bungkla.com/%E0%B8%9E%E0%B8%B1%E0%B8%92%E0%B8%99%E0%B8%B2%E0%B8%A8%E0%B8%B1%E0%B8%81%E0%B8%A2%E0%B8%A0%E0%B8%B2%E0%B8%9E-%E0%B8%AD%E0%B8%AA%E0%B8%A1-%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7.html
301 Moved Permanently 0 B URL HTTP/1.1 bungkla.com/%E0%B8%9E%E0%B8%B1%E0%B8%92%E0%B8%99%E0%B8%B2%E0%B8%A8%E0%B8%B1%E0%B8%81%E0%B8%A2%E0%B8%A0%E0%B8%B2%E0%B8%9E-%E0%B8%AD%E0%B8%AA%E0%B8%A1-%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7.html
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /%E0%B8%9E%E0%B8%B1%E0%B8%92%E0%B8%99%E0%B8%B2%E0%B8%A8%E0%B8%B1%E0%B8%81%E0%B8%A2%E0%B8%A0%E0%B8%B2%E0%B8%9E-%E0%B8%AD%E0%B8%AA%E0%B8%A1-%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7.html HTTP/1.1
Host: bungkla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 03 Dec 2022 10:06:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 03 Dec 2022 11:06:13 GMT
Location: https://bungkla.com/%E0%B8%9E%E0%B8%B1%E0%B8%92%E0%B8%99%E0%B8%B2%E0%B8%A8%E0%B8%B1%E0%B8%81%E0%B8%A2%E0%B8%A0%E0%B8%B2%E0%B8%9E-%E0%B8%AD%E0%B8%AA%E0%B8%A1-%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7.html
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LglvLcyNXE6fy5tUIjHGY9T5w9M945Hp6dqRYhNuHMceXDMVrQ7r9nWJJEWm03tJ8m19vxUfqGSMlPCNIh6yQmBd938Uv%2Bfi7zM48xJXw4xbqvPyvxkXZLK4qaLn5w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 773b7d082aa50b45-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11496
Expires: Sat, 03 Dec 2022 13:17:50 GMT
Date: Sat, 03 Dec 2022 10:06:14 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2657
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:06:14 GMT
Last-Modified: Sat, 03 Dec 2022 09:21:57 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 09:19:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2775
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10247
Expires: Sat, 03 Dec 2022 12:57:01 GMT
Date: Sat, 03 Dec 2022 10:06:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: miwmOTzsPvR2+kPL+CFh6KUAODhEXDygRFazg1TkUTNyDe1/Z+nKPxX/PAyZk1fecFapSGHlRqQ=
x-amz-request-id: 01KZC29XM5P00JQP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 09:47:04 GMT
age: 1150
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 09:11:17 GMT
cache-control: public,max-age=3600
age: 3297
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash cafea1899358681388217ae2bfe839c2
f068ad77d3a49984f172ba1167dc1b08413699de
3b9f58bc877e6c05cf1250ed3b215c1a69e8181ccb89a0e24fd17d21939ecf66
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=107661
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:06:14 GMT
Etag: "638a2123-116"
Expires: Sun, 04 Dec 2022 16:00:35 GMT
Last-Modified: Fri, 02 Dec 2022 16:00:35 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
200 OK 471 B IP
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2646
Cache-Control: max-age=171883
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:06:14 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:50:57 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ltz4zC5/WFSUX5f6yySyBQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bSRnaozs5QFrGMeTyAcDwf61+T4=
ocsp.digicert.com/
200 OK 278 B IP
Hash cafea1899358681388217ae2bfe839c2
f068ad77d3a49984f172ba1167dc1b08413699de
3b9f58bc877e6c05cf1250ed3b215c1a69e8181ccb89a0e24fd17d21939ecf66
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=107661
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:06:15 GMT
Etag: "638a2123-116"
Expires: Sun, 04 Dec 2022 16:00:36 GMT
Last-Modified: Fri, 02 Dec 2022 16:00:35 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 278
bungkla.com/%E0%B8%9E%E0%B8%B1%E0%B8%92%E0%B8%99%E0%B8%B2%E0%B8%A8%E0%B8%B1%E0%B8%81%E0%B8%A2%E0%B8%A0%E0%B8%B2%E0%B8%9E-%E0%B8%AD%E0%B8%AA%E0%B8%A1-%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7.html
404 Not Found 46 kB URL HTTP/2 bungkla.com/%E0%B8%9E%E0%B8%B1%E0%B8%92%E0%B8%99%E0%B8%B2%E0%B8%A8%E0%B8%B1%E0%B8%81%E0%B8%A2%E0%B8%A0%E0%B8%B2%E0%B8%9E-%E0%B8%AD%E0%B8%AA%E0%B8%A1-%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (9381), with CRLF, LF line terminators
Hash f81649d9ae6140403e8d0f692f7d8bd3
c74a77e26f4d00f23a95c49d39e51768586f062f
a0c962840fc1d2c0e02a9d4095528bdd2fc96524f128786c42ecfeefe81b0415
GET /%E0%B8%9E%E0%B8%B1%E0%B8%92%E0%B8%99%E0%B8%B2%E0%B8%A8%E0%B8%B1%E0%B8%81%E0%B8%A2%E0%B8%A0%E0%B8%B2%E0%B8%9E-%E0%B8%AD%E0%B8%AA%E0%B8%A1-%E0%B9%80%E0%B8%8A%E0%B8%B5%E0%B9%88%E0%B8%A2%E0%B8%A7.html HTTP/1.1
Host: bungkla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
date: Sat, 03 Dec 2022 10:06:15 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://bungkla.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jowiiz8Dzvi90NrRWiSPQoavQTgRf62JFxhLJl6ijuR2VVOXuX3BNe5c5OHmJ%2FGhzC5XoePNEPrLVyoh79sHql180EgWbPE63tGqOX3MFqSvmPn1QRguF6dlDoUHSg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 773b7d0daf01b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
res.cloudinary.com/dlbha7men/image/upload/v1662785538/link%20slot%20gacor/DAFTAR-LINK-SLOT-GACOR-HARI-INI.gif
200 OK 90 kB URL HTTP/2 res.cloudinary.com/dlbha7men/image/upload/v1662785538/link%20slot%20gacor/DAFTAR-LINK-SLOT-GACOR-HARI-INI.gif
IP
File type GIF image data, version 89a, 500 x 500\012- data
Hash aade4ce1127f2dcb2dac7b720934d00e
98c551beb1625f297d038139eb6d9a0e26271684
d4855ed28aca4965f106b34c3abe70898fa4d06b9836018f0d98402e93813acc
GET /dlbha7men/image/upload/v1662785538/link%20slot%20gacor/DAFTAR-LINK-SLOT-GACOR-HARI-INI.gif HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bungkla.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
etag: "aade4ce1127f2dcb2dac7b720934d00e"
last-modified: Sat, 10 Sep 2022 04:52:19 GMT
date: Sat, 03 Dec 2022 10:06:15 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=18;cpu=1;start=2022-12-03T10:06:15.809Z;desc=hit,rtt;dur=17
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 89901
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4114
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 10:06:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4114
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 10:06:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4114
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 10:06:16 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4114
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 10:06:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ffa12df550123f63b20f67437cd8a04
398fd2d837c73f54c4591b69cd683f29bdf9184a
fd9ac4396488098923c27531295e64475047dd008a901e59915109a73a69f305
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6119
x-amzn-requestid: b0bf3aed-f968-4ebb-953e-35300d74ef16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdCe8GgNIAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63884ac5-4b20ca67753e65c5232660f5;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 06:33:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: axyk2U1R7AX1RVQmdc303S2S2CUs_RgphyeYPsbGveGHMAjY3KEzdw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 13:19:35 GMT
age: 74801
etag: "398fd2d837c73f54c4591b69cd683f29bdf9184a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ElvfdUly4Rb3YOQyMO2C_VelFUe6xcFbMh6x5fNrRzGjKCITdGSwLQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:47 GMT
age: 44909
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 249aec334460c66dc88b9e8def4e48df
f86d1d278ba5b24587b10519b1b30d75044efd97
b083151804ced0533a5b33302ef110b50ddc4bf653de0fb8f6c7711f4bc29fe2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9449
x-amzn-requestid: c21c52f9-d971-46d9-b632-0439a0e23da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZkxHKbIAMFxkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6fb7-2b8cc0982af568626f4a4bbf;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: h_QxhlhIxUS0VSjt1z50xNf0u1eB6c1WPTJUfvwGQA-t4M0zmXo2AA==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:03:42 GMT
etag: "f86d1d278ba5b24587b10519b1b30d75044efd97"
content-type: image/jpeg
age: 43354
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:39:04 GMT
age: 41232
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash becc8cdba57494c6fe212eb67634e1eb
c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8
fbb25b88b10a818bb0c6ad385b1e5ba54b87672c73bfa8a9c1ecb17dcc689d5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11942
x-amzn-requestid: ba8a5d03-7796-4c6d-a6df-3cc71b1c5259
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: chqukGmWoAMFtLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a24c3-609dc90d769060d30a16e3df;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 16:16:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m6j_3bDGFIAHQYzrZ1zXqUb-HbEJ8XCoGH5mgBFOWRbLzoSiuNBnhg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:37:55 GMT
etag: "c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8"
content-type: image/jpeg
age: 44901
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 06:00:50 GMT
age: 14726
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 52107b388ba3538b78572b9671d3678a
c67d5bc0de75cf931c5c8d7ea820b780f513dbb3
39f193ad427e28bcb211278c1208a8bffd154ebe62f64b45c09893532ef8d0ff
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 10:06:17 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 19:24:22 GMT
Expires: Thu, 08 Dec 2022 19:24:21 GMT
Etag: "c67d5bc0de75cf931c5c8d7ea820b780f513dbb3"
Cache-Control: max-age=464883,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773b7d1cbfb31c12-OSL
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 52107b388ba3538b78572b9671d3678a
c67d5bc0de75cf931c5c8d7ea820b780f513dbb3
39f193ad427e28bcb211278c1208a8bffd154ebe62f64b45c09893532ef8d0ff
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 10:06:17 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 19:24:22 GMT
Expires: Thu, 08 Dec 2022 19:24:21 GMT
Etag: "c67d5bc0de75cf931c5c8d7ea820b780f513dbb3"
Cache-Control: max-age=464883,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773b7d1b3974b4f4-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:06:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:06:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:06:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.imgur.com/npUoAfM.png
200 OK 2.7 kB IP
File type PNG image data, 62 x 62, 8-bit/color RGBA, non-interlaced\012- data
Hash e30a217279cf4bfc5bd6e78479e52cfa
1e7599f87691984020cc236852582668011c6764
c1e42d27ace38201dda3b204a8d6f8a8e445356fea14a1eae40bb18eb4cda0cc
GET /npUoAfM.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 06 Jul 2020 11:00:45 GMT
etag: "e30a217279cf4bfc5bd6e78479e52cfa"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sat, 03 Dec 2022 10:06:18 GMT
age: 2584223
x-served-by: cache-iad-kjyo7100120-IAD, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 587, 1
x-timer: S1670061978.118646,VS0,VE2
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 2708
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-M48573X0EY
200 OK 78 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-M48573X0EY
IP
File type ASCII text, with very long lines (22462)
Hash a3e6cfc9b99a94672e1ba26014e416df
2093e5c6c907042d7b49fcfb3fc393e324a90d8e
49f04cf8617f69704b0767d1c5070e87805e2fa3a99852eb9aa702789ae91ca4
GET /gtag/js?id=G-M48573X0EY HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 10:06:18 GMT
expires: Sat, 03 Dec 2022 10:06:18 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77807
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-2XJES9J2RM
200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-2XJES9J2RM
IP
File type ASCII text, with very long lines (22462)
Hash 71e5ccd51dbf1c14659b1c30bd6a7ff0
541671e6c0fb1a1a3551acddfbc08cc70b2e3cdd
c938c10ba86b8c2171378fe059396d1f27f755c07ea548acd3ca9a193b3b153c
GET /gtag/js?id=G-2XJES9J2RM HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 10:06:18 GMT
expires: Sat, 03 Dec 2022 10:06:18 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76867
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:06:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:06:18 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
149.28.135.133/css/fontawesome/webfonts/fa-regular-400.woff2
200 OK 14 kB URL HTTP/2 149.28.135.133/css/fontawesome/webfonts/fa-regular-400.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13584, version 330.32636\012- data
Hash f5f2566b93e89391da4db79462b8078b
be142af0f56062f6e864de121b98054c7b5954fd
0fc0a22e5e67c95d02c389a1454acc67df53e2f6a46af739f3eac7e352644751
Analyzer Verdict Alert quad9 Sinkholed
GET /css/fontawesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-length: 13584
last-modified: Fri, 10 Dec 2021 09:15:01 GMT
etag: "3510-5d2c728692a7f"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UN0ZhU9hPXa9ccI60c0pOxOFFLSpqhQyVxiyptVRrdzCUCcBT%2Bv3dcW0jo4yPD3wRDGZtaZqtGQ6n05ozMv%2Bx4ahv6XVvSdf410Gum7FpJgIoFBv7Hy%2BABFUW7R9Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d23cb3287de-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.ibb.co/dJBzwm0/slot135-wheel.gif
200 OK 96 kB URL HTTP/2 i.ibb.co/dJBzwm0/slot135-wheel.gif
IP
File type GIF image data, version 89a, 194 x 199\012- data
Hash f7ec8d4aa79500f06c113cec42c91132
007d7f4d3bb4d9d67870fc81486bfc4cdf7449b4
51d38b8eae3b4fcbb5250480ae7c0c28e36b6687f21e22a2334cc7f8f9795a82
GET /dJBzwm0/slot135-wheel.gif HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: image/gif
content-length: 96179
last-modified: Fri, 12 Aug 2022 05:47:51 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
149.28.135.133/fonts/Orbitron-Regular.woff2
200 OK 16 kB URL HTTP/2 149.28.135.133/fonts/Orbitron-Regular.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15476, version 1.0\012- data
Hash 2bc781a34a8aeedcd36a0a4de6bfaa78
f543dc775dda9c3ce05f8376b872acc2a15eedd7
61723c7d255942826eb6ef86f1901a77713909f7496d8492b4bd161e2bd57fbe
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/Orbitron-Regular.woff2 HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-length: 15476
last-modified: Fri, 10 Dec 2021 09:15:02 GMT
etag: "3c74-5d2c728756f1f"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JE4kcIPxa85CbMvBr8KAsV%2BIhsJBxl3UYqN2mfTR0qQJ4XB8uLSDmFrQxjwMGIJOcWYVbgG5VfKvicrrcDeRtygi4iaN91%2BDpTW%2BvouNwj8IYFUL00mN9ckNzvsxVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d23ccfa49cc-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/css/maintenance.css
200 OK 1.6 kB URL HTTP/2 149.28.135.133/css/maintenance.css
IP
File type ASCII text, with very long lines (1577), with no line terminators
Hash e3cbfc4b349b9b36d5331a1fb56766a3
a881b31c7db084ece043e30602584571858fd851
1a344993c64f45966bc154e8532214683d371eedd486e5897fc302e58a906802
Analyzer Verdict Alert quad9 Sinkholed
GET /css/maintenance.css HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: text/css
content-length: 1577
cf-bgj: minify
cf-polished: origSize=2265
etag: "8d9-5d2c7286b1e7f-gzip"
last-modified: Fri, 10 Dec 2021 09:15:01 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V84SCsZcScP1q1MqITQlRxNyTlglBLtxBGElXMwq18thz6lCUYtpzXCEuo%2Bm6lWq2FnRmzbWtYPv5zTG0HK%2Fj7tUiIjttlu7bS%2B2H6%2FstUWdJUaRuvhzdyPF4Y69WA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d25ddd391b7-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-M48573X0EY>m=2oebu0&_p=602648799&cid=1789359256.1670061976&ul=en-us&sr=1280x1024&_s=1&sid=1670061976&sct=1&seg=0&dl=https%3A%2F%2F149.28.135.133%2F&dr=https%3A%2F%2Fbungkla.com%2F&dt=LINK%20SLOT%20GACOR%20HARI%20INI%202022%20-%20SLOT135&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-M48573X0EY>m=2oebu0&_p=602648799&cid=1789359256.1670061976&ul=en-us&sr=1280x1024&_s=1&sid=1670061976&sct=1&seg=0&dl=https%3A%2F%2F149.28.135.133%2F&dr=https%3A%2F%2Fbungkla.com%2F&dt=LINK%20SLOT%20GACOR%20HARI%20INI%202022%20-%20SLOT135&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-M48573X0EY>m=2oebu0&_p=602648799&cid=1789359256.1670061976&ul=en-us&sr=1280x1024&_s=1&sid=1670061976&sct=1&seg=0&dl=https%3A%2F%2F149.28.135.133%2F&dr=https%3A%2F%2Fbungkla.com%2F&dt=LINK%20SLOT%20GACOR%20HARI%20INI%202022%20-%20SLOT135&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://149.28.135.133
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://149.28.135.133
date: Sat, 03 Dec 2022 10:06:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-2XJES9J2RM>m=2oebu0&_p=602648799&cid=1789359256.1670061976&ul=en-us&sr=1280x1024&_s=1&sid=1670061976&sct=1&seg=0&dl=https%3A%2F%2F149.28.135.133%2F&dr=https%3A%2F%2Fbungkla.com%2F&dt=LINK%20SLOT%20GACOR%20HARI%20INI%202022%20-%20SLOT135&en=page_view&_fv=1&_ss=1&_ee=1
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-2XJES9J2RM>m=2oebu0&_p=602648799&cid=1789359256.1670061976&ul=en-us&sr=1280x1024&_s=1&sid=1670061976&sct=1&seg=0&dl=https%3A%2F%2F149.28.135.133%2F&dr=https%3A%2F%2Fbungkla.com%2F&dt=LINK%20SLOT%20GACOR%20HARI%20INI%202022%20-%20SLOT135&en=page_view&_fv=1&_ss=1&_ee=1
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-2XJES9J2RM>m=2oebu0&_p=602648799&cid=1789359256.1670061976&ul=en-us&sr=1280x1024&_s=1&sid=1670061976&sct=1&seg=0&dl=https%3A%2F%2F149.28.135.133%2F&dr=https%3A%2F%2Fbungkla.com%2F&dt=LINK%20SLOT%20GACOR%20HARI%20INI%202022%20-%20SLOT135&en=page_view&_fv=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://149.28.135.133
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://149.28.135.133
date: Sat, 03 Dec 2022 10:06:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
149.28.135.133/fonts/gillsansmtbold.ttf
200 OK 68 kB URL HTTP/2 149.28.135.133/fonts/gillsansmtbold.ttf
IP
File type TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 74 names, Macintosh, Digitized data copyright \251 1997 The Monotype Corporation, Inc. All rights reserved. Gill Sans\012- data
Hash 3f3b5dee5276f99b6d5bfcf7e1a7be52
766ad5a19cf270def00022f8bb1b1bffb0a1e6e7
c95e47d509eada17f78d730010a5bbb69f60a940c17df6e4e7354c62262c1ab8
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/gillsansmtbold.ttf HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: application/font-sfnt
content-length: 68304
last-modified: Fri, 10 Dec 2021 09:15:02 GMT
etag: "10ad0-5d2c728756f1f"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7ZGUymIUzX81%2FnxP4xwNG2jITksGf3i%2BR2vGXW7fSl9vc%2BD94zxPnsLCjOoGTETQt%2BsJ1U%2FNqn8Xc0f1K3fEChYrhRGCgnm4pzUDVABDSgjb53M2y37togl07nEww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d23c94a9f74-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/css/fontawesome/webfonts/fa-solid-900.woff2
200 OK 79 kB URL HTTP/2 149.28.135.133/css/fontawesome/webfonts/fa-solid-900.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 79444, version 331.524\012- data
Hash b15db15f746f29ffa02638cb455b8ec0
75a88815c47a249eadb5f0edc1675957f860cca7
7f4d3fd0a705dbf8403298aad91d5de6972e6b5d536068eba8b24954a5a0a8c7
Analyzer Verdict Alert quad9 Sinkholed
GET /css/fontawesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-length: 79444
last-modified: Fri, 10 Dec 2021 09:15:01 GMT
etag: "13654-5d2c7286a053f"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lA7VGdLj7qy55nQC8mKwmQieAYJG3LaG8BM5cn1CpKPpU0iBr9LjFBzm4dMgY811iEaQOePB%2BroR4pTDA2mV4OnB%2F8m0GkZLAqq0U%2FYrEUj8zdrdAKCcNd9SSzMr3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d23ddfd6beb-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/m/asset/login.png
200 OK 4.0 kB URL HTTP/2 149.28.135.133/img/m/asset/login.png
IP
File type PNG image data, 146 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash e18d52a6f9bc77678f374e2e729e5f88
340ec43daeee1e7dff1e4f3e12fa65f14c8451f4
09edeea825b31c7ec4f7c51416c3d0d09718518cb844092869dc8c23b1f4ddce
Analyzer Verdict Alert quad9 Sinkholed
GET /img/m/asset/login.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: image/png
content-length: 4047
last-modified: Fri, 10 Dec 2021 09:14:59 GMT
etag: "fcf-5d2c728485441"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eqS7MDRb5eNpnMDFI6X1DKDqRciyfVJ00qhre0JD5PJcchZiTC1v5bObbiRJGp%2Bmnnnmuz69hfPW5Qp9Cje8ysHgVBDSJq%2FORG5xZPIk7mBsLa2f2BRHXEa32sdNNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d26fd929e22-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/m/asset/register.png
200 OK 6.5 kB URL HTTP/2 149.28.135.133/img/m/asset/register.png
IP
File type PNG image data, 146 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash d834cd19fd9aeebf696e6c0d1c8e7cee
48b1ed62374b71ca31d86e2f03ca47f3fe16e036
11ca63dc531b9a191d915b58453bdb7adcdde88abee2b8182bd9f0f031f8a50a
Analyzer Verdict Alert quad9 Sinkholed
GET /img/m/asset/register.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: image/png
content-length: 6489
last-modified: Fri, 10 Dec 2021 09:14:59 GMT
etag: "1959-5d2c728488321"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4179
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWvfZxZWI3GTH1Omu%2FTRkkp%2BqSoknOE4hgL6bnkQ3JquuVeMh9%2B%2BskLONseyQxKAtF9l5viOApZBl6sB50nvlyUpjumPeK2%2BvJaRexMEoLesk2CAXnFF48QDB1Ofjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d26f8938959-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/m/home/casino.png
200 OK 49 kB URL HTTP/2 149.28.135.133/img/m/home/casino.png
IP
File type PNG image data, 269 x 269, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c1343353da4be9eb3ac2b71ff20b45f
e87a2272a3fc210743f4fa50c523ca878bc2ab11
6e07423bff91fc10b5a117b3a76ec3136846802042b6320de148aed9c7f9e730
Analyzer Verdict Alert quad9 Sinkholed
GET /img/m/home/casino.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: image/png
content-length: 49285
last-modified: Fri, 10 Dec 2021 09:15:00 GMT
etag: "c085-5d2c72850ef60"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2151
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qvs%2B2VLNZ7Byjmh82Ym3qzItVCHpXFYvk6kXKJZmjBSQY3QHZdiHghuOujpczl%2FHRvR3MHYfAXJgmh3J1dMihpVHqsnrF1Tja9w0aeI7O1j3StHCqpqda05Ow8rN7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d270cff8994-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/js/iframe.js
200 OK 293 B URL HTTP/2 149.28.135.133/js/iframe.js
IP
Hash 740036b45878f96f7767abf77f6d9193
b255bc7a7f99b11ec1377fc1c142fb7962e52fd6
1a0b14a77543307903441e5f881f92b59c147ced68d8403ed515e36b224e07e5
Analyzer Verdict Alert quad9 Sinkholed
GET /js/iframe.js HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: application/javascript
content-length: 293
cf-bgj: minify
cf-polished: origSize=370
etag: "172-5d2c7286b8bdf-gzip"
last-modified: Fri, 10 Dec 2021 09:15:02 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4179
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pB9t%2BWAKYbf4JlzCNTNLyWVI%2BqUUrMh7Qw8lKOzqurNpJoltycm0OkG2a95nvaVtvvJ%2Bi5kUs%2Bne%2BXIv8HxIjwc8sP6n2EgAAD5FbXKK3WIap4KgLx%2FiZm0W%2FnYI1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d279b129fbb-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/js/home/home.js
200 OK 2.2 kB URL HTTP/2 149.28.135.133/js/home/home.js
IP
File type ASCII text, with very long lines (581)
Hash 2b8b694c19a0a24d7e549feb44f15f4f
19975813574d33bff7a5173978805a99c75cc94c
e2b1f728083e95251d79e2d7cc6519a557446e2915324928d53a34065e959444
Analyzer Verdict Alert quad9 Sinkholed
GET /js/home/home.js HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: application/javascript
content-length: 2171
cf-bgj: minify
cf-polished: origSize=2654
etag: "a5e-5d2c7286d127f-gzip"
last-modified: Fri, 10 Dec 2021 09:15:02 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DNgF%2BB6fbAyD4%2FJ2o7IG65JFWmrYK%2BAiiYkyfGz3WoW1O%2BETKlo8R8TOC%2FA2g3oLWS0%2F4jL02RRobFTYn5r9VQTOGBuJuih1D9gWXobgEVWxQRI2fLqVCuU%2BN8EMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d279ae0a029-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/js/menu/js/menu.js
200 OK 1.2 kB URL HTTP/2 149.28.135.133/js/menu/js/menu.js
IP
File type ASCII text, with very long lines (584)
Hash 3d89360f5f7357bb4f35ad22a7a43d04
17687e29580936d6c2f876705a3214aa79e699ad
fdd576e94bb1b46b566a33b1ee6a0c6740a4dcf9ad161f03e977aafddc150318
Analyzer Verdict Alert quad9 Sinkholed
GET /js/menu/js/menu.js HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: application/javascript
content-length: 1186
cf-bgj: minify
cf-polished: origSize=1842
etag: "732-5d2c7286ea8bf-gzip"
last-modified: Fri, 10 Dec 2021 09:15:02 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4179
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Ja6LASp11j7ELrQ4c1uMcAY0qIRRWGSln4Eh3o6JkcHMv%2BPZqdqJrkbWaFRHqRevnzpep%2FXXJnHdRo9uErgFEEhJ0X%2Fpy8eUqkMcCa6mF7jFhMVv0ZxoGOds7eUzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d279ab687bd-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.livechatinc.com/tracking.js
200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP
ASN #20940 Akamai International B.V.
Hash 155263aeae165c12e9e003bce35b6a21
534a7195bcf1b0028f330fcf5400c1e5cde6a48b
16cfda6bcc9c174e410b4500084b59b4f4ebb07ad4111527b6f9bc6d970add84
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 17 Nov 2022 13:08:42 GMT
x-amz-version-id: XiT9l9I6GGKdmfwcYLWex5TUwoVUOWV5
server: AmazonS3
content-encoding: br
etag: W/"72abe41f23b1a5d3b25350cc7025a805"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: TQ1OrJ5PDRXVoMHCBaKc11FpIYB6KXFqWXgUCjM5djNOhJXHkAOqPg==
content-length: 26064
cache-control: max-age=28800
expires: Sat, 03 Dec 2022 18:06:19 GMT
date: Sat, 03 Dec 2022 10:06:19 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
149.28.135.133/js/common.js
200 OK 4.6 kB URL HTTP/2 149.28.135.133/js/common.js
IP
File type ASCII text, with very long lines (2307)
Hash dcb0a2afa997a145884611f39f6d39f3
1de7e5d20f4e1171ffe28fb4d512f11bf37c1975
af82906274699b75925ffe063131cf6f4797ad396dc173440aea9b4fcf02814c
Analyzer Verdict Alert quad9 Sinkholed
GET /js/common.js HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: application/javascript
content-length: 4568
cf-bgj: minify
cf-polished: origSize=5465
etag: "1559-5d2c7286b4d5f-gzip"
last-modified: Fri, 10 Dec 2021 09:15:01 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CD7kNIjOZwqT%2F6uw5AnPBSD%2FeaKmTBjtMQfGT052JqxsiH6TzcyCNg8iXsyPBITdN%2BN83LaT4f63U1LmXBq%2BVOEbX%2FC3WUoMrbxKR19whkzcAEVj5AISLkeJEivPhw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d279d4e87ef-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/js/customers/login.js
200 OK 1.5 kB URL HTTP/2 149.28.135.133/js/customers/login.js
IP
File type ASCII text, with very long lines (938)
Hash 42fea48b70a8721866d6222c7554f050
b2b8f4428cb1cd3d9dbf7f4781edf9df39730527
4ada29e80c3acdf0a4952e0f1172dadc219b3141e5df791d6fda4c7afd888954
Analyzer Verdict Alert quad9 Sinkholed
GET /js/customers/login.js HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: application/javascript
content-length: 1544
cf-bgj: minify
cf-polished: origSize=1862
etag: "746-5d42f0b0e1474-gzip"
last-modified: Tue, 28 Dec 2021 06:36:37 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4179
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9j2ICwm9O%2FONAGjPNY7eHACBZFDNFO8kQIk%2FeU73uUn3zDgnw3akOuFqnOJeq%2BkqJD%2BscUQVhue2cnslQoncg2q9h%2BNxjsFR%2BWYjmA4D6ynrMDwYypd1fdfKgDQ6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d279cdba3e9-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/asset/border-bg.jpg
200 OK 869 B URL HTTP/2 149.28.135.133/img/asset/border-bg.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1x11, components 3\012- data
Hash 728cea2a8202821cc2ee50190217aedc
92b7841956034a61dce695b86c714d3f8bee5ff7
c699300e6a8858b7091e4aa4245eb5a2c2c366779caaebf2aeef4394d9c7dbf1
Analyzer Verdict Alert quad9 Sinkholed
GET /img/asset/border-bg.jpg HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:19 GMT
content-type: image/jpeg
content-length: 869
last-modified: Fri, 10 Dec 2021 09:14:57 GMT
etag: "365-5d2c7282e4462"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtQqwGdY%2B0HrV2f%2FyMdbZcLq%2Fj0ycOkfpgg8BlyS7aA7P6EZ3ZXaaWghjNFWW11Nd2EuCrHusY%2BIG9dNHARqv0DPPynlbG01TUCWHAcZit%2F2vW9j0XwqvjofnSLk8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d291d329f85-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13111320&url=https%3A%2F%2F149.28.135.133%2F&channel_type=code&jsonp=__otxugxbek3r
200 OK 264 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13111320&url=https%3A%2F%2F149.28.135.133%2F&channel_type=code&jsonp=__otxugxbek3r
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash fe392a7d03b55781756f8de01131d537
7cd118f6a59ffa1a82f5181afe93ce641de53ba6
3850042d89f71484089d5d64ae8c38f8a7e7cd2868536f275e867c8ab2d9fc40
GET /v3.3/customer/action/get_dynamic_configuration?license_id=13111320&url=https%3A%2F%2F149.28.135.133%2F&channel_type=code&jsonp=__otxugxbek3r HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://149.28.135.133/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://149.28.135.133/
content-length: 264
date: Sat, 03 Dec 2022 10:06:19 GMT
X-Firefox-Spdy: h2
149.28.135.133/img/asset/Call-Center-Box.png
200 OK 5.0 kB URL HTTP/2 149.28.135.133/img/asset/Call-Center-Box.png
IP
File type PNG image data, 1974 x 228, 8-bit colormap, non-interlaced\012- data
Hash 56b710201920564e42e0dbd2178c5c42
cba9c78cced7b26f54c019852861d20660dec8bf
52ffb3b6b6e55d78acceb23008af3a3bf488d771ad74955940fbfd3f8a1bc80a
Analyzer Verdict Alert quad9 Sinkholed
GET /img/asset/Call-Center-Box.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:19 GMT
content-type: image/png
content-length: 5000
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "1388-5d2c7282e5402"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eu1ImOj6CNFQqKCd7mCit1YXty8xgSqa74T2BpT6Knwd1xnoNR%2FOCEz9DSgf0%2FT%2Bv5VIJz8%2B03PB%2B0K3oQsoI3ZYjFs1P3f94iHwLOj3eHM8TQTKegvS4oaNgPD6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d292cc2a131-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/asset/bg2.jpg
200 OK 55 kB URL HTTP/2 149.28.135.133/img/asset/bg2.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2170x4223, components 3\012- data
Hash bf2a797bfe9280c741ae0e8d0e2d95a7
77aa74209e57dbde9669b9c462101bf9a96c3a02
bc0f82d15b44c2cd83baf654d7c4ff334890267a1e0b1f4e720966c85d420c64
Analyzer Verdict Alert quad9 Sinkholed
GET /img/asset/bg2.jpg HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:19 GMT
content-type: image/jpeg
content-length: 54979
last-modified: Fri, 10 Dec 2021 09:14:57 GMT
etag: "d6c3-5d2c7282e4462"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2152
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cof5s9%2B%2FG1gIEyYuCJphbfcHNWEGKs2WSG33QgHg%2BKHzkCcQB9ipqpnLZMQKmYQDUABnoXm31%2FpM0wnZbwakmt6iFjxpqdfwJwLar5eR5rdnZ5Lratin%2FRs1EZssZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d291d986bdb-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/m/home/tembakikan.png
200 OK 46 kB URL HTTP/2 149.28.135.133/img/m/home/tembakikan.png
IP
File type PNG image data, 269 x 269, 8-bit/color RGBA, non-interlaced\012- data
Hash 4804384e13fb525259b3c8a761d7b8ea
9b7d85b44942f3edb0de5342b4e2cbd09d8aee28
bf05d5aaa3d8c672e8acaaaf9af29dedb7320ee816e140a5bffe2e03c7075eec
Analyzer Verdict Alert quad9 Sinkholed
GET /img/m/home/tembakikan.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: image/png
content-length: 46165
last-modified: Fri, 10 Dec 2021 09:15:00 GMT
etag: "b455-5d2c728511e40"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVQUl%2BS19h1Zw4paVVBqK1JANpFxJ2kCKulfLwcj8dQlcnJvFx98FWi%2F7Ws6wZxgEXu9OuQfGsbLQyU33htIMqyox05cJ0dIuUOVCZr3MKPpkCd5BDSK4Bn3rd9sdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d279c419e20-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/m/home/poker.png
200 OK 28 kB URL HTTP/2 149.28.135.133/img/m/home/poker.png
IP
File type PNG image data, 269 x 269, 8-bit/color RGBA, non-interlaced\012- data
Hash db6d19ea12fafed0ac0a53a3d451469d
6468df42f214df91f0810536634f2311f6f0c1f2
55b02d25ba1970a8b6a19b1880a1520bf62b12d55923c50084e4d0248096e0f1
Analyzer Verdict Alert quad9 Sinkholed
GET /img/m/home/poker.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: image/png
content-length: 27547
last-modified: Fri, 10 Dec 2021 09:15:00 GMT
etag: "6b9b-5d2c72850ff00"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2F4ai0aHhvhFpHbODWiSQtySulQkcYwah51ZOFSScBWnhkonJMd2MkUW7c096ggeBlfKdlAkzKi60dv4%2Fp9WGxaKv%2FGuFYnGKwnu5IqNQHNIQdMIwWP%2B3qd11CTE1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d270e586c65-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/m/home/baccarat.png
200 OK 50 kB URL HTTP/2 149.28.135.133/img/m/home/baccarat.png
IP
File type PNG image data, 269 x 269, 8-bit/color RGBA, non-interlaced\012- data
Hash 4cd30d38d757fb4a44a1238d67614d99
da46ab2723b24a291635a051a2cdba03c1a6357c
96376c1f6c572c908b3c5170b290bf24efab0b8736b6c10019cb67a363632ed7
Analyzer Verdict Alert quad9 Sinkholed
GET /img/m/home/baccarat.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: image/png
content-length: 50485
last-modified: Fri, 10 Dec 2021 09:15:00 GMT
etag: "c535-5d2c72850ef60"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u8opw8Dpk91Y9syLWeEcY3lZt2HE4vtsEiC91ouTMfHAEjl%2FJtUKsFPcIHSGhCykyWmwp%2FasAK%2BVNQ5%2F92CYIVsZO4JmDLWNdTTIb%2FjYP5sdsN5izb7bo5wBMl6BzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d270b608841-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/m/home/slots.png
200 OK 43 kB URL HTTP/2 149.28.135.133/img/m/home/slots.png
IP
File type PNG image data, 269 x 269, 8-bit/color RGBA, non-interlaced\012- data
Hash 2c8cbcf8f415c5e11065a008e10fe67f
b865a80540e09ea4fdcc40d073f1a4a9918e5316
831d5be391fca4f40e23b6bbf9429ccc158d8afe8503ad4efcc5312ee69a724c
Analyzer Verdict Alert quad9 Sinkholed
GET /img/m/home/slots.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: image/png
content-length: 42579
last-modified: Fri, 10 Dec 2021 09:15:00 GMT
etag: "a653-5d2c728510ea0"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Toz3k4utjkbgrpfTqzuP5FVlr43u0y%2BAzFKb%2Bddzinnj%2BMaq21u5kBJR93GKDQCA1QmKTFSEUFjnYIcPFl0yKTInWppjUE276ts8BOG7sHYhyPhRDrmSkQrzpgqlXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d270cdd87b3-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=13111320&version=476.1.1.312.89.48.13.3.1.1.1.4.0&group_id=0&jsonp=__lc_static_config
200 OK 1.6 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=13111320&version=476.1.1.312.89.48.13.3.1.1.1.4.0&group_id=0&jsonp=__lc_static_config
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (4609), with no line terminators
Hash 3f00d475b67678062a080e5788b8dfc9
387dc068eb8a6d38655a1fe55c0224b3cd96dfaf
a33c05d91461064d5323a9e74e29560070e8fa2d01ed5819c1847ffd2e82a4ea
GET /v3.3/customer/action/get_configuration?license_id=13111320&version=476.1.1.312.89.48.13.3.1.1.1.4.0&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1584
cache-control: public, max-age=600
expires: Sat, 03 Dec 2022 10:16:19 GMT
date: Sat, 03 Dec 2022 10:06:19 GMT
X-Firefox-Spdy: h2
149.28.135.133/img/asset/jackpot.gif
200 OK 154 kB URL HTTP/2 149.28.135.133/img/asset/jackpot.gif
IP
File type GIF image data, version 89a, 1969 x 407\012- data
Size 154 kB (153461 bytes)
Hash d56827622a8e8fe76f890735e0f43329
fe6acd6516ab7c6d6d7c1103a4188df21662f6ca
6dd7b21fa889e3bc7d9f02eacd7f08e6fc5c7357a4c36c09799802cb25a1d786
Analyzer Verdict Alert quad9 Sinkholed
GET /img/asset/jackpot.gif HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:19 GMT
content-type: image/gif
content-length: 153461
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "25775-5d2c7282e9282"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5695
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0nCgg2rr5LbwrMoyR301uw7Vwxdez1n9NfEnzeXYQZ5v8vCUZd2%2FL%2F2qQcmrrxT%2Bz8UKDCrvJ28VDisOe3C9M2OSMjnK3yrjihoB1aio7Yz4S3A8W%2FR2%2Fe3bP2rIoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d292de44a65-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/asset/menu-bg.png
200 OK 3.0 kB URL HTTP/2 149.28.135.133/img/asset/menu-bg.png
IP
File type PNG image data, 393 x 87, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a105aa11581458504f087c478fdcf08
8225bc96d8ea9ab207cbc42a2f6cf71d4e2e480b
8999f01a1546fc8c0dadbca11d4154b5c348794b6d159fd5e7176546deaea95d
Analyzer Verdict Alert quad9 Sinkholed
GET /img/asset/menu-bg.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:19 GMT
content-type: image/png
content-length: 3049
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "be9-5d2c7282eb1c2"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pg1cxc1khIPXTPJnQ0IhWcenxjt51%2FQwN%2BhOcn%2BivXKKHqHIRFX8Y9Pv2AIjHJwdebV2%2B4pBN8LtRY9fbnITLwWtd%2FaUSZrDZTux12ZMC4NedV2UTiY9%2FpVTOfpXdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d2919f99f92-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/asset/new-badge.png
200 OK 962 B URL HTTP/2 149.28.135.133/img/asset/new-badge.png
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1bb585910e673c005efbdc6e076d8efc
ca3df05f13e74758a1ff421742bb7387ff62b150
d92ea1d6fc9bb94deef66f736c193cae4767e0706b067b8616b9c84863c99dcd
Analyzer Verdict Alert quad9 Sinkholed
GET /img/asset/new-badge.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:19 GMT
content-type: image/png
content-length: 962
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "3c2-5d2c7282eb1c2"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRO2IP1lEEriEitu%2FpSNR5mGIsc2i2kGvY6oMGFeRfXouPQgYYsEaLRgZpInKVVmLiqdhESKclMq393jqYRGqfLOUU%2BUHhfgTUrs39jhl4lTRlpX97BCdnunwQzX0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d291dfc2ea7-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/m/home/sportsbook.png
200 OK 32 kB URL HTTP/2 149.28.135.133/img/m/home/sportsbook.png
IP
File type PNG image data, 269 x 269, 8-bit/color RGBA, non-interlaced\012- data
Hash 77c9745d128860103ea17ecc614a4cc7
81f76fa3d3b7511869369e87413b331e419f5e76
e632186fc7f15cd56e0094cc4e8fd5e90dc8a7c08272673bc0ca7d853a602c66
Analyzer Verdict Alert quad9 Sinkholed
GET /img/m/home/sportsbook.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: image/png
content-length: 31462
last-modified: Fri, 10 Dec 2021 09:15:00 GMT
etag: "7ae6-5d2c728510ea0"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9W%2BCIsUMoXczRKYVkdmjdYMmOWsTvd6GMwxWhH7i9IIoNDWxpz9SCNPztpKD9%2Bz6LwNSD1TT%2Febg9xMEcXLis4yGd8aM0ETX7mrDqtojSMfJ8%2FL1PVlMxI2afRBWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d270b6b89b9-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/m/home/togel.png
200 OK 34 kB URL HTTP/2 149.28.135.133/img/m/home/togel.png
IP
File type PNG image data, 269 x 269, 8-bit/color RGBA, non-interlaced\012- data
Hash 888e601be83f46880fe7c9e2bd65d6e4
6e08b24501b738433aa2aeb4681d1df4fd0d60fe
b1e683371bb4ea3f8477d556a41295b842eb6554b3ca2e7bb41808a1c486ae89
Analyzer Verdict Alert quad9 Sinkholed
GET /img/m/home/togel.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: image/png
content-length: 33869
last-modified: Fri, 10 Dec 2021 09:15:00 GMT
etag: "844d-5d2c728511e40"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7j7DKqM8WRZaPizL%2BYE5dYbc8vruME8F0pr96Mv0Xpu513Xa1Yh%2Buja%2FCbglkv1n2nrrIVco0JvsV8oknGoxPyluD%2F8Pxc%2Fx05H7rMQf0HSPB92q5xU%2BG6awS234w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d27080cab67-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/m/home/aduayam.png
200 OK 41 kB URL HTTP/2 149.28.135.133/img/m/home/aduayam.png
IP
File type PNG image data, 269 x 269, 8-bit/color RGBA, non-interlaced\012- data
Hash df24f2b5a6e227881e5d01ff684d7f47
84c5ef8fa78617920e0d4ef0b3c430a1adec2b07
9ff74c47c13224c2626515482348b267ce4bb99d1b7672617903af3372b2486f
Analyzer Verdict Alert quad9 Sinkholed
GET /img/m/home/aduayam.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: image/png
content-length: 41331
last-modified: Fri, 10 Dec 2021 09:15:00 GMT
etag: "a173-5d2c72850ef60"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4pyiSMA2AawoBtzJ44v5gPayemcIgZb0FUAhrlffRxFmBerA3Hp0T%2BxA8PcCa7NDOvZr2Lv2rcvIRuvtk432MmN3NsqhvTfGLFTrVdvK2JfaKlPiUBMHKWbQ2ix7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d2789d36ba2-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/asset/popup/slot135_gold.gif
200 OK 92 kB URL HTTP/2 149.28.135.133/img/asset/popup/slot135_gold.gif
IP
File type GIF image data, version 89a, 400 x 300\012- data
Hash c90b1db11f5b58b71883a824b8492373
aab9de8c581f086e47c04c9681d2e30d3ac41600
0a235824afbf4988b7e62ae2874e718ee5dbc8ad9d28099e2cd93411c43610af
Analyzer Verdict Alert quad9 Sinkholed
GET /img/asset/popup/slot135_gold.gif HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: image/gif
content-length: 92147
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "167f3-5d2c72835c641"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNVW5v1bWOf1O0nWVLpolCa%2F4MDwOz6CSg4HpZuGXJXzmT4lJSPzfcFAL0%2FJAf1GJzlnjOXQa5Gnwe8alJSyuTRQkHFIUm3oKpy7JGwG7%2BAHWA%2FLS6%2BeFsbLZgkkbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d278e538796-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13111320&version=13159fb2ee05429e3ae48a4031b3d0e0_b33d000b97cd6de86b086eecec11a288&language=id&group_id=0&jsonp=__lc_localization
200 OK 4.0 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13111320&version=13159fb2ee05429e3ae48a4031b3d0e0_b33d000b97cd6de86b086eecec11a288&language=id&group_id=0&jsonp=__lc_localization
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (11641), with no line terminators
Hash f16c54647b1b6b3f1b3af02cd9ed60de
087d61a82e10b710d799e25470f4cc8ae74366b3
6140456dd2b113fbb91154ff6848db9f65f9caf828f41bf84451ce75ce85d2bf
GET /v3.3/customer/action/get_localization?license_id=13111320&version=13159fb2ee05429e3ae48a4031b3d0e0_b33d000b97cd6de86b086eecec11a288&language=id&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=599
expires: Sat, 03 Dec 2022 10:16:19 GMT
date: Sat, 03 Dec 2022 10:06:20 GMT
content-length: 4026
X-Firefox-Spdy: h2
149.28.135.133/img/m/home/bonus.png
200 OK 41 kB URL HTTP/2 149.28.135.133/img/m/home/bonus.png
IP
File type PNG image data, 269 x 269, 8-bit/color RGBA, non-interlaced\012- data
Hash 7591f3ffb5253db7e35fa004b947e4c7
b7603fb3b29ca362074f683e4a76b99c3ad459bf
ba23bb73e54144b5fe270e884f51d13541ded0c9808d036c4543a8d478aace4a
Analyzer Verdict Alert quad9 Sinkholed
GET /img/m/home/bonus.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: image/png
content-length: 40669
last-modified: Fri, 10 Dec 2021 09:15:00 GMT
etag: "9edd-5d2c72850ef60"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FYtGkfa1pG7T4k8pqUWLbGaQdTxx7dyx4LP0rScoAPw05aBYPOmbj7tKqQW6%2FCGCa%2BYC%2F02ZTurTpeslqBF6uUbQVjrVY0sFDIRciwFGBNKoYfIyzHH3Z1%2BSE%2BkAw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d27ae469f97-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/m/home/rewards.png
200 OK 32 kB URL HTTP/2 149.28.135.133/img/m/home/rewards.png
IP
File type PNG image data, 269 x 269, 8-bit/color RGBA, non-interlaced\012- data
Hash 02d1a0d124855e3d2af8cbb3f3efe5b0
90e535c2bf0c3df7954d529a625ed7337c120474
6022972bbc17e13028545a1f4ee9d1a6392445c3299878cf09d2d6e6dfe07b70
Analyzer Verdict Alert quad9 Sinkholed
GET /img/m/home/rewards.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:19 GMT
content-type: image/png
content-length: 31667
last-modified: Fri, 10 Dec 2021 09:15:00 GMT
etag: "7bb3-5d2c728510ea0"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vhxap8eQcVVmrg3S%2BPcDMc7NBAMrDkGzf%2BvQ4XKzw53DrlIfaN7U7MHCVMsQ1Y9tvZYGH5hunQ%2B%2BIB3J0hmbykNvY4sfMj4hbo4XveffduOLa52Ex7dgpt28bzPibw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d279c614c23-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/asset/suka-logo.png
200 OK 27 kB URL HTTP/2 149.28.135.133/img/asset/suka-logo.png
IP
File type PNG image data, 944 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash ffabf43a83fbe6a15c170f95270969a7
5ccb22d69cdcd6a3e03cf65beca43821609b473a
572c580d7ccc8524bc5cbe5c31d99591420b7dd24fc039473305684791048455
Analyzer Verdict Alert quad9 Sinkholed
GET /img/asset/suka-logo.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:19 GMT
content-type: image/png
content-length: 26811
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "68bb-5d2c72835a701"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2FLNSnMG%2F67ftAaU14N4mum%2FaU0XDzLp4nkFVkMsHaGjdfikufIQBv%2BBfjAUUiFKwa%2BXdsL04lPP3M4hLCfbKzDgwN%2F%2F5PeUtVDRMD8QKdNPCMCftWdXHexV4hppEw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d2798e94b68-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=13111320&group=0&embedded=1&widget_version=3&unique_groups=0
200 OK 2.6 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=13111320&group=0&embedded=1&widget_version=3&unique_groups=0
IP
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Hash 2af834d2c1666ed80bdf535ba7baf0cf
f83744b1d09476acd71ce975971ace5404982232
1727455617bd6865da97b3dfba29fae5b9b7f43662bf5b57d9bde8f5a987dc67
GET /customer/action/open_chat?license_id=13111320&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Sat, 03 Dec 2022 10:06:20 GMT
content-length: 2558
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
200 OK 15 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.0f55d8dd.chunk.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (47599), with no line terminators
Hash 59df903a307f8661bd53313a1a1ec2dd
c1b075479edfeed640cea3038d08915f5eedb9a8
6a19cca29c349c638cdb3a4f5103fe14562c865fc49184f33770f0f87b87bb7c
GET /widget/static/js/0.0f55d8dd.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: FTaBdM5aPM6e3Wa0SH3EvXHWpAST4v3U
server: AmazonS3
content-encoding: br
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: Bx7lkbEvoasnYh6BeyLszGXP_TUvjQo-lxa26fmjrtmufN5f4M8YPg==
content-length: 14934
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 10:06:20 GMT
date: Sat, 03 Dec 2022 10:06:20 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
149.28.135.133/images/captcha/login
200 OK 213 kB URL HTTP/2 149.28.135.133/images/captcha/login
IP
Size 213 kB (213123 bytes)
Hash dc475771515ccb816fc8ff2b9e4288b5
dbdfcd46a91feeb81061ed6f54f65e636b7bbce1
b81a75aee0f496818d75a5954ea2bd765bd73c490422e3359ccf3faa3ba0e4d6
Analyzer Verdict Alert quad9 Sinkholed
GET /images/captcha/login HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:19 GMT
content-type: text/html; charset=UTF-8
set-cookie: CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; expires=Sat, 03-Dec-2022 11:06:18 GMT; Max-Age=3600; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NbzEBzcRatc3EJ4Y%2BZf7aVzrbJwKRNhFCU5%2Bsn%2FO1HOolnAYKWNFz8Lo35xaI66zgUrFWT%2Bu%2FzvAHmoUVLcEVk2nPPDfjGnenxxY6IGEepBxKMMrH4wJysjNrBIbTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d26ecda8952-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-encoding: gzip
X-Firefox-Spdy: h2
149.28.135.133/img/asset/logo.gif
200 OK 250 kB URL HTTP/2 149.28.135.133/img/asset/logo.gif
IP
File type GIF image data, version 89a, 380 x 145\012- data
Size 250 kB (249670 bytes)
Hash d3e8a51a6e6a9687b3e4feea1f9bed11
847fbb4c48edaefc667a1ebce613d2a966b177e2
2dc515e6786f1820510673298edde4d9bb2a61424940137d141583d1dbff0403
Analyzer Verdict Alert quad9 Sinkholed
GET /img/asset/logo.gif HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:19 GMT
content-type: image/gif
content-length: 249670
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "3cf46-5d2c7282ea222"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XNOF4VeOKCgsX4Gc%2Bhaiov%2Bj6KZ8xDXjCBlM8dKF%2BI%2BnDSNa8jaT6XX214QTcflKe15BLfbKxZHNKG9MRpUlkz5rtDZ2d6Ee6nUOdNf4ZfkIcN4hPX9TC0XDkbpU4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d291ce76c00-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
200 OK 20 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/1.1e075a8f.chunk.js
IP
ASN #20940 Akamai International B.V.
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /widget/static/js/1.1e075a8f.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 10 Nov 2022 13:27:43 GMT
x-amz-version-id: o8X.laUPCA4HbBkhv_.0.rtHv1UEzu8S
server: AmazonS3
content-encoding: br
etag: W/"add645219cc09aca44e90ff2cb69482a"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: wQvKSpsPRy26in0iJkcMTYfNv8UaYE7ghU0BTCtCVHFylj64oG5eMQ==
content-length: 66502
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 10:06:20 GMT
date: Sat, 03 Dec 2022 10:06:20 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 33d4c0eb73252b9ee70cebc62151b0dd
31bc157147ab1329097d7c6f60bd077186c24bf8
fbf26b2930e09e9f73ff165eba2ce1f953054ebb7f47d425fd656108131b5cba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:06:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Hash 3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 10:06:20 GMT
date: Sat, 03 Dec 2022 10:06:20 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
200 OK 13 kB URL HTTP/2 cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
IP
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data
Hash d9f5998f47f6f22cb66e7dbf428c76ab
86b993baf91f867a03ea62e0d0adc9488530efaa
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12688
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: X3prfpUvaSuujXUioKllfbrWJRSujJaRcEeTIItJqtcJgekTOM8gKw==
cache-control: max-age=31536000
expires: Sun, 03 Dec 2023 10:06:20 GMT
date: Sat, 03 Dec 2022 10:06:20 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2
149.28.135.133/js/jquery.easy-ticker.min.js
200 OK 2.9 kB URL HTTP/2 149.28.135.133/js/jquery.easy-ticker.min.js
IP
File type ASCII text, with very long lines (2846)
Hash feb97f2abc0b7399ef5040e819c5e229
6f7f47a38fd363e72a3af2538d8f9908765ce497
685c7d443728ca101321dd37fb09683e01d7c58a3de16a23d4086f03082731e1
Analyzer Verdict Alert quad9 Sinkholed
GET /js/jquery.easy-ticker.min.js HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: application/javascript
last-modified: Fri, 10 Dec 2021 09:15:02 GMT
etag: W/"afa-5d2c7286bbabf-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ymOjVStD%2FsEKwMARiK5KgW9bT3nBhtvqcvYy8if%2BTNWS3ogVySsQYVE4TW29oJI0f10b4sH1Qc141zpNcRLrTusxa7gDMvN%2Bqf7uPoNTqCldWpJvM6gLzFdw3H%2FAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d279c276beb-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/asset/favicon.ico
200 OK 2.5 kB URL HTTP/2 149.28.135.133/img/asset/favicon.ico
IP
File type PNG image data, 60 x 60, 8-bit colormap, non-interlaced\012- data
Hash 12833e4aac455a83acc5920d22085c07
afc212ec432ba064b8c12894fc023e67ec6d2a00
71dfbe34b22e1cc7175167b79e7dd9e1a56556bfc35df940c38e10ad1f53ea75
Analyzer Verdict Alert quad9 Sinkholed
GET /img/asset/favicon.ico HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:20 GMT
content-type: image/vnd.microsoft.icon
content-length: 2459
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "99b-5d2c7282e82e2"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WYBaZRWPG80%2BDbcXAtwVirlCMniiygqlkwevrG5BrVsH7djWTrN9P9dR3hrtYg4u%2BAJzDx5mip0NCGHH8AFjwu0gLSztv2FsvOrvG%2FsJbrne11RTY4NC6c67%2F9xc%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d311f854d33-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=13111320
101 Switching Protocols 0 B URL HTTP/1.1 api.livechatinc.com/v3.3/customer/rtm/ws?license_id=13111320
IP
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.3/customer/rtm/ws?license_id=13111320 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: F4blGrjnDxPhdb62OjeIWA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: jdcv0k/2pR5Eypka4arqxcK3pxQ=
Access-Control-Allow-Origin: https://secure.livechatinc.com
legacy: 2023-06-30
Access-Control-Allow-Credentials: true
Date: Sat, 03 Dec 2022 10:06:20 GMT
Upgrade: websocket
Connection: Upgrade
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4rOFSXK_YsT2zB4Tpj99oDTqfmeUooOu4KxWjH2A7asmbtvezqfb7spj1mcCRcLIGHGgSJhXMgFLPSkrcsNJh85qDZ50oBgTuXJ3P-VTeAEaJ8n7yduEz2RY9w4TCyFoGbTwvrVmcwQPqRrwuhTRieaftE677Yeg69ulY0iPJUV0r-QmHjqSrxYUI/s16000/link-slot-gacor-hari-ini-2022.jpg
200 OK 252 kB URL HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh4rOFSXK_YsT2zB4Tpj99oDTqfmeUooOu4KxWjH2A7asmbtvezqfb7spj1mcCRcLIGHGgSJhXMgFLPSkrcsNJh85qDZ50oBgTuXJ3P-VTeAEaJ8n7yduEz2RY9w4TCyFoGbTwvrVmcwQPqRrwuhTRieaftE677Yeg69ulY0iPJUV0r-QmHjqSrxYUI/s16000/link-slot-gacor-hari-ini-2022.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1226x655, components 3\012- data
Size 252 kB (252353 bytes)
Hash a39bd129f519d7e43a9105b7fbf6d111
4bd81c3453ec2241e6666accd5cd41df2048cde1
b549ff97766bf8df561067c76550780d784b490181645392955dde01a35e84c3
GET /img/b/R29vZ2xl/AVvXsEh4rOFSXK_YsT2zB4Tpj99oDTqfmeUooOu4KxWjH2A7asmbtvezqfb7spj1mcCRcLIGHGgSJhXMgFLPSkrcsNJh85qDZ50oBgTuXJ3P-VTeAEaJ8n7yduEz2RY9w4TCyFoGbTwvrVmcwQPqRrwuhTRieaftE677Yeg69ulY0iPJUV0r-QmHjqSrxYUI/s16000/link-slot-gacor-hari-ini-2022.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v2057"
expires: Sun, 04 Dec 2022 10:06:21 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="link-slot-gacor-hari-ini-2022.jpg"
content-type: image/jpeg
vary: Origin
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 10:06:21 GMT
server: fife
content-length: 252353
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 33d4c0eb73252b9ee70cebc62151b0dd
31bc157147ab1329097d7c6f60bd077186c24bf8
fbf26b2930e09e9f73ff165eba2ce1f953054ebb7f47d425fd656108131b5cba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 10:06:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.postimg.cc/ZnYQRFrp/bank-24-jam-min.png
200 OK 101 kB URL HTTP/2 i.postimg.cc/ZnYQRFrp/bank-24-jam-min.png
IP
File type PNG image data, 1280 x 354, 8-bit colormap, non-interlaced\012- data
Size 101 kB (100639 bytes)
Hash 47a0a306f7024311b37a4265b24065f7
f130e1d3b51ef73e1019abdc160aea5864fc0af5
8faabbe899b683febab104917f6bae8fcf54309d4e66393c34804860c66acbe1
GET /ZnYQRFrp/bank-24-jam-min.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 100639
last-modified: Wed, 22 Sep 2021 14:23:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
149.28.135.133/home/get-slider
200 OK 28 kB URL HTTP/2 149.28.135.133/home/get-slider
IP
Hash 067aae023f85c67e74ffb9753ea1e2a8
b02411eb0006ee87bd2b8ea7ce761bd2dd237c4b
4bfc45e0c45f501706a9d6827613efcae61448575c759570a1e0231e8d6e9a6f
Analyzer Verdict Alert quad9 Sinkholed
GET /home/get-slider HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:20 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rFFZVDhZ6VzFAIIHfRk%2BACf8F76ncVe9hmJy9O1Px19R3h8XxR1Nqu06AP0yLAxvqwayVNXIaexHrYoKihgfRha2Nc1keEGOpcL3dsn2iBmSd0%2F7%2Bk3N%2BQzLckLEOA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d31bb634828-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-encoding: gzip
X-Firefox-Spdy: h2
i.postimg.cc/q7QrzZmz/topup-pulsa.png
200 OK 184 kB URL HTTP/2 i.postimg.cc/q7QrzZmz/topup-pulsa.png
IP
File type PNG image data, 1280 x 354, 8-bit colormap, non-interlaced\012- data
Size 184 kB (184049 bytes)
Hash 081b0e2b639bf6774848d8749e18c717
152edd150c4e920cf70e074d171cbb1037734978
c8bf870a5c9f7de67fd15d6398d375a2382aedee3b6bb30be450d6b530eafe55
GET /q7QrzZmz/topup-pulsa.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 184049
last-modified: Tue, 21 Sep 2021 03:54:58 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/6qHmG20S/emoney-min.png
200 OK 159 kB URL HTTP/2 i.postimg.cc/6qHmG20S/emoney-min.png
IP
File type PNG image data, 1280 x 354, 8-bit colormap, non-interlaced\012- data
Size 159 kB (158675 bytes)
Hash 2b24d5949eeee44c50074595da5148dd
9f7e5f7f49c55dccc2dfbe55e2da0bc07aa0ba35
90eaac8584985a91aded911054f651a9266743d47d1a7dfc3d09e09e357eddc3
GET /6qHmG20S/emoney-min.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 158675
last-modified: Wed, 22 Sep 2021 14:23:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
149.28.135.133/css/fontawesome/css/all.min.css
200 OK 82 kB URL HTTP/2 149.28.135.133/css/fontawesome/css/all.min.css
IP
Hash 3d60a1d888e9b7119c9a1ef2a6c36223
fc64d7e96c041f6674c9173ef483e23bc9fb2515
ca516d9002db239a896cdc47218eca4f50257b2ef6848d4abc6bacc3159cfea9
Analyzer Verdict Alert quad9 Sinkholed
GET /css/fontawesome/css/all.min.css HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:20 GMT
content-type: text/css
last-modified: Fri, 10 Dec 2021 09:15:01 GMT
etag: W/"e4d2-5d2c72868ebff-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8jVcc4lSVGmU6sWZg9VzGPIPNGxgnuh5Z3kkvG%2BYNJSzf%2Fz5ZbCMu8P1CluEWHA2eJh93NrRzDxBoW7H%2FhCpRPHrwY64mtvYerXW46knnX1iTLWfLsTO9ArqxlOXw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d311d0c493b-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.postimg.cc/tTNfpmV9/bonus-min.png
200 OK 206 kB URL HTTP/2 i.postimg.cc/tTNfpmV9/bonus-min.png
IP
File type PNG image data, 1280 x 354, 8-bit colormap, non-interlaced\012- data
Size 206 kB (205729 bytes)
Hash 39e9e89ca8563e70d6cdb073799edfdf
e8ef7e6c9b6730935ed4ffef7e36a9c7fe440ef2
9eacdb3a8c70b91af961ccdecc0a1a71c4976e4a1b3f55d29b901ddab36fbf34
GET /tTNfpmV9/bonus-min.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 205729
last-modified: Wed, 22 Sep 2021 14:23:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
149.28.135.133/img/rewards/samsung-galaxy-a20.png
200 OK 22 kB URL HTTP/2 149.28.135.133/img/rewards/samsung-galaxy-a20.png
IP
File type PNG image data, 289 x 380, 8-bit colormap, non-interlaced\012- data
Hash d0ac4f8299718959a32924250a32f429
c39b571edeb5e8e7aed4a6df1f059d07d0812846
488aef04f9878457d45d3166f84582b1901158588e34ec28754ccbea1b810fbf
Analyzer Verdict Alert quad9 Sinkholed
GET /img/rewards/samsung-galaxy-a20.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 21580
last-modified: Fri, 10 Dec 2021 09:14:59 GMT
etag: "544c-5d2c72842c661"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNpyQmEaj3eLQ4rC95r12bfFsi6wZd8AC1vprpFu9L72anuFiy4HbaeztkJT%2BvNunsz53rJzRRzGIfqiFthZdc1x7egeD%2BEOCl5f6xfLxLj%2BubeqkmFh99Y9QKoSAg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d36cd2587e4-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.postimg.cc/Pqkd7yb2/mau-motor-min.png
200 OK 290 kB URL HTTP/2 i.postimg.cc/Pqkd7yb2/mau-motor-min.png
IP
File type PNG image data, 1280 x 354, 8-bit colormap, non-interlaced\012- data
Size 290 kB (289486 bytes)
Hash 68879cd357602314f1301e4f9cc9f49a
4729368b4a401a9f2abed29bf442fadee90cee95
9ecef67042daba17e5bbfc953daf9dec345d9bff96c15c35c8e7ca3d37d4e82e
GET /Pqkd7yb2/mau-motor-min.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 289486
last-modified: Tue, 21 Sep 2021 09:30:14 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
149.28.135.133/home/get-reward
200 OK 28 kB URL HTTP/2 149.28.135.133/home/get-reward
IP
Hash 06f7e48c07db7922aa8b4e8622c7c4c5
724068e0b9f417b4f3150724cf7dcf7663325e14
c8f9a34f5573c8672b2e4c881d4be2ee30430f0c08cb6c957deea65f68d547d1
Analyzer Verdict Alert quad9 Sinkholed
GET /home/get-reward HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:20 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPUyeXRZ8UCm%2BdUHzZfwvT6mL5BWgHSFDkvocEOkLM6eMKw2rE%2FXhfzL9gX3VOWRjNAIkHU%2BNfwD9V0OPMsKRwv0OrgSJAtE4hc%2FIeusuhyCaROKHm0MNH5lr%2BZzQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d31cfbda131-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-encoding: gzip
X-Firefox-Spdy: h2
i.postimg.cc/Y01QxMKr/1-user-id-untuk-semua.png
200 OK 269 kB URL HTTP/2 i.postimg.cc/Y01QxMKr/1-user-id-untuk-semua.png
IP
File type PNG image data, 1280 x 354, 8-bit colormap, non-interlaced\012- data
Size 269 kB (269389 bytes)
Hash d68147d649a2065381568b2b96b3017f
e833f31abe27118b1b27e445c025da6acaaa0a95
b7cd1b8d156c629e2fa1c0d5e93d739a8be98bb413065e55046975933167630a
GET /Y01QxMKr/1-user-id-untuk-semua.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 269389
last-modified: Tue, 21 Sep 2021 03:41:04 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
149.28.135.133/img/rewards/gift-card-1M.png
200 OK 34 kB URL HTTP/2 149.28.135.133/img/rewards/gift-card-1M.png
IP
File type PNG image data, 289 x 380, 8-bit colormap, non-interlaced\012- data
Hash 6b209081d97f83812128d8013436f525
20f2378d2a77f3616424694c9dfdcfee6e3a8008
d43610bac027b2dfb5a3cc38e5d5d738ca3a537538d06d45a7f304b312f06f88
Analyzer Verdict Alert quad9 Sinkholed
GET /img/rewards/gift-card-1M.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 33740
last-modified: Fri, 10 Dec 2021 09:14:59 GMT
etag: "83cc-5d2c728425901"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e0Yd6%2FOKWqndsIJyulPuiz%2Biy3MQE2MkVq%2Bqc3Gvq38IIeAQ87tYGxJaVk5i1mBnWbwWp0IXC1AwNyaC%2F0Yvja3P24DkgOYot2z6TRhiA5RDFVwPNEAcmBxxsX0nhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d36cb614691-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/rewards/oppo-a52.png
200 OK 23 kB URL HTTP/2 149.28.135.133/img/rewards/oppo-a52.png
IP
File type PNG image data, 289 x 380, 8-bit colormap, non-interlaced\012- data
Hash 46f9079a559a47f0e3174bbfd47f13db
b7c788ffe9028cdc7950deeb608066516aba6f40
58e2613ddc455f57a4fa440a8086e31f30cd234d62dee01f85d563339f8edf6f
Analyzer Verdict Alert quad9 Sinkholed
GET /img/rewards/oppo-a52.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 22888
last-modified: Fri, 10 Dec 2021 09:14:59 GMT
etag: "5968-5d2c72842a721"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNGvYXjXM3xQKHuAz5rI9VrZoEx2sylRWDrmdUtBoRiZDS%2BOX1t4qLwKCF34dRPLmXd5yJ5w2UU4pBgeL5j5OuGNg%2FMCaR7pRCa%2FiUMA9VxdQPvby8QyJed8J%2F8Niw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d36ca0255ef-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/js/moment/moment-timezone.js
200 OK 240 kB URL HTTP/2 149.28.135.133/js/moment/moment-timezone.js
IP
File type Unicode text, UTF-8 text, with very long lines (1434)
Size 240 kB (240041 bytes)
Hash 513e78fadb4362e51d10611484aeccb8
9244d509db663d43edd1e1c6b8e527d6e4b39c92
b46402e70ba03569631e8b48d43709d3a264b8256d729228966a37475ce214b2
Analyzer Verdict Alert quad9 Sinkholed
GET /js/moment/moment-timezone.js HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:19 GMT
content-type: application/javascript
last-modified: Fri, 10 Dec 2021 09:15:02 GMT
etag: W/"32c89-5d2c72870cb9f-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHGkjdEN45gZAjmscLeHG2EuDZ9pxNEmWUWlwq2xQT4sZKuEdUI17xv92E0pSlmPQnOraPRM3uDgA5soPIHWAXcQJSfDRny7Rz%2BP6z5TZDL%2Bs9aw0l00w%2FPuU6%2B6AA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d279d4e4b98-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Fcdn.livechat-files.com%2Fapi%2Ffile%2Flc%2Fmain%2F13111320%2F0%2Fec%2Fc531f0c130124bc2bc69ed41241630c2.gif
200 OK 19 kB URL HTTP/2 cdn.livechatinc.com/cloud/?uri=https%3A%2F%2Fcdn.livechat-files.com%2Fapi%2Ffile%2Flc%2Fmain%2F13111320%2F0%2Fec%2Fc531f0c130124bc2bc69ed41241630c2.gif
IP
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 266 x 292\012- data
Hash ee2abdfe854254e06ad38b2665dd0a9d
3de66a0a34cf9390239758b1136bee1d6524dcf3
5de67aba44f7645bf86a261c7ed0435d58a197006f9017af4c174223e173e0ff
GET /cloud/?uri=https%3A%2F%2Fcdn.livechat-files.com%2Fapi%2Ffile%2Flc%2Fmain%2F13111320%2F0%2Fec%2Fc531f0c130124bc2bc69ed41241630c2.gif HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: Apache
content-length: 19004
access-control-allow-origin: *, *
content-type: image/gif
cache-control: public, max-age=61167729
expires: Sun, 10 Nov 2024 09:08:30 GMT
date: Sat, 03 Dec 2022 10:06:21 GMT
X-Firefox-Spdy: h2
149.28.135.133/img/rewards/honda-vario.png
200 OK 34 kB URL HTTP/2 149.28.135.133/img/rewards/honda-vario.png
IP
File type PNG image data, 289 x 380, 8-bit colormap, non-interlaced\012- data
Hash dbffc6a52d21648f53ebad13fbc3ab2b
28c59976c7ff7a30f790d845f17f72146327255b
309ba299caea9052b46ae8d24fb752f680b31a3261afa0aadfd54343bca941db
Analyzer Verdict Alert quad9 Sinkholed
GET /img/rewards/honda-vario.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 34224
last-modified: Fri, 10 Dec 2021 09:14:59 GMT
etag: "85b0-5d2c7284268a1"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ath8VP51Tpf4kd23l60Gj93Z1NzvCr1Jg1dhfRFgBZLzRJyfX7%2Bc92HujIcZij8NVKJPmQzhbwCu1wUZLz35qnurxU0fNJGHud%2ByTl8gR0IyswiZeC33oDfGHdiKGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d36fc169fd3-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/contact/whatsapp.png
200 OK 4.1 kB URL HTTP/2 149.28.135.133/img/contact/whatsapp.png
IP
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 1615c35823d29621da21be449451305a
417e7ea309f115f7363822102d4e5d3d642d54cc
a12eae00fefec0d2239bef38bb0ae69398dd10584d23576ae91452513341d5fa
Analyzer Verdict Alert quad9 Sinkholed
GET /img/contact/whatsapp.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 4119
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "1017-5d2c7283bf061"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2311
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7t9tpyIFE4H87BRnuM7tRzpE4Tc5PbbCHg2fyQymLkrYMxQuhJvhiiIfiCmennAigN9UewXC7yTumEabyqeeNeL1uWGpp2Q54RZzSbGi3UknJNtby%2ByQMXYddrQCFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d38daf1898e-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/contact/telegram.png
200 OK 3.6 kB URL HTTP/2 149.28.135.133/img/contact/telegram.png
IP
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 25b28f066269c0adb6a0b699970a64e3
92d39489ca83749e8ca163847fb5c5eabdb996bf
ffce700e1118cccb68b26e889a31d3aae8694ea447b6e96f8890c0ecf6697d7a
Analyzer Verdict Alert quad9 Sinkholed
GET /img/contact/telegram.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 3617
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "e21-5d2c7283b15a1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LHA%2BCKuIX17oidReTifSVp3eVwFqgneDiGnHzXwur5kjy0YOfunM%2BawNLCsDtjWXMWxk7XrZ07y8LF%2FgoKfYD1plQMLpm%2Fd7bSCbVnNbzCNE1w%2Bepic3lGRA3IT3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d38db9e4d45-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/contact/line.png
200 OK 4.0 kB URL HTTP/2 149.28.135.133/img/contact/line.png
IP
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash b431215b5738fb76e23b6be4681b18ef
4f46d4243f89fae0aee395769d0547d2ba90db58
a008628d25186de16402b262659091f80b562f8c534ca6674f8a4718dd1b578b
Analyzer Verdict Alert quad9 Sinkholed
GET /img/contact/line.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 4049
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "fd1-5d2c7283ab7e1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPbkVD6dSm6cHdulx9VsF0UrbK39k5S2gGdkYgeobZcOUjPDgHQLwnFLVcl8vmb4qE%2B3tXN4IGgk8FUzjpaocp5ZwutYxOmokbYv%2BjqedLNx8T7ZpsiX9qvbz7oFPg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d38ddc346a3-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/bank/pulsa-telkomsel.png
200 OK 4.4 kB URL HTTP/2 149.28.135.133/img/bank/pulsa-telkomsel.png
IP
File type PNG image data, 120 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash d5f43a0c16540eb028ec8a9cc6364067
092c7fe192e32eb040dcc84edb77daa5447c7fbb
9e845a67d9cc40aad920ba6978bc0b859d1dfc7e9d394052d8e40e431bef666b
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/pulsa-telkomsel.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 4382
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "111e-5d2c72836ef21"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5693
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uuttrd9XYOpO%2BLAEjbEmRsAgJ58eOQmYpbBMc2EDLucURlLs6ZFBRjxLu%2FqfR0MXWLxt8oeFvz36JITobd3x0VycIHP27hBQl7GFxrfGI%2BtqEZx7LStHytbsPZ1sbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3aa92d49cc-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/bank/ovopay.png
200 OK 7.2 kB URL HTTP/2 149.28.135.133/img/bank/ovopay.png
IP
File type PNG image data, 120 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash ff6dd6186595bab466c026b4f23cef56
8b419d407c969809826d4f32133b2bfdaad593cb
9dde325a73702605b77de4f9a2c0789f0d06e6df526896b153d9bbb42fa12c7f
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/ovopay.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: image/png
content-length: 7174
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "1c06-5d2c72836c041"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5693
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpgTqUCNl52fIhvGQI3GsLVLqD%2BpjONkm8FjBCVuiF7i49jS9KybV2bIJB3vDPUcngd3b7DIZXZvi4Dmzmlsmcs%2BIqpaMTqtJMz7CWhe1pq0yW81m9Ib3RL%2Fe0Gaag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3abdba8977-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 85d4658f8256d503f0d0714d06d19de5
36527ce9b1365b06e9d43cc0aa82b7d62a40e006
42fa4cdd38f7b8a1be496cd7a9c29c4c26b242b6e58b2b9e3bafe5343b1aa308
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155242
Date: Sat, 03 Dec 2022 10:06:21 GMT
Etag: "638ad691-1d7"
Expires: Mon, 05 Dec 2022 05:13:43 GMT
Last-Modified: Sat, 03 Dec 2022 04:54:41 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2L7acAhGeCHfoJZCmO-ahVXs3BMH_jGLDDwnTELGXJP2U-4-9GbAvg==
Age: 1142
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 85d4658f8256d503f0d0714d06d19de5
36527ce9b1365b06e9d43cc0aa82b7d62a40e006
42fa4cdd38f7b8a1be496cd7a9c29c4c26b242b6e58b2b9e3bafe5343b1aa308
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 03 Dec 2022 10:06:21 GMT
Last-Modified: Sat, 03 Dec 2022 09:41:25 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hsnel3ae1VLvJ-yfPVQmG6wt1ZRPQZgsyhefg3NMVNrJxBzTZplk3Q==
Age: 1496
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 85d4658f8256d503f0d0714d06d19de5
36527ce9b1365b06e9d43cc0aa82b7d62a40e006
42fa4cdd38f7b8a1be496cd7a9c29c4c26b242b6e58b2b9e3bafe5343b1aa308
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155428
Date: Sat, 03 Dec 2022 10:06:21 GMT
Etag: "638ad691-1d7"
Expires: Mon, 05 Dec 2022 05:16:49 GMT
Last-Modified: Sat, 03 Dec 2022 04:54:41 GMT
Server: ECS (bsa/EB16)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TRcRzVE8lZTAz7_XPIlPahtjpaXWat3qpr6aRYrwlGChLyfbEPLvAw==
Age: 1328
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 85d4658f8256d503f0d0714d06d19de5
36527ce9b1365b06e9d43cc0aa82b7d62a40e006
42fa4cdd38f7b8a1be496cd7a9c29c4c26b242b6e58b2b9e3bafe5343b1aa308
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155557
Date: Sat, 03 Dec 2022 10:06:21 GMT
Etag: "638ad691-1d7"
Expires: Mon, 05 Dec 2022 05:18:58 GMT
Last-Modified: Sat, 03 Dec 2022 04:54:41 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xWopzZE6j7MnyJ3LEwYEPTuH7I9w5eZdSwEAqn7ep6WDyi2JAfdVHA==
Age: 1457
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 85d4658f8256d503f0d0714d06d19de5
36527ce9b1365b06e9d43cc0aa82b7d62a40e006
42fa4cdd38f7b8a1be496cd7a9c29c4c26b242b6e58b2b9e3bafe5343b1aa308
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=155428
Date: Sat, 03 Dec 2022 10:06:22 GMT
Etag: "638ad691-1d7"
Expires: Mon, 05 Dec 2022 05:16:50 GMT
Last-Modified: Sat, 03 Dec 2022 04:54:41 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: WPzdC-ViEAsAbPhkBwkiYNHrOjAnaZqZLPoXbdmJQoQL21fDbtEqLw==
Age: 1329
149.28.135.133/img/bank/mandiri.png
200 OK 2.3 kB URL HTTP/2 149.28.135.133/img/bank/mandiri.png
IP
File type PNG image data, 120 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash d78944eb64813021f1d4dbd0e0ce8eb0
5fc7c596c1463de0e20ca5c355bdd4d2580bb734
1c3388b991daff0e5953670c4b17cb7e66c348ddd1098bbb4ef1cd4b733ea688
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/mandiri.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:22 GMT
content-type: image/png
content-length: 2255
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "8cf-5d2c72836a101"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUmWth4oBznHTUt26uIyZqcpAuIsqQzILkKUhnV%2F%2FpaAM6Xtgkv4nJQDKgHJ7R8NUHPsGKaUzfiLcDV%2FZbff7ZTb4aAzDev3XxiXqwcJjalcd8LPAd%2FjQRzS7yjR9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3a9bd9492f-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/bank/dana.png
200 OK 2.1 kB URL HTTP/2 149.28.135.133/img/bank/dana.png
IP
File type PNG image data, 120 x 57, 8-bit colormap, non-interlaced\012- data
Hash c530a97546e19e35b23c2420798d8d2f
65fc0f026fc26118acec27e0a21c932bf441db30
fd4dc845e3e8bfb4d133747bce254603e676506fc609d6ef1d08c9873eb01f50
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/dana.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:22 GMT
content-type: image/png
content-length: 2119
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "847-5d2c7283652e1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BlSkwwCVjPRGBAUsSZvqtHLc0ZBT%2ByVNalfY6DBVCrBVgoMM5ELsyBWXgTdUta4hY3qfbz%2FcckeFTEuN6h%2Bb9lS69ZDCL2eARkjP7jEpsWt4tKaMdRB60eQnYtJIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3a98a44b62-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/bank/bri.png
200 OK 1.7 kB URL HTTP/2 149.28.135.133/img/bank/bri.png
IP
File type PNG image data, 120 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 218b0dcde30b5c8de6ae1e9f12f4ea5d
9a27529199df1352a399fbed7956730efd053e1e
d0f684a52987df9b519042a1175457ea97c16cda9aa18e9ba190da7a7a3f3e4c
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/bri.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:22 GMT
content-type: image/png
content-length: 1655
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "677-5d2c728362401"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcvlQsBLabQjRz%2FYI1YGHcjlP6bQZ4dk5aONpKEJZPq5knYd38eeERjtq6aAhEI4VjQEV8CxEAQLWUuUbo%2BgWiDkgwVV3WFT72mpINxbyX4tWxC%2FMFNLutTxrlY7ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3a9aaa4912-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/bank/gopay.png
200 OK 6.4 kB URL HTTP/2 149.28.135.133/img/bank/gopay.png
IP
File type PNG image data, 120 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 774499bfdd322c4aea891128457d0e25
b3d26c8db5c725b221afd38fdc6c1002f5c23ad4
0f98367bff4e206941498d4d3849a2838d1dcb1996ea87f8a574d0b801ac726a
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/gopay.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:22 GMT
content-type: image/png
content-length: 6420
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "1914-5d2c7283681c1"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAli%2FeQqXqFWTgX%2FTgPVIc81uqUWtyLDHpIIkrP4ac0Afq980r9FiGRHSPhSbP1OH6ooQF%2Bf1RX9TDOho9SNpP657DddLGFbNwJ0x6RtzBfJTZ0f1X9o9uBkPiXGjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3ab9dba081-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/bank/danamon.png
200 OK 2.1 kB URL HTTP/2 149.28.135.133/img/bank/danamon.png
IP
File type PNG image data, 120 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash f04f6fd7d1ca3e384c6a9d07e33bc6a2
c1c42f26b2eced7a65083a744ef037dd25cb2608
c0f9ed0fd929c29eb7a767e428e6e2e8dfc03fe7a6f18e0a846dc8277205fe59
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/danamon.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:22 GMT
content-type: image/png
content-length: 2061
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "80d-5d2c728367221"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwjSwpaClfrxNaRcfwEwckKiOlxbG25Yh9iGBIhFOE%2FtmSX0Z3GP9ieszV7UliGXz3V6OqcwVAcnBtfMhxXldzTa2hPwELqm%2FEeDy2zj1lLh54zbRkCql0yBbs6tJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3abed66bd9-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/bank/linkaja.png
200 OK 4.7 kB URL HTTP/2 149.28.135.133/img/bank/linkaja.png
IP
File type PNG image data, 120 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash f04d56570cd675c9824d5111fb4b5678
ba5121577c35bd3e90224d75d2f7ca57df837788
23687ff2b5abfac047825994611100e37deea3e94f6dc0d0544690e83205d2d9
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/linkaja.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:22 GMT
content-type: image/png
content-length: 4650
last-modified: Tue, 12 Jul 2022 05:54:18 GMT
etag: "122a-5e3954c9cdf2c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XeUgxb3uF1wiTShW2iFYYiv88MBUorr%2B1NPeTrWwYSZt%2Fj35k%2Ft8HhorA72eYaPUWfCeTjigk%2FonnkZeJR6YOD05%2Fv2vqZ0lbbcVJBxkg4LwYEbIlrrw%2BKIuDduJYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3aabdba3e9-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/bank/bni.png
200 OK 1.3 kB URL HTTP/2 149.28.135.133/img/bank/bni.png
IP
File type PNG image data, 120 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 1ace2325b27b0319e9aa0aa972426eb8
4501341a2f1b50809f124d623225deda5f5a018b
84ef51b5f11c33d67d9a4cb18e6d953ce7a8466c02aa5fb5276115702e6b781f
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/bni.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:22 GMT
content-type: image/png
content-length: 1338
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "53a-5d2c7283633a1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOqvk8oOZj7U8LRFy7u9fzqdeMhcEULk0f%2B8saQoFL9M773YHEI3YYyQi56yvDpBj5mAgPLw%2B5ZeA5D7MEmyKD%2BPKSzxx5Olai4Kz0xOKd0eleBsvDUJqU9WKz95Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3abf9b4c83-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/bank/permata.png
200 OK 1.8 kB URL HTTP/2 149.28.135.133/img/bank/permata.png
IP
File type PNG image data, 120 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 911a5373a7cf76b7fc0f039b1781704d
28c7b8ee80c76404e816ff1fc8bdaea65566d252
abcb9150fbd731b13ce7409517d2f5839d267c1312645a2bc7eec547e0bc9ab8
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/permata.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:22 GMT
content-type: image/png
content-length: 1843
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "733-5d2c72836df81"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofR84PDB0DOZpi%2Bc1Navjs6BJWamYBrSIbhFYIEyejEumUTC5z5SgRmXPULe8rINNWAwGY3ldRyp27y5hMsc%2FFXFUpOhCuc6VwfAmeVXUW%2BKJ7rwjif0hFIVNh5C3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3abb59899e-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/bank/bca.png
200 OK 1.7 kB URL HTTP/2 149.28.135.133/img/bank/bca.png
IP
File type PNG image data, 120 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash f2f54f3cfc35a6e248bbcdd9f1026373
53cb02bfd76b88938790f9bdf6945d5cafceb47e
68aa231bc3e7a4188a56d7a7eec5481b5091a6077ba1b9450090f61c2d393df3
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/bca.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:22 GMT
content-type: image/png
content-length: 1650
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "672-5d2c7283604c1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aw1Bs%2BsH5mPHyjsNWjUGnJYioHS1ixwV5eZUMT3KiedTmMpYzvFNk%2FZkuWWghH1KL87EmGw2DWOQBIEzn7axBhddZYj8W0jZz0L9aVfVY7RGHECNnY349ZEC6iZR6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3abad44649-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/bank/panin.png
200 OK 1.5 kB URL HTTP/2 149.28.135.133/img/bank/panin.png
IP
File type PNG image data, 120 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 02c17569b47abc044d37c6c1bc02c90a
718e77f57e71ebe9307ea40fbf0a4309167e16b3
b225d8bca9f79e6b48cd8fad0119838fd1fc76306fc19465fb228853db7a1a41
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/panin.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:22 GMT
content-type: image/png
content-length: 1478
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "5c6-5d2c72836cfe1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v4riYtcZH%2BMZD8WuNJDmdbqFe%2F6nCXh5hXRlp4v%2FmuxJU3MiyUijlkw2rPaoGHVGSew1h4VPzLXjLJ46UFQUaT00m86q5j%2BHf6aGSDqnz3qR%2FQYnQoDCCbY7zAOn2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3abfed6ba5-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/bank/cimb.png
200 OK 1.4 kB URL HTTP/2 149.28.135.133/img/bank/cimb.png
IP
File type PNG image data, 120 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash e20cfda79203cc429ecdafaa882f907f
be0732b34265ddcc1062106460e92665e2ae278f
d55fb25f2901b4e8f52363fc9e8cfff4a20c2fee66d3eb54d234194298ab8f8d
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/cimb.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:22 GMT
content-type: image/png
content-length: 1394
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "572-5d2c728364341"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7k6KBBkRfGmd5niqRV%2FPXCUu3y9VPPEjaAksg3NXW%2FyOxywtEPhRihjNXw5UHbsiNQi5U8U%2B5fOSycvy%2B6fII1PhgtR0QQD%2BKpEEoQXwnj4h7pTlSbU%2FLdCE%2B2GYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3abe5e6c2f-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/img/bank/pulsa-xl.png
200 OK 6.5 kB URL HTTP/2 149.28.135.133/img/bank/pulsa-xl.png
IP
File type PNG image data, 120 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 254a263926f9e29eb4e4ef1e39950011
084f75927f12f925ba0efee948b721247fab61bd
bf510ba7a88ec0e2fa0e209f93caa80f40ba9ead2478ce2f1bb4b014f49f1267
Analyzer Verdict Alert quad9 Sinkholed
GET /img/bank/pulsa-xl.png HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:22 GMT
content-type: image/png
content-length: 6532
last-modified: Fri, 10 Dec 2021 09:14:58 GMT
etag: "1984-5d2c728370e61"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GhjZMGRiTqPdIgjsQG72J2etQcNA32tpfTZYEzz8TDWr%2B9BNBINOyHr3zADC1u9HHpM9fmFtd%2B7k3Bdr5AEZISdN0cmlxyaXq38ET8pgZWlml%2FAcCFFEteYPQXAGdw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d3abb984c59-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Anton&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Anton&display=swap
IP
GET /css2?family=Anton&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 10:06:18 GMT
date: Sat, 03 Dec 2022 10:06:18 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sukabet-super.s3.ap-southeast-1.amazonaws.com/slider/DailyWin%2021M_1280x354.jpg
200 OK 0 B URL HTTP/1.1 sukabet-super.s3.ap-southeast-1.amazonaws.com/slider/DailyWin%2021M_1280x354.jpg
IP
GET /slider/DailyWin%2021M_1280x354.jpg HTTP/1.1
Host: sukabet-super.s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: hDtDM64MYfk5odimDqcDxmwVw2xiQkTIeMFVNkBpbARnAnBswRe59V3SsE9kjgNKJzWu42scD4o=
x-amz-request-id: S1FGNESBDK4S8B4K
Date: Sat, 03 Dec 2022 10:06:23 GMT
Last-Modified: Fri, 25 Mar 2022 07:26:34 GMT
ETag: "d90e5d17139c7bf8f7d2478b452e89b2"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 427969
149.28.135.133/get-contact/
200 OK 0 B URL HTTP/2 149.28.135.133/get-contact/
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /get-contact/ HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RulRpazRRJ6QZzWygsMnxGjVnU7dRtOVyVez1LR1TWpnrrFolfGz4hMOYvzLnLxG0Ysu%2BjOpbCiu1sboEoBI32zLXuijRu%2BYcSNJzkHNyKldIsdeW%2FafQloh57JUzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d31bb4a9fa3-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-encoding: gzip
X-Firefox-Spdy: h2
149.28.135.133/js/numeral.min.js
200 OK 0 B URL HTTP/2 149.28.135.133/js/numeral.min.js
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /js/numeral.min.js HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: application/javascript
last-modified: Fri, 10 Dec 2021 09:15:02 GMT
etag: W/"2cb4-5d2c7286bd9ff-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YRfNyz0zpCW91peGgcc6IeEOjmwHuRFIj9MkMc0bQjXu5YsuXbst5Y4E3zB14SqtxTQ2M3y9lYUwcMg6jiFRs1E0Emy4rXzTzw7cYVqZiv4aJFlLT41ThFXxkC7r7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d2799e7a03f-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/get-banks/
200 OK 0 B URL HTTP/2 149.28.135.133/get-banks/
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /get-banks/ HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joxpUt8I2CDLzm2AUSeVuDnExCWQgJ%2F%2BprAacROk5NGCvJG8HZOOGTfgucjAIbH%2BPdYD%2FWYBJ4%2FawxTqqB7DZtSng4eXpnjkUWBMrsRN%2FUtLmioI7p%2FbJO4ejVbP%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d31c8794ca7-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-encoding: gzip
X-Firefox-Spdy: h2
149.28.135.133/home/get-last-deposit
200 OK 0 B URL HTTP/2 149.28.135.133/home/get-last-deposit
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /home/get-last-deposit HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSk91IA8BVo91eQ45E2B92EEYUhU52OMadsMkFESnce0DQnep9g9gEClBWzAjDfZMwhhVbxw7%2BG0wWJ1Q378Br69Lj3Wrll8qyDxj2ssFQoEbZFrhLZ61QM3%2F453mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d31b80d87e1-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-encoding: gzip
X-Firefox-Spdy: h2
149.28.135.133/Customers/getJackpot
200 OK 0 B URL HTTP/2 149.28.135.133/Customers/getJackpot
IP
Analyzer Verdict Alert quad9 Sinkholed
POST /Customers/getJackpot HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://149.28.135.133
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8A1%2BaVGm%2BkAUjzf5%2BD6qSoDfgW29xVSPpqcsKmwfVcjQRPsBSv1Tw8%2Br0VoUmr%2FYNp3Q4HI9bokBwpxNxM9Z586eY%2FihESFsGwMd8YRAtHF7Ky0l%2B5ST8F9Eu3DnLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d32bab4896b-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-encoding: gzip
X-Firefox-Spdy: h2
sukabet-super.s3.ap-southeast-1.amazonaws.com/slider/pp-rp2.4milliar-18-nov-2022-d.jpg
200 OK 0 B URL HTTP/1.1 sukabet-super.s3.ap-southeast-1.amazonaws.com/slider/pp-rp2.4milliar-18-nov-2022-d.jpg
IP
GET /slider/pp-rp2.4milliar-18-nov-2022-d.jpg HTTP/1.1
Host: sukabet-super.s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: f++EWcHbsDKEC6zsoMXbzfvS6bTjo45gCBk/6hoKpVmzAMLIOkiYtKnSuBIQMEZ01XtBmC6WiE8=
x-amz-request-id: S1FKJ4PX0PH7H6ZJ
Date: Sat, 03 Dec 2022 10:06:23 GMT
Last-Modified: Thu, 10 Nov 2022 09:07:06 GMT
ETag: "f45a5e0399b3bc7b8920a3c7316514a5"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 229940
149.28.135.133/js/fancybox/js/jquery.fancybox.min.js
200 OK 0 B URL HTTP/2 149.28.135.133/js/fancybox/js/jquery.fancybox.min.js
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /js/fancybox/js/jquery.fancybox.min.js HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: application/javascript
last-modified: Fri, 10 Dec 2021 09:15:02 GMT
etag: W/"10a9d-5d2c7286d9f1f-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 4179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdK%2BJzwvc4bPxv4RTQucsXsv2Wi7W1J%2F63gquG3%2FNtJoTXi0AbhCxWNqFWjfR9PAj%2Bu52B%2Bftci74Q1VWh%2BI98ZQHGIchrmvn1VrSZBp7HXr%2BPv%2BoorSFYVANlMPig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d279bb3898e-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/js/jquery.lazy.min.js
200 OK 0 B URL HTTP/2 149.28.135.133/js/jquery.lazy.min.js
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /js/jquery.lazy.min.js HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: application/javascript
last-modified: Fri, 10 Dec 2021 09:15:02 GMT
etag: W/"139e-5d2c7286bd9ff-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2150
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FrvjT0a8ZOj6GUv8k38eIk6C2jSUg1ZWI14bq7udfG8uqO8%2BdEGnLrvMPOtj2kbppA1kGhRq%2F8otGLDSlmmwaCyGXm7wpLTukD0mGZWr6OKFRxA%2B%2Fr2Io9Dikq0Iug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d279ea28995-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/js/bootstrap.min.js
200 OK 0 B URL HTTP/2 149.28.135.133/js/bootstrap.min.js
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /js/bootstrap.min.js HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: application/javascript
last-modified: Fri, 10 Dec 2021 09:15:01 GMT
etag: W/"bef7-5d2c7286b3dbf-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 5695
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okHNIRn16LcEwpVSma6kxHEFCfZbYeu7CKgzUEahkwqfGL2HsJBj0RYZnfKLep%2B0%2BlIwkpMEW%2F%2BLcgxkucEkQq35NVOCOZmwn3G%2BvUwejGeyiaOUcAE7%2FhmFFBWdUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d279e898938-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
149.28.135.133/home/get-daily-winner
200 OK 0 B URL HTTP/2 149.28.135.133/home/get-daily-winner
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /home/get-daily-winner HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:21 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8S6jWvkKascFXblulKih9rpIBir4FhIcpXasg83cwT8FNryN%2FbO6SdRaXWstcPMXibUgWX33H%2F4QQzmLJlcSZHU%2F4qt9uK8PDhf%2BqcknZarOKt9xUyKRp1HSi0Jk%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d31cbfc6cad-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-encoding: gzip
X-Firefox-Spdy: h2
149.28.135.133/
200 OK 0 B IP
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bungkla.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VNhAKitp7hqN2Ska41fLhiyWNCyAZamyGJU4X%2BMf1onfGM9xcg0t3ItMM00nyqpp0CWA4VvEpPLBrxCZZHHz9P8BewZnWdYEpfJrMUuA0vYZVI%2FNteHZc%2Ffk6m%2Bfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d1e8f902eb0-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-encoding: gzip
X-Firefox-Spdy: h2
149.28.135.133/js/moment/moment.min.js
200 OK 0 B URL HTTP/2 149.28.135.133/js/moment/moment.min.js
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /js/moment/moment.min.js HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:18 GMT
content-type: application/javascript
last-modified: Fri, 10 Dec 2021 09:15:02 GMT
etag: W/"e5ee-5d2c72870db3f-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 2311
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Cxe1KFG%2BaqLX%2B6PHA6ZIkDvpBNx4n1cYHoaCkxWTC62CaaFuSFdicnBSvHSznibrWnai7kMS1saveXh0dx8AEeuWRGpLwjJT7p2Ade%2F5q31lAJNmFVQDcAhiu%2FGwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d279d3c4d45-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sukabet-super.s3.ap-southeast-1.amazonaws.com/slider/payday_mega_cash_d.png
200 OK 0 B URL HTTP/1.1 sukabet-super.s3.ap-southeast-1.amazonaws.com/slider/payday_mega_cash_d.png
IP
GET /slider/payday_mega_cash_d.png HTTP/1.1
Host: sukabet-super.s3.ap-southeast-1.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://149.28.135.133/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: sOhMgoHpgtVgi4z8qHIafxko+IQug7B3ePAnm0ptmmyIRGogcfOmuieQzhfAsIkWqtnKHZGILRs=
x-amz-request-id: S1FYR9PHHDCFSD2N
Date: Sat, 03 Dec 2022 10:06:23 GMT
Last-Modified: Wed, 03 Aug 2022 03:30:08 GMT
ETag: "a616195ae1889631cfbff757d14ff6c9"
x-amz-storage-class: REDUCED_REDUNDANCY
Accept-Ranges: bytes
Content-Type: image/png
Server: AmazonS3
Content-Length: 220797
149.28.135.133/home/get-last-withdrawal
200 OK 0 B URL HTTP/2 149.28.135.133/home/get-last-withdrawal
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /home/get-last-withdrawal HTTP/1.1
Host: 149.28.135.133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://149.28.135.133/
Cookie: _ga_M48573X0EY=GS1.1.1670061976.1.0.1670061976.0.0.0; _ga=GA1.1.1789359256.1670061976; _ga_2XJES9J2RM=GS1.1.1670061976.1.0.1670061976.0.0.0; CAKEPHP=3ht32g9bjs237ae4i0lrs9672q; _gid=GA1.1.1362743861.1670061978; _gat_gtag_UA_238217077_2=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 10:06:20 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ivGek03J2rxt9koPzNHnpG7ZaVxmaPnDPa%2F2lGX%2BKWrYLex8%2FEHSzQ4OLagde445PrdPHCqLh3qn0yGDxBy3epQ45ye8r05ogUjc6UgsSrZMbiG04%2FjvsBQxtGjRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 773b7d31c952ab59-SIN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-encoding: gzip
X-Firefox-Spdy: h2
188.114.96.1
142.250.74.168
162.19.58.159
95.101.10.202
93.184.220.29
149.28.135.133
104.18.32.68
151.101.244.193