Report - valtrasde.my.id/

Report Overview

Submitted URL
valtrasde.my.id/
IP
52.230.38.12
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-10-05 22:17:59
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
54

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.7
valtrasde.my.id	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.3 kB	5.7 MB	52.230.38.12
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	58 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	746 B	142.250.74.10
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.89.136.7
encrypted-tbn0.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	452 B	32 kB	142.250.74.78
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
code.jquery.com	634	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	31 kB	69.16.175.42
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.8 kB	142.250.74.3
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp
2022-10-05	medium	valtrasde.my.id/	WhatsApp

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	valtrasde.my.id/	Phishing
2022-10-05	medium	valtrasde.my.id/img/karakter-anime-cantik-13-a715e.jpg.webp	Phishing
2022-10-05	medium	valtrasde.my.id/css/thin.ttf	Phishing
2022-10-05	medium	valtrasde.my.id/img/tyasbugil.jpeg	Phishing
2022-10-05	medium	valtrasde.my.id/img/pppertama.jpeg	Phishing
2022-10-05	medium	valtrasde.my.id/img/karakter-anime-cantik-9-5d82f.jpg.webp	Phishing
2022-10-05	medium	valtrasde.my.id/img/Sherlyn.jpeg	Phishing
2022-10-05	medium	valtrasde.my.id/img/karakter-anime-cantik-8-62975.jpg.webp	Phishing
2022-10-05	medium	valtrasde.my.id/css/font.ttf	Phishing
2022-10-05	medium	valtrasde.my.id/css/bege.jpeg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-04-19
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-19 16:29:49 Times Seen138302 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	valtrasde.my.id/	210 B	2023-03-07	2023-03-26
Pretty URL valtrasde.my.id/ IP 52.230.38.12 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:33 Last Seen2023-03-26 07:54:28 Times Seen2 Hash d0609065bbbe3a02fcc1f3aeca2b1119 f88d418834925655cd2e084f0936721e39ae28e4 fe44f53c1224a47f428821ba994af348c961332f75855ae40bc8f7325247c5fe Loading...

	valtrasde.my.id/	446 B	2023-03-07	2023-03-14
Pretty URL valtrasde.my.id/ IP 52.230.38.12 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:54 Last Seen2023-03-14 00:08:21 Times Seen1 Hash 5b66ab11a2cc6d67596bb4ae0688b7b6 6ff131a90416ca9c7b90808098a50a883134f762 44045c42e1ac2712277d5dbb017154c8fd80d6e907860e576489af595306818c Loading...

HTTP Transactions (41)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

54.230.111.7

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: YgV4peT5ZSN9cpUJVsFBRJNtVbNfGZZ7X23GyzYzvwhR4fy9RWc6tg==
Age: 23430

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14259
Expires: Thu, 06 Oct 2022 02:15:27 GMT
Date: Wed, 05 Oct 2022 22:17:48 GMT
Connection: keep-alive

valtrasde.my.id/

52.230.38.12

200 OK

1.9 kB

URL HTTP/1.1
valtrasde.my.id/
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
1.9 kB (1906 bytes)
Hash
87c993066dd0251176b8e9f691f8c689
7439679e71ed395d7a471cb47f28e9ea004df4b0
3c513f25411255c9afd9ed5049b97434a5a04f098ab18a17ee23f49a9aeff0ef

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Content-Length: 1906
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Wed, 05 Oct 2022 22:17:48 GMT
Server: LiteSpeed

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a1073a68ed38c8e3575e889224db944c
ee2a7a3e2da77a8540131f9ffaa0a20d4dd486bd
a9fb1f7ade7c8a79d2ee83e9b7215e66dc89ac733b11079297a8f4b9aceae1f5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2491
Expires: Wed, 05 Oct 2022 22:59:19 GMT
Date: Wed, 05 Oct 2022 22:17:48 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: mxpeJBizf/mJ2uu41TfglT26v9ZQbXLIPx65UD9tdsyBgTX+nElFsKhuxI0qXcPoQ+GgXXAA+W0=
x-amz-request-id: 2XS3TY8H6FFNM4NW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 05 Oct 2022 21:30:29 GMT
age: 2839
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 22:17:48 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.5.1.min.js

69.16.175.42

200 OK

31 kB

URL HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
69.16.175.42:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://valtrasde.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 22:17:49 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1665008269.dop211.sk1.t,1665008269.cds262.sk1.hn,1665008269.cds208.sk1.c
X-Firefox-Spdy: h2

valtrasde.my.id/css/style.css

52.230.38.12

200 OK

1.3 kB

URL HTTP/1.1
valtrasde.my.id/css/style.css
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text
Size
1.3 kB (1259 bytes)
Hash
c0f666902815710563ff826084af0b1a
14cd50253802bac2c57e039fc5af5001c344fabe
88c918fdab1c0329a65ba605c56776903295e7ca2ad357dd70b1fdebb4c7b5dd

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp

HTTP Headers

GET /css/style.css HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:49 GMT
Content-Type: text/css
Last-Modified: Tue, 22 Mar 2022 19:28:33 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1259
Date: Wed, 05 Oct 2022 22:17:49 GMT
Server: LiteSpeed

valtrasde.my.id/css/facebook.css

52.230.38.12

200 OK

938 B

URL HTTP/1.1
valtrasde.my.id/css/facebook.css
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
938 B (938 bytes)
Hash
a268e3dd91a8949b62c91a116f215f81
e9aa31f2448257308e477531490c2f03dbc490a9
674d94c5c261ecfd55e5365a467885e61184cee432ba32896fd9dccddb7373f7

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp

HTTP Headers

GET /css/facebook.css HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:49 GMT
Content-Type: text/css
Last-Modified: Fri, 15 Jan 2021 11:21:10 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 938
Date: Wed, 05 Oct 2022 22:17:49 GMT
Server: LiteSpeed

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 22:17:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 22:17:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.7

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 21:55:50 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 21:49:19 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: psiTl3T5lkdSahXRJDazj4Pl9_EiyFU9s9GfaecUdX1GEdFx7IWbpg==
Age: 2896

valtrasde.my.id/img/karakter-anime-cantik-13-a715e.jpg.webp

52.230.38.12

200 OK

18 kB

URL HTTP/1.1
valtrasde.my.id/img/karakter-anime-cantik-13-a715e.jpg.webp
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 560x315, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
18 kB (17674 bytes)
Hash
3039e28d25e4962618953916acfc3f86
a428a23bdc96789dd14401416b8db3f89516f7c7
c0c3dafdb631b6055cb1e9cf25a807c3663a42c258d5ebeb1f8f38cc767a397a

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp
fortinet	Phishing

HTTP Headers

GET /img/karakter-anime-cantik-13-a715e.jpg.webp HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:49 GMT
Content-Type: image/webp
Last-Modified: Mon, 16 Aug 2021 13:35:35 GMT
Accept-Ranges: bytes
Content-Length: 17674
Date: Wed, 05 Oct 2022 22:17:49 GMT
Server: LiteSpeed

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4714
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 22:17:49 GMT
Last-Modified: Wed, 05 Oct 2022 20:59:15 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

valtrasde.my.id/img/0_ptDX0HfJCYpo9Pcs.gif

52.230.38.12

200 OK

90 kB

URL HTTP/1.1
valtrasde.my.id/img/0_ptDX0HfJCYpo9Pcs.gif
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 800 x 600\012- data
Size
90 kB (90430 bytes)
Hash
4cbcfda30cb77ef22e12ba9109fc4948
359e38d8dfc3fd5d1fa4286e8cf81a2861653948
c2f413ec031122040ebc7dd93353b86cf8b29569f922838d04283425eb0c4fca

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp

HTTP Headers

GET /img/0_ptDX0HfJCYpo9Pcs.gif HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:49 GMT
Content-Type: image/gif
Last-Modified: Wed, 18 Aug 2021 11:37:14 GMT
Accept-Ranges: bytes
Content-Length: 90430
Date: Wed, 05 Oct 2022 22:17:49 GMT
Server: LiteSpeed

valtrasde.my.id/css/thin.ttf

52.230.38.12

200 OK

21 kB

URL HTTP/1.1
valtrasde.my.id/css/thin.ttf
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
TrueType Font data, 15 tables, 1st "OS/2", 24 names, Unicode\012- data
Size
21 kB (20620 bytes)
Hash
8a909e4bc40bbfc48bd5fd99bda68d92
7541db42b9a52bd881e907a6cabd691d1cb7c6ef
8ff7892f3e39ef5c9de412bbbd1fce64fd03eedd708299f07a2e3f5d7494f713

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp
fortinet	Phishing

HTTP Headers

GET /css/thin.ttf HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/css/style.css

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:49 GMT
Content-Type: font/ttf
Last-Modified: Fri, 15 Jan 2021 05:36:35 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 20620
Date: Wed, 05 Oct 2022 22:17:49 GMT
Server: LiteSpeed

valtrasde.my.id/img/karakter-anime-cantik-2-0e6af.jpg

52.230.38.12

200 OK

73 kB

URL HTTP/1.1
valtrasde.my.id/img/karakter-anime-cantik-2-0e6af.jpg
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 720x900, components 3\012- data
Size
73 kB (73059 bytes)
Hash
2710df14d2002ae12b959ce5eb17a0f8
8e287f98726fa1d854227dfad3795dae7e502a1c
8212739b4695611033d0f0de4b3ceafed6f7f73cf027614ce7048c5badeb41ce

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp

HTTP Headers

GET /img/karakter-anime-cantik-2-0e6af.jpg HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:49 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 21 Mar 2022 09:08:28 GMT
Accept-Ranges: bytes
Content-Length: 73059
Date: Wed, 05 Oct 2022 22:17:49 GMT
Server: LiteSpeed

valtrasde.my.id/img/580b57fcd9996e24bc43c543.png

52.230.38.12

200 OK

152 kB

URL HTTP/1.1
valtrasde.my.id/img/580b57fcd9996e24bc43c543.png
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 1000 x 1000, 8-bit colormap, non-interlaced\012- data
Size
152 kB (152291 bytes)
Hash
188a278629872508123e7bf25a4e4ae9
468d1d4a68a6ed6dad42f5470ae1d22fa6c032b9
d15c880b55b3ed610b5af0bddb63b50e386da5d32658e069dac8d8c512f801e8

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp

HTTP Headers

GET /img/580b57fcd9996e24bc43c543.png HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:49 GMT
Content-Type: image/png
Last-Modified: Wed, 18 Aug 2021 11:35:54 GMT
Accept-Ranges: bytes
Content-Length: 152291
Date: Wed, 05 Oct 2022 22:17:49 GMT
Server: LiteSpeed

valtrasde.my.id/img/tyasbugil.jpeg

52.230.38.12

200 OK

103 kB

URL HTTP/1.1
valtrasde.my.id/img/tyasbugil.jpeg
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 715x951, components 3\012- data
Size
103 kB (102585 bytes)
Hash
bba5afb8677892ec1e7e4a2955fa4a12
883872a756f62d97ffe97888a7efe3b9ce6dad25
8fb3ab9dfe4f24a6892f06d3c4e8820c6f299241b6ffaca762cfe00f8de17eac

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp
fortinet	Phishing

HTTP Headers

GET /img/tyasbugil.jpeg HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:49 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 21 Mar 2022 09:12:00 GMT
Accept-Ranges: bytes
Content-Length: 102585
Date: Wed, 05 Oct 2022 22:17:49 GMT
Server: LiteSpeed

valtrasde.my.id/img/facebook_text.png

52.230.38.12

200 OK

29 kB

URL HTTP/1.1
valtrasde.my.id/img/facebook_text.png
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp

HTTP Headers

GET /img/facebook_text.png HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:49 GMT
Content-Type: image/png
Last-Modified: Fri, 15 Jan 2021 11:21:10 GMT
Accept-Ranges: bytes
Content-Length: 28789
Date: Wed, 05 Oct 2022 22:17:49 GMT
Server: LiteSpeed

push.services.mozilla.com/

52.89.136.7

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.136.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3R7y/p+SLW/gEC3/Gc9Uqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: H35sSa3SbmTmushRPySt4hY9Onk=

valtrasde.my.id/img/pppertama.jpeg

52.230.38.12

200 OK

240 kB

URL HTTP/1.1
valtrasde.my.id/img/pppertama.jpeg
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1080x1350, components 3\012- data
Size
240 kB (239840 bytes)
Hash
2e4ec3640e71ed770bf0fdfa3b7009c0
c8deefbc83dca632fc14df6ed0712e4b6376790c
bdf4d1b88517e05b8de182c624a97a3ec1a024a9a7b0016732bfff0b3fea88bf

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp
fortinet	Phishing

HTTP Headers

GET /img/pppertama.jpeg HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:49 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 21 Mar 2022 09:01:05 GMT
Accept-Ranges: bytes
Content-Length: 239840
Date: Wed, 05 Oct 2022 22:17:49 GMT
Server: LiteSpeed

valtrasde.my.id/img/karakter-anime-cantik-9-5d82f.jpg.webp

52.230.38.12

200 OK

34 kB

URL HTTP/1.1
valtrasde.my.id/img/karakter-anime-cantik-9-5d82f.jpg.webp
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 560x373, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
34 kB (33836 bytes)
Hash
e96ba37cb580d2ec86c61ffa2609deff
ca19f13f6fe7b0da0ab81e200005d172ccf909d5
3ef50ce5ebf525053581d80d9be4f43b0162fa2d5fe8a967bf8faecd96ab0318

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp
fortinet	Phishing

HTTP Headers

GET /img/karakter-anime-cantik-9-5d82f.jpg.webp HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:50 GMT
Content-Type: image/webp
Last-Modified: Mon, 16 Aug 2021 13:37:55 GMT
Accept-Ranges: bytes
Content-Length: 33836
Date: Wed, 05 Oct 2022 22:17:50 GMT
Server: LiteSpeed

valtrasde.my.id/img/Sherlyn.jpeg

52.230.38.12

200 OK

95 kB

URL HTTP/1.1
valtrasde.my.id/img/Sherlyn.jpeg
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 720x834, components 3\012- data
Size
95 kB (95230 bytes)
Hash
d02d941ffa062f4b6decfe9e7b16d594
82da9cecee3454637c3af7d4d4fe1793f2d8353e
fd901cb86581ff634df36da974c8f1674ae592cea0ecdcb302c289c77ec733e1

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp
fortinet	Phishing

HTTP Headers

GET /img/Sherlyn.jpeg HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:49 GMT
Content-Type: image/jpeg
Last-Modified: Mon, 21 Mar 2022 09:13:47 GMT
Accept-Ranges: bytes
Content-Length: 95230
Date: Wed, 05 Oct 2022 22:17:49 GMT
Server: LiteSpeed

valtrasde.my.id/img/karakter-anime-cantik-8-62975.jpg.webp

52.230.38.12

200 OK

145 kB

URL HTTP/1.1
valtrasde.my.id/img/karakter-anime-cantik-8-62975.jpg.webp
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 720x903, components 3\012- data
Size
145 kB (144834 bytes)
Hash
47a6ebfcfb1b8f502c10c8f3d03481bc
64718cd487394ed3ba8bc3c711618530c9590414
e7054d79ebb1e1beb40af9ae988345c4f165b1a3e88ca7d71bf4026598e88139

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp
fortinet	Phishing

HTTP Headers

GET /img/karakter-anime-cantik-8-62975.jpg.webp HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:50 GMT
Content-Type: image/webp
Last-Modified: Mon, 21 Mar 2022 09:16:34 GMT
Accept-Ranges: bytes
Content-Length: 144834
Date: Wed, 05 Oct 2022 22:17:50 GMT
Server: LiteSpeed

valtrasde.my.id/favicon.ico

52.230.38.12

404 Not Found

1.2 kB

URL HTTP/1.1
valtrasde.my.id/favicon.ico
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1237 bytes)
Hash
de7225068c8ecb2c24a41d00bf84c1b9
02144152cd8a4423ea135d82c7259e05e9656d3d
79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/

HTTP/1.1 404 Not Found
Connection: Keep-Alive
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Pragma: no-cache
Content-Type: text/html
Content-Length: 1237
Date: Wed, 05 Oct 2022 22:17:50 GMT
Server: LiteSpeed

valtrasde.my.id/css/font.ttf

52.230.38.12

200 OK

20 kB

URL HTTP/1.1
valtrasde.my.id/css/font.ttf
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
TrueType Font data, 15 tables, 1st "OS/2", 24 names, Unicode\012- data
Size
20 kB (20313 bytes)
Hash
5071bb12073437ab243b8d2242d9ad97
61ad3927e71a575919d85c0c3253a2a96e9c7ad4
e92b80774000f783b14a89149924686e5de091350fac232428a39989a3ef6e93

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp
fortinet	Phishing

HTTP Headers

GET /css/font.ttf HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/css/style.css

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:50 GMT
Content-Type: font/ttf
Last-Modified: Fri, 15 Jan 2021 05:36:43 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 20313
Date: Wed, 05 Oct 2022 22:17:50 GMT
Server: LiteSpeed

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 22:17:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT_FqPSLnusNw1sQIM0Q6r9mnMLyq7aBvxhi5E3cjSwXY509CKbHUBLnlVE&s=10

142.250.74.78

200 OK

31 kB

URL HTTP/2
encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcT_FqPSLnusNw1sQIM0Q6r9mnMLyq7aBvxhi5E3cjSwXY509CKbHUBLnlVE&s=10
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 473x634, components 3\012- data
Size
31 kB (30861 bytes)
Hash
c4803c0e938818deeb0d4f539e8dc44c
c9d14df0fd6bf159201dd42b39fae00706fda1fa
f580f07bec6c43c7f2bc64a7039b45e3a431c0527be7f5a0206ee9b299016051

HTTP Headers

GET /images?q=tbn:ANd9GcT_FqPSLnusNw1sQIM0Q6r9mnMLyq7aBvxhi5E3cjSwXY509CKbHUBLnlVE&s=10 HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://valtrasde.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 30861
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 06:11:42 GMT
expires: Thu, 05 Oct 2023 06:11:42 GMT
cache-control: public, max-age=31536000
age: 57968
last-modified: Thu, 09 Apr 2020 12:47:26 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ff5f22aafa6751c60631736c305a4c7c
278b89e5c1a978e070be4b66bb780862894b8504
b501664d7591e6dfe95c8641e0020e04b76f16f5cb80a7fc0ee0b36af60a6382

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 22:17:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6909
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 22:17:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6909
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 22:17:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6909
Expires: Thu, 06 Oct 2022 00:13:00 GMT
Date: Wed, 05 Oct 2022 22:17:51 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg

34.120.237.76

200 OK

3.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.8 kB (3777 bytes)
Hash
1a1a279f8386262762dcf70621e06ed5
0e1d6cefe5ffe1994f26322962df8b0a13743339
a4146e8a0561009b63c55d0c13673958546b96f684a9c5a43a1f3200782798e9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6476b35e-8b14-44b0-a85a-4793280f25c1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3777
x-amzn-requestid: 093c576f-e1f7-4d45-9f8c-7ca3e7539313
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtDEpSIAMF_Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df986-3cbcc83c1db24bbf193c3047;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: GXneoYCI_hqJxLyI-RAxkJJf08pBsc6usoQlztb3HHPQSd1PDh7kgQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:47 GMT
age: 1504
etag: "0e1d6cefe5ffe1994f26322962df8b0a13743339"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10158 bytes)
Hash
4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 53299
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7919 bytes)
Hash
72ad6f9b79e7a3d11e3ace6b0e969614
a9cd62230d4aabfcc2e8b2494e687d854254113e
1d59cd22b3316da6f1d44076089ba983faed5327d174ddb3cb3d58f487ccae51

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbffd8689-87c3-4efb-b880-4109e3dc9294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7919
x-amzn-requestid: 01497827-07e5-4129-abf2-120b00eed8c0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPs5F1LoAMF8Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df985-4b0c175142a6ace915d5e5d2;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: QElSCxuAj2dM9Psp2_fPTSi1goaNKkylf7D9ITOplorOFLIGIV332g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:52:46 GMT
age: 1505
etag: "a9cd62230d4aabfcc2e8b2494e687d854254113e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aaf2d0a-832d-4fe3-85f6-f6f55993a48e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8192 bytes)
Hash
83c37f49b9fb5eeb70a244a759a4ce0d
f2f4664206335b080db6a5608b463945e89de346
cbb8e24144c2118f3e2f2f9db09f2b4d582bca01da68fc2fb29b4d8a6df4dab5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4aaf2d0a-832d-4fe3-85f6-f6f55993a48e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8192
x-amzn-requestid: b61498b4-22cd-4860-98e0-c7aad18a4d96
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6sGTXoAMFZpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-23d0f24731d3bfab253f2677;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: dQIy6UCVx9quf2joR_GopPrlSMyy0s8TN-xQqmY38u7ho2jIvTV7gw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 2470
etag: "f2f4664206335b080db6a5608b463945e89de346"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11080 bytes)
Hash
2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: TlEKsCdhNhlKmA2Yhz8FarEUG18gQZMKGRD6SnzCnUMiKyGS9-UeOQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:38:04 GMT
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
age: 2387
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10809 bytes)
Hash
a508ac9cd743bec987b2a24454418265
8c7ecefe6908387e2128dc849a6ba857991ba0ab
afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
age: 1452
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

valtrasde.my.id/css/bege.jpeg

52.230.38.12

200 OK

4.7 MB

URL HTTP/1.1
valtrasde.my.id/css/bege.jpeg
IP
52.230.38.12:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 1242 x 2208, 16-bit/color RGBA, non-interlaced\012- data
Size
4.7 MB (4702650 bytes)
Hash
db1a17cde551eb5b20a05188cc2e8656
163ac27225f7c1418c46a557711163f83a0110c0
3413510392ccf87c8a0c08147b8988682b692bcd456f93ba8497b9af4e92a028

Detections

Analyzer	Verdict	Alert
openphish	WhatsApp
fortinet	Phishing

HTTP Headers

GET /css/bege.jpeg HTTP/1.1
Host: valtrasde.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://valtrasde.my.id/css/style.css

HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Wed, 12 Oct 2022 22:17:49 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 22 Mar 2022 19:04:35 GMT
Accept-Ranges: bytes
Content-Length: 4702650
Date: Wed, 05 Oct 2022 22:17:49 GMT
Server: LiteSpeed

fonts.googleapis.com/css2?family=Yantramanav&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Yantramanav&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Yantramanav&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://valtrasde.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 22:17:49 GMT
date: Wed, 05 Oct 2022 22:17:49 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (41)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type