{"report_id":"5c46f7d9-07a6-48ad-b760-3fdf68ac687b","version":6,"status":"done","tags":[],"date":"2025-10-12T04:18:01Z","url":{"schema":"http","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"final":{"url":{"schema":"https","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"title":"SITUSTOTONLINE = Situs Taruhan Online dengan Pasaran Lengkap"},"submit":{"url":{"schema":"http","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":0,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-16T04:18:01Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-12T04:17:39Z","timestamp":1760242659,"ip_dst":{"addr":"172.66.145.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.8","port":51148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed URL Shortener Service Domain (cutt .ly in TLS SNI)","source":"{\"timestamp\":\"2025-10-12T04:17:39.291961+0000\",\"flow_id\":1708366927974830,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":51148,\"dest_ip\":\"172.66.145.80\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038569,\"rev\":1,\"signature\":\"ET INFO Observed URL Shortener Service Domain (cutt .ly in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_08_19\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_12_02\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_08_19\"]}},\"tls\":{\"sni\":\"cutt.ly\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":909,\"bytes_toclient\":1654,\"start\":\"2025-10-12T04:17:39.283054+0000\"}}"}],"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"situstotonline.win","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"ajax.cloudflare.com","ip":{"addr":"104.17.72.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":17894,"first_seen":"2012-05-23T12:49:48Z","last_seen":"2025-10-07T03:19:17.169148Z","alert_count":0,"request_count":1,"received_data":39358,"sent_data":468,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"www.k24klik.com","ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2016-01-04","domain_rank":117944,"first_seen":"2017-02-02T18:09:00Z","last_seen":"2025-10-07T03:19:17.03004Z","alert_count":0,"request_count":18,"received_data":228194,"sent_data":8067,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]},{"fqdn":"situstotonline.win","ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"domain_registered":"2025-10-10","domain_rank":0,"first_seen":"2025-10-12T04:18:01.871852Z","last_seen":"2025-10-12T04:18:01.871852Z","alert_count":7,"request_count":7,"received_data":342032,"sent_data":3167,"comment":"","tags":null,"fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Bootstrap:5","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2025-10-05T22:12:07.524768Z","alert_count":0,"request_count":1,"received_data":8718,"sent_data":538,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cutt.ly","ip":{"addr":"172.66.145.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-01-13","domain_rank":3479,"first_seen":"2018-01-23T23:29:00Z","last_seen":"2025-10-07T18:05:27.942867Z","alert_count":0,"request_count":1,"received_data":652,"sent_data":573,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"lh3.googleusercontent.com","ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-11-17","domain_rank":303,"first_seen":"2012-05-22T07:35:05Z","last_seen":"2025-10-05T22:36:22.982528Z","alert_count":0,"request_count":1,"received_data":47403,"sent_data":473,"comment":"","tags":null,"fingerprints":null},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2025-10-05T22:12:06.373682Z","alert_count":0,"request_count":1,"received_data":1809,"sent_data":444,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2025-10-12T04:17:39Z","timestamp":1760242659,"ip_dst":{"addr":"172.66.145.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"172.18.0.8","port":51148,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Observed URL Shortener Service Domain (cutt .ly in TLS SNI)","source":"{\"timestamp\":\"2025-10-12T04:17:39.291961+0000\",\"flow_id\":1708366927974830,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.8\",\"src_port\":51148,\"dest_ip\":\"172.66.145.80\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2038569,\"rev\":1,\"signature\":\"ET INFO Observed URL Shortener Service Domain (cutt .ly in TLS SNI)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"attack_target\":[\"Client_Endpoint\"],\"confidence\":[\"High\"],\"created_at\":[\"2022_08_19\"],\"deployment\":[\"Perimeter\"],\"reviewed_at\":[\"2024_12_02\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2022_08_19\"]}},\"tls\":{\"sni\":\"cutt.ly\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"0faf2a91198d40dbd58b9308f3fca2fd\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-65037,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":3,\"bytes_toserver\":909,\"bytes_toclient\":1654,\"start\":\"2025-10-12T04:17:39.283054+0000\"}}"}]}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"a9ab5d895da44d5aed421bb2be883aed","sha1":"903a9e2130576ed8426fcd6e5a9d26ddfa2f3cba","sha256":"900801361b81508291409c87391dd92aae1041470909fb17f4b04f7a58940b85","sha512":"7dbecdace90d9e015a52d0a1ce0d96ad59fea8228bbc3770a00eafbfa94a1b304b12659738c4a0d910e78bd727d481004f50e3820d030d31f9af337fa0f2d489","ssdeep":"","tlshash":"3ee0d8dd76a39bc0c4307176bb9646f20a3354bcd22331b55a5d688a2375c240859a1b","size":357,"data":"","first_seen":"2025-07-23T14:25:30.589657Z","last_seen":"2026-05-04T09:38:40.817403Z","times_seen":68,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"74424312f6d9df8e0e37646434c0267e","sha1":"300faeb546fa77e567ac207f766a71274bbb383a","sha256":"8123c19c4e083a18387b841d0baabe981778c99964950102d174a0ab1611855a","sha512":"e1d2727ae9df41c0095ed205302b1bbfe405dac7b706709f2fa472a89c64f5ce9d0d93809e08f7d9dbeb65fa466acb335462835e2d47c10da4572a710c407a0e","ssdeep":"","tlshash":"d5c08c08219b640466beb606f8ba432dfb1fd4ca126910deb94c09882d408790359e32","size":169,"data":"","first_seen":"2025-07-23T14:25:30.592451Z","last_seen":"2026-05-04T09:38:40.817949Z","times_seen":69,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"about","addr":"about:blank","fqdn":"","domain":"","tld":""},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"fbb330cbef85488fc128f528a24dc86e","sha1":"270678c29363e952b511e4935c0a7576585e9c15","sha256":"ae8bb3bd9189529cd0f3f7ec5c90a9d7d943f5d568c0b0c7dbea7d0eb383f638","sha512":"d5502eef127ca9c9c37a76e28dbcd5f6bca01fb078598940306a73ef1c24cef973656f2cdfe42bf669fa945349bc2b12f3f858677b248015be459caa82804815","ssdeep":"","tlshash":"5ad0a7ab1cb98d306799054b61f7e3ad27a12aa07b11950482c9cc1b6b61fd304a1968","size":236,"data":"","first_seen":"2025-05-23T04:46:12.622958Z","last_seen":"2026-05-04T09:38:40.814184Z","times_seen":63,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"65ace5fcaa520fa0ffc17466acca3208","sha1":"b7fd84f281d65922e3617516163642d03a9401a8","sha256":"95b99b2677c8b9663de881c61d27f7e4d363aec9ccdc32cf4ddd264a568b1b6c","sha512":"0e5701ac008337551286385ae24f18708a8a149d6b8e79382247f86a800dbeb4a71adef91d9f176c54729dc0d75a53795ad06c28448737632f047f6067dd8d42","ssdeep":"","tlshash":"11b01250465c49a5c9e211f152b8e9527a3290e4502d507d45f26a1e793205ef4f78bc","size":112,"data":"","first_seen":"2025-05-23T04:46:12.635885Z","last_seen":"2026-05-04T09:38:40.824278Z","times_seen":70,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google-analytics.com/analytics.js","fqdn":"www.google-analytics.com","domain":"google-analytics.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"f24128d0c9cba7be2916c693427a3483","sha1":"1b6397d496ea896ebc2018b01b995cee4f166029","sha256":"58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8","sha512":"c4950733b44e258bbc817ce6396f002caec1e11a6413fd0038c9baef2d5f1d992b1fd0ec52515aba52faedb52c28b996a7fc063f28a0f45f3aab5e2f91bf5be5","ssdeep":"96:A1VdZYqhPnjpWx4/eTe8qSMbqaQd6VL2Jyt9LdJoyayCVPVD5wdBfQPfCHiUr3:AXdZYqNjpU4yPqSMbqaQGL2QfdDayCZC","tlshash":"a6a1dc9939fb50210233b1bd1bafa918b23895236208dd61b98c9364bf94437d7f1fc9","size":4691,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-05T16:09:45.461767Z","times_seen":842741,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/assets/7301462e/jquery.min.js","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b8d64d0bc142b3f670cc0611b0aebcae","sha1":"abcd2ba13348f178b17141b445bc99f1917d47af","sha256":"47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4","sha512":"a684abbe37e8047c55c394366b012cc9ae5d682d29d340bc48a37be1a549aeced72de6408bedfed776a14611e6f3374015b236fbf49422b2982ef18125ff47dc","ssdeep":"1536:8YRKUfAjtledhTmtaFyQHGvCXsedOgRc9izzr4yff8teLvHHEjam7W5X3yzSiLnM:VUb6GvCu09s2o2skAieW","tlshash":"b393e7d9b2d67123c7b731b850af510bb17698aa784c8c50f068d8e4be74a48907bf7d","size":94840,"data":"","first_seen":"2023-03-07T01:03:23Z","last_seen":"2026-05-05T16:23:01.061229Z","times_seen":20936,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/js/lazyload.min.js","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"b113c7191eb2ab3c2768374d090ebfeb","sha1":"5f562722bc9c60ed4eb5a6d709b782e0e8e40435","sha256":"0ff9cb70f9c7f802c9965d3573acc8444099a6fcd53fb132fb08fe50a0912d50","sha512":"aa977fe95791059840c3cbc6dab65d21965e9909129de16c898372b0def0788a2a4e4f5438d77865c9497bf476655c026e692b30031aafd960340091e4cddca1","ssdeep":"96:d0Q1y+ZltH75Z58Hieuc4aQuC3K5Vi8uchE4nuO+xGmNAdaGYnNPP9H8aKNuJgFA:dtyOltHNZ5NeVCa5k8Vll+xGsAQRNP6K","tlshash":"2c9134097902b93cb0ae767fc21b130a253ac5679579ec7064344c94befca93e216dca","size":4573,"data":"","first_seen":"2025-05-23T04:46:12.586437Z","last_seen":"2026-05-04T09:38:40.768547Z","times_seen":90,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"b3b587f4820c4520be2a77c57cc9c613","sha1":"3d0e16cdc2b9c4357f8b77350509dde303eb0106","sha256":"39faef293964a9f937cddf2c6c0e02237dbdebc6d0de997a4655f38d50330586","sha512":"a4058732017fb3b7f9fd19a954b569116d3ac5ff45ebc74f8a2e3e00d56f2f653842867e639847b091f27564ec27d75cf3261db4a60c666c71188189a5fa3b1e","ssdeep":"","tlshash":"54514fdab6b66e5f513a7070f457a87eebc9a50fc70049b6c41e1080d3898a6e37385a","size":2708,"data":"","first_seen":"2025-05-23T04:46:12.636695Z","last_seen":"2026-05-04T09:38:40.825217Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"f50a149d01ebcbbc4b613a06ba202226","sha1":"c2ad7526496c82f997db5781e657c79d16e9f728","sha256":"5ba947121967dc542055fcff321e139cdeda587cb6fc1117eef0cada19f64a79","sha512":"874fcfb6dbcc5ed01a93341f90de083471f207ccd95b157b76a59613dff310247ef0983b93bb67a99f3a92a0f09080f9d471845293f46ccd13427a54502026ff","ssdeep":"96:QidJ49sX0PjAwDZYqP4sXR1SMn8Lw0iqOTTrsvrrqP4ZpBOG5R2cZV:zJ46X0bBdYLsaM8LwnTTPqrrL8K","tlshash":"0391b7e9b8e51c12967c34b8982f5a0d3fae36354380d459e34cc8709b59cba7942d7f","size":4227,"data":"","first_seen":"2025-10-12T04:18:07.380329Z","last_seen":"2025-10-12T04:18:07.380329Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"62d228820be6da7b9e7de81f89ec6d24","sha1":"cfd37d0e6b2b178cf52f98ced0102cd1de21d907","sha256":"06d7be5357e652f1422151fb46081460b55c18bea1313c0ba61162a48e8e46c2","sha512":"ba3544c096e300fcc6318461f35187d2a00c8cadb9385b59bf2a985916ec6269eb82663a0a9241a6a9fae75c5ce2266051a6f363d4af4878db5a109c07701ba8","ssdeep":"","tlshash":"77d0974d39852e6423eb2533003b82c806b92790c20c8010482f584a1eb08eb311371e","size":251,"data":"","first_seen":"2025-07-23T14:25:30.605278Z","last_seen":"2026-05-04T09:38:40.82676Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"13ccd478ab7313844370c27b1fece86d","sha1":"9857cdf2d8f7d54e2497dd959b33773f3e4ad08a","sha256":"ff003db3f757e9b38a0d971254e23d6eb38c9ca180960822399501371c664795","sha512":"8a792a2d18153a1528b72db3d85377ce7453eb7f9d1c3aebce8b77f41d5c81171522f6cc4ba92cc7b7d13b9d9e643b83261b434256693cd8a97d49aa48cbf8e0","ssdeep":"","tlshash":"d27195eafd605da7067570b2749f7a4c7fa56c0b8b804cb0d04c9494ff0856a73a269f","size":3606,"data":"","first_seen":"2025-10-12T04:18:07.384233Z","last_seen":"2025-10-12T04:18:07.384233Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/sandbox%20eval%20code","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"","is_inline":false,"md5":"92b651082ce234f66bb544e678befda3","sha1":"14c21c55ddce43b6f677caadf51d4ab98c6a3df8","sha256":"25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded","sha512":"b4fcbc037e0a3d91db2a624921e96b878e9e18dd998ad5649d77d7d053faf28b09c8725a0542aef702310bf85f3037b70985c274db8acabd021efb171d41f361","ssdeep":"","tlshash":"34c08ca3e74026ae2a1166b2b810e003a2866b015aa78402b00a003b1441fe21aaa1a8","size":147,"data":"","first_seen":"2023-04-11T21:07:53Z","last_seen":"2026-05-05T16:09:45.461284Z","times_seen":844394,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/js/jquery.raty.min.js","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"86a847667db14615f2250f7e514c8c66","sha1":"7b308dedd78e158b1dc55f215909336b830c6749","sha256":"95e661e05ce7526f3a5527278e565ad71cda9dca5b80d72a0ce76bad97353a9f","sha512":"46cd8d256492da4123f776c2745cc8f4521ef4fc6c020d8b583e9052aa764c9c9fbcf75e1fdf89fc5cf7c0313fc2e9e2770d3bbc8dc84edc0633532259c0b906","ssdeep":"192:vdlRLpMwO35XNARENbYnPP3wGCGGtQ//iuX8:vdlXMt3HgENM3w7Q//iuX8","tlshash":"c1021fc8b38571069de33370249e674ee333ed8b9642402d783dc6d5ef6988995b2e78","size":8273,"data":"","first_seen":"2023-03-07T12:03:44Z","last_seen":"2026-05-05T02:37:04.109062Z","times_seen":373,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"962fb42f4a08ddab01072a649b4a2488","sha1":"4076109c87b782bed036bbb230c84231d65424ef","sha256":"0323fe4bbb6ddf464d93650ac7db020ac2afb59755444d2a10907f7939bb47b1","sha512":"48eb97426c179e6e48f001f67a7f27793e0a48e8a33aa38e350cf569eadf7bba06450936aee2e286fb518fbbd332a421a75719cbe2544999e8aa240d7eb595c9","ssdeep":"","tlshash":"46e0c2953140a0aa5633ed32a3ec7360ddf10445759fd87981880c94c03013d03aea6b","size":309,"data":"","first_seen":"2025-07-23T14:25:30.608948Z","last_seen":"2026-05-04T09:38:40.828227Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"1ce3a65c9c42677c40b0b40b8285921e","sha1":"a590f5c8a7e9db374beefab466ac599db5b701ca","sha256":"878f63a8481b47c8685bc975463023a4f7181b0ca72c9cd89b7a80268fa17ff3","sha512":"3bcd590e71ec8d1040dabb528d093c497a43db958bfd7f86acb0c255b7edad95697c0ac75b56702c43561f0db07608e9a2357eb311e49431458c2c2d55898ee5","ssdeep":"","tlshash":"1c31b634357c1f36cab79dd2208f8189b9758047f206c9c4884d6f8417c2cb6796f8c5","size":1743,"data":"","first_seen":"2025-10-12T04:18:07.388911Z","last_seen":"2025-10-12T04:18:07.388911Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/mirage2.min.js","fqdn":"ajax.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.72.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"2654742314fe002baeef8dcdfda44ef3","sha1":"831198fa96dc623365f9c2efa1d860fb04b3eb47","sha256":"6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649","sha512":"8eff30bd090b584a5b011510b8c6d0fbbc9cf8f1fd1e4534e042c942f05c15f0f00cc829b8f6f863ac69891cf4c81658f7e387bf83c09f74c25ce6143c9b0bf5","ssdeep":"768:AfBdJw5hgRwB+AGy2dNVaNRq1s54eZVx16Ehw:AfBdEBHwgd54eZVx16Ehw","tlshash":"4303ba8ab272b43643b76475b12f110ab237646d290a417cf114e8d67c7894ea337fbe","size":38536,"data":"","first_seen":"2023-03-07T12:21:55Z","last_seen":"2026-04-01T07:51:33.198154Z","times_seen":834,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"03041d8f329d29bc0772711df15bea3d","sha1":"91dff411830407d708036218580955fffb9890e0","sha256":"ddc7ef2ce41e8ae3e71735b965530836117ed5b4b39c9a8d20b4945dedcb63e9","sha512":"58ba028f269ffde4133d4c921f09216c3aa7a5960057bfcd5aa80f29b7b289b1505711e8a3073121f0e41a114ce609aa9e3f13f7df929c69eb9fdfa389783edd","ssdeep":"","tlshash":"2fd0125df594275da17a31f420379ee422590d0553d19701447f074d01a149f3c668ef","size":283,"data":"","first_seen":"2025-07-23T14:25:30.611862Z","last_seen":"2026-05-04T09:38:40.829584Z","times_seen":67,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"introduction_type":"scriptElement","is_inline":true,"md5":"6d24355c65ad1e2d6277cf03646b93b4","sha1":"60dafa561aeba7581fdb84b0a25822e5160e3b49","sha256":"c8ab15904ff618beaab82ac077ddb747d6d2faecc864fab4bac288de6f157e3f","sha512":"b118294b9cdabd2df518414a85df0efe3cd0c6cb043a38f4f9e30ec3d6e5112c4c2a19f9b0225edad7ce03f92bdcc05a8d09b3b46b3dde0821bacd8f7ed2f27e","ssdeep":"","tlshash":"e3f0c07e7098723d5473f2e5533bd81caeb62725b19168b3806d47681b4056901895ce","size":532,"data":"","first_seen":"2025-07-23T14:25:30.613468Z","last_seen":"2026-05-04T09:38:40.830072Z","times_seen":58,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"ajax.cloudflare.com/cdn-cgi/scripts/04b3eb47/cloudflare-static/mirage2.min.js","fqdn":"ajax.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.72.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.299Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ajax.cloudflare.com","organization":""},"issuer":{"commonName":"SSL.com SSL Intermediate CA ECC R2","organization":"SSL Corp"},"validity":{"start":"Tue, 22 Jul 2025 21:17:06 GMT","end":"Wed, 22 Jul 2026 21:17:06 GMT"},"fingerprint":{"sha1":"0A:E4:BD:3C:8F:24:18:32:9A:06:80:47:CF:F3:8F:FD:9D:E2:24:19","sha256":"55:8D:D6:1D:0F:3C:F2:2D:23:FD:B5:16:FF:20:66:E1:51:97:A3:4C:82:4F:9F:9D:B4:EA:D1:08:86:16:F1:CB"}}},"request":{"raw":"GET /cdn-cgi/scripts/04b3eb47/cloudflare-static/mirage2.min.js HTTP/1.1\r\nHost: ajax.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: application/javascript\r\nlast-modified: Tue, 07 Oct 2025 16:38:39 GMT\r\netag: W/\"68e5420f-9688\"\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v4?s=OupuZAdg561r898jkfHP%2FK6dbeF5rDJin%2FVpys46L%2FIOMi1PH2FrkKLM1a6oB%2FV%2Fk9z6S%2FEEeyS6pqPCDZIbE%2BB%2B4Jvz307FrzQjd%2BgeHp%2FFJcXGlE8PSey9HWjUjUz0wtLoLtc%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nstrict-transport-security: max-age=15780000; includeSubDomains\r\nserver: cloudflare\r\ncf-ray: 98d3c9e6c8300b4d-OSL\r\nx-frame-options: DENY\r\nx-content-type-options: nosniff\r\nexpires: Tue, 14 Oct 2025 04:17:38 GMT\r\ncache-control: max-age=172800, public\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":38536,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (38535)","md5":"2654742314fe002baeef8dcdfda44ef3","sha1":"831198fa96dc623365f9c2efa1d860fb04b3eb47","sha256":"6b2e044c462b8b00dfb05d77740f8b8f2a90ce00e2e5ccf621eac288608c0649","sha512":"8eff30bd090b584a5b011510b8c6d0fbbc9cf8f1fd1e4534e042c942f05c15f0f00cc829b8f6f863ac69891cf4c81658f7e387bf83c09f74c25ce6143c9b0bf5","ssdeep":"768:AfBdJw5hgRwB+AGy2dNVaNRq1s54eZVx16Ehw:AfBdEBHwgd54eZVx16Ehw","tlshash":"4303ba8ab272b43643b76475b12f110ab237646d290a417cf114e8d67c7894ea337fbe","first_seen":"2023-03-07T12:21:55Z","last_seen":"2026-04-01T07:51:33.198154Z","times_seen":834,"resource_available":true,"data":null}},"time_used":164,"timings":{"blocked":68,"dns":35,"connect":2,"send":0,"wait":9,"receive":0,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/assets/f5681ca0/swipper.min.js","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.301Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /assets/f5681ca0/swipper.min.js HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ndate: Sun, 12 Oct 2025 04:17:39 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncache-control: no-store\r\npragma: no-cache\r\nexpires: 0\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=2jpCryw7XNxPL7fnKjJuM3ZSeFejSyxsG06S8WdHQa%2BY7X%2BuVl6NiW%2BixaFI%2FX5%2BhGQro4Ie5xkiJs7k1ta4IwMFTU1Z40zJXc0alw%3D%3D\"}]}\r\ncf-cache-status: BYPASS\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\ncontent-encoding: br\r\nset-cookie: PHPSESSID=fb8cgvrcerkd5npv7fdefcom76; Path=/; Max-Age=3600; Expires=Sun, 12 Oct 2025 05:17:39 GMT\nYII_CSRF_TOKEN=0aee588be25c6364ab928f03adf1edc4e7a97dccs%3A40%3A%224880a1a1a66b5fda076da4108e5bbdd33f4b899e%22%3B; HttpOnly; Secure; Path=/\r\ncf-ray: 98d3c9e6a85a5688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":862,"timings":{"blocked":45,"dns":0,"connect":0,"send":0,"wait":817,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/images/icon-dewa.png","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:39.495Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.situstotonline.win","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Oct 2025 04:55:34 GMT","end":"Fri, 09 Jan 2026 04:55:33 GMT"},"fingerprint":{"sha1":"4A:34:EF:A7:29:CD:37:67:A6:82:E0:D3:ED:9F:F3:E2:E9:F8:3F:FB","sha256":"41:18:B8:37:E4:F6:60:BF:CC:B5:D7:2B:5F:7F:7D:94:45:2B:79:E2:CE:58:B8:A9:F4:32:29:24:D4:0B:D6:64"}}},"request":{"raw":"GET /images/icon-dewa.png HTTP/1.1\r\nHost: situstotonline.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-length: 315\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Sun, 12 Oct 2025 04:17:39 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":315,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"a34ac19f4afae63adc5d2f7bc970c07f","sha1":"a82190fc530c265aa40a045c21770d967f4767b8","sha256":"d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3","sha512":"42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765","ssdeep":"","tlshash":"b0e0e75f41473347402252907dc110d1d505236b797161fd3d85b4ab501dc3dc99f7dc","first_seen":"2023-03-07T01:02:33Z","last_seen":"2026-05-05T13:24:01.699292Z","times_seen":145058,"resource_available":true,"data":null}},"time_used":26,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":25,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"situstotonline.win","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/redesign/icon/obat_asli.svg","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.827Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /redesign/icon/obat_asli.svg HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 03:05:25 GMT\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0RwdQn5L1fKnmZwaD50%2FXfhRj1fFz3P7r5VSYhbj9qIAN8o%2FbI3mPSd4HkZ%2FB2rDv4nOj6KMEuG5UlTpYHWs0vHdABjqHwighKcoNg%3D%3D\"}]}\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\nage: 1208\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\netag: W/\"68d35ff5-372\"\r\ncontent-encoding: br\r\ncf-ray: 98d3c9e9990b5688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":882,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"74a3d5474458e62fbad8fa9f253f989a","sha1":"17536d3a92161cf5d5cae4d05b180bb8fc6c0ca3","sha256":"95ad77395c0cc676ea7af0190ba2a919bb0a564f1ef61fe68ff76b777765c2b9","sha512":"89e3c602c7e2f1b0c5a7746c9527ecb39693a5463eb6e930f8423cbe4f074a91432900b48e7441750d1504a7fa99901490e00de106666001d249c4d5acc782ca","ssdeep":"","tlshash":"6a1199e3d2f121c0d3255317f0e4213d6e83ad2833218eea9020aac1e5aaa68166cd90","first_seen":"2025-06-27T22:59:24.592671Z","last_seen":"2026-04-19T05:35:51.852132Z","times_seen":63,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/cdn-cgi/challenge-platform/scripts/jsd/main.js","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:39.292Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.situstotonline.win","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Oct 2025 04:55:34 GMT","end":"Fri, 09 Jan 2026 04:55:33 GMT"},"fingerprint":{"sha1":"4A:34:EF:A7:29:CD:37:67:A6:82:E0:D3:ED:9F:F3:E2:E9:F8:3F:FB","sha256":"41:18:B8:37:E4:F6:60:BF:CC:B5:D7:2B:5F:7F:7D:94:45:2B:79:E2:CE:58:B8:A9:F4:32:29:24:D4:0B:D6:64"}}},"request":{"raw":"GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1\r\nHost: situstotonline.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-length: 315\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Sun, 12 Oct 2025 04:17:39 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":315,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"a34ac19f4afae63adc5d2f7bc970c07f","sha1":"a82190fc530c265aa40a045c21770d967f4767b8","sha256":"d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3","sha512":"42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765","ssdeep":"","tlshash":"b0e0e75f41473347402252907dc110d1d505236b797161fd3d85b4ab501dc3dc99f7dc","first_seen":"2023-03-07T01:02:33Z","last_seen":"2026-05-05T13:24:01.699292Z","times_seen":145058,"resource_available":true,"data":null}},"time_used":23,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"situstotonline.win","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/images/thumb-off.png","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:39.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /images/thumb-off.png HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:39 GMT\r\ncontent-type: image/png\r\ncontent-length: 550\r\nserver: cloudflare\r\nlast-modified: Wed, 03 Apr 2024 06:53:03 GMT\r\netag: \"660cfccf-226\"\r\nexpires: Sat, 08 Nov 2025 09:21:58 GMT\r\ncache-control: public, max-age=604800\r\naccept-ranges: bytes\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\nage: 240940\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=qkzuzzGTiujr6mmnE5oqNJ1n%2BVxIg%2Fiw9Xf5MrB%2FHokDaxZgGmwPDlJ61%2B75oOegFS6frChdk%2Fx1l5Mqo5HLOAohZ7FILKXJdN7BHw%3D%3D\"}]}\r\ncf-ray: 98d3c9ecfa7f5688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":550,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 19 x 20, 8-bit gray+alpha, non-interlaced","md5":"a67de3df5746d72238148c91acdf88b1","sha1":"f4484822d8df1e36ea327947094e1d37f51b786e","sha256":"89e81f3bf15878a24d69514b34e283fceb09da501dfb0b113f87491270881203","sha512":"e7a3be3011d0de2649a23ed46143bf806943c0745c86eba03a60eb980e01ce3794385ba806bf4089b0196f0392ca4e157adb7223a10bf56539f3102d503a9324","ssdeep":"","tlshash":"e2f020cef18cedac87ca370120fb038ec022b34b0102162e9142c1de640d7bce12ca96","first_seen":"2025-05-23T04:46:12.590456Z","last_seen":"2025-10-29T14:25:45.901554Z","times_seen":53,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/css/new_face.min.css","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /css/new_face.min.css HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 24 Sep 2025 03:05:24 GMT\r\netag: \"68d35ff4-52fd\"\r\nexpires: Wed, 05 Nov 2025 09:31:21 GMT\r\ncache-control: public, max-age=604800\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\ncontent-encoding: gzip\r\nage: 499576\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RdmX%2FmXZCNdFqOfotG5NwQMHg5XREXxIrQ8FZaXOpSWKputDelvxMO5Znwu5orwkhXIqk%2FFf0aRfmvzlrtXib3ta3gpbNHlbU644bw%3D%3D\"}]}\r\ncf-ray: 98d3c9e6c86b5688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":21245,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (21239), with no line terminators","md5":"74ee19aa3fbebfcb266c0987418c593d","sha1":"ca1aae23e21e67bd7aff112ce07d5cdab99e2f42","sha256":"049e28bf5bb09e5e8a333aa7188e0b86c60247ab5a8f7d149790e411493ee260","sha512":"3b9edd7856e0480b2ee5da5b9f6d7ecaf59759d933429f047a6c9d7180e69841069b57791858c8f7780a3e41457a2f6adab949715e128da636c626bd7dfa4838","ssdeep":"384:16JkVlGDv+K00AVxDOlBXUxLlHnvrg7i2szOIQm:kKWizVxS7UBOTm","tlshash":"5092b6b3e924607ab47b956ab480b6dd32298517f7130bb6fd52b174c68bcd74332a08","first_seen":"2025-05-23T04:46:12.613703Z","last_seen":"2026-05-04T09:38:40.789076Z","times_seen":81,"resource_available":false,"data":null}},"time_used":206,"timings":{"blocked":79,"dns":19,"connect":2,"send":0,"wait":9,"receive":0,"ssl":83},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/icon/ic_live_chat_3_3.webp","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.304Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /icon/ic_live_chat_3_3.webp HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: image/webp\r\ncontent-length: 17018\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 03:05:24 GMT\r\netag: \"68d35ff4-427a\"\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\naccept-ranges: bytes\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\nage: 1208\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ck5OPn8QginNbCND79Ix7rB5OgFr35ERKxX38%2Bfs04F0Nn2EZX3JcIICgUsZ3jF0pBPKlQKMsYxGS5opm5vTWMvqyoK1KG%2B1SQsXzQ%3D%3D\"}]}\r\ncf-ray: 98d3c9e6a8625688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":17018,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"f380115e93aa7ae9ba0fb19a9b4c9ca4","sha1":"a6468104f0f088803f528db8a63fcab036b2cabd","sha256":"cefb621c4fb284b7e2b829bc91f3a43c9b031e6fbef1a800793fa02bbeef3a76","sha512":"314f2538322fb8be7d8b6d3460d7d4f06af9ffa6dda249b5815d7b6e664d12848b79329f5cf11d0e156a59f4bbfdaf1ca0571d89c3b041acb3456bbf93dc0a7c","ssdeep":"384:bLFS7GcdTVIUEl74n+6moeTzzfKwym1RqoIN/1ax6Y22g8YIcI6Qr:/ARBVIUEl74goWfKdFYx727lIRr","tlshash":"ae72d1e1afe151ebc8413730236af677a63d1ffae2470b2265f0cb6168748023919596","first_seen":"2025-05-23T04:46:12.610572Z","last_seen":"2026-05-04T09:38:40.794244Z","times_seen":79,"resource_available":false,"data":null}},"time_used":58,"timings":{"blocked":48,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"142.250.74.35","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.746Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"89:22:0A:7D:C4:DA:9A:62:E8:BB:1D:75:F2:AF:6C:80:09:53:D0:9F","sha256":"3E:15:EC:D6:31:6A:14:01:07:F9:F2:65:18:42:B3:08:7B:47:93:0C:CE:2C:93:2D:DA:E4:21:74:79:B6:F0:6F"}}},"request":{"raw":"GET /s/poppins/v24/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://situstotonline.win\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 7884\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 09 Oct 2025 11:50:33 GMT\r\nexpires: Fri, 09 Oct 2026 11:50:33 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 15 Sep 2025 16:34:42 GMT\r\ncontent-type: font/woff2\r\nage: 232025\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":7884,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 7884, version 1.0","md5":"9212f6f9860f9fc6c69b02fedf6db8c3","sha1":"ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b","sha256":"7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f","sha512":"67317495f4b53e20a9f31c034e456e6c37f387dffb2c092caa5159bc441cfcadd02749ffe5bbed1d580d5300a59e48a767ef2c6d9978b474f84c1a2cd095c126","ssdeep":"192:xLFDbKO9E3rS3JWBRO/J601FSS5ZUbik3Zy2f0:pd9J5W501otlI","tlshash":"c3f1ae4eb3f2cd1be40982e53a0fc90b1c578272681fd772d067a22517893bc8db2c81","first_seen":"2023-04-05T15:35:34Z","last_seen":"2026-05-05T16:11:07.160439Z","times_seen":323151,"resource_available":false,"data":null}},"time_used":150,"timings":{"blocked":68,"dns":1,"connect":7,"send":0,"wait":12,"receive":1,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/redesign/icon/fast_del.svg","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.833Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /redesign/icon/fast_del.svg HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 03:05:25 GMT\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Szyf4AsunFcQohJ6nYEgUB6npFm0oic8H5VxMXiJYbx0HQoxhJ5NK%2FC0aVWIWDNYNALk%2FijU7HtW%2Flco3jpUZ6kzlWXO93TJs2IQsQ%3D%3D\"}]}\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\nage: 1208\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\netag: W/\"68d35ff5-58f\"\r\ncontent-encoding: br\r\ncf-ray: 98d3c9e9a90d5688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1423,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"29f354b8ec27c82188dfab2b38c93dc8","sha1":"049a3b8186902a6e958ca7a642d7b34c17ea7881","sha256":"d4efe7c12e125b7ef8837a3868e94e31543fb385e45af5c39188414baa2b30cf","sha512":"723d62e068c7192a6775e992c1dd88b21d6980fd9eb511938728f56bf4bc3e96dc678a258aaa4751895512503200092b15d977b20a6c2a00837ad6d96ce70128","ssdeep":"","tlshash":"5f2189f867f11ac0cb8fa363e1e0321d599f28b97751cde0a21453d1ea6a1889718ca6","first_seen":"2025-06-27T22:59:24.537858Z","last_seen":"2026-04-19T05:35:51.840453Z","times_seen":63,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cutt.ly/SITUSTOTONLINE","fqdn":"cutt.ly","domain":"cutt.ly","tld":"ly"},"ip":{"addr":"172.66.145.80","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:39.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.cutt.ly","organization":""},"issuer":{"commonName":"GeoTrust TLS RSA CA G1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 03 Apr 2025 00:00:00 GMT","end":"Tue, 14 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"9C:5E:59:1A:B3:2F:4F:F9:1B:FE:CF:69:A7:57:68:32:07:28:46:A9","sha256":"79:F6:EE:13:C2:8C:BE:2C:C7:92:95:72:07:1E:BC:39:4E:B8:97:27:B4:88:4F:5C:D8:FF:17:1F:75:7D:CD:23"}}},"request":{"raw":"POST /SITUSTOTONLINE HTTP/1.1\r\nHost: cutt.ly\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded; charset=UTF-8\r\nContent-Length: 50\r\nOrigin: https://situstotonline.win\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 12 Oct 2025 04:17:39 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nexpires: Thu, 19 Nov 1981 08:52:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate, max-age=0\r\npragma: no-cache\r\nlocation: /csrf.php\r\nreferrer-policy: same-origin\r\nvary: Accept-Encoding\r\nx-xss-protection: 1; mode=block\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\ncf-cache-status: DYNAMIC\r\nstrict-transport-security: max-age=15552000; includeSubDomains; preload\r\nserver: cloudflare\r\nset-cookie: PHPSESSID=o62n3so2v0nuqf1v9s6ch7me2b; Secure; Path=/\r\ncf-ray: 98d3c9ecacd05a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-05T16:09:50.836081Z","times_seen":14695563,"resource_available":true,"data":null}},"time_used":197,"timings":{"blocked":31,"dns":19,"connect":1,"send":0,"wait":125,"receive":0,"ssl":16},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/images/favicon-situs.png","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:39.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.situstotonline.win","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Oct 2025 04:55:34 GMT","end":"Fri, 09 Jan 2026 04:55:33 GMT"},"fingerprint":{"sha1":"4A:34:EF:A7:29:CD:37:67:A6:82:E0:D3:ED:9F:F3:E2:E9:F8:3F:FB","sha256":"41:18:B8:37:E4:F6:60:BF:CC:B5:D7:2B:5F:7F:7D:94:45:2B:79:E2:CE:58:B8:A9:F4:32:29:24:D4:0B:D6:64"}}},"request":{"raw":"GET /images/favicon-situs.png HTTP/1.1\r\nHost: situstotonline.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 11 Oct 2025 09:38:26 GMT\r\naccept-ranges: bytes\r\ncontent-length: 103276\r\ncontent-type: image/png\r\ndate: Sun, 12 Oct 2025 04:17:39 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":103276,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 736 x 736, 8-bit colormap, non-interlaced","md5":"7452b21ed46bcc5e2ea5836b84a01d68","sha1":"f60f63a514e501f236ce93dc9dd2f8277e9571b6","sha256":"0d993df485dc1280e3ac78ec30b918486d69bc30c00235473b2cf6f3fd921395","sha512":"e82435ecf8c62394fc609c840ac6d675d721af78b89a485752799d2784fb0c52403ce38320b5f2918096dd325904d0124301a17fa5041f1d0aae7a685c70792d","ssdeep":"1536:ygSGxjY1r6MMtWepnpH/Tbie9qFio1ygDtdcUQlzDE0+tt4Jj0zxvzvPNX+za9Rs:EGVYhgTH/TbgclgJ6ZhEwwRFXDRd6","tlshash":"88a3f12940d119b4fecb25f23fd3bb60bd24cb8193dc917a856e816b195017ece2772a","first_seen":"2025-10-12T04:18:07.352652Z","last_seen":"2025-10-12T04:18:07.352652Z","times_seen":1,"resource_available":false,"data":null}},"time_used":91,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":46,"receive":45,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"situstotonline.win","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/assets/7301462e/jquery.min.js","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.269Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /assets/7301462e/jquery.min.js HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 24 Sep 2025 04:02:37 GMT\r\netag: \"68d36d5d-17278\"\r\nexpires: Mon, 10 Nov 2025 03:10:39 GMT\r\ncache-control: public, max-age=604800\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\ncontent-encoding: gzip\r\nage: 90418\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=6w03ERWZ%2BkAo5j3AJ50SCpTyh0bYxcXN5ApDpT6RNtjvK5F6r4wu2i2eFMSlAQXYHSpjNE6yZib3oNoVOUPuyTbzZi%2FzCqGf5Qf4fg%3D%3D\"}]}\r\ncf-ray: 98d3c9e6a8575688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":94840,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (32769)","md5":"b8d64d0bc142b3f670cc0611b0aebcae","sha1":"abcd2ba13348f178b17141b445bc99f1917d47af","sha256":"47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4","sha512":"a684abbe37e8047c55c394366b012cc9ae5d682d29d340bc48a37be1a549aeced72de6408bedfed776a14611e6f3374015b236fbf49422b2982ef18125ff47dc","ssdeep":"1536:8YRKUfAjtledhTmtaFyQHGvCXsedOgRc9izzr4yff8teLvHHEjam7W5X3yzSiLnM:VUb6GvCu09s2o2skAieW","tlshash":"b393e7d9b2d67123c7b731b850af510bb17698aa784c8c50f068d8e4be74a48907bf7d","first_seen":"2023-03-07T01:03:23Z","last_seen":"2026-05-05T16:23:01.061229Z","times_seen":20936,"resource_available":true,"data":null}},"time_used":180,"timings":{"blocked":77,"dns":10,"connect":1,"send":0,"wait":14,"receive":0,"ssl":68},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/images/ajax-loader.gif","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:39.382Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /images/ajax-loader.gif HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:39 GMT\r\ncontent-type: image/gif\r\ncontent-length: 1737\r\nserver: cloudflare\r\nlast-modified: Wed, 03 Apr 2024 06:50:54 GMT\r\netag: \"660cfc4e-6c9\"\r\nexpires: Mon, 10 Nov 2025 09:37:26 GMT\r\ncache-control: public, max-age=604800\r\naccept-ranges: bytes\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\nage: 67212\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=OxWLY%2Fp%2FTBP2%2BTfNpsJ%2FyF1rw7Hc8th4FWgkXk%2BS%2BGhIo06cMKYGfsD%2F1KtkijRhSCzZYgxwQRPdCvAbiBWWDPlU95gfRYkPd59iOA%3D%3D\"}]}\r\ncf-ray: 98d3c9ed1a875688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1737,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 16 x 16","md5":"dd6b7b0bf5c3af22499abc0a9ee1e1b2","sha1":"e8c0018145d616fac4deb460d9c1d9c9dd4d3302","sha256":"0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847","sha512":"8a4c36e3fdb61782f6fc9bf78140c96aa729b4e1120bda34995a90c9d827395e1460f744df17779091d206629664467b997e19a7a6e54e07135ab89e454df601","ssdeep":"","tlshash":"34316805dbf50636fbee21f850ae979c0d2f8af626d5072aac5331588c3446c467d8de","first_seen":"2023-04-06T12:06:14Z","last_seen":"2026-05-05T09:55:59.074195Z","times_seen":2391,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/css/pageOptimations/font-awesome.critical.css","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /css/pageOptimations/font-awesome.critical.css HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 03:05:24 GMT\r\nx-xss-protection: 1; mode=block\r\nexpires: Thu, 06 Nov 2025 12:16:37 GMT\r\ncache-control: public, max-age=604800\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=rRevjWW5qX9YTm1OQ4U%2B5x7Twid4BzAYsOPpvqUTho7Lc97fn1pQPhyUrOFZ1R3vHaEAFBrEEplOEy2DmD2wNF3NnBA8MX4CbrXnWg%3D%3D\"}]}\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\nage: 403261\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\netag: W/\"68d35ff4-f7\"\r\ncontent-encoding: br\r\ncf-ray: 98d3c9e6a8585688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":247,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text","md5":"9c3d3ef008726ece5cda728260d82a66","sha1":"e1688d87a3c5269dd5b04e709d45c9ab67aed178","sha256":"97c0206ae94e810b18fd65c91c07a3a5cf8f04b142a60bf1ae380f13e90d61a4","sha512":"e237e66bbc6cd4820eb2496e83153eecfd79f57c338e5a471ca4800d19d575bd346d06f95765e1f4d3e7fa77cdd2427f866c5ab135232db5437d39325be53f22","ssdeep":"","tlshash":"9fd05e2d39a30280605a4c8c6bcb2b9a229451735504d8aabb829a0a5f9997963fa71d","first_seen":"2025-05-23T04:46:12.601112Z","last_seen":"2026-05-04T09:38:40.802782Z","times_seen":80,"resource_available":false,"data":null}},"time_used":70,"timings":{"blocked":53,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/redesign/icon/circle-plus.svg","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.867Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /redesign/icon/circle-plus.svg HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 03:05:25 GMT\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=dTEMBmvLxZ5aCBlhGIUINh31ZpE31ufL2Sv6dPUK7F3afGN6yXuoJmK%2BdobYZ07ErEatKRCa92g9WqqJZFwDnNpf8Rdp3BzlLaEZ4w%3D%3D\"}]}\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\nage: 4510\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\netag: W/\"68d35ff5-295\"\r\ncontent-encoding: br\r\ncf-ray: 98d3c9e9a90f5688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":661,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d03b3de54ca0a1dd3450cbb4de4b43f9","sha1":"773ab693abba5dc017cbe2aa9e634df3cc1babaa","sha256":"7f826bd6e2f61dca0054184395e1a9ad68f810b4f7fb9cdd60e150e69981a3a8","sha512":"a03430e57ada6b6917ed72f1b200278a101d55cd43bb1a24baef0a3c210310f312c3fd2a8303ae4c0c49a45366944c97cda5b7a117ce46019cbc3db3dd10ea7a","ssdeep":"","tlshash":"bb01f7f129794344d67b0313f8a72554597eb5ae87c0c8e6b54428dccc92c819b7a994","first_seen":"2025-05-23T04:46:12.606413Z","last_seen":"2026-05-04T09:38:40.777708Z","times_seen":77,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/cdn-cgi/mirage_speedtest/1760242659240","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:39.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.situstotonline.win","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Oct 2025 04:55:34 GMT","end":"Fri, 09 Jan 2026 04:55:33 GMT"},"fingerprint":{"sha1":"4A:34:EF:A7:29:CD:37:67:A6:82:E0:D3:ED:9F:F3:E2:E9:F8:3F:FB","sha256":"41:18:B8:37:E4:F6:60:BF:CC:B5:D7:2B:5F:7F:7D:94:45:2B:79:E2:CE:58:B8:A9:F4:32:29:24:D4:0B:D6:64"}}},"request":{"raw":"GET /cdn-cgi/mirage_speedtest/1760242659240 HTTP/1.1\r\nHost: situstotonline.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 404 Not Found\r\ncontent-length: 315\r\ncontent-type: text/html; charset=iso-8859-1\r\ndate: Sun, 12 Oct 2025 04:17:39 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":315,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document, ASCII text","md5":"a34ac19f4afae63adc5d2f7bc970c07f","sha1":"a82190fc530c265aa40a045c21770d967f4767b8","sha256":"d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3","sha512":"42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765","ssdeep":"","tlshash":"b0e0e75f41473347402252907dc110d1d505236b797161fd3d85b4ab501dc3dc99f7dc","first_seen":"2023-03-07T01:02:33Z","last_seen":"2026-05-05T13:24:01.699292Z","times_seen":145058,"resource_available":true,"data":null}},"time_used":28,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"situstotonline.win","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"lh3.googleusercontent.com/d/11zD0FoRMHbqlm-nyfUFVlNNnidpJiI5v","fqdn":"lh3.googleusercontent.com","domain":"googleusercontent.com","tld":"com"},"ip":{"addr":"142.250.74.33","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:39.492Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.googleusercontent.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:47 GMT","end":"Mon, 15 Dec 2025 08:41:46 GMT"},"fingerprint":{"sha1":"F8:5F:63:28:35:3F:3B:74:50:6E:B0:8A:1E:82:1E:81:0B:2C:5D:57","sha256":"E5:11:BE:F6:31:91:0A:88:46:0E:37:CF:15:59:95:26:EE:40:53:A0:69:3F:0A:3E:F6:B4:44:43:15:61:C4:6F"}}},"request":{"raw":"GET /d/11zD0FoRMHbqlm-nyfUFVlNNnidpJiI5v HTTP/1.1\r\nHost: lh3.googleusercontent.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nvary: Origin\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\naccess-control-expose-headers: Content-Length\r\netag: \"v1\"\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: private, max-age=86400, no-transform\r\ncontent-disposition: inline;filename=\"sprite.png\"\r\nx-content-type-options: nosniff\r\ndate: Sun, 12 Oct 2025 04:17:39 GMT\r\nserver: fife\r\ncontent-length: 46883\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":46883,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 80 x 494, 8-bit/color RGBA, non-interlaced","md5":"1a645aeeb5a228de82ed42583c1d4890","sha1":"d046b643a79c0a3a4d4e3db6bca29041a34fc95e","sha256":"5d4cb42389358523c07b9eaf4ced8fa9e7a6ee6789a1d6ea7c7f6abe10969737","sha512":"0c868b9f95854f5ba9b5cdd5ec25a009cc9d46e374e194efb19f7491ca751e36b48e52e1431255c60d215c602767dfbbd1d4709bdf105f30f07d3e19e273022a","ssdeep":"768:GcXruNYIALVz9XFaHANkdyM7i404bkDi2MC4vkPEilf2xY3WU+nmSfDQSTqJJqUd:G8VpVaAkAogovkcititmSfqJjuQ9rx","tlshash":"e42302734ffe9a2975694a3106f348c853d5ae6f8721afd3f40cc9e2623e3905632499","first_seen":"2025-05-23T04:46:12.593576Z","last_seen":"2026-05-04T09:38:40.808676Z","times_seen":81,"resource_available":false,"data":null}},"time_used":314,"timings":{"blocked":54,"dns":2,"connect":7,"send":0,"wait":193,"receive":10,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/js/jquery.raty.min.js","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /js/jquery.raty.min.js HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 24 Sep 2025 03:05:25 GMT\r\netag: W/\"68d35ff5-2051\"\r\nexpires: Sat, 08 Nov 2025 09:21:57 GMT\r\ncache-control: public, max-age=604800\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\ncontent-encoding: gzip\r\nage: 240940\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3DnHylviUZLqJ5qtZwGRLU1qk4r1af%2BqT%2FFG6szDXSKyUOClNcHFQfFx96kwxV0CGIBxESZNLxBoT%2FZGnc%2B2bCeaot7Dmmh2CnHX1g%3D%3D\"}]}\r\ncf-ray: 98d3c9e6b8635688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":8273,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (8081)","md5":"86a847667db14615f2250f7e514c8c66","sha1":"7b308dedd78e158b1dc55f215909336b830c6749","sha256":"95e661e05ce7526f3a5527278e565ad71cda9dca5b80d72a0ce76bad97353a9f","sha512":"46cd8d256492da4123f776c2745cc8f4521ef4fc6c020d8b583e9052aa764c9c9fbcf75e1fdf89fc5cf7c0313fc2e9e2770d3bbc8dc84edc0633532259c0b906","ssdeep":"192:vdlRLpMwO35XNARENbYnPP3wGCGGtQ//iuX8:vdlXMt3HgENM3w7Q//iuX8","tlshash":"c1021fc8b38571069de33370249e674ee333ed8b9642402d783dc6d5ef6988995b2e78","first_seen":"2023-03-07T12:03:44Z","last_seen":"2026-05-05T02:37:04.109062Z","times_seen":373,"resource_available":true,"data":null}},"time_used":194,"timings":{"blocked":83,"dns":12,"connect":2,"send":0,"wait":9,"receive":0,"ssl":67},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/css/product-view.min.css","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.283Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /css/product-view.min.css HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 24 Sep 2025 03:05:24 GMT\r\netag: \"68d35ff4-6673\"\r\nexpires: Wed, 05 Nov 2025 18:29:12 GMT\r\ncache-control: public, max-age=604800\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\ncontent-encoding: gzip\r\nage: 467305\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=GtCNAoDbZtEPtd8iWzYsNmus7XfYjYeW6XlsXNyGKSpIBFvuzkQBRjVPf35kHRstto8LNS9nuLlmBy8CdTbKSrnd3GnnnI3fqM9HvA%3D%3D\"}]}\r\ncf-ray: 98d3c9e6b8645688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":26227,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (26221), with no line terminators","md5":"515b35077bf4cc8e6d0531c6b27b8449","sha1":"fb45b03801b0ced7a5ec9d31fdf9f36eb4e6ebaf","sha256":"cf0365e3166ea7b698b1e91c3af0db8c59eb0b18a460c218c283a10f08a19051","sha512":"7870037aca238113980c8826b3874e36e39ced81fbc9873b6249c2632e4fcf9af0a06daac480fdf2ee5b90a59310271c1d8945f0d2c580dcb59a25527ce3b599","ssdeep":"384:4TxHuaq1dcXGeKDv8YCSCgQLP16/HVa23hL4bbPdna91Da91dxRDSR:1d7DtPHV8bha91Da91UR","tlshash":"cbc27333a840216db027c96bb691bbdd35248503f6135bbee5a736f4cf924cb1232b59","first_seen":"2025-05-23T04:46:12.600197Z","last_seen":"2026-05-04T09:38:40.792541Z","times_seen":81,"resource_available":false,"data":null}},"time_used":189,"timings":{"blocked":74,"dns":15,"connect":2,"send":0,"wait":10,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/redesign/icon/icon_share.svg","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.298Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /redesign/icon/icon_share.svg HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 03:05:25 GMT\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=RfRKysT4zTt0fK%2Bh%2FdVylapzgY9NNBC82QWojgJ7AqrB9lDuJ%2Bb8O%2F%2FyHAwj9G4XWZ4MTpebz261HlhjV2CR4mF3csLelb3BYJigJQ%3D%3D\"}]}\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\nage: 1209\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\netag: W/\"68d35ff5-2a2\"\r\ncontent-encoding: br\r\ncf-ray: 98d3c9e6a85e5688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":674,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"d5696b1d179fc91bf444bef8b2f3f6be","sha1":"e041ae2f92ff26b46e23f71f813fdd7a4848e40a","sha256":"9d88d1b6da895dbc349d011815c003f1e21bddc621dc6cd5350ad93e239fd4e5","sha512":"5603a64119102271adbfca6350216212253d2d23853cb860231984a20cbc57c414116ebb61b06f41d51e71458e92be1b8ebc08c9d6c59bb359ad55c07df7db9b","ssdeep":"","tlshash":"73017da626fa6698a73c435112e8343e3373335433088cb483911fc4da5ed1e5e81ceb","first_seen":"2025-05-23T04:46:12.594908Z","last_seen":"2026-05-04T09:38:40.805859Z","times_seen":81,"resource_available":false,"data":null}},"time_used":61,"timings":{"blocked":51,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-12T04:17:37.914Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.situstotonline.win","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Oct 2025 04:55:34 GMT","end":"Fri, 09 Jan 2026 04:55:33 GMT"},"fingerprint":{"sha1":"4A:34:EF:A7:29:CD:37:67:A6:82:E0:D3:ED:9F:F3:E2:E9:F8:3F:FB","sha256":"41:18:B8:37:E4:F6:60:BF:CC:B5:D7:2B:5F:7F:7D:94:45:2B:79:E2:CE:58:B8:A9:F4:32:29:24:D4:0B:D6:64"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: situstotonline.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 11 Oct 2025 09:45:22 GMT\r\naccept-ranges: bytes\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-length: 20670\r\ncontent-type: text/html\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]},{"name":"Bootstrap:5","description":"Bootstrap is a free and open-source CSS framework directed at responsive, mobile-first front-end web development. It contains CSS and JavaScript-based design templates for typography, forms, buttons, navigation, and other interface components.","website":"https://getbootstrap.com","common_platform_enumeration":"cpe:2.3:a:getbootstrap:bootstrap:*:*:*:*:*:*:*:*","icon":"Bootstrap.svg","categories":["UI frameworks"]},{"name":"AMP","description":"AMP, originally created by Google, is an open-source HTML framework developed by the AMP open-source Project. AMP is designed to help webpages load faster.","website":"https://www.amp.dev","common_platform_enumeration":"","icon":"Accelerated-Mobile-Pages.svg","categories":["JavaScript frameworks"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":93706,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (885), with CRLF line terminators","md5":"0d7e21db2be75e5f09c1765f60b4ab2d","sha1":"70557dd295d697c879fec835dda5e76bfea0c425","sha256":"30863d40148c3a4b7507a37a216f9be097426ad213958eba6e40ebcb8ca87c29","sha512":"3274257937403268a6baf9d4c5c7e1cb212de9f36497451495dea9a4691b76c35379d60767eeb97aabcd65bd2533ac4d24e34831e061a90488488697789b1795","ssdeep":"1536:yLvRcTsiggjnXme5lrKe6zU7edtCmVtmm+q4B/tdxp9pz5igEA:y7RcTsigAnXXlriMdf","tlshash":"00931996b5112c2b03336bf1a0726b18e7658113cf0348a4b2e9965bf7d5eb867376cc","first_seen":"2025-10-12T04:18:07.362289Z","last_seen":"2025-10-12T04:18:07.362289Z","times_seen":1,"resource_available":false,"data":null}},"time_used":246,"timings":{"blocked":97,"dns":47,"connect":22,"send":0,"wait":42,"receive":9,"ssl":26},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"situstotonline.win","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/images/banner-situs.png","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.265Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.situstotonline.win","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Oct 2025 04:55:34 GMT","end":"Fri, 09 Jan 2026 04:55:33 GMT"},"fingerprint":{"sha1":"4A:34:EF:A7:29:CD:37:67:A6:82:E0:D3:ED:9F:F3:E2:E9:F8:3F:FB","sha256":"41:18:B8:37:E4:F6:60:BF:CC:B5:D7:2B:5F:7F:7D:94:45:2B:79:E2:CE:58:B8:A9:F4:32:29:24:D4:0B:D6:64"}}},"request":{"raw":"GET /images/banner-situs.png HTTP/1.1\r\nHost: situstotonline.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 11 Oct 2025 09:50:22 GMT\r\naccept-ranges: bytes\r\ncontent-length: 130687\r\ncontent-type: image/png\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":130687,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 736 x 736, 8-bit colormap, non-interlaced","md5":"8b91754ac57083c3e6794405348408a8","sha1":"676b530c7d7b67d3c4bd2cf42541b8974effe45d","sha256":"4cc0e6b33a1fa53af797892e3ccbc9686e29051259925328c429f1cb87f5f988","sha512":"882e5971dc46cebbb4453e03587c2c80bc757f0e6f81d409d56acf029519abefcf4a2d3fda30628f73f498fde20929a9c6213ee4ea4644270dd7396ca45e9939","ssdeep":"3072:8Q7zygBQOF9fZSG+ZaGZCupO20A+Abhqfcjyb4l1S:rBQOFdoG+ZaGAlAFVqfzb4l1S","tlshash":"46d312d8d4e8b55a225d0a49e56fb1fdfb224147bdae8104b10b7cb346c0352f281afb","first_seen":"2025-10-12T04:18:07.364321Z","last_seen":"2025-10-12T04:18:07.364321Z","times_seen":1,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":24,"receive":72,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"situstotonline.win","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"situstotonline.win/images/logo-situs.png","fqdn":"situstotonline.win","domain":"situstotonline.win","tld":"win"},"ip":{"addr":"217.182.4.139","port":443,"asn":16276,"as":"OVH SAS","country":"France","country_code":"FR"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.278Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.situstotonline.win","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Sat, 11 Oct 2025 04:55:34 GMT","end":"Fri, 09 Jan 2026 04:55:33 GMT"},"fingerprint":{"sha1":"4A:34:EF:A7:29:CD:37:67:A6:82:E0:D3:ED:9F:F3:E2:E9:F8:3F:FB","sha256":"41:18:B8:37:E4:F6:60:BF:CC:B5:D7:2B:5F:7F:7D:94:45:2B:79:E2:CE:58:B8:A9:F4:32:29:24:D4:0B:D6:64"}}},"request":{"raw":"GET /images/logo-situs.png HTTP/1.1\r\nHost: situstotonline.win\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nlast-modified: Sat, 11 Oct 2025 09:38:12 GMT\r\naccept-ranges: bytes\r\ncontent-length: 12058\r\ncontent-type: image/png\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\nserver: Apache\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Apache HTTP Server","description":"Apache is a free and open-source cross-platform web server software.","website":"https://httpd.apache.org/","common_platform_enumeration":"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*","icon":"Apache.svg","categories":["Web servers"]}],"data":{"size":12058,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 300 x 68, 8-bit colormap, non-interlaced","md5":"6b57357b4e74b3c6e498a3ab5b1c6d91","sha1":"08f7207f4b20a46cf6c13763fe1fa964994272fd","sha256":"8dee0a4514d8e0e9854c5a11d6dec3fc6bf3a137f1f8ffd77dc674c349f90b31","sha512":"d522d9859643f6fc06e6ae7bbd105e58453f57bd20d091d3638b016fdaf9bf7ce6fa8c3b20b1ac3747e0cccb5dab1994999d63bfe461d672f7f7b42adf277e55","ssdeep":"192:nL+8rQnSIYsO67nfhbVSBFrIRUNqCUMKwQRR/2MqXNTY8iIflEPSMXZw4:nBrQnSvsO4pbVSBF7zUMKwQr/JqXNk8o","tlshash":"0a42bfd487b822d3bcf857563ce489d81e6b4306a8c2a7c55c588f275a01ed1a9a338f","first_seen":"2025-10-12T04:18:07.366026Z","last_seen":"2025-10-12T04:18:07.366026Z","times_seen":1,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":90,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-12","alert":"Sinkholed","trigger":"situstotonline.win","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/js/lazyload.min.js","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.302Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /js/lazyload.min.js HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 24 Sep 2025 03:05:24 GMT\r\netag: \"68d35ff4-11dd\"\r\nexpires: Sat, 08 Nov 2025 10:21:05 GMT\r\ncache-control: public, max-age=604800\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\ncontent-encoding: gzip\r\nage: 237393\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=nhdd5WdEzebC3VRRrvc17gl9JJzDxWwStewxBSk1Hu2HkZRmNErD%2FrWMVh9WHlK65dPXEMgewGnm8jRxi3JLW%2F7vsaiYkdhtvuYx2w%3D%3D\"}]}\r\ncf-ray: 98d3c9e6a85b5688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":4573,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (861)","md5":"b113c7191eb2ab3c2768374d090ebfeb","sha1":"5f562722bc9c60ed4eb5a6d709b782e0e8e40435","sha256":"0ff9cb70f9c7f802c9965d3573acc8444099a6fcd53fb132fb08fe50a0912d50","sha512":"aa977fe95791059840c3cbc6dab65d21965e9909129de16c898372b0def0788a2a4e4f5438d77865c9497bf476655c026e692b30031aafd960340091e4cddca1","ssdeep":"96:d0Q1y+ZltH75Z58Hieuc4aQuC3K5Vi8uchE4nuO+xGmNAdaGYnNPP9H8aKNuJgFA:dtyOltHNZ5NeVCa5k8Vll+xGsAQRNP6K","tlshash":"2c9134097902b93cb0ae767fc21b130a253ac5679579ec7064344c94befca93e216dca","first_seen":"2025-05-23T04:46:12.586437Z","last_seen":"2026-05-04T09:38:40.768547Z","times_seen":90,"resource_available":true,"data":null}},"time_used":61,"timings":{"blocked":44,"dns":0,"connect":0,"send":0,"wait":17,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/css/pageOptimations/bootstrap5.critical.css","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.288Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /css/pageOptimations/bootstrap5.critical.css HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 24 Sep 2025 03:05:24 GMT\r\netag: \"68d35ff4-fe9\"\r\nexpires: Mon, 10 Nov 2025 05:21:48 GMT\r\ncache-control: public, max-age=604800\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\ncontent-encoding: gzip\r\nage: 82549\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=0DZD1jUwEUkjqnvhkQyuf6sBWFzhkd3Q0kgd7XtqhSGfj%2BNoMIU8mTmduymijzU56J7EPQaudo%2BBaY6umGERcHwIL%2BXMuNXlggt%2FRg%3D%3D\"}]}\r\ncf-ray: 98d3c9e6b8665688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":4073,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"987bda5a665c762febdacef166c2346a","sha1":"08334b1540c49a021cb9c36ec175ce32abe7d9db","sha256":"fa1e64f45ae93a862fda973c11193ba11b556548852998669809cc9fc6fc944f","sha512":"d4388fddf30a480d911a0128fcf199b2b051ec16a282dd8c2f13557dc937bf1945a0fcad16c17bb723a2797c47b3db5f246a74e9be5e7b5106ea0e673c37d336","ssdeep":"","tlshash":"a9811e94e5733eec66a7889b37ca9e8727b459c7840af97479c372148f8802a35717cc","first_seen":"2025-05-23T04:46:12.585435Z","last_seen":"2026-05-04T09:38:40.793033Z","times_seen":81,"resource_available":false,"data":null}},"time_used":174,"timings":{"blocked":70,"dns":4,"connect":1,"send":0,"wait":10,"receive":0,"ssl":65},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/redesign/icon/stock.svg","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.839Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /redesign/icon/stock.svg HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 03:05:25 GMT\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=IPkiKyQtmsUZgLBFXAxjNvM%2ByvTXGhsn0pLLpYs%2Fz72LfpLdTT%2B5UNFTrt2ZyxG7enLvNcSUvA3qG%2FjeKJm6joHMUfzTJ%2Fr%2B06khXw%3D%3D\"}]}\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\nage: 1208\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\netag: W/\"68d35ff5-38c\"\r\ncontent-encoding: br\r\ncf-ray: 98d3c9e9a90e5688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":908,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"0063636e8e811fc24829f57f272aa86f","sha1":"5367d0b3eede0ed9893425db3a0826aa36f445a4","sha256":"8ef3c1989041007cfb2a857c3b6bc5b08510081074eb47e77880b847dfa10576","sha512":"5de6a94b1cf9166e456a3f1f0b86681189c56bc165ee9898808957cb7b24b9c7fa60e7af0886cbf277c3f251b8d3f803bc218eeb0b6e0137d8e9adc9194b713f","ssdeep":"","tlshash":"7d11d0aae27995d08103876690e475ed9adf68b423505ff0d6405be7a4e45ed17c4cc0","first_seen":"2025-06-27T22:59:24.594068Z","last_seen":"2026-04-19T05:35:51.844525Z","times_seen":62,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css?family=Poppins","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.74.10","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.272Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 22 Sep 2025 08:41:52 GMT","end":"Mon, 15 Dec 2025 08:41:51 GMT"},"fingerprint":{"sha1":"04:E6:D3:58:E3:A1:E3:05:2B:C3:56:5D:68:BB:1B:0A:08:C6:E3:FB","sha256":"25:4C:B3:A3:9A:E1:D7:FD:25:B6:BF:E9:AA:97:95:20:5D:F2:15:EA:41:46:B6:6B:01:17:19:26:EC:EF:D3:CA"}}},"request":{"raw":"GET /css?family=Poppins HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 12 Oct 2025 04:17:38 GMT\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":1123,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text","md5":"48ff118e891bb4948701b2d75b360339","sha1":"f5c506042ed4472896a7084751b9be33e5eb1b69","sha256":"55ad63faf3956fc9fb6210fc7037e9aec3ad54586b2ea6fe6465d9c051d340a3","sha512":"5928eefa9e37943a01ffe206c48bce3811871c96f90a0dfe15c97e96a981dbed2a2e698561387fa4dbb12c4a64a3c096b2c4bad9f2b26b211b82f9936a2b4da8","ssdeep":"","tlshash":"ef219891087ae41467831cc5238e3c37ef0e9254b440a564abfe0c98ad67c654372b2d","first_seen":"2025-09-17T15:13:56.931672Z","last_seen":"2026-05-05T15:09:56.35603Z","times_seen":2930,"resource_available":false,"data":null}},"time_used":788,"timings":{"blocked":374,"dns":1,"connect":7,"send":0,"wait":18,"receive":0,"ssl":384},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/redesign/icon/cart-shopping.svg","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.281Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /redesign/icon/cart-shopping.svg HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: image/svg+xml\r\nserver: cloudflare\r\nlast-modified: Wed, 24 Sep 2025 03:05:25 GMT\r\nx-xss-protection: 1; mode=block\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=aVVfHhsOfCxNhmqPc32w0qw%2BBqQY7pt5LqerNWpua1zctvC4NJy5gykEkcOzd%2B%2F%2B7uwNLpIGVietGj4kQlSiGONG8CQMqwXaAUS9jg%3D%3D\"}]}\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\nage: 1210\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nx-content-type-options: nosniff\r\nvary: accept-encoding\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\netag: W/\"68d35ff5-3c2\"\r\ncontent-encoding: br\r\ncf-ray: 98d3c9e6a85c5688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":962,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"6b4f7e378d8bbd1ccc63aca6a923f98f","sha1":"4ecd450e96115010259bcb6497944ccd78856175","sha256":"2d5f59dc4879582a4f799b87d9fe8b0b985ea3f800c556177634c33a43d2face","sha512":"49b78abf45c75b465339e86b460c381980ab6d910a88c392a53eba8bf2f751df8f1262f7682a28abd26584efe9056ccfcd5f2e72e25924b919f4ea18929ebfd0","ssdeep":"","tlshash":"2111bda0b3e9e2541a23e3d0d13de866f71b14ff7841de8486a0eb99f47f05954c9850","first_seen":"2025-05-23T04:46:12.608659Z","last_seen":"2026-05-04T09:38:40.784675Z","times_seen":79,"resource_available":false,"data":null}},"time_used":88,"timings":{"blocked":65,"dns":0,"connect":0,"send":0,"wait":23,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.k24klik.com/css/k24-2022/k24.css","fqdn":"www.k24klik.com","domain":"k24klik.com","tld":"com"},"ip":{"addr":"172.67.71.190","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://situstotonline.win/","date":"2025-10-12T04:17:38.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"www.k24klik.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 09 Oct 2025 07:38:48 GMT","end":"Wed, 07 Jan 2026 08:38:47 GMT"},"fingerprint":{"sha1":"93:8D:4E:06:93:C7:A6:08:40:2A:14:E2:72:A7:D1:92:BC:07:08:8B","sha256":"5C:86:52:DF:0E:AA:3C:AF:C3:F7:56:13:BC:7A:5B:7B:83:AE:10:8E:7A:34:B6:78:F0:69:D9:B5:6C:B1:E9:FF"}}},"request":{"raw":"GET /css/k24-2022/k24.css HTTP/1.1\r\nHost: www.k24klik.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://situstotonline.win/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 12 Oct 2025 04:17:38 GMT\r\ncontent-type: text/css\r\nserver: cloudflare\r\nvary: Accept-Encoding, Accept-Encoding\r\nlast-modified: Wed, 24 Sep 2025 03:05:24 GMT\r\netag: \"68d35ff4-4f25\"\r\nexpires: Wed, 05 Nov 2025 18:29:15 GMT\r\ncache-control: public, max-age=604800\r\ncontent-security-policy: upgrade-insecure-requests; block-all-mixed-content; frame-ancestors 'self' https://konsultasidokter.k24.co.id;\r\ncontent-encoding: gzip\r\nage: 467303\r\ncf-cache-status: HIT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nstrict-transport-security: max-age=63072000; includeSubDomains; preload\r\nx-content-type-options: nosniff\r\npermissions-policy: accelerometer=(), gyroscope=(), magnetometer=(), microphone=()\r\nreferrer-policy: no-referrer-when-downgrade\r\nx-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.googletagmanager.com https://connect.facebook.net https://static.cloudflareinsights.com;\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=PPEHpRheDk%2BC8NgxHwRMPo44E0bfp1VhatKGZRtxVHZe%2FOP79SiJvwHVWdC8SEzG%2FT3L3%2Fgzjg65ANP3z5TYPa%2FYSGHkOtmxqRvSeQ%3D%3D\"}]}\r\ncf-ray: 98d3c9e6c86a5688-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":20261,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"8dd9db32d02ed2c4e27811f163426a3b","sha1":"d71b12724812dddebff26cf45b4ec5de7afe5b50","sha256":"013fec5583e79e6a65cef698a73b8584b324ba0eaa7e5d786f8dee0dd0233b8a","sha512":"8e869ce18402d0c020100579751b3ed2685ed2e7fe69f08d08a526ecbede3474d9dbdb51f25cad14b4cbc93a47eba0e54d71aad2edd6201e7e817060d029512a","ssdeep":"384:KHkaLef9vQ/A9m2ziwrX6oM1w8+eqFDlromvgFY:v1f9vQ/A9msiwrXE1w8+eqFDlromvgFY","tlshash":"6692b0ee66e00504f626d65c5c11fa56b36d8403860dfd7fe6f3212cbec96d5e0a22e8","first_seen":"2025-05-23T04:46:12.604571Z","last_seen":"2026-05-04T09:38:40.799575Z","times_seen":81,"resource_available":false,"data":null}},"time_used":190,"timings":{"blocked":74,"dns":9,"connect":1,"send":0,"wait":10,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}