Overview

URL https://talatex.co.id/chkma/docnew/zeus.php
IP103.241.24.230
ASNAS58820 PT Apik Media Inovasi
Location Indonesia
Report completed2018-02-20 18:33:52 CET
StatusLoading report..
urlquery Alerts Phishing website detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 103.241.24.230

Date UQ / IDS / BL URL IP
2018-03-13 16:24:39 +0100
1 - 0 - 0 https://infopibi.com/xplicit/Ali2019/EnglishA (...) 103.241.24.230
2018-03-01 18:26:53 +0100
1 - 0 - 0 https://infopibi.com/whatsapp/Ali2019/English (...) 103.241.24.230
2018-03-01 17:30:10 +0100
1 - 0 - 0 https://infopibi.com/whatsapp/Ali2019/English (...) 103.241.24.230
2018-03-01 17:29:28 +0100
1 - 0 - 0 https://infopibi.com/whatsapp/Ali2019/English (...) 103.241.24.230
2018-02-06 17:19:40 +0100
0 - 0 - 1 www.palmoilexhibition.com/css/tt/email.php 103.241.24.230
2017-12-28 03:08:43 +0100
0 - 0 - 3 www.dinamikadwiputraperkasajaya.com/update/we (...) 103.241.24.230
2017-12-28 03:06:45 +0100
0 - 0 - 3 www.dinamikadwiputraperkasajaya.com/update/we (...) 103.241.24.230
2017-12-27 23:36:49 +0100
0 - 0 - 3 www.dinamikadwiputraperkasajaya.com/update/we (...) 103.241.24.230
2017-12-27 23:34:13 +0100
0 - 0 - 4 www.dinamikadwiputraperkasajaya.com/update/we (...) 103.241.24.230
2017-12-27 23:02:19 +0100
0 - 3 - 4 www.dinamikadwiputraperkasajaya.com/update/we (...) 103.241.24.230

Last 10 reports on ASN: AS58820 PT Apik Media Inovasi

Date UQ / IDS / BL URL IP
2019-05-20 18:57:41 +0200
0 - 0 - 2 kudamas.com/wp-admin/css/colors/SCANNEDDOCUME (...) 103.241.24.10
2019-05-14 00:49:36 +0200
0 - 0 - 2 kudamas.com/wp-admin/css/DocumentCopies.zip 103.241.24.10
2019-05-13 04:41:44 +0200
0 - 0 - 2 kudamas.com/wp-admin/css/documentcopy.rar 103.241.24.10
2019-05-10 18:44:28 +0200
0 - 0 - 2 kudamas.com/wp-admin/css/DocumentCopy.rar 103.241.24.10
2019-05-10 18:36:39 +0200
0 - 0 - 2 kudamas.com/wp-admin/css/colors/SCANNEDDOCUME (...) 103.241.24.10
2019-05-04 21:07:59 +0200
0 - 0 - 2 kudamas.com/wp-admin/css/DocumentCopy.zip 103.241.24.10
2019-04-26 22:34:22 +0200
0 - 0 - 2 kudamas.com/wp-admin/css/colors/scanneddocume (...) 103.241.24.10
2019-04-20 18:44:21 +0200
0 - 0 - 2 kudamas.com/wp-admin/css/DocumentCopy.rar 103.241.24.10
2019-04-20 18:44:11 +0200
0 - 0 - 2 kudamas.com/wp-admin/css/colors/SCANNEDDOCUME (...) 103.241.24.10
2019-04-16 04:18:27 +0200
0 - 0 - 1 kudamas.com/wp-admin/css/DocumentCopy.rar 103.241.24.10

Last 5 reports on domain: talatex.co.id

Date UQ / IDS / BL URL IP
2019-02-26 06:06:34 +0100
0 - 0 - 1 talatex.co.id/mmmmmmm/chasep/index.php 103.253.212.169
2019-02-11 03:38:13 +0100
0 - 0 - 1 talatex.co.id/chkma/docnew/index.php?rand=13I (...) 103.253.212.169
2018-10-10 02:08:20 +0200
0 - 0 - 1 talatex.co.id/us/usaa.com/login.php 104.28.26.247
2018-06-10 02:28:24 +0200
0 - 0 - 1 talatex.co.id/chkma/docnew/index.php?rand=13I (...) 159.89.193.182
2018-05-24 05:22:18 +0200
0 - 0 - 1 https://talatex.co.id/us/USAA.COM/card.php 159.89.193.182


JavaScript

Executed Scripts (7)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (19)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: ocsp.int-x3.letsencrypt.org
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 117
Content-Type: application/ocsp-request

                                         
                                         195.159.219.11
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 527
Etag: "69BD3EDFA3A0F7B111B09745CD510282C7CD4BED75947C0E2A267D74F32E33DD"
Last-Modified: Mon, 19 Feb 2018 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=43187
Expires: Wed, 21 Feb 2018 05:39:35 GMT
Date: Tue, 20 Feb 2018 17:39:48 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   527
Md5:    b795db050444739803e92d1524ec7e32
Sha1:   1a431a94ef061043b21e30094e2bf5c3b4a661f3
Sha256: 69bd3edfa3a0f7b111b09745cd510282c7cd4bed75947c0e2a267d74f32e33dd
                                        
                                            POST / HTTP/1.1 
Host: isrg.trustid.ocsp.identrust.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 115
Content-Type: application/ocsp-request

                                         
                                         91.135.34.121
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Transfer-Encoding: Binary
Last-Modified: Sun, 18 Feb 2018 10:33:19 GMT
Etag: "6aacf0c9aa2f780d59492aaedf7126594742cfaa"
Content-Length: 1398
Cache-Control: public, no-transform, must-revalidate, max-age=7861
Expires: Tue, 20 Feb 2018 19:50:49 GMT
Date: Tue, 20 Feb 2018 17:39:48 GMT
Connection: keep-alive


--- Additional Info ---
Magic:  data
Size:   1398
Md5:    28c79c6aa42e68ffa53269d5dbcc9da2
Sha1:   6aacf0c9aa2f780d59492aaedf7126594742cfaa
Sha256: bab1d96f5c3ec0f6c46e3b1b14d0b31beb703973447ae29681615b242b69054f
                                        
                                            GET /chkma/docnew/zeus.php HTTP/1.1 
Host: talatex.co.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         103.241.24.230
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 20 Feb 2018 17:39:47 GMT
Server: Apache
Location: index.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---

Alerts:
  urlquery:
    - Phishing website detected
                                        
                                            GET /chkma/docnew/index.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4 HTTP/1.1 
Host: talatex.co.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         103.241.24.230
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 20 Feb 2018 17:39:48 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=mh8bqhsopdao3sjhndc9sb4md4; path=/
Location: rsxs5l59cudtqb6borvbe8k8.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4#n=1252899642&fid=1&fav=1
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---

Alerts:
  urlquery:
    - Phishing website detected
                                        
                                            GET /chkma/docnew/rsxs5l59cudtqb6borvbe8k8.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4 HTTP/1.1 
Host: talatex.co.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: PHPSESSID=mh8bqhsopdao3sjhndc9sb4md4

                                         
                                         103.241.24.230
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 20 Feb 2018 17:39:48 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  ASCII HTML document text, with very long lines, with CRLF line terminators
Size:   19342
Md5:    d73d8c2524b56d5cb9a700c342ee23a9
Sha1:   e45bc50cb8fc67c4b38a8c733c56f66789099ce1
Sha256: 8664775044762a3301c1419f457f75bbcd25aafdc3c48263bd8011174e5b1b7f
                                        
                                            GET /chkma/docnew/log.php?email= HTTP/1.1 
Host: talatex.co.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://talatex.co.id/chkma/docnew/rsxs5l59cudtqb6borvbe8k8.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Cookie: PHPSESSID=mh8bqhsopdao3sjhndc9sb4md4

                                         
                                         103.241.24.230
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 20 Feb 2018 17:39:48 GMT
Server: Apache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text
Size:   183
Md5:    35131d67b31ef3f1948130eb1daf20d0
Sha1:   6ed6787e1363b2f551a04efe20eadc18a93859c5
Sha256: 34dfaa33f2fcb5148536abc84b9c683ede1a05f203b43ba82865543c8132461b
                                        
                                            GET /chkma/docnew/logins.php?email= HTTP/1.1 
Host: talatex.co.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://talatex.co.id/chkma/docnew/log.php?email=
Cookie: PHPSESSID=mh8bqhsopdao3sjhndc9sb4md4

                                         
                                         103.241.24.230
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Tue, 20 Feb 2018 17:39:49 GMT
Server: Apache
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text
Size:   5724
Md5:    1333340ce3845e270a04d105541caa62
Sha1:   3dc93e44de35acbe942de89b99d3a3d01614b487
Sha256: 713dbcc2ace08f96aa9fc64a23e0ed047ea3d1984575631ebc4ff3397f48eea1
                                        
                                            GET /chkma/docnew/jquery_popup.css HTTP/1.1 
Host: talatex.co.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://talatex.co.id/chkma/docnew/logins.php?email=
Cookie: PHPSESSID=mh8bqhsopdao3sjhndc9sb4md4

                                         
                                         103.241.24.230
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Tue, 20 Feb 2018 17:39:49 GMT
Server: Apache
Last-Modified: Thu, 01 Dec 2016 09:09:24 GMT
Accept-Ranges: bytes
Content-Length: 2111
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   2111
Md5:    a75da1fe9e1c5ec92ba0ee83d22a9ba9
Sha1:   828eeb3200041f475b6bc8c5c8f168734e9db807
Sha256: 8180ef2d3d03fad302b169e59b768fadf177b947ffd376b7d2dfe06f3a23d73e
                                        
                                            GET /chkma/docnew/jquery_popup.js HTTP/1.1 
Host: talatex.co.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://talatex.co.id/chkma/docnew/logins.php?email=
Cookie: PHPSESSID=mh8bqhsopdao3sjhndc9sb4md4

                                         
                                         103.241.24.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Feb 2018 17:39:49 GMT
Server: Apache
Last-Modified: Thu, 01 Dec 2016 09:09:26 GMT
Accept-Ranges: bytes
Content-Length: 1739
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   1739
Md5:    b3f78ab0fc1615c801cbbedcb9ff38a8
Sha1:   3f2eacfb1f14ea2bc281e23799a8829710f20e95
Sha256: 8308cd4f7dbe8a301e058f6ed215fdeca44bdec56c2ea2ff7d645bf631afe7b2
                                        
                                            GET /css?family=Fauna+One|Muli HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/css,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         172.217.21.138
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Expires: Tue, 20 Feb 2018 17:39:50 GMT
Date: Tue, 20 Feb 2018 17:39:50 GMT
Cache-Control: private, max-age=86400
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   246
Md5:    c293a94b2d297d7edfa7596d1b82fa04
Sha1:   fdf0fe7da81ad147a7895c4182368d7411171ebc
Sha256: 40125dbec0c1d8e425cc95a2eafd250d11b1d08c7146b7e679d7c71e6cdd7c40
                                        
                                            GET /chkma/docnew/ga.js HTTP/1.1 
Host: talatex.co.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://talatex.co.id/chkma/docnew/logins.php?email=
Cookie: PHPSESSID=mh8bqhsopdao3sjhndc9sb4md4

                                         
                                         103.241.24.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Feb 2018 17:39:49 GMT
Server: Apache
Last-Modified: Thu, 01 Dec 2016 09:09:24 GMT
Accept-Ranges: bytes
Content-Length: 43082
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   43082
Md5:    7d5a4c301dcb0ddde72ee50c8230f73d
Sha1:   bb662d409368c5a6793a0104d537848927a040c4
Sha256: 4e2ed635abf0b2dcbac3ea04d16ccf58bb2195364d65b76190f03da0f43255c5
                                        
                                            GET /chkma/docnew/jquery.js HTTP/1.1 
Host: talatex.co.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://talatex.co.id/chkma/docnew/logins.php?email=
Cookie: PHPSESSID=mh8bqhsopdao3sjhndc9sb4md4

                                         
                                         103.241.24.230
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Tue, 20 Feb 2018 17:39:49 GMT
Server: Apache
Last-Modified: Thu, 01 Dec 2016 09:09:24 GMT
Accept-Ranges: bytes
Content-Length: 96381
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines
Size:   96381
Md5:    8fc25e27d42774aeae6edbc0a18b72aa
Sha1:   b66ed708717bf0b4a005a4d0113af8843ef3b8ff
Sha256: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Feb 2018 17:39:52 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    d440e4429de7ec93e845b88475ba31ad
Sha1:   a4fbf2fb470db424e48b042bf20c24d86636d93c
Sha256: 34b6fa29e3e0cc47600307f9c9789d5cd3b0a3b82b4da95dd678742f34c412dc
                                        
                                            POST /gsr2 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 112
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Feb 2018 17:39:52 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 468
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   468
Md5:    6bf50ec404fb4a8b4a94be8390d11938
Sha1:   0caaab7704d6221abc5e0342909a4928cee50b1c
Sha256: 63b592179b1e9a528344ce1d430b9479fc55f43420a468ec35aaeaa9dff911cf
                                        
                                            GET /ga.js HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://talatex.co.id/chkma/docnew/logins.php?email=

                                         
                                         216.58.211.136
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Timing-Allow-Origin: *
Date: Tue, 20 Feb 2018 16:00:30 GMT
Expires: Tue, 20 Feb 2018 18:00:30 GMT
Last-Modified: Mon, 13 Nov 2017 20:19:12 GMT
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Server: Golfe2
Content-Length: 17172
Cache-Control: public, max-age=7200
Age: 5962
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   17172
Md5:    43adefe535269f3b75e0f229d0dba4d6
Sha1:   5e3bed19757401b3aa6c8ab8b5f26aa17add8a3a
Sha256: fc7f9d5234f97de0433021d02e8969a93003d90bf16d40a9cb2d8f5c7bfaa398
                                        
                                            GET /r/__utm.gif?utmwv=5.6.7&utms=1&utmn=671322425&utmhn=talatex.co.id&utmcs=UTF-8&utmsr=1176x885&utmsc=24-bit&utmul=en-us&utmje=1&utmfl=10.0%20r45&utmhid=1582087020&utmr=0&utmp=%2Fchkma%2Fdocnew%2Flogins.php%3Femail%3D&utmht=1519148392053&utmac=UA-43981329-1&utmcc=__utma%3D265212298.385739595.1519148391.1519148391.1519148391.1%3B%2B__utmz%3D265212298.1519148391.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1674158080&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1 
Host: ssl.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://talatex.co.id/chkma/docnew/logins.php?email=

                                         
                                         216.58.211.136
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43981329-1&cid=385739595.1519148391&jid=1674158080&_v=5.6.7&z=671322425
Access-Control-Allow-Origin: *
Date: Tue, 20 Feb 2018 17:39:52 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Server: Golfe2
Content-Length: 369
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  HTML document text
Size:   369
Md5:    dfbac7f199721fab83b3b7c0f430cffb
Sha1:   54d33a0f7550b5afce436621ebe4ba78779438c3
Sha256: e1503899e017fa964225e7703ab970c5e0d1affd6a6cf542b06a3f348de59c47
                                        
                                            POST /GTSGIAG3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Length: 107
Content-Type: application/ocsp-request

                                         
                                         172.217.21.142
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 20 Feb 2018 17:39:52 GMT
Cache-Control: public, max-age=345600
Server: ocsp_responder
Content-Length: 463
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   463
Md5:    c199bcf4b5e516fc3023a4fb39d3ea4c
Sha1:   f23ff795a0a813931ebcfd5a9aad9c9e8081f073
Sha256: 8a09decbf290b681017c7b5cc4aabda0f4381cf1171df0284850dc9db447197a
                                        
                                            GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-43981329-1&cid=385739595.1519148391&jid=1674158080&_v=5.6.7&z=671322425 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://talatex.co.id/chkma/docnew/logins.php?email=

                                         
                                         64.233.164.155
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
Date: Tue, 20 Feb 2018 17:39:52 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
X-Content-Type-Options: nosniff
Server: Golfe2
Content-Length: 35
Alt-Svc: hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   35
Md5:    28d6814f309ea289f847c69cf91194c6
Sha1:   0f4e929dd5bb2564f7ab9c76338e04e292a42ace
Sha256: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
                                        
                                            GET /chkma/docnew/pobg.gif HTTP/1.1 
Host: talatex.co.id
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: https://talatex.co.id/chkma/docnew/rsxs5l59cudtqb6borvbe8k8.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Cookie: PHPSESSID=mh8bqhsopdao3sjhndc9sb4md4

                                         
                                         103.241.24.230
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Date: Tue, 20 Feb 2018 17:39:49 GMT
Server: Apache
Last-Modified: Thu, 01 Dec 2016 09:09:30 GMT
Accept-Ranges: bytes
Content-Length: 3547074
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  GIF image data, version 89a, 1014 x 506
Size:   3547074
Md5:    5c9f32a93bb594b4880f153e06295a4f
Sha1:   ae4b07bf621a6702a25145321d43affcb25acba9
Sha256: a210b28a6b1be655e3f077da0b9be0e2384cc4d0424add48d7690b8ef27f807a