firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 14:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: LdLXrfRBswxoQfdM1vzG2Vb1Zff9NUT7f_cUlELMlL4x6RlC_0Iszg==
Age: 294
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12845
Expires: Tue, 27 Sep 2022 17:54:29 GMT
Date: Tue, 27 Sep 2022 14:20:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RtschqYcf91r1WgactaOrsCQMTEYDOVwU8KQEBQ_UM2bcITXYVOfgg==
age: 17771
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8baa6b4c364c2a56d445ce8472f56991
e1dad89491ac648cfbf5f6c529e9f5b7bafb3bb7
6342e08e1e339de83187dbc386ae0b06a36b24ce216f234f4081468bff7f8c17
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6342E08E1E339DE83187DBC386AE0B06A36B24CE216F234F4081468BFF7F8C17"
Last-Modified: Mon, 26 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19950
Expires: Tue, 27 Sep 2022 19:52:54 GMT
Date: Tue, 27 Sep 2022 14:20:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 14:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 15:06:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eLZf_-DCc5jUNGZPNgcOhzmbtixc-irPorT1CD_yHLKPBw3Ua35Xsw==
Age: 578
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5477
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:25 GMT
Last-Modified: Tue, 27 Sep 2022 12:49:08 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.80.175.197101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.80.175.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: F8NKdo9aCZusyvtsHucYgQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: h+oe1Rfol52yIqjYczief6c86Tg=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16912
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 14:20:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16912
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 14:20:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16912
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 14:20:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16912
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 14:20:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16912
Expires: Tue, 27 Sep 2022 19:02:18 GMT
Date: Tue, 27 Sep 2022 14:20:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 47671
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 59468
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 59306
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 46474
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94c315c-bcc5-4538-9c7b-7c0a9f2dccbc.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94c315c-bcc5-4538-9c7b-7c0a9f2dccbc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2267eb0a20554688393db616344441ee
49546314082f2e4f4c4c2686cc0ca281ae6bae47
4e37955fb99beb25ceb9deb7c4398914af4192c2e3614e5d68cdafa8c85b256e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe94c315c-bcc5-4538-9c7b-7c0a9f2dccbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7146
x-amzn-requestid: 0470759c-7b3e-4e73-a4fa-15f9f3919834
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZASNOGKzIAMFfaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ffd87-7856f7180fa1045a6092b335;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 07:04:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Kxa2h6hEjuAgCj3z9G2K1FzuWUMA3c5-9LM8KpjqmdP9Zm8RPoSxGg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:11:46 GMT
age: 25720
etag: "49546314082f2e4f4c4c2686cc0ca281ae6bae47"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 59859
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lppm.usk.ac.id/
202.4.186.84200 OK 30 kB IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (15764)
Hash d385bfc75a5af5c4700a9f2f8161c7c7
ae1ddd708228b28769eecd269be6bbfa15ea1c12
f07bfeeb500f348cbbf1c7a53683917eae7c36c7ed0b18bd4f2fabad7c3418f1
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/html; charset=UTF-8
content-length: 30166
link: <https://lppm.usk.ac.id/index.php?rest_route=/>; rel="https://api.w.org/", <https://lppm.usk.ac.id/index.php?rest_route=/wp/v2/pages/11649>; rel="alternate"; type="application/json", <https://lppm.usk.ac.id/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f48c5faf6e1fb611cea354be1b2297fe
58751cb9bdf3a30b4b10c988190c15316bc0634b
58ea0abc935bbd06d20d862918dec75890759946effb363a3b84dca10f56aac1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5481
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:26 GMT
Last-Modified: Tue, 27 Sep 2022 12:49:05 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f48c5faf6e1fb611cea354be1b2297fe
58751cb9bdf3a30b4b10c988190c15316bc0634b
58ea0abc935bbd06d20d862918dec75890759946effb363a3b84dca10f56aac1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5481
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:26 GMT
Last-Modified: Tue, 27 Sep 2022 12:49:05 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f48c5faf6e1fb611cea354be1b2297fe
58751cb9bdf3a30b4b10c988190c15316bc0634b
58ea0abc935bbd06d20d862918dec75890759946effb363a3b84dca10f56aac1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5481
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:26 GMT
Last-Modified: Tue, 27 Sep 2022 12:49:05 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
scontent.cdninstagram.com/v/t51.29350-15/309607642_1282275882546102_1976789373177620295_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=xJaM-UNS_-EAX_NeELk&_nc_ht=scontent.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-LoM-y0iR_VcfzJoWmDSD5UyBXyLDvyM4QlUafdKjMHg&oe=63375E2D
157.240.200.63200 OK 266 kB URL HTTP/2 scontent.cdninstagram.com/v/t51.29350-15/309607642_1282275882546102_1976789373177620295_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=xJaM-UNS_-EAX_NeELk&_nc_ht=scontent.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-LoM-y0iR_VcfzJoWmDSD5UyBXyLDvyM4QlUafdKjMHg&oe=63375E2D
IP 157.240.200.63:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x1440, components 3\012- data
Size 266 kB (266086 bytes)
Hash 04ae13052029ba1a0dafc827e0427142
82c2757ddc9c83f0d7752a17d2f3c1d1df0eb09c
c3f5bef4bd28804be486f9f48c2d5542b358fcc632e6ab9e13e9808825cce287
GET /v/t51.29350-15/309607642_1282275882546102_1976789373177620295_n.jpg?_nc_cat=110&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=xJaM-UNS_-EAX_NeELk&_nc_ht=scontent.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT-LoM-y0iR_VcfzJoWmDSD5UyBXyLDvyM4QlUafdKjMHg&oe=63375E2D HTTP/1.1
Host: scontent.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 27 Sep 2022 13:36:05 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 1835196060
x-needle-checksum: 2320915929
content-digest: adler32=2320915929
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 266086
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 14:20:26 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent.cdninstagram.com/v/t51.29350-15/308476083_805951587313190_5373408229663626377_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=kQ611omtjNMAX8_V2ve&_nc_ht=scontent.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT8eDl0e0JDTrTo6BmQ2GXbNzwmoCB9eoN0_ZRtoIosINA&oe=63378236
157.240.200.63200 OK 324 kB URL HTTP/2 scontent.cdninstagram.com/v/t51.29350-15/308476083_805951587313190_5373408229663626377_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=kQ611omtjNMAX8_V2ve&_nc_ht=scontent.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT8eDl0e0JDTrTo6BmQ2GXbNzwmoCB9eoN0_ZRtoIosINA&oe=63378236
IP 157.240.200.63:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1440x809, components 3\012- data
Size 324 kB (323855 bytes)
Hash 7a477e464249e5897a394e45d0fa261e
d61ff06851458e90a259d0d852d3b6633081d4a1
d832001d40714458ee233f577904322efc251d05b0d30acfd9ea43d503147843
GET /v/t51.29350-15/308476083_805951587313190_5373408229663626377_n.jpg?_nc_cat=109&ccb=1-7&_nc_sid=8ae9d6&_nc_ohc=kQ611omtjNMAX8_V2ve&_nc_ht=scontent.cdninstagram.com&edm=ANo9K5cEAAAA&oh=00_AT8eDl0e0JDTrTo6BmQ2GXbNzwmoCB9eoN0_ZRtoIosINA&oe=63378236 HTTP/1.1
Host: scontent.cdninstagram.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 26 Sep 2022 09:48:00 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 3518789408
x-needle-checksum: 1480962891
content-digest: adler32=1480962891
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 323855
x-fb-trip-id: 1679558926
date: Tue, 27 Sep 2022 14:20:26 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/h5p/h5p-php-library/styles/h5p.css?ver=1.15.4
202.4.186.84200 OK 2.9 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/h5p/h5p-php-library/styles/h5p.css?ver=1.15.4
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
Hash abd26ddbd3581294db430d06dfae2263
5f9a94cbfd9002bad584b90dea908266ca219be4
22bc93fd8b71e38a74e81b2343d4406258a62fc8ef30e917b53d8c450c53ed1b
GET /wp-content/plugins/h5p/h5p-php-library/styles/h5p.css?ver=1.15.4 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 2903
last-modified: Wed, 14 Sep 2022 16:11:31 GMT
etag: "2e96-5e8a561c5e297-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lppm.usk.ac.id/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
202.4.186.84200 OK 12 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (43771)
Hash e5548800176e913a9084f47a3e1e04f6
eff4604acc5c26ae82a19188de2f98bf5b79d80c
a2569c768eaca09f2483b971fcebb97badd57c9a16b5ae3e16b8cdcd8c688b07
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 11681
last-modified: Mon, 04 Jul 2022 12:10:37 GMT
etag: "15b64-5e2f99fa9e940-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/themes/eduma/assets/css/thim-icons.css?ver=6.0.2
202.4.186.84200 OK 492 B URL HTTP/2 lppm.usk.ac.id/wp-content/themes/eduma/assets/css/thim-icons.css?ver=6.0.2
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
Hash 8cc5379c0655eb3dda9a5faea0d7c233
57e0fbee1f1bff2d9ab2902d7862dfedce933bca
fed56f57fb1f305bff9b93694b3605ccf981a91d707c2e304540ad5f77db4768
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/eduma/assets/css/thim-icons.css?ver=6.0.2 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 492
last-modified: Tue, 27 Sep 2022 09:34:28 GMT
etag: "b3f-5e9a559c569a7-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/themes/eduma/assets/css/flaticon.css?ver=6.0.2
202.4.186.84200 OK 776 B URL HTTP/2 lppm.usk.ac.id/wp-content/themes/eduma/assets/css/flaticon.css?ver=6.0.2
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
Hash 87c8f6896dc32230c8827dee69be20bf
0c597876e66fe60ce9f03e0928239d268c1b2214
c24383c1b233966cf7fe584124e98fc8062fb9f7cc326e4f8c48835e6152aea2
GET /wp-content/themes/eduma/assets/css/flaticon.css?ver=6.0.2 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 776
last-modified: Tue, 27 Sep 2022 08:33:10 GMT
etag: "cc1-5e9a47e91d75f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/themes/eduma/assets/css/font-pe-icon-7.css?ver=6.0.2
202.4.186.84200 OK 1.8 kB URL HTTP/2 lppm.usk.ac.id/wp-content/themes/eduma/assets/css/font-pe-icon-7.css?ver=6.0.2
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (8250), with no line terminators
Hash fb1294611114c0cee47158a3ee1d97b4
5a50c213b660767ed873460e12b1b73987b059c0
88281d96d34a1c3f54ddd1c5d4cba337ede5a69d754c1e2e6be38ebe9d6046b4
GET /wp-content/themes/eduma/assets/css/font-pe-icon-7.css?ver=6.0.2 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 1751
last-modified: Tue, 27 Sep 2022 08:33:10 GMT
etag: "203a-5e9a47e91d75f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
202.4.186.84200 OK 4.0 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (19233)
Hash 24dc15839234f4dbd06f677098762e1c
a285318fa3f4d9a1491f523f080cd32e1df12315
016fdb3d864bb8491d6450906f97c734548f76ca9ead4b13b92dc7112c5568c6
GET /wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.16.0 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 3961
last-modified: Tue, 27 Sep 2022 04:00:16 GMT
etag: "4b4f-5e9a0ae956168-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/themes/eduma/assets/css/ionicons.min.css?ver=6.0.2
202.4.186.84200 OK 8.3 kB URL HTTP/2 lppm.usk.ac.id/wp-content/themes/eduma/assets/css/ionicons.min.css?ver=6.0.2
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type Unicode text, UTF-8 text, with very long lines (50876)
Hash c8407139372e1fb337c9c56af57256ae
64ff63ec9adf60f95a6157047c804239900c430d
f96f07d4f2f3bb775f8c267f0d66566a16de3f36c71662416cf3bd4b57d19a90
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/eduma/assets/css/ionicons.min.css?ver=6.0.2 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 8303
last-modified: Tue, 27 Sep 2022 08:33:10 GMT
etag: "c89a-5e9a47e91d75f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.7
202.4.186.84200 OK 14 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.7
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (65497)
Hash 9cc270f1f64eceedcd0e92203adf2ec4
e74350909333ee605d55c36d5a330de0a1630949
ed6bf98077f7c98a5e8b8f898b9ffb3909adf97f1d4cb05986a85ccb7fb04cbd
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.7 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 14107
last-modified: Tue, 27 Sep 2022 04:00:16 GMT
etag: "1a788-5e9a0ae960d48-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/stratum/assets/css/style.min.css?ver=1.3.13
202.4.186.84200 OK 12 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/stratum/assets/css/style.min.css?ver=1.3.13
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (65536), with no line terminators
Hash 22b57d9a89467769eefea82fa27d1176
52c8f5833f98717a0a8dd0319c02f251e9a3d83d
d99c98fe592983bf15a91acdd60e743f4479e9784e6aee5e72fa96810bbdbd46
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stratum/assets/css/style.min.css?ver=1.3.13 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 12053
last-modified: Wed, 14 Sep 2022 21:51:51 GMT
etag: "22cbd-5e8aa22e56539-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/pro-elements/assets/css/frontend-lite.min.css?ver=3.7.3
202.4.186.84200 OK 1.7 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/pro-elements/assets/css/frontend-lite.min.css?ver=3.7.3
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (11487)
Hash dd4261b6ddafe1bcef67ec4e825c9a70
e2db68995596f1c6f27367d2b8ad254b3cc306f4
ca225fa13dda6d4652d7342e8c86f1656e9b520667e010ad0ee3729fcb8a8c29
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pro-elements/assets/css/frontend-lite.min.css?ver=3.7.3 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 1674
last-modified: Wed, 14 Sep 2022 17:14:06 GMT
etag: "2d09-5e8a6419955c5-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/frontend.css?ver=1.0.6
202.4.186.84200 OK 1.9 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/frontend.css?ver=1.0.6
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (7800)
Hash fcf426864ff4e789fb790d195681d4b8
517530374e7eae3ddfd9007fa2f463860acab986
e39f3603a388fadc5e819b77608c50d5bc8fe6b4f249a9a09c6ded55232adb67
GET /wp-content/plugins/thim-elementor-kit/build/frontend.css?ver=1.0.6 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 1872
last-modified: Tue, 27 Sep 2022 09:15:39 GMT
etag: "1e79-5e9a5167e2b24-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/widgets.css?ver=1.0.6
202.4.186.84200 OK 5.4 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/widgets.css?ver=1.0.6
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (34110)
Hash 92b9f4b27d0aa3d8c34833f418b1ef80
7caa61928603450f4de39c5ee46500401567b0a8
96a317fa3eceac56281b7dc9e1af8596b4cef9ba2babd4333c5e66dc4cd2c4b1
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/thim-elementor-kit/build/widgets.css?ver=1.0.6 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 5368
last-modified: Tue, 27 Sep 2022 09:15:39 GMT
etag: "853f-5e9a5167e2b24-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/libraries/thim-ekits/css/thim-ekits-icons.min.css?ver=6.0.2
202.4.186.84200 OK 10 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/libraries/thim-ekits/css/thim-ekits-icons.min.css?ver=6.0.2
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (46134), with no line terminators
Hash 42ccd0ecc6d173e634a8b978bf715322
7573f6cfb538a3fd0d0ccb892394bbbbabcb4013
ae5999eb6bac9dfeba7a0c6d2845e06ab1c523f40b45415d1a8c4e5263b91e27
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/thim-elementor-kit/build/libraries/thim-ekits/css/thim-ekits-icons.min.css?ver=6.0.2 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 10404
last-modified: Tue, 27 Sep 2022 09:15:39 GMT
etag: "b436-5e9a5167e3ac4-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit-pro/build/widgets.css?ver=20164660b5eadc5c1ea4
202.4.186.84200 OK 942 B URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit-pro/build/widgets.css?ver=20164660b5eadc5c1ea4
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (4118)
Hash 0e8128452dc1d21fe5354e90118e2a4a
f855d6fcdb7ea34982991ce3ab4b3cf9e40944c2
9a063f90954941ce5f06ab6d679c455fa5cca63cf19dc5ceb8fe166d61a9235a
GET /wp-content/plugins/thim-elementor-kit-pro/build/widgets.css?ver=20164660b5eadc5c1ea4 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 942
last-modified: Tue, 27 Sep 2022 09:15:43 GMT
etag: "1017-5e9a516bdb52c-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.7
202.4.186.84200 OK 13 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.7
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (59158)
Hash d7913fc87c4606f82b4ee77a8d47fc2f
62a54acf7535ae53425b44dadfe5fdabf3d8300a
bb05c88bb0b82e2f14f1efb94b4c3511292f74c3bb7cb0b104d300a42a49492f
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.7 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 12869
last-modified: Tue, 27 Sep 2022 04:00:16 GMT
etag: "e7d0-5e9a0ae959048-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.7
202.4.186.84200 OK 4.2 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.7
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (26516)
Hash d74abcef3df71d56667a44693f75c454
be993a7b5c88a550ef0dc19c4841f240e41967f8
8c8fb98c0a68a93f2bcf224fcc1bdaa1095fc1b3f5418f2e2c5fddcfa3dee410
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/css/v4-shims.min.css?ver=3.7.7 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 4229
last-modified: Tue, 27 Sep 2022 04:00:16 GMT
etag: "684e-5e9a0ae959048-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
202.4.186.84200 OK 4.2 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (11126)
Hash 5629711d7fdd5b28441bac39b851299f
4e0bf2b7383097f7c352023a1b1b1b48a50356b6
44c444309c7a6c05ff4a9bc198bed9e9596bedb5658637c85689c9a471dcdd16
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: application/javascript
content-length: 4169
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
etag: "2bd8-5b45debe27b80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/libraries/thim-ekits/css/thim-ekits-icons.min.css?ver=1.0.6
202.4.186.84200 OK 10 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/libraries/thim-ekits/css/thim-ekits-icons.min.css?ver=1.0.6
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (46134), with no line terminators
Hash 42ccd0ecc6d173e634a8b978bf715322
7573f6cfb538a3fd0d0ccb892394bbbbabcb4013
ae5999eb6bac9dfeba7a0c6d2845e06ab1c523f40b45415d1a8c4e5263b91e27
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/thim-elementor-kit/build/libraries/thim-ekits/css/thim-ekits-icons.min.css?ver=1.0.6 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
content-length: 10404
last-modified: Tue, 27 Sep 2022 09:15:39 GMT
etag: "b436-5e9a5167e3ac4-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
202.4.186.84200 OK 31 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (65447)
Hash 9640915738503451aa21181699feab5b
c053eaf36ef0da96619706b3abda326305063bd6
f8834e669ad1f4039442c26aaa373ec39c35a233b9786d374fc3f670f16b0adc
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: application/javascript
content-length: 30908
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
etag: "15db1-5bd3006388300-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/stratum/vendors/AnimOnScroll/scrollAnimEffects.css?ver=6.0.2
202.4.186.84200 OK 862 B URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/stratum/vendors/AnimOnScroll/scrollAnimEffects.css?ver=6.0.2
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with CRLF line terminators
Hash 614d8a31cab3d85a115101f8bd76cc8b
32a3e4fbdd2f8a78d318e162d0546ea0c62e651c
7866f38a7217ea53ecd1f82c6b66d001fd74c8a9c749b83bf11d7b810d1ecaed
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stratum/vendors/AnimOnScroll/scrollAnimEffects.css?ver=6.0.2 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: text/css
content-length: 862
last-modified: Wed, 14 Sep 2022 21:51:51 GMT
etag: "157e-5e8aa22e59419-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/stratum/assets/js/editor-panel.min.js?ver=1.3.13
202.4.186.84200 OK 5.2 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/stratum/assets/js/editor-panel.min.js?ver=1.3.13
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (11864)
Hash af0f2db38df04331ec443c6d07d54276
a575640ace216a05ff05dbe123a38896a6dabad6
c330558b7ff3632920afbc2d623580180c7579c24b2149e072ee3d147a9a3e42
GET /wp-content/plugins/stratum/assets/js/editor-panel.min.js?ver=1.3.13 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 5157
last-modified: Wed, 14 Sep 2022 21:51:51 GMT
etag: "352f-5e8aa22e56539-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.local.js?ver=1.4.1
202.4.186.84200 OK 19 B URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.local.js?ver=1.4.1
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with no line terminators
Hash 8102dc9eee0565de28649497220d8d17
a32963be36656f3dd149892540138913bc88de6c
51ff2b4b46acab057eba32dc5fbd0bcf410f0ad2bb75d7a92b230bc627d930d6
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.local.js?ver=1.4.1 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 19
last-modified: Tue, 27 Sep 2022 09:04:47 GMT
etag: "13-5e9a4ef95a1ac"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
202.4.186.84200 OK 6.9 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type Unicode text, UTF-8 text, with very long lines (8189)
Hash 7e2b78a6e8a9b90385330755ee1cf3e5
684c325f39d45e42ae44a9e42f5e9fe4fb0b909c
43f124dabb4bc663cc1cc8d3161c1e6365cf8445d873ed5d69bbfdb507cf24a9
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.1 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 6914
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
etag: "50eb-5dc2a2438e980-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/wp-util.min.js?ver=6.0.2
202.4.186.84200 OK 705 B URL HTTP/2 lppm.usk.ac.id/wp-includes/js/wp-util.min.js?ver=6.0.2
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (1305)
Hash fc7e549ce428fe90eb910c14d23a1532
e3eb36861f16a8b3ea97e8e60a2033957fe58a2e
80226ac13b48a680f63f8258a251d2b9b4c87394459df6bd32732fd4e69c1bd3
GET /wp-includes/js/wp-util.min.js?ver=6.0.2 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 705
last-modified: Fri, 25 Jun 2021 14:50:58 GMT
etag: "53c-5c59844787880-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/underscore.min.js?ver=1.13.3
202.4.186.84200 OK 7.3 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/js/underscore.min.js?ver=1.13.3
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (18876)
Hash 9a2ea6713769fcca4f8c5c008e529bca
d4f20ea23eb679890b61a6829a5803a90f4cd4eb
3ca9f3cece4ffaff4322dda5eac52f1dc8cf52001f3e011f9f54c3aa1c40d880
GET /wp-includes/js/underscore.min.js?ver=1.13.3 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 7313
last-modified: Wed, 27 Apr 2022 14:39:21 GMT
etag: "49df-5dda3c65dd840-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2
142.250.74.163200 OK 8.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8724, version 1.0\012- data
Hash 267ebe38acb78ca90441cdb3f0f44b7d
85397079f9f963cd2f16dc5600d8d7795924d73d
3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d
GET /s/poppins/v20/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lppm.usk.ac.id
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:57:00 GMT
expires: Thu, 21 Sep 2023 19:57:00 GMT
cache-control: public, max-age=31536000
age: 498207
last-modified: Wed, 27 Apr 2022 16:12:34 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
142.250.74.163200 OK 8.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 8668, version 1.0\012- data
Hash a242ba0df3a128a2cab929a8c45d5056
d70e2c70b21cbb66cd883ae56e2dedacefd81c7c
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
GET /s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lppm.usk.ac.id
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8668
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:53:36 GMT
expires: Thu, 21 Sep 2023 19:53:36 GMT
cache-control: public, max-age=31536000
age: 498411
last-modified: Wed, 27 Apr 2022 16:07:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/bd1343fa/www-player.css
142.250.74.110200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/bd1343fa/www-player.css
IP 142.250.74.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 52e6e075466c4c0a464e509e02a7f217
b2de10e75e792445216f149fe7c3602eb946601b
dca625ea026b319da42e276e76548b11263bb07ecd5f73a8f97463f33778309b
GET /s/player/bd1343fa/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/9Xqt1m6eIEs
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49739
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 15:44:38 GMT
expires: Tue, 26 Sep 2023 15:44:38 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 00:16:54 GMT
content-type: text/css
age: 81349
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/bd1343fa/www-embed-player.vflset/www-embed-player.js
142.250.74.110200 OK 98 kB URL HTTP/2 www.youtube.com/s/player/bd1343fa/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (570)
Hash 01d6bed5af1f1a736d1a120e258c71ba
3de8c87c876791701ed38567d04eb5749b8fabfd
702468825ac61e18838fb3dabf7ba1de06c19bc68399c0f674982d542270bd28
GET /s/player/bd1343fa/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/9Xqt1m6eIEs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97736
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 15:46:26 GMT
expires: Tue, 26 Sep 2023 15:46:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 00:16:54 GMT
content-type: text/javascript
age: 81241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/backbone.min.js?ver=1.4.1
202.4.186.84200 OK 7.9 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/js/backbone.min.js?ver=1.4.1
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (23894)
Hash 85699d12a23c759648100d91e95f405d
8421ae5bb450db39a63054c425ebaf088234eab7
0ee5bba759359e73155a50288d98df1ed1f718871acd0f535bb59eec0ce28f74
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/backbone.min.js?ver=1.4.1 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 7900
last-modified: Tue, 12 Apr 2022 17:17:22 GMT
etag: "5d79-5dc783bdbcc80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/bd1343fa/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.110200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/bd1343fa/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.110:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/bd1343fa/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/9Xqt1m6eIEs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 15:46:26 GMT
expires: Tue, 26 Sep 2023 15:46:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 00:16:54 GMT
content-type: text/javascript
age: 81241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.app.min.js?ver=1.4.1
202.4.186.84200 OK 198 B URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.app.min.js?ver=1.4.1
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with no line terminators
Hash a5dc7dead45132519871276f050c6ada
57574eedf40c36431aaa842c194de37c755e92a4
cd90d94d9530cb2213a9f4e34cc1242bae23dbf8505cbfa1d0670380f17d185b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/real-time-auto-find-and-replace/assets/js/rtafar.app.min.js?ver=1.4.1 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 198
last-modified: Tue, 27 Sep 2022 09:04:47 GMT
etag: "11c-5e9a4ef95a1ac-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/frontend.js?ver=1.0.6
202.4.186.84200 OK 1.1 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/frontend.js?ver=1.0.6
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (3420), with no line terminators
Hash 2bee9468b4b7967a47905e31f1555310
46f9b8537290e25ca2c246b448d9737147d0f00b
d4c1b3ad19e8c96c65fbd155f9c5e19586e0517c2e4a797708eef6eb536ec702
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/thim-elementor-kit/build/frontend.js?ver=1.0.6 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 1118
last-modified: Tue, 27 Sep 2022 09:15:39 GMT
etag: "d5c-5e9a5167e2b24-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.7
202.4.186.84200 OK 2.2 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.7
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (4918)
Hash ac5286e01cb948466083b4a9db3725b1
158ee166465804fafaf226ed85b2243bb34d5fb1
e4ab2a0069a89260933d5fc4235c352cd504a7fe88d14c95ef66f46a680718b3
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.7 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 2193
last-modified: Tue, 27 Sep 2022 04:00:16 GMT
etag: "135d-5e9a0ae95cec8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.7
202.4.186.84200 OK 11 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.7
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type Unicode text, UTF-8 text, with very long lines (32889)
Hash 540ab7a81306a8a45622d154e9df498b
f06d1223e432a8d648d15008c4dcd7306553e0ac
9f5782726439ecaa602bfb3f5d4762d50409899eb22562da187e252a3eaf0df9
GET /wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.7 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 10742
last-modified: Tue, 27 Sep 2022 04:00:16 GMT
etag: "80a1-5e9a0ae95cec8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
202.4.186.84200 OK 3.0 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (12198), with no line terminators
Hash cfea3c51880820f2962a7773fbc864f9
45aa7ddc9b0c4201097d0df36791ab346470b734
12296ac9ef200103f8eea198a2bcd92692119dacece39538499758a0349035fb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 2993
last-modified: Tue, 27 Sep 2022 04:00:16 GMT
etag: "2fa6-5e9a0ae959fe8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.7
202.4.186.84200 OK 12 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.7
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (40474)
Hash 9f98d9eb97acbaa6fdbecb9086f0eba1
b8f3c7e68de9fcbc87c3bb232f71800e62a2c2f7
1eff8a686486469b581f8ea377acaaedb79cc6339976d17c9392752be4c4a993
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.7 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 12045
last-modified: Tue, 27 Sep 2022 04:00:16 GMT
etag: "9e41-5e9a0ae95de68-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
202.4.186.84200 OK 2.5 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (6475), with no line terminators
Hash 27cbbd0a9d7c5ad9402118c4afc36035
7659d08a005f5ecfa6c779e3cda45c30007fd059
ebc771d0af626966e38535357861fab0090e0bd7ff346cbe3c7ffdde1683809f
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 2457
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: "194b-5dc5fbf1e6f80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
202.4.186.84200 OK 1.7 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (4875)
Hash 320b86bb1a9ce650a5e3553b2bb1c430
c56e8668b398641ed5cdcfbd8a8eba7d631cdb9c
c9ebbb8d122c6be3880d18172abfe308bb07db900689484fa765a73b8b20b3ec
GET /wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 1661
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: "132e-5dc5fbf1e6f80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
202.4.186.84200 OK 3.9 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
Hash ca0cf10a1d933e4262c732da8f9008c1
d6fdc041e650cf096841671884db8854490dba72
fbd145cb64d3185e42b8a3f6fff22b3e4cc3550934b63a4f874c21c44f920702
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 3865
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
etag: "27ee-5dc767e5059c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
202.4.186.84200 OK 7.1 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash 2f4fcc5a628b379672d76b7e91cbdf07
9d72f2c9cbc1e9b036360acfce8c8ccc8b832b8c
a360f715a418026d2e1acd81c02c83233d0c0b60fdf4ce0b4d33562925d6a0b5
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 7095
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: "4ac6-5dc5fbf1e6f80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/dist/url.min.js?ver=16385e4d69da65c7283790971de6b297
202.4.186.84200 OK 2.0 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/js/dist/url.min.js?ver=16385e4d69da65c7283790971de6b297
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type Unicode text, UTF-8 text, with very long lines (4852)
Hash 718743141067cddf4cf48672680397f6
4eae462e2226b71540283f8a1d6e461d90ac4743
52080b5f1b8df8ed02893c63a7b18d97cbb8251e47e7f67d35f021c546b7b236
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/url.min.js?ver=16385e4d69da65c7283790971de6b297 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 1993
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
etag: "131b-5dc767e5059c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/dist/api-fetch.min.js?ver=63050163caffa6aac54e9ebf21fe0472
202.4.186.84200 OK 2.3 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/js/dist/api-fetch.min.js?ver=63050163caffa6aac54e9ebf21fe0472
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (5290)
Hash 88175d3a94bf2d08e9abadea86684e45
0d500829e3840ce368531114bdc8fc662e648b95
9acb6212253a49d77d99f5c2a389751cf5e70953bbfc95ac48b5f11a8957b173
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/api-fetch.min.js?ver=63050163caffa6aac54e9ebf21fe0472 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 2275
last-modified: Tue, 12 Apr 2022 15:12:47 GMT
etag: "14cd-5dc767e5059c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/widgets.js?ver=1.0.6
202.4.186.84200 OK 2.1 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/widgets.js?ver=1.0.6
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (7271), with no line terminators
Hash 90e7d8f000674716f5a6c946ee7f7fc0
6967048a51a944c69311960e5cdd5cdac4245ddc
709738b48ac96bab1d540817d7a63bd4397bd2179cb5ca030022e2b590a68943
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/thim-elementor-kit/build/widgets.js?ver=1.0.6 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 2148
last-modified: Tue, 27 Sep 2022 09:15:39 GMT
etag: "1c67-5e9a5167e2b24-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit-pro/build/widgets.js?ver=20164660b5eadc5c1ea4
202.4.186.84200 OK 1.5 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit-pro/build/widgets.js?ver=20164660b5eadc5c1ea4
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (4306), with no line terminators
Hash 509bb10e12f3fe1f519a4b157c40dd28
d08e9af6c07d6d3eebbd465e81ffb98992318c4f
00412bd615faec3b752bc3ce3487682f4cdd5c96788b7d3a028c306c96f526e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/thim-elementor-kit-pro/build/widgets.js?ver=20164660b5eadc5c1ea4 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 1537
last-modified: Tue, 27 Sep 2022 09:15:43 GMT
etag: "10d2-5e9a516bdb52c-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
202.4.186.84200 OK 25 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type Unicode text, UTF-8 text, with very long lines (65004)
Hash e2de06a182f7e23aaf18dcbd491eb1be
30febc83196451f315366d32437b5e0b9aa207ff
c000a3a62f0a90be1f5a6b00e17be68e74ad5ab79ffb2dbb14d3194f8be0b4e3
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 24927
last-modified: Mon, 11 Apr 2022 12:04:30 GMT
etag: "115ba-5dc5fbf1e6f80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-includes/js/imagesloaded.min.js?ver=4.1.4
202.4.186.84200 OK 1.8 kB URL HTTP/2 lppm.usk.ac.id/wp-includes/js/imagesloaded.min.js?ver=4.1.4
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (5477)
Hash 951ae46ca55ec7b0e401e2074bdf8b54
64bbbdc28a351b26cab9c230e134ca8eb4d4f83e
fd5d4c623e9d68551114b2a1303584b6792e592e864d4416145904fe8b9edd91
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/imagesloaded.min.js?ver=4.1.4 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 1834
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
etag: "15fd-5a7fbb57c37c0-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/themes/eduma/assets/js/smooth_scroll.min.js?ver=5.1.0
202.4.186.84200 OK 3.2 kB URL HTTP/2 lppm.usk.ac.id/wp-content/themes/eduma/assets/js/smooth_scroll.min.js?ver=5.1.0
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (7422), with no line terminators
Hash 5856cc80395528ff95f73ce94a80f569
377bf2f5eb02500e3291a1c2af2b1e37d9117fa3
8d890a644b04b20c7d4b920a5e2d9d33c838f39a4e334cb0e191d76ea0dd3bf0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/eduma/assets/js/smooth_scroll.min.js?ver=5.1.0 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 3195
last-modified: Tue, 27 Sep 2022 08:33:10 GMT
etag: "1cfe-5e9a47e91d75f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/themes/eduma/assets/js/thim-scripts.min.js?ver=5.1.0
202.4.186.84200 OK 4.3 kB URL HTTP/2 lppm.usk.ac.id/wp-content/themes/eduma/assets/js/thim-scripts.min.js?ver=5.1.0
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (18056), with no line terminators
Hash 4291b070becc86e594a91ba5058fd79e
9b896f82675716d57a5cd0cc8a927c540c1fa469
44752215b5da0e0f6504a5b054c2c9f19de5ccfe2a0032b37368e746399c34a8
GET /wp-content/themes/eduma/assets/js/thim-scripts.min.js?ver=5.1.0 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 4309
last-modified: Tue, 27 Sep 2022 08:33:10 GMT
etag: "4688-5e9a47e91d75f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/themes/eduma/assets/js/jquery.countTo.min.js?ver=5.1.0
202.4.186.84200 OK 441 B URL HTTP/2 lppm.usk.ac.id/wp-content/themes/eduma/assets/js/jquery.countTo.min.js?ver=5.1.0
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (917)
Hash 32031b0f36b00ce29796b043bf37a202
2d268a7720bc2fa1b91619bfb83a4d3e6e914f55
a140111bcb86a1e97dd47f604ee2fb2b1c338cbd3a4bab91cc0952b178f26100
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/eduma/assets/js/jquery.countTo.min.js?ver=5.1.0 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 441
last-modified: Tue, 27 Sep 2022 08:33:10 GMT
etag: "3af-5e9a47e91d75f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/stratum/vendors/waypoints/jquery.waypoints.min.js?ver=4.0.1
202.4.186.84200 OK 2.8 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/stratum/vendors/waypoints/jquery.waypoints.min.js?ver=4.0.1
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type Unicode text, UTF-8 text, with very long lines (8863), with CRLF line terminators
Hash 15348fdcc6894d8fcaf4f7f54eea751e
8353f4625e64ee6765c7dea63697c983f738d520
0a551fe5a845c62979842fd75d78dde8372e5c24c37de4990e7d240fa762c224
GET /wp-content/plugins/stratum/vendors/waypoints/jquery.waypoints.min.js?ver=4.0.1 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 2762
last-modified: Wed, 14 Sep 2022 21:51:51 GMT
etag: "234a-5e8aa22e5b359-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/themes/eduma/assets/js/custom-script-v2.min.js?ver=5.1.0
202.4.186.84200 OK 10 kB URL HTTP/2 lppm.usk.ac.id/wp-content/themes/eduma/assets/js/custom-script-v2.min.js?ver=5.1.0
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (37429), with no line terminators
Hash 386c8054f9787d6b9d171d807f742bac
ae556c3e37e403ceedbf68b4a88772aadb000c30
8cb2025347a4edcf59fd397d56f02b954eaf98209f78762234319484c8575302
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/eduma/assets/js/custom-script-v2.min.js?ver=5.1.0 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 10265
last-modified: Tue, 27 Sep 2022 08:33:10 GMT
etag: "9235-5e9a47e91d75f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/themes/eduma/assets/js/main.min.js?ver=5.1.0
202.4.186.84200 OK 50 kB URL HTTP/2 lppm.usk.ac.id/wp-content/themes/eduma/assets/js/main.min.js?ver=5.1.0
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (31999)
Hash 822bfe061eb6aa7490607ea93378c7ac
5aabd44476987bd879981ed8ff98e221611ea27a
f5e04be71150f53cadebc6536c3cde38db0fcdd2a5015a938ce37d9b2d6b0bb9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/eduma/assets/js/main.min.js?ver=5.1.0 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 50112
last-modified: Tue, 27 Sep 2022 08:33:10 GMT
etag: "28ccf-5e9a47e91d75f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lppm.usk.ac.id/wp-content/fonts/poppins/pxiEyp8kv8JHgFVrJJfedHFHGPc.woff
202.4.186.84200 OK 10 kB URL HTTP/2 lppm.usk.ac.id/wp-content/fonts/poppins/pxiEyp8kv8JHgFVrJJfedHFHGPc.woff
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type Web Open Font Format, TrueType, length 10528, version 1.1\012- data
Hash 7ce4264153a5964ded59f47006e284b9
f2f20abd9de757ea634c03dd771a0f4a318d9671
2db0a25447b543eff02741c0133150e504b3f94ab930f55232eb1ec6272ebb95
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/poppins/pxiEyp8kv8JHgFVrJJfedHFHGPc.woff HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/font-woff
content-length: 10528
last-modified: Wed, 14 Sep 2022 15:52:31 GMT
etag: "2920-5e8a51dde7790"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLEj6Z1xlE92JQEk.woff
202.4.186.84200 OK 11 kB URL HTTP/2 lppm.usk.ac.id/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLEj6Z1xlE92JQEk.woff
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type Web Open Font Format, TrueType, length 10604, version 1.1\012- data
Hash e1db2d2180032269e33d024f14df0307
cbeb8437420c54e3088862d36ba08f97fcd6ec01
90ae1c77d18f1076414c514523e8b18db3df30fce734f00268c6c976a15b0e81
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/poppins/pxiByp8kv8JHgFVrLEj6Z1xlE92JQEk.woff HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/font-woff
content-length: 10604
last-modified: Wed, 14 Sep 2022 16:52:43 GMT
etag: "296c-5e8a5f51d78dd"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLGT9Z1xlE92JQEk.woff
202.4.186.84200 OK 10 kB URL HTTP/2 lppm.usk.ac.id/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLGT9Z1xlE92JQEk.woff
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type Web Open Font Format, TrueType, length 10372, version 1.1\012- data
Hash adf018c56d8d1bb3b3153d106acd41fd
ee3867db04d904a91a098743af1a36c0b8cd9af2
6f35fc59966f7ce2bd3bbe37295c7973a2eb33708395c1281194bcac00533897
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/poppins/pxiByp8kv8JHgFVrLGT9Z1xlE92JQEk.woff HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/font-woff
content-length: 10372
last-modified: Wed, 14 Sep 2022 16:52:42 GMT
etag: "2884-5e8a5f518a675"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
202.4.186.84200 OK 78 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type Web Open Font Format (Version 2), TrueType, length 78196, version 331.-31261\012- data
Hash e8a427e15cc502bef99cfd722b37ea98
a9922842a120a7f1eaced667480c5e185a106d69
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-length: 78196
last-modified: Tue, 27 Sep 2022 04:00:16 GMT
etag: "13174-5e9a0ae957108"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLCz7Z1xlE92JQEk.woff
202.4.186.84200 OK 10 kB URL HTTP/2 lppm.usk.ac.id/wp-content/fonts/poppins/pxiByp8kv8JHgFVrLCz7Z1xlE92JQEk.woff
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type Web Open Font Format, TrueType, length 10432, version 1.1\012- data
Hash 1a6c45cdee0b0b43279b212d98140adb
8ef9845bd583af0d3787b75ed60a8afa349306cd
630ac4e1f57654d1b617f454e401526e56b8dbae8f27786b7e152c25208dfd1f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/fonts/poppins/pxiByp8kv8JHgFVrLCz7Z1xlE92JQEk.woff HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/font-woff
content-length: 10432
last-modified: Wed, 14 Sep 2022 15:52:32 GMT
etag: "28c0-5e8a51de31b18"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
202.4.186.84200 OK 77 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type Web Open Font Format (Version 2), TrueType, length 76764, version 331.-31261\012- data
Hash f7307680c7fe85959f3ecf122493ea7d
fce0da592a3e536d6d5df5b50cb513398d8c5161
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/font-awesome/css/all.min.css?ver=3.7.7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-length: 76764
last-modified: Tue, 27 Sep 2022 04:00:16 GMT
etag: "12bdc-5e9a0ae9580a8"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/libraries/thim-ekits/fonts/thim-ekits.ttf?q40gn5
202.4.186.84200 OK 509 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/libraries/thim-ekits/fonts/thim-ekits.ttf?q40gn5
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, thim-ekits \012- data
Size 509 kB (509056 bytes)
Hash 8fffd906e5af7ea850b067c3e5a8e9bc
e4056ded20436cf1f1a026f82b0c52d8c9dc2df4
356d5137bdce05539e1ba5f46414f7232db2907e46ab52ad07a1fee69a67ca68
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/thim-elementor-kit/build/libraries/thim-ekits/fonts/thim-ekits.ttf?q40gn5 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/wp-content/plugins/thim-elementor-kit/build/libraries/thim-ekits/css/thim-ekits-icons.min.css?ver=1.0.6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/font-sfnt
content-length: 509056
last-modified: Tue, 27 Sep 2022 09:15:39 GMT
etag: "7c480-5e9a5167e3ac4"
accept-ranges: bytes
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ce9fa7c0f8c668afd33a2fa65bf285e5
0333c06c16ea38e346cee9aad19965aa9d2729b1
50b7e5b9d9833fbd2c737642a86c63217f3296fb4bce6c7a876e4cde3dcddbd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
216.58.207.230200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 216.58.207.230:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 14:18:02 GMT
expires: Tue, 27 Sep 2022 14:33:02 GMT
cache-control: public, max-age=900
age: 146
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Tue, 27 Sep 2022 14:20:28 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ce9fa7c0f8c668afd33a2fa65bf285e5
0333c06c16ea38e346cee9aad19965aa9d2729b1
50b7e5b9d9833fbd2c737642a86c63217f3296fb4bce6c7a876e4cde3dcddbd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lppm.usk.ac.id/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
202.4.186.84200 OK 665 B URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (1320)
Hash 1759f1c5fbd5767f5c59cb9fad48ef67
d9ba7b4429b24f3fd5dc212ab96ebf49251a64e7
1fca4dfa5c8a17b96bbfa5c437a4b9f6510b031b96afaae9c6c7d119ea5d9c53
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:28 GMT
content-type: application/javascript
content-length: 665
last-modified: Tue, 27 Sep 2022 04:00:16 GMT
etag: "54f-5e9a0ae95cec8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js
202.4.186.84200 OK 1.2 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (2738)
Hash 7008b9e59f8130eb1f97270becf8cd09
c7068ffed7744558db540eb3c2f36d92a27a6946
c85252e4ff761707f7d5ff6a03dd6841ca24952a0f28b7473e1205fb7899bb19
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/js/image-carousel.e02695895b33b77d89de.bundle.min.js HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:28 GMT
content-type: application/javascript
content-length: 1203
last-modified: Tue, 27 Sep 2022 04:00:16 GMT
etag: "ad9-5e9a0ae95de68-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/09/pelatihan-300x300.jpg
202.4.186.84200 OK 64 kB URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/09/pelatihan-300x300.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash ada08334dbd7533d5b9ca225325752cd
5123d78bc963a9a14b5a07ca8dd8e80108dd11a2
c768ea98680bbc2470c57e754f2e21c433e08c33bcb5d436a5a55c8cfececf13
GET /wp-content/uploads/2022/09/pelatihan-300x300.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:49 GMT
etag: W/"6843-5e8a6848928c4"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Tue, 27 Sep 2022 14:20:29 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 14:20:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.106200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 80648a98093b67c0c40e642eaae6efd5
4e028e308b9af0f8fd2a911ba54befc46a7d5571
435968482acaf9fa60660e1f3d42b7a27a5ddac2bc0433017363696ee6d47502
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 27 Sep 2022 14:20:29 GMT
server: ESF
cache-control: private
content-length: 30623
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/UNMeoPQ8rtRt9hrMkVLrjVSzaMRKLPVY2pV-dxR9xRk.js
142.250.74.164200 OK 14 kB URL HTTP/2 www.google.com/js/th/UNMeoPQ8rtRt9hrMkVLrjVSzaMRKLPVY2pV-dxR9xRk.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (36059)
Hash 653ca66c61b84cbd83869ee18f017d75
90a6545ff9e57c4b7aead2902a6b490020062f8d
9a2bb3e8ba9e5b19e7d5ceef273a3ef848af3472f0e779f6764037e78dfdccea
GET /js/th/UNMeoPQ8rtRt9hrMkVLrjVSzaMRKLPVY2pV-dxR9xRk.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 05:09:23 GMT
expires: Thu, 21 Sep 2023 05:09:23 GMT
cache-control: public, max-age=31536000
age: 551466
last-modified: Tue, 13 Sep 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
202.4.186.84200 OK 36 kB URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type ASCII text, with very long lines (65280)
Hash f2f239cb6e82311cd197aa5888632811
e2376a981fa3bf8e7e36e86b979f3a3ea6443d29
c4ceac2088d1b38f5263c50bdfb2e54ed643186248b3a81c5850214b55336e4d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:29 GMT
content-type: application/javascript
content-length: 35491
last-modified: Tue, 27 Sep 2022 04:00:16 GMT
etag: "21f91-5e9a0ae959fe8-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/04/cropped-LPPM-Icon-192x192.png
202.4.186.84200 OK 6.0 kB URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/04/cropped-LPPM-Icon-192x192.png
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash 4448e655fa199a93585b857d2062aa68
749c5834ab18cf467f4f9ed84cb8cb199b1878e9
a869dad8a3cd30540773a191e7f051d8d55e959d59d7c6b68ba890b56ab97956
GET /wp-content/uploads/2022/04/cropped-LPPM-Icon-192x192.png HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:28 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:46 GMT
etag: W/"1797-5e8a68458b24a"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.106200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9570bbf4a9641452c1a1d7f698258b92
0afbb28884b2e2c2f60105a5a45e114badb8ad74
63b5728a70f0f328ffbcadcd264e063458f51d2585e6f3b95f19c525ce6df379
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1143
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 27 Sep 2022 14:20:29 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/stratum/vendors/AnimOnScroll/AnimOnScroll.js?ver=1.0.0
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/stratum/vendors/AnimOnScroll/AnimOnScroll.js?ver=1.0.0
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stratum/vendors/AnimOnScroll/AnimOnScroll.js?ver=1.0.0 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 2295
last-modified: Wed, 14 Sep 2022 21:51:51 GMT
etag: "1ac7-5e8aa22e59419-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/08/1.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/08/1.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/08/1.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:49 GMT
etag: W/"15ca7-5e8a684872521"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_4113-scaled.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_4113-scaled.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/08/IMG_4113-scaled.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:49 GMT
etag: W/"3a6ea-5e8a68484277e"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/03/Video.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/03/Video.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/03/Video.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:46 GMT
etag: W/"242ff-5e8a684575a89"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/09/WhatsApp-Image-2022-09-20-at-10.12.59-AM-300x300.jpeg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/09/WhatsApp-Image-2022-09-20-at-10.12.59-AM-300x300.jpeg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/2022/09/WhatsApp-Image-2022-09-20-at-10.12.59-AM-300x300.jpeg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Tue, 20 Sep 2022 03:17:18 GMT
etag: W/"5383-5e91344043dbf"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/pro-elements/assets/js/webpack-pro.runtime.min.js?ver=3.7.3
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/pro-elements/assets/js/webpack-pro.runtime.min.js?ver=3.7.3
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/plugins/pro-elements/assets/js/webpack-pro.runtime.min.js?ver=3.7.3 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 2367
last-modified: Wed, 14 Sep 2022 17:14:07 GMT
etag: "143f-5e8a641a4812d-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/09/Logo-atas.png
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/09/Logo-atas.png
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/09/Logo-atas.png HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:49 GMT
etag: W/"1544a-5e8a6848928c4"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/08/DSC00410-1-scaled.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/08/DSC00410-1-scaled.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/08/DSC00410-1-scaled.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:48 GMT
etag: W/"677d4-5e8a6847cf3b5"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/themes/eduma/assets/js/jquery.magnific-popup.min.js?ver=5.1.0
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/themes/eduma/assets/js/jquery.magnific-popup.min.js?ver=5.1.0
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/themes/eduma/assets/js/jquery.magnific-popup.min.js?ver=5.1.0 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 7346
last-modified: Tue, 27 Sep 2022 08:33:10 GMT
etag: "4ef8-5e9a47e91d75f-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/pro-elements/assets/js/frontend.min.js?ver=3.7.3
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/pro-elements/assets/js/frontend.min.js?ver=3.7.3
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pro-elements/assets/js/frontend.min.js?ver=3.7.3 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 5716
last-modified: Wed, 14 Sep 2022 17:14:06 GMT
etag: "53a8-5e8a641a2fa8c-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/08/3.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/08/3.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/08/3.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:49 GMT
etag: W/"169fe-5e8a6848734c1"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2
IP 142.250.74.10:0
GET /css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=auto&ver=6.0.2 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 14:20:26 GMT
date: Tue, 27 Sep 2022 14:20:26 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_4293-scaled.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_4293-scaled.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/08/IMG_4293-scaled.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:49 GMT
etag: W/"61014-5e8a68485311f"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_2483-scaled.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_2483-scaled.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/08/IMG_2483-scaled.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:48 GMT
etag: W/"5e092-5e8a68482819c"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_0004-1-scaled.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_0004-1-scaled.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/08/IMG_0004-1-scaled.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:48 GMT
etag: W/"47c04-5e8a6847e7a57"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/09/IMG_20220806_120221-653x400-1-400x200.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/09/IMG_20220806_120221-653x400-1-400x200.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/09/IMG_20220806_120221-653x400-1-400x200.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:29 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 20:03:53 GMT
etag: W/"3d5a-5e8a8a0c7d3ad"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_2386-1-scaled.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_2386-1-scaled.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/08/IMG_2386-1-scaled.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:48 GMT
etag: W/"44a24-5e8a6847f35d8"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/07/demo_image.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/07/demo_image.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/07/demo_image.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:48 GMT
etag: W/"94645-5e8a6847b7cb3"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/07/demo_image-300x300.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/07/demo_image-300x300.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/07/demo_image-300x300.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:48 GMT
etag: W/"538b-5e8a6847c3834"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/stratum/vendors/modernizr/modernizr.custom.js?ver=2.6.2
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/stratum/vendors/modernizr/modernizr.custom.js?ver=2.6.2
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stratum/vendors/modernizr/modernizr.custom.js?ver=2.6.2 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 3644
last-modified: Wed, 14 Sep 2022 21:51:51 GMT
etag: "201b-5e8aa22e59419-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/pro-elements/assets/js/elements-handlers.min.js?ver=3.7.3
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/pro-elements/assets/js/elements-handlers.min.js?ver=3.7.3
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/pro-elements/assets/js/elements-handlers.min.js?ver=3.7.3 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 5640
last-modified: Wed, 14 Sep 2022 17:14:06 GMT
etag: "5f3d-5e8a6419e1888-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
www.youtube.com/embed/9Xqt1m6eIEs
142.250.74.110200 OK 0 B URL HTTP/2 www.youtube.com/embed/9Xqt1m6eIEs
IP 142.250.74.110:0
GET /embed/9Xqt1m6eIEs HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 27 Sep 2022 14:20:27 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=9uNWT_zR_JQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=MdDLupqnZ34; Domain=.youtube.com; Expires=Sun, 26-Mar-2023 14:20:27 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+592; expires=Thu, 26-Sep-2024 14:20:27 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/bd1343fa/player_ias.vflset/en_US/base.js
142.250.74.110200 OK 0 B URL HTTP/2 www.youtube.com/s/player/bd1343fa/player_ias.vflset/en_US/base.js
IP 142.250.74.110:0
GET /s/player/bd1343fa/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/9Xqt1m6eIEs
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 591188
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 15:49:27 GMT
expires: Tue, 26 Sep 2023 15:49:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 26 Sep 2022 00:16:54 GMT
content-type: text/javascript
age: 81060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/08/2.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/08/2.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/08/2.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:49 GMT
etag: W/"16b0d-5e8a684872521"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_9840-scaled.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_9840-scaled.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/08/IMG_9840-scaled.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:49 GMT
etag: W/"52fc4-5e8a68486d701"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_9336-scaled.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_9336-scaled.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/08/IMG_9336-scaled.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:49 GMT
etag: W/"493bc-5e8a68486d701"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/themes/eduma/style.css?ver=5.1.0
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/themes/eduma/style.css?ver=5.1.0
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/eduma/style.css?ver=5.1.0 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: text/css
last-modified: Tue, 27 Sep 2022 08:33:10 GMT
etag: "1308c5-5e9a47e908f3e-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_2400-scaled.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_2400-scaled.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/08/IMG_2400-scaled.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:48 GMT
etag: W/"5263c-5e8a68481685a"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_3630-scaled.jpg
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/08/IMG_3630-scaled.jpg
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/08/IMG_3630-scaled.jpg HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:26 GMT
content-type: image/jpeg
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:48 GMT
etag: W/"42e94-5e8a684836bfd"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/uploads/2022/04/cropped-LPPM-Icon-32x32.png
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/uploads/2022/04/cropped-LPPM-Icon-32x32.png
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
GET /wp-content/uploads/2022/04/cropped-LPPM-Icon-32x32.png HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:28 GMT
content-type: image/png
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 17:32:46 GMT
etag: W/"2a5-5e8a68458b24a"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: br
X-Firefox-Spdy: h2
lppm.usk.ac.id/wp-content/plugins/stratum/assets/js/frontend.min.js?ver=1.3.13
202.4.186.84200 OK 0 B URL HTTP/2 lppm.usk.ac.id/wp-content/plugins/stratum/assets/js/frontend.min.js?ver=1.3.13
IP 202.4.186.84:0
ASN #63510 Syiah Kuala University Unsyiah
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/stratum/assets/js/frontend.min.js?ver=1.3.13 HTTP/1.1
Host: lppm.usk.ac.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lppm.usk.ac.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 14:20:27 GMT
content-type: application/javascript
content-length: 17432
last-modified: Wed, 14 Sep 2022 21:51:51 GMT
etag: "d6fc-5e8aa22e56539-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2