNkZ0qEHlZ%2BBp19AiV%2FI2qtNxNHRttMGSly83emKZptSuVqrtflqo95srTIq2Gq9w2Wzw%2FyQ8drMIKVKqLCEliNQt4zMeciUhyz0kCUeInFR4UEQtH3Bqd%2Fpcl4Xbclawg9oOwxo4Lc6yPj0DyOkyQhcj8DtARJ7gD01gs1%2Bgtst4IQHlxL0RYFcEuSOIKcEuSLIU4K8XxwL7WqueCK0y1gwz7V5rhdjk%2FYO6bFJezImoHYEK4rD5JK8MTXQ%2B%2Bz0BvbkRaXV5dwX3G90GrTd8mnQbtB6I5TdbqMVtIQPpwootwTqPAzVhHReHyNRE3J1ZwuMnsHpM3C1DJq9BZoXoLsFhvGPXFMV9VRf0pzuB%2F7DtCr2hWi1q0wNq0pAmAJJuoJ03zvUl%2BTabKob288g%2Bfmt3%2BuzALcFElvgoXpB0NOPx%2FdNTo7um9yR0%2B0kVZEa0unEH6Q0lcvffCj3c2PFxh03%2Bvo9PgWm5dMd6dJNGgsV9xz59rYSQtp1Y7kkP2y4TyS7l7nd25mNs2Tz3vvrG1FipXPKxCXodHn%2FsOBqQl67tjNb5uvfb0PZEjYrEGXnZB5QpgRPDuCShX5nCKxecFjiIc%2BKsa2xxaVWBFouesoKuH%2F1bFGPLZ2%2Bpqo4dI%2FRs0ug6SPEUYG%2BLdDXBagewWXL4zSx57d%2BnctgemnMtF06Ytrqr2Y2T49TOHVRqfuizWQo20w2mo1QcsGaTebzkLO66HQ4UjcJ%2F3f36l8AAAD%2F%2FwEAAP%2F%2FV4oi%2BKYEAAA%3D | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1itundermineoperative.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST2tc1Rs%2BNwm%2FzQ8UpXRThFm4aMFM7p3%2FYxfFWlOCMSltRHEj59%2BdnObcey7n3Dt3MqtgQboc%2FAQ3zyQNapFmK1jlpuAiIHRcZWE2fgOFrmXGwdF3cd73Pc9z4DnP%2B355mF2SGjJ6cecjM1Ra07Vm1a9c%2FzQIblY2VZwNKoNO6%2FNW42bF9t%2Fttqr%2BjcpdyffMWs0PfD%2Fwg8q6sjI0g7UpCJU87QbVrl9t1KpBs4GB%2FW%2FvMg%2BOehD9S%2FImlJisvPCuQPEScfTsjnR7qUne%2BSDKNE2NRV%2BcfBzvxSaPES3K0HoI45M5G8a9XH8OEx%2FP5ML0%2FyEyNSHez8%2FB4pO5SLD%2B0Uwn05AxmPg%2F8n4JqUsoWoKbR1DiJQG4wNY24ujJlrE53f8bpVN0QlZe%2FQmVT8jKb1cQR9%2Fd1mpQeWB0lioTOwzCAmpQQvVKJNkZ0qEHlZ%2BBp19AiV%2FI2qtNxNHRttMGSly83emKZptSuVqrtflqo95srTIq2Gq9w2Wzw%2FyQ8drMIKVKqLCEliNQt4zMeciUhyz0kCUeInFR4UEQtH3Bqd%2Fpcl4Xbclawg9oOwxo4Lc6yPj0DyOkyQhcj8DtARJ7gD01gs1%2Bgtst4IQHlxL0RYFcEuSOIKcEuSLIU4K8XxwL7WqueCK0y1gwz7V5rhdjk%2FYO6bFJezImoHYEK4rD5JK8MTXQ%2B%2Bz0BvbkRaXV5dwX3G90GrTd8mnQbtB6I5TdbqMVtIQPpwootwTqPAzVhHReHyNRE3J1ZwuMnsHpM3C1DJq9BZoXoLsFhvGPXFMV9VRf0pzuB%2F7DtCr2hWi1q0wNq0pAmAJJuoJ03zvUl%2BTabKob288g%2Bfmt3%2BuzALcFElvgoXpB0NOPx%2FdNTo7um9yR0%2B0kVZEa0unEH6Q0lcvffCj3c2PFxh03%2Bvo9PgWm5dMd6dJNGgsV9xz59rYSQtp1Y7kkP2y4TyS7l7nd25mNs2Tz3vvrG1FipXPKxCXodHn%2FsOBqQl67tjNb5uvfb0PZEjYrEGXnZB5QpgRPDuCShX5nCKxecFjiIc%2BKsa2xxaVWBFouesoKuH%2F1bFGPLZ2%2Bpqo4dI%2FRs0ug6SPEUYG%2BLdDXBagewWXL4zSx57d%2BnctgemnMtF06Ytrqr2Y2T49TOHVRqfuizWQo20w2mo1QcsGaTebzkLO66HQ4UjcJ%2F3f36l8AAAD%2F%2FwEAAP%2F%2FV4oi%2BKYEAAA%3D IP172.240.108.84:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerLet's Encrypt Subjectitundermineoperative.com FingerprintEE:B8:AE:DB:36:43:DB:D4:B5:2E:93:DC:47:90:06:50:99:5A:96:9A ValidityThu, 28 Mar 2024 18:40:46 GMT - Wed, 26 Jun 2024 18:40:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST2tc1Rs%2BNwm%2FzQ8UpXRThFm4aMFM7p3%2FYxfFWlOCMSltRHEj59%2BdnObcey7n3Dt3MqtgQboc%2FAQ3zyQNapFmK1jlpuAiIHRcZWE2fgOFrmXGwdF3cd73Pc9z4DnP%2B355mF2SGjJ6cecjM1Ra07Vm1a9c%2FzQIblY2VZwNKoNO6%2FNW42bF9t%2Fttqr%2BjcpdyffMWs0PfD%2Fwg8q6sjI0g7UpCJU87QbVrl9t1KpBs4GB%2FW%2FvMg%2BOehD9S%2FImlJisvPCuQPEScfTsjnR7qUne%2BSDKNE2NRV%2BcfBzvxSaPES3K0HoI45M5G8a9XH8OEx%2FP5ML0%2FyEyNSHez8%2FB4pO5SLD%2B0Uwn05AxmPg%2F8n4JqUsoWoKbR1DiJQG4wNY24ujJlrE53f8bpVN0QlZe%2FQmVT8jKb1cQR9%2Fd1mpQeWB0lioTOwzCAmpQQvVKJNkZ0qEHlZ%2BBp19AiV%2FI2qtNxNHRttMGSly83emKZptSuVqrtflqo95srTIq2Gq9w2Wzw%2FyQ8drMIKVKqLCEliNQt4zMeciUhyz0kCUeInFR4UEQtH3Bqd%2Fpcl4Xbclawg9oOwxo4Lc6yPj0DyOkyQhcj8DtARJ7gD01gs1%2Bgtst4IQHlxL0RYFcEuSOIKcEuSLIU4K8XxwL7WqueCK0y1gwz7V5rhdjk%2FYO6bFJezImoHYEK4rD5JK8MTXQ%2B%2Bz0BvbkRaXV5dwX3G90GrTd8mnQbtB6I5TdbqMVtIQPpwootwTqPAzVhHReHyNRE3J1ZwuMnsHpM3C1DJq9BZoXoLsFhvGPXFMV9VRf0pzuB%2F7DtCr2hWi1q0wNq0pAmAJJuoJ03zvUl%2BTabKob288g%2Bfmt3%2BuzALcFElvgoXpB0NOPx%2FdNTo7um9yR0%2B0kVZEa0unEH6Q0lcvffCj3c2PFxh03%2Bvo9PgWm5dMd6dJNGgsV9xz59rYSQtp1Y7kkP2y4TyS7l7nd25mNs2Tz3vvrG1FipXPKxCXodHn%2FsOBqQl67tjNb5uvfb0PZEjYrEGXnZB5QpgRPDuCShX5nCKxecFjiIc%2BKsa2xxaVWBFouesoKuH%2F1bFGPLZ2%2Bpqo4dI%2FRs0ug6SPEUYG%2BLdDXBagewWXL4zSx57d%2BnctgemnMtF06Ytrqr2Y2T49TOHVRqfuizWQo20w2mo1QcsGaTebzkLO66HQ4UjcJ%2F3f36l8AAAD%2F%2FwEAAP%2F%2FV4oi%2BKYEAAA%3D HTTP/1.1
Host: itundermineoperative.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Cookie: u_pl=22720809; uid_id2=89d57aae-227c-4356-badb-38ce58b0fbc2:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 29 Mar 2024 04:44:06 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c5b06186c8c4172bcce7f03c4da6325b
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js | 172.64.131.3 | 200 OK | 90 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js IP172.64.131.3:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22 ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hash561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc
GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:44:06 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:09 GMT
etag: W/"62134c65-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 541046
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qyZ%2BA3%2FpSca%2BD%2BZD5V8BTN4LHjaXDGbGqKWMbfTIxaforuz3oigjJj4FwcXbF3NgS6AKTTAHnk3OIDuYGkYsB6tlzfYc13VefO0eU3HKPHQx7y6tycOLzqkSoOdEd6e5elwuD0NOcDc7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33ec2e79416a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| claimgiveaway10jt.dydd67.biz.id/favicon.ico | 172.67.203.19 | 404 Not Found | 315 B |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/favicon.ico IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typeHTML document, ASCII text, with very long lines (326), with no line terminators Hash97ef40509b73c101d6815511c3adf98d a4242322497ea630ea72e26ba297a95a2bbe5ccd 322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /favicon.ico HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=89d57aae-227c-4356-badb-38ce58b0fbc2%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 29 Mar 2024 04:44:06 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7WR4JSJgYDQK9hwfliWBz3w5DYXJZYPux9FofeTeW7OU4a%2Bxb2FZRPKqEMqSrnfyRrs4L%2BQGp1VM%2BBnTLAwIvn52lvbnhHadsydwGzHfQ4S%2FQIvQMQv%2F9wa14EyGeUynPXBW%2BmKbfSxGNdJ5UkTx1XM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33e51d7556bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css | 172.64.131.3 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css IP172.64.131.3:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22 ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT
Hashfc638645a938f69e69360c75335ffd1a 143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4 7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90
GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://claimgiveaway10jt.dydd67.biz.id
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:44:06 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TaJrofIbFJi4L9IWMzNYt9Eu602Njj4Dfh518wH5bKE2O8BnbksQnPq8Cpxe6ks9lWCkS7t181MluRM8Z3%2BYTH8Fk79%2B3gzPO2YLZIobH6w3KkIqnVmGF34kjWkgRsa8IeutyfQPC%2BMO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33ebce28416a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png | 172.64.131.3 | 200 OK | 6.0 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png IP172.64.131.3:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22 ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT
File typePNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced Hashc489ce2c491a22ee37a55e26a92dfd73 2fa588ab09e94dd902e5bd24b48f98ad1949c9d6 1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:44:06 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 21 Feb 2022 08:25:06 GMT
etag: "62134c62-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 548618
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fle3yep15Xil9wl2TbLmtKCHMF1ZEh2TQe9PNVRWo6QVEwG7Zc%2FWpGXKqM3vd3dNmcXTRW0Df19znbNEodxyeZcgnXFkc5eY5YWYZJi%2F%2F3pkA2AqeVyeyYYgrJkK91WO057iSMPLufpO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33ec2e76416a-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| claimgiveaway10jt.dydd67.biz.id/ast/jquery.mask.min.js | 172.67.203.19 | 200 OK | 7.9 kB |
URL GET HTTP/3claimgiveaway10jt.dydd67.biz.id/ast/jquery.mask.min.js IP172.67.203.19:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectdydd67.biz.id FingerprintC7:A2:0C:0E:7E:57:0F:50:3D:68:82:5C:EB:64:8C:29:33:A9:2B:8A ValidityMon, 05 Feb 2024 06:48:09 GMT - Sun, 05 May 2024 06:48:08 GMT
File typeJavaScript source, ASCII text, with very long lines (8132), with no line terminators Hashc71ebcdd10a5dd93f081dc61e87d6b63 88623481cb90c64c31185ae9325d420aeffdd1e6 d07deaceaefefc6bab3b5d703b361beac52560eb3418a71ae7312e2d873094ba
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ast/jquery.mask.min.js HTTP/1.1
Host: claimgiveaway10jt.dydd67.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 04:44:04 GMT
content-type: text/javascript
last-modified: Fri, 28 Apr 2023 03:08:52 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vIeb7BH32ZwaTEUc%2BTcArK92XtYf%2B99rq31YCzhiAm8mNSNfxIWN6BkFrtyBmeXKgR0NWW7vlX7eQPSBVcrL0S4za%2BofeD2wgMVIb1Z0C%2FXd46aivJiRWQV3uvkkclajz0sZQU9JzrFFkzVQqKmf2G%2Bn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33d24ed856bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html | 45.133.44.3 | 200 OK | 3.0 kB |
URL GET HTTP/2cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html IP45.133.44.3:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerLet's Encrypt Subjectcdn.barscreative1.com FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3 ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT
File typeHTML document, ASCII text, with very long lines (3229), with no line terminators Hash0b579b1f5697d55d3bc0856975d08243 e68a8e8bc08f86086744aba736df40ca7bea6d01 8ac4909eb5c0efc3278c66a43990535925fb271226f96261415df027fe40cb0c
GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://claimgiveaway10jt.dydd67.biz.id
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:44:06 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
etag: W/"6242c2fe-ba1"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 29 Mar 2024 05:44:06 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css | 172.64.131.3 | 200 OK | 4.6 kB |
URL GET HTTP/2cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css IP172.64.131.3:443
Requested byhttps://claimgiveaway10jt.dydd67.biz.id/ CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint10:69:48:04:3B:B6:11:3A:D4:D0:E1:5F:B2:F9:B4:75:BB:EE:39:22 ValidityFri, 16 Feb 2024 15:25:59 GMT - Thu, 16 May 2024 15:25:58 GMT
File typeASCII text, with very long lines (4886), with no line terminators Hash1230b98f01a549572edcd2bf3bdcb4ad ac87a2a752ffb8b5167566183fddd531d7971be9 9a2954fc66ebbb9adf18c2ea4403d2a0a5dedf2928f9905e1fc656f5dc1b208d
GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://claimgiveaway10jt.dydd67.biz.id
DNT: 1
Connection: keep-alive
Referer: https://claimgiveaway10jt.dydd67.biz.id/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 04:44:06 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-1209"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CsPjril7tNMMs5loWCUmOrp%2FZTsHiGm1Bgct61lCIO5MIjQJKz%2BRLCgOTLUeJWMfb0D%2B8VZ8KUHKzo1tDlF4KXpNfCDoJt69p%2FXfeAV43KcGbdx5OMXGCZKIYEf94mNrqzbDuSn25DGA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd33ebce27416a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|