{"report_id":"6272fcaf-ba2c-4990-ae31-addb0ae864fc","version":6,"status":"done","tags":[],"date":"2023-11-27T12:28:18Z","url":{"schema":"http","addr":"whatsappxirkqu1.klik-disini.my.id/","fqdn":"whatsappxirkqu1.klik-disini.my.id","domain":"klik-disini.my.id","tld":"my.id"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"final":{"url":{"schema":"https","addr":"whatsappxirkqu1.klik-disini.my.id/chat/","fqdn":"whatsappxirkqu1.klik-disini.my.id","domain":"klik-disini.my.id","tld":"my.id"},"title":"Whatsapp Group Invite"},"submit":{"url":{"schema":"","addr":"","fqdn":"","domain":"","tld":""},"ip":{"addr":"","port":0,"asn":0,"as":"","country":"","country_code":""},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-10-26T10:31:22Z","useragent":"Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0","referer":"","cookies":null,"exit_node":"default"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":null},"summary":[{"fqdn":"cdnjs.cloudflare.com","ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2009-02-17","domain_rank":235,"first_seen":"2015-04-17 22:46:33","last_seen":"2023-11-27 07:34:07","alert_count":0,"request_count":1,"received_data":18048,"sent_data":483,"comment":"","tags":null,"fingerprints":null},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":439,"first_seen":"2012-09-30 02:15:09","last_seen":"2023-11-27 05:09:30","alert_count":0,"request_count":1,"received_data":43203,"sent_data":462,"comment":"","tags":null,"fingerprints":null},{"fqdn":"whatsappxirkqu1.klik-disini.my.id","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"domain_registered":"2023-10-01","domain_rank":0,"first_seen":"2023-11-10 17:43:57","last_seen":"2023-11-11 18:20:15","alert_count":7,"request_count":7,"received_data":124662,"sent_data":3505,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www.whatsapp.com","ip":{"addr":"31.13.72.52","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"domain_registered":"2008-09-04","domain_rank":16540,"first_seen":"2012-05-21 08:39:46","last_seen":"2023-11-23 19:54:03","alert_count":0,"request_count":1,"received_data":4825,"sent_data":480,"comment":"","tags":null,"fingerprints":null},{"fqdn":"ocsp.trust-provider.cn","ip":{"addr":"117.27.246.96","port":0,"asn":133774,"as":"Fuzhou","country":"China","country_code":"CN"},"domain_registered":"2015-04-09","domain_rank":0,"first_seen":"2022-02-10 09:18:30","last_seen":"2023-11-27 08:05:51","alert_count":0,"request_count":1,"received_data":1482,"sent_data":346,"comment":"","tags":null,"fingerprints":null},{"fqdn":"z-p3-static.xx.fbcdn.net","ip":{"addr":"31.13.72.54","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"domain_registered":"2007-05-03","domain_rank":79582,"first_seen":"2017-01-30 08:07:09","last_seen":"2023-11-26 22:26:07","alert_count":0,"request_count":2,"received_data":4274,"sent_data":958,"comment":"","tags":null,"fingerprints":null},{"fqdn":"na.apps.amsoveasea.com","ip":{"addr":"129.226.2.89","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"domain_registered":"2020-07-01","domain_rank":100788,"first_seen":"2020-07-11 14:48:08","last_seen":"2023-11-24 02:35:00","alert_count":0,"request_count":1,"received_data":243,"sent_data":580,"comment":"","tags":null,"fingerprints":null},{"fqdn":"www-cdn.whatsapp.net","ip":{"addr":"31.13.72.52","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"domain_registered":"2009-02-20","domain_rank":0,"first_seen":"2017-01-30 11:26:17","last_seen":"2023-11-26 03:21:22","alert_count":0,"request_count":1,"received_data":236,"sent_data":484,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":[{"sensor_name":"infosec_yara","type":"yara","description":"Public InfoSec YARA rules","link":"","alerts":null},{"sensor_name":"openphish","type":"url","description":"OpenPhish","link":"","alerts":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-11","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-11","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-11","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-11","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-11","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-11","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com/","meta":null},{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-10","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/chat/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com","meta":null}]},{"sensor_name":"phishtank","type":"url","description":"PhishTank","link":"","alerts":null},{"sensor_name":"mnemonic_dns","type":"domain","description":"mnemonic secure dns","link":"","alerts":null},{"sensor_name":"quad9","type":"domain","description":"Quad9 DNS","link":"","alerts":null},{"sensor_name":"threatfox","type":"url","description":"ThreatFox","link":"","alerts":null}],"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"whatsappxirkqu1.klik-disini.my.id/chat/","fqdn":"whatsappxirkqu1.klik-disini.my.id","domain":"klik-disini.my.id","tld":"my.id"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T12:53:20.27382Z","times_seen":14838021,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"whatsappxirkqu1.klik-disini.my.id/chat/","fqdn":"whatsappxirkqu1.klik-disini.my.id","domain":"klik-disini.my.id","tld":"my.id"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"introduction_type":"scriptElement","is_inline":true,"md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","size":0,"data":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T12:53:20.27382Z","times_seen":14838021,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/stylesheett/jquery.min.js@main/slim.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"f38b0ad9edf7a744f15cc89aa31f5553","sha1":"d269ce63702073df08cd25d1ce356fa0fc80605e","sha256":"30fd54eee527bda253b3f9c77b8bf581954036ea99bd8af3643a4ebf87b5b409","sha512":"770caf39c02acb0a6855d986dec58aeecb634e163faac4ee4539817bfa534dee5ed03743435fbdcaedb65f8a8f3afd37d70b6f2064a282588540f5ef1ad43d47","ssdeep":"3072:YHEEFvQ5kBAwBmkzYLFaGhJc0AzgVdLtUROOkb:4FvQ7wBmkzYLFaGhpAzgVdLIOOkb","tlshash":"e7042d8aaae721359217f07d4e6fd808b235584f1a99fd007d0c52a59f1883c97f6fac","size":181900,"data":"","first_seen":"2023-03-09T05:51:47Z","last_seen":"2025-07-03T14:17:35.956635Z","times_seen":1414,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css","fqdn":"cdnjs.cloudflare.com","domain":"cloudflare.com","tld":"com"},"ip":{"addr":"104.17.25.14","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://whatsappxirkqu1.klik-disini.my.id/chat/","date":"2023-11-27T12:28:05.824Z","timestamp":1701088085824,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"sni.cloudflaressl.com","organization":"Cloudflare, Inc."},"issuer":{"commonName":"Cloudflare Inc ECC CA-3","organization":"Cloudflare, Inc."},"validity":{"start":"Mon, 03 Jul 2023 00:00:00 GMT","end":"Tue, 02 Jul 2024 23:59:59 GMT"},"fingerprint":{"sha1":"7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D","sha256":"D9:9E:DA:D7:6F:5A:E0:87:16:F3:3E:A0:A8:34:8B:84:B7:B0:98:30:2D:18:D8:53:E6:3C:09:06:19:48:07:54"}}},"request":{"raw":"GET /ajax/libs/font-awesome/6.1.1/css/all.min.css HTTP/1.1\r\nHost: cdnjs.cloudflare.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://whatsappxirkqu1.klik-disini.my.id/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Nov 2023 12:28:02 GMT\r\ncontent-type: text/css; charset=utf-8\r\ncontent-length: 17041\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=30672000\r\ncontent-encoding: br\r\netag: \"623a082a-4291\"\r\nlast-modified: Tue, 22 Mar 2022 17:32:26 GMT\r\ncf-cdnjs-via: cfworker/kv\r\ncross-origin-resource-policy: cross-origin\r\ntiming-allow-origin: *\r\nx-content-type-options: nosniff\r\nvary: Accept-Encoding\r\ncf-cache-status: HIT\r\nage: 302877\r\nexpires: Sat, 16 Nov 2024 12:28:02 GMT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=6u810XlF6gvzhOpb07%2FxbdcanN%2FlH163vkWK%2FBWvJnetWQrDl%2BGVehg3yZopJ6sgcD289EowEXCdlnaSgAyo6c66Wcjbz0ehFqqCNLwNmAV%2FEC4F0buYne32d%2FRI7w8hCcC6J1uV\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0.01,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nstrict-transport-security: max-age=15780000\r\nserver: cloudflare\r\ncf-ray: 82ca5e61ae5f0b59-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17041,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (65317)","md5":"6386fb409d4a2abc96eee7be8f6d4cc4","sha1":"09102cfc60efb430a25ee97cee9a6a35df6dfc59","sha256":"0df5a33710e433de1f5415b1d47e4130ca7466aee5b81955f1045c4844bbb3ed","sha512":"29f91fc180ec2e4225c10a7a2c59e5f3335d2c6c6ef58000d50bf020d92ce0f85c125412bea73254b2c3f5a3215ddd77b908e85ed10a368b0e59a66a5e07a5d2","ssdeep":"1536:mUMVM6MVMkMVM9MVMNMVMispLudL+P8Wcn0Fwib3ePyUHsE+z:hudL25cn0FfePyUME+z","tlshash":"b3a3b7f5e44c05d97732c44bab95b37c65b6f738d9810ca9f02f580c1ad26a822c6f7a","first_seen":"2023-04-05T03:24:19Z","last_seen":"2026-05-08T12:28:33.362379Z","times_seen":26832,"resource_available":false,"data":null}},"time_used":27,"timings":{"blocked":6,"dns":0,"connect":1,"send":0,"wait":7,"receive":1,"ssl":10},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/gh/stylesheett/jquery.min.js@main/slim.js","fqdn":"cdn.jsdelivr.net","domain":"cdn.jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.193.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://whatsappxirkqu1.klik-disini.my.id/chat/","date":"2023-11-27T12:28:05.829Z","timestamp":1701088085829,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2023 Q3","organization":"GlobalSign nv-sa"},"validity":{"start":"Wed, 27 Sep 2023 18:13:13 GMT","end":"Mon, 28 Oct 2024 18:13:12 GMT"},"fingerprint":{"sha1":"05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09","sha256":"0F:90:CD:B5:CD:3B:AE:F1:BB:01:3A:4D:6D:2E:A6:BA:98:C6:1B:1B:75:BE:DD:CB:39:33:E8:D1:21:F1:9F:EF"}}},"request":{"raw":"GET /gh/stylesheett/jquery.min.js@main/slim.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://whatsappxirkqu1.klik-disini.my.id/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=604800, s-maxage=43200\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: main\r\nx-jsd-version-type: branch\r\netag: W/\"2c68c-0mnOY3Agc98IzSXRzjVvoPyAYF4\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\ndate: Mon, 27 Nov 2023 12:28:02 GMT\r\nage: 22538\r\nx-served-by: cache-fra-eddf8230134-FRA, cache-bma1682-BMA\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 42436\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42436,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"Unicode text, UTF-8 text","md5":"f38b0ad9edf7a744f15cc89aa31f5553","sha1":"d269ce63702073df08cd25d1ce356fa0fc80605e","sha256":"30fd54eee527bda253b3f9c77b8bf581954036ea99bd8af3643a4ebf87b5b409","sha512":"770caf39c02acb0a6855d986dec58aeecb634e163faac4ee4539817bfa534dee5ed03743435fbdcaedb65f8a8f3afd37d70b6f2064a282588540f5ef1ad43d47","ssdeep":"3072:YHEEFvQ5kBAwBmkzYLFaGhJc0AzgVdLtUROOkb:4FvQ7wBmkzYLFaGhpAzgVdLIOOkb","tlshash":"e7042d8aaae721359217f07d4e6fd808b235584f1a99fd007d0c52a59f1883c97f6fac","first_seen":"2023-03-09T05:51:47Z","last_seen":"2025-07-03T14:17:35.956635Z","times_seen":1414,"resource_available":true,"data":null}},"time_used":160,"timings":{"blocked":66,"dns":51,"connect":8,"send":0,"wait":10,"receive":9,"ssl":13},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"whatsappxirkqu1.klik-disini.my.id/chat/img/fb.png","fqdn":"whatsappxirkqu1.klik-disini.my.id","domain":"klik-disini.my.id","tld":"my.id"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://whatsappxirkqu1.klik-disini.my.id/chat/","date":"2023-11-27T12:28:05.827Z","timestamp":1701088085827,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"klik-disini.my.id","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 01 Oct 2023 09:01:33 GMT","end":"Sat, 30 Dec 2023 09:01:32 GMT"},"fingerprint":{"sha1":"C1:9E:E5:4E:BB:58:B5:24:1E:88:A8:53:AD:DC:DF:8D:73:42:A6:D5","sha256":"45:AF:5D:F3:30:85:D5:8E:61:94:04:32:F3:2C:0A:A0:FF:F9:3A:3D:A6:FC:BA:E8:E0:A5:F3:6C:36:96:C6:75"}}},"request":{"raw":"GET /chat/img/fb.png HTTP/1.1\r\nHost: whatsappxirkqu1.klik-disini.my.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://whatsappxirkqu1.klik-disini.my.id/chat/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 27 Nov 2023 12:28:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 28789\r\nlast-modified: Sun, 12 Dec 2021 19:09:22 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=QouFdOQRhh%2B3k5fl%2BRmi%2Bqq8xCuJQ6afLHe52cK3BrLhYRKPTxscYtP641xlmSukA4xbVKHuAXxoPP5SG5qhEQyLEUZxI0rSFT4vHO2HZ8iQ1sMX2mDWP6eU2bIcBcv2ZUIkFksh1oCley5VSI9DR1l1xGM%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82ca5e618e18b4f1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28789,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\\012- data","md5":"74190b93fc4f5d88f0c8e6411ba20bd8","sha1":"89ce2ecb660a90b8e6ed1b335443d7767c59f28a","sha256":"092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401","sha512":"35ffc458da53b5105ba45473350bc178d4b96acc7e5f409fcf586aca4e7c9b9b9b3a7d9d1c2185532ee13f9f496811156a38130fb7d9abf5925436ef29f63ecb","ssdeep":"768:mQmpRJ1JqkEDO5tjx6ZmOAKTTjgH1W7AH0VYvkLHNy:mQUJbqkoO/zPKDgmKvkLH0","tlshash":"6ed2e15081a1c9adafb1d49dc634e02bbec505cda294f0585060fb6d9ac0f14befb1ee","first_seen":"2023-04-30T18:55:26Z","last_seen":"2026-04-29T14:00:23.368656Z","times_seen":3251,"resource_available":false,"data":null}},"time_used":253,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":251,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-11","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"whatsappxirkqu1.klik-disini.my.id/","fqdn":"whatsappxirkqu1.klik-disini.my.id","domain":"klik-disini.my.id","tld":"my.id"},"ip":{"addr":"188.114.96.1","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-27T12:28:06.429253325Z","timestamp":1701088086429,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"klik-disini.my.id","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 01 Oct 2023 09:01:33 GMT","end":"Sat, 30 Dec 2023 09:01:32 GMT"},"fingerprint":{"sha1":"C1:9E:E5:4E:BB:58:B5:24:1E:88:A8:53:AD:DC:DF:8D:73:42:A6:D5","sha256":"45:AF:5D:F3:30:85:D5:8E:61:94:04:32:F3:2C:0A:A0:FF:F9:3A:3D:A6:FC:BA:E8:E0:A5:F3:6C:36:96:C6:75"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: whatsappxirkqu1.klik-disini.my.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Nov 2023 12:28:00 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=lCiZAH%2FGa6GBd7a%2F1vPMUh8LgkLiIulfpRNCSP3oq0VnwmOrYY6jyaAnCbbhn%2F5MMjwwXscHLMwcM9dEwP9JKtWf7YUGlxoKZ85I2ElSICA0S85fsMOJQtdCxe6xgcyCi5xDZXSdXERTsOFAbz34CqKtc%2BU%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82ca5e55f9d05684-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":798,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document, ASCII text, with CRLF line terminators","md5":"c9613ea7e0e4c8090e9ed0a6a0335100","sha1":"856be85e4e3236ae4a26d3382033ab49e1b0ec35","sha256":"27e22436bee5112c16bdcaa5cf1a5dba65cc676ff874dc6e46a42ad850b7dca2","sha512":"d10e818db364cc0fb713b7cb329f36d15e25267ca5d2342e58171fdf2ef4cc18f657e4369545fb79709a6c8f60a438ed181592beaccd46dcf1c528de2eb3ee5d","ssdeep":"","tlshash":"e3b012f325905c174231373078c4336395c2085199490930c09010ef00a1b04cf43213","first_seen":"2023-10-08T16:09:24Z","last_seen":"2024-08-21T05:05:12.779444Z","times_seen":44,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-11","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"whatsappxirkqu1.klik-disini.my.id/chat/css/style.css","fqdn":"whatsappxirkqu1.klik-disini.my.id","domain":"klik-disini.my.id","tld":"my.id"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://whatsappxirkqu1.klik-disini.my.id/chat/","date":"2023-11-27T12:28:05.819Z","timestamp":1701088085819,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"klik-disini.my.id","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 01 Oct 2023 09:01:33 GMT","end":"Sat, 30 Dec 2023 09:01:32 GMT"},"fingerprint":{"sha1":"C1:9E:E5:4E:BB:58:B5:24:1E:88:A8:53:AD:DC:DF:8D:73:42:A6:D5","sha256":"45:AF:5D:F3:30:85:D5:8E:61:94:04:32:F3:2C:0A:A0:FF:F9:3A:3D:A6:FC:BA:E8:E0:A5:F3:6C:36:96:C6:75"}}},"request":{"raw":"GET /chat/css/style.css HTTP/1.1\r\nHost: whatsappxirkqu1.klik-disini.my.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://whatsappxirkqu1.klik-disini.my.id/chat/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 27 Nov 2023 12:28:02 GMT\r\ncontent-type: text/css\r\nlast-modified: Mon, 30 May 2022 20:25:52 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=X5bZq%2Fal%2F8I7m4V5N7nfVKFMkPnmd2oqs8G1aCjEbM08t05wRUq30uArPttq5iVs0Igf%2B9cijgLan9G9bCtpAnOIEftsaA5bCwoaGSDTn%2F1lmSKSraD3WwQ0%2BjEakAIPux4F9rvvzRgnNXhOV9BnuKmZ8U0%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82ca5e618e14b4f1-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":54349,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (593), with CRLF line terminators","md5":"5c9a09496b999ac72474f53def44cd7c","sha1":"a8ab99f83761f730707f7275a34eeba80245ea82","sha256":"cd9d046024a07792e6de29cea4ad2517f5d8da6a5cde0c23f1a7b1b3eefa8343","sha512":"975dddaa2af39f7a28fd987f3b5e591aa5210c1b38a1f7a14cf95ecc4a7c9ef9153901cdac2d86ff516da38910071f3c80bd7873876035ac9768e49ccf8b0329","ssdeep":"3072:L1lwQobC4EWoL7j0KLrqsvg8LbBKE4H5YbWb:xlA8jLrqsvg8LbJ4HEWb","tlshash":"f8442e56ce045a5d5bbf4b76f75aaa76eb020483034182d9f48ef00ba7b4d4ec72ce49","first_seen":"2023-04-22T19:05:06Z","last_seen":"2024-08-21T08:52:46.091779Z","times_seen":133,"resource_available":false,"data":null}},"time_used":439,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":437,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-11","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"whatsappxirkqu1.klik-disini.my.id/chat/img/pp.png","fqdn":"whatsappxirkqu1.klik-disini.my.id","domain":"klik-disini.my.id","tld":"my.id"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://whatsappxirkqu1.klik-disini.my.id/chat/","date":"2023-11-27T12:28:06.298Z","timestamp":1701088086298,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"klik-disini.my.id","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 01 Oct 2023 09:01:33 GMT","end":"Sat, 30 Dec 2023 09:01:32 GMT"},"fingerprint":{"sha1":"C1:9E:E5:4E:BB:58:B5:24:1E:88:A8:53:AD:DC:DF:8D:73:42:A6:D5","sha256":"45:AF:5D:F3:30:85:D5:8E:61:94:04:32:F3:2C:0A:A0:FF:F9:3A:3D:A6:FC:BA:E8:E0:A5:F3:6C:36:96:C6:75"}}},"request":{"raw":"GET /chat/img/pp.png HTTP/1.1\r\nHost: whatsappxirkqu1.klik-disini.my.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://whatsappxirkqu1.klik-disini.my.id/chat/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 27 Nov 2023 12:28:02 GMT\r\ncontent-type: image/png\r\ncontent-length: 15784\r\nlast-modified: Sat, 03 Dec 2022 02:24:32 GMT\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\naccept-ranges: bytes\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=txGVP5cl4VKDWPI4pygsziBhwnHXkCRVBWw1mpT%2FaMq6oM8zYEW15BpY%2FlTxPWqbhbklQJ%2Fwye%2B562LLvKfmat8AWQ%2F3WTTabZTB1jlETIRxJV7Jr4g18%2BMi3eQqbMq3B%2BgJSs12G94A4haykbv7W4CndbY%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82ca5e649b81b4f1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15784,"size_decoded":0,"mime_type":"image/png","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x640, components 3\\012- data","md5":"5a09c2a4bf8dda5fd038a992f246fd82","sha1":"f1882004668613945f13e7185d2bcf75f2ee8419","sha256":"19a733b22686d95b81b3990690e16dab03bb0ce1a13aaa5b751e6cea4ebb51bc","sha512":"1f32f7d9efb1f2c5ee946f58d0a5d3212267e27f9b001c227f61444013b20a629b65279bcf6f0de72b549d661cc268da2af3f94a2f8f979bc6db0bceda8fb150","ssdeep":"384:99cl2I5PKDaXIjCDxxQiYuRGpOzDPeYUjIA:Qlh5FqCFxQvczTnUjd","tlshash":"0362bf2eb3219cb5db94c77c3daf75a637043ac8768fdbb5c152051a900aef50d9148e","first_seen":"2023-07-29T20:38:50Z","last_seen":"2024-08-21T09:39:00.555769Z","times_seen":154,"resource_available":false,"data":null}},"time_used":240,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":234,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-11","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.whatsapp.com/img/v4/whatsapp-logo.svg","fqdn":"www.whatsapp.com","domain":"whatsapp.com","tld":"com"},"ip":{"addr":"31.13.72.52","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://whatsappxirkqu1.klik-disini.my.id/chat/","date":"2023-11-27T12:28:06.441Z","timestamp":1701088086441,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.whatsapp.net","organization":"Meta Platforms, Inc."},"issuer":{"commonName":"DigiCert SHA2 High Assurance Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Sep 2023 00:00:00 GMT","end":"Mon, 04 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"E7:FE:9C:97:3A:66:15:93:32:2F:44:03:2B:E8:EE:A5:E6:6C:1F:20","sha256":"77:F2:7C:E8:08:9D:3E:6A:57:E4:FB:21:13:35:B0:62:E1:6F:7B:27:42:03:60:ED:93:C0:47:A2:FA:98:AF:7F"}}},"request":{"raw":"GET /img/v4/whatsapp-logo.svg HTTP/1.1\r\nHost: www.whatsapp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://whatsappxirkqu1.klik-disini.my.id/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 400 Bad Request\r\ncontent-encoding: br\r\nreporting-endpoints: \r\ncross-origin-opener-policy: same-origin-allow-popups\r\nvary: Sec-Fetch-Site, Sec-Fetch-Mode, Accept-Encoding\r\nstrict-transport-security: max-age=31536000; preload; includeSubDomains\r\ncontent-type: text/html; charset=\"utf-8\"\r\nx-fb-debug: L+gzqAflHMojVyX+GZLnJfg3ynQBrD5/WWYrRyW30Bfk10lS4N6JkGtZDtRNwjZNTzNJ0wpxeQT3hMrZxuXbAw==\r\ncontent-length: 2460\r\nproxy-status: http_request_error; e_clientaddr=\"AcIjS-vhZ0JqUlZGs4MHh2jfkc555uwApWG6wBeF77L7Aqx6TPl-4rn_vVE3DlQ4MQAwf3mhsPh4dOsBpqjDLo_doyEB6h973wu65ZsOdAnSG4EL_A\"; e_fb_vipport=\"AcKwFYlMr5cMBx9hHSkYsYg3gMBFVMuAXapX0OYAoSgEviRMfQkq-KS4y2j-\"; e_upip=\"AcK7GDacnDidPR4oVl4ju1E5vABEhsJZDKVh321UUK2nHiJdxkbmdWGs15YRiI4u_hbSoyU-sVZRecV5cqtGV46ytVp1rLm7ox8\"; e_fb_hostheader=\"AcKfBzO0GPzCQ2ZEgU7L07G_Eu0jNJCp9jh2dd8V_t5uQgzWMx9XNEkvbKlGptkQIv_yxEjoVQtPgA\"; e_fb_vipaddr=\"AcKYKGc9Hqv-HPmPSlHRXQ-CkhZbbgT_GFfe1l47ApSusx-KKucXcg2pswHQLpqSfp4oDVJwlASyzxrOVm1_Bq_OTDQmWcA2Hw\"; e_fb_requesthandler=\"AcIudzVou9731vorJiiYegoZlq04d92sANXI2o5hQ6h1JVFU9tesJAhqNQoHcR4sWFAk7W9N_Dc\"; e_fb_builduser=\"AcLj23N-A0N5kkAMn5f_MBSSyRgjCEKEHHqX_DQNcl9ziRP9au0StLCLnIeae-x5BH4\"; e_fb_binaryversion=\"AcL0wBxajhiROr6cnkJH9wa9u-j94oSqKcID54xFsLTeROu99S322udXk0G-A3___NE0e03xm2iKmwAD2Bcpjoc_w1bsZCN8Us8\"; e_proxy=\"AcIGI_XqixOzyoMhdj9kCQKHcTBVvodPjVrLY_x1PRGOmgC3GPQgQjkoT3MH_6p_o5lemvyYSkN05AzhAfeB\", http_request_error; e_clientaddr=\"AcJlGgmTHfc_TMoZAV_12RmNbNXPm4wv3zMlC8cQv_oGYrJr2VvBpFGkNSKwokf9BJ9d8NPsfwlwLx_3\"; e_fb_vipport=\"AcIGElP_c88yiDbJMRvKekKwrxTAs0PEcHUuceJ5i5MQBfnLovPbg-2mD7bC\"; e_upip=\"AcJb-BeftA6LuM17oi4wez0pYqxn7UhEJNxnnb9Gg-H5X7o6POVvvWMLrA8QKIp8K7IsryFT7leR0qaCwJzs6inIwBKkilgoUA\"; e_fb_hostheader=\"AcIDOPbLO45yjtOUoMZyi6zmEEUfaxLC2IMeS5641a-4t4acPs79phtUE6VNGCbGWVwraOD52kJlqA\"; e_fb_vipaddr=\"AcJcwEuISNCqaQsRUwJnO1LNh7VDH6M8PF6_55ub5ThAAbffsqRkuY5FpUJFisxCGA5w2pw\"; e_fb_requesthandler=\"AcKCOt1NcRqgLBC8OY51aEdexI_W7qwAXvmEO6uaUTVsPzuIPJixY0rEBdmoIYrUIat_P8gc-wJQXdMD\"; e_fb_builduser=\"AcIYzs7qlwvfr_KMLBsjSDstYXCQkBhfYWLiLI-XzZIIbYKMqgXGFbGxV6oCHk4QLJM\"; e_fb_binaryversion=\"AcL-aV-gOTp-hSzlZbE7gDKO33VGs65crmLSbuhEqji2bJCpsBpYsbafyfj1IWg9L49qzztZUA6Crhnjqj7hKE2d6UXymM8gRwE\"; e_proxy=\"AcLYt_Odty-rot9y1Fsr0rg2P5JkA75rV83PvkktRdxs8A4fg-QkJJ-Fk4AnX3Suc8xxsylvanWtr4Bm\"\r\ndate: Mon, 27 Nov 2023 12:28:02 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":null,"data":{"size":2460,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text, with very long lines (2793)","md5":"f1ac791356b3b6a884f9d3341fabe1da","sha1":"85c8d6a72ce89e3254dea435474c3ee04d0c8cbd","sha256":"87d28f909a65f055c786a96751a9e3467ff378c56f9d38f5cffcfdaf0d724f1d","sha512":"c1c93722219b2b2240659c9a9a3b29f082f81f20a9bc3116deb48f8eee056e8e1082f5cf02e3de88b77ef1f28ac6aff8a31f46a9a48cab0bf1cf83a919997331","ssdeep":"192:WT+T1TD+65JRczpANatak7LqY4PdgJix8fVIpcKEVKKEiFg+C8K:8UatakfqYZJix8IctVKtogB","tlshash":"1ad1a90b0351939aba4d113cb999268cb5a0e5cbe4b4f1e4bb1f1011ebdd4e4aa4d7fc","first_seen":"2023-04-07T09:02:43Z","last_seen":"2024-08-21T09:42:13.342026Z","times_seen":820,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":43,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"http","addr":"ocsp.trust-provider.cn/","fqdn":"ocsp.trust-provider.cn","domain":"trust-provider.cn","tld":"cn"},"ip":{"addr":"117.27.246.96","port":0,"asn":133774,"as":"Fuzhou","country":"China","country_code":"CN"},"is_navigation_request":false,"resource_type":"","requested_by":"","date":"2023-11-27T12:28:08.019333225Z","timestamp":1701088088019,"http_version":"","security_state":"","security_info":null,"request":{"raw":"POST / HTTP/1.1\r\nHost: ocsp.trust-provider.cn\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate\r\nContent-Type: application/ocsp-request\r\nContent-Length: 84\r\nConnection: keep-alive\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":""},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: volc-dcdn\r\nContent-Type: application/ocsp-response\r\nContent-Length: 600\r\nConnection: keep-alive\r\nDate: Mon, 27 Nov 2023 12:28:04 GMT\r\nAccept-Ranges: bytes\r\nAge: 1\r\nCF-Cache-Status: EXPIRED\r\nCF-RAY: 82b55d6a7cd504e8-HKG\r\nETag: \"6660c6d2c489950f51c77ad228b8a40f140632af\"\r\nExpires: Fri, 01 Dec 2023 22:57:17 GMT\r\nLast-Modified: Fri, 24 Nov 2023 22:57:18 GMT\r\nWS-Cache-Status: 0\r\nX-CCACDN-Proxy-ID: mcdpinlb4\r\nX-Frame-Options: SAMEORIGIN\r\nX-Via: 1.1 dianxun180:0 (Cdn Cache Server V2.0), 1.1 yangwangtong26:11 (Cdn Cache Server V2.0), 1.1 VM-JJN-01kXQ81:11 (Cdn Cache Server V2.0)\r\nX-Ws-Request-Id: 65648b54_VM-JJN-01ug579_7379-8303\r\nvia: n172-013-216.fzmp.ToB\r\nx-request-ip: 91.90.42.154\r\nx-tt-trace-tag: id=5\r\nx-dsa-trace-id: 1701088084c39cafb381beb285d202ddd720c84eb2\r\nX-Dsa-Origin-Status: 200\r\nserver-timing: cdn-cache;desc=MISS, origin;dur=10, edge;dur=0\r\n","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":600,"size_decoded":0,"mime_type":"application/octet-stream","magic":"data","md5":"c410017f2f7f87e24878e470060fe480","sha1":"6660c6d2c489950f51c77ad228b8a40f140632af","sha256":"5eed772a1cba07c94f0807e7ca0a673481d134d21b27a24f6764fa5d16e3aad2","sha512":"227aff48404f52adcd4b72f6b4550f7a4de8922e950bbccb946d1f4565b200bfe96a4b884f38295ca4c7549bbeea6259f77ee34a0f785fe27b2cb6186557028e","ssdeep":"","tlshash":"64f0417f2f2579890387c9672b705f70a1858890ed50ac0d6c2f7e22388372b1336828","first_seen":"2023-11-25T18:06:45Z","last_seen":"2023-11-28T02:12:47Z","times_seen":9,"resource_available":false,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"z-p3-static.xx.fbcdn.net/rsrc.php/yz/r/lOol7j-zq4u.svg","fqdn":"z-p3-static.xx.fbcdn.net","domain":"fbcdn.net","tld":"net"},"ip":{"addr":"31.13.72.54","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://whatsappxirkqu1.klik-disini.my.id/chat/","date":"2023-11-27T12:28:08.018Z","timestamp":1701088088018,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.facebook.com","organization":"Meta Platforms, Inc."},"issuer":{"commonName":"DigiCert SHA2 High Assurance Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Sep 2023 00:00:00 GMT","end":"Mon, 04 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"9E:7B:C9:BE:FF:91:63:EE:46:C8:86:7B:69:0A:FD:00:26:0B:F8:F2","sha256":"8F:8D:F3:4E:C8:3C:B7:C6:1D:0D:D4:CF:EE:85:B6:6A:F7:8E:69:0D:11:23:83:60:E3:42:FA:81:97:DB:CF:05"}}},"request":{"raw":"GET /rsrc.php/yz/r/lOol7j-zq4u.svg HTTP/1.1\r\nHost: z-p3-static.xx.fbcdn.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://whatsappxirkqu1.klik-disini.my.id/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\naccess-control-allow-origin: *\r\nlast-modified: Mon, 01 Jan 2001 08:00:00 GMT\r\nexpires: Sun, 24 Nov 2024 10:18:49 GMT\r\ncache-control: public,max-age=31536000,immutable\r\ntiming-allow-origin: *\r\ndocument-policy: force-load-at-top\r\npermissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nreporting-endpoints: \r\nx-fb-optimizer: 0\r\ncontent-md5: vQiA34i6I9zhuN5oMyk4pQ==\r\nx-fb-debug: +cf595D70Y3J1/OmLlxJNW719D14AvPvkDVMFBXFcnfbhkw4J6OZm9gLbyVP9Zq1k7sbrU8+JqtxeqNkRXPNRg==\r\ncontent-length: 1145\r\ndate: Mon, 27 Nov 2023 12:28:04 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1145,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (2647)","md5":"6b3ee5e3877cc19d1154cbe98eea6f66","sha1":"56d4b7556cebad6129ebb61a980d5964be476b4a","sha256":"533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2","sha512":"b7f80f17eaa3f33a16a6a1accdb1c6125dca281e639092a077d18c2ae471044c5beefea41420e95a7c0882a72effe2c22f7a2ce29fbb1c2a3649fd91cd6c0713","ssdeep":"","tlshash":"6351b8e8d15ca56fe049c77cefa69485684b30be70c34b9fc494539a80869c77708a35","first_seen":"2023-04-30T21:42:38Z","last_seen":"2025-12-03T01:41:48.843584Z","times_seen":1986,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":0,"dns":0,"connect":8,"send":0,"wait":10,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"whatsappxirkqu1.klik-disini.my.id/img/v4/icon-chat.png","fqdn":"whatsappxirkqu1.klik-disini.my.id","domain":"klik-disini.my.id","tld":"my.id"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://whatsappxirkqu1.klik-disini.my.id/chat/","date":"2023-11-27T12:28:06.286Z","timestamp":1701088086286,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"klik-disini.my.id","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 01 Oct 2023 09:01:33 GMT","end":"Sat, 30 Dec 2023 09:01:32 GMT"},"fingerprint":{"sha1":"C1:9E:E5:4E:BB:58:B5:24:1E:88:A8:53:AD:DC:DF:8D:73:42:A6:D5","sha256":"45:AF:5D:F3:30:85:D5:8E:61:94:04:32:F3:2C:0A:A0:FF:F9:3A:3D:A6:FC:BA:E8:E0:A5:F3:6C:36:96:C6:75"}}},"request":{"raw":"GET /img/v4/icon-chat.png HTTP/1.1\r\nHost: whatsappxirkqu1.klik-disini.my.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://whatsappxirkqu1.klik-disini.my.id/chat/css/style.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nTE: trailers\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Mon, 27 Nov 2023 12:28:03 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\ncache-control: max-age=14400\r\ncf-cache-status: EXPIRED\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=UTOMdHTtfMwVffF%2B4iLEZc4ezpkjEsQe7W80kYcouQPDTWrT8LQbWxNtZaN53YHTLHBs0Z2akK%2FculV7ArijrBCWxm0FQ%2BHhI6GF7eh55GT5UXPxWPBc9YRZvqJnsG4WF2mAgrA%2BecmieCzuIIJ1URI0YyQ%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nvary: Accept-Encoding\r\nserver: cloudflare\r\ncf-ray: 82ca5e647b6ab4f1-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":null,"data":{"size":687,"size_decoded":0,"mime_type":"text/html; charset=iso-8859-1","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document, ASCII text","md5":"a34ac19f4afae63adc5d2f7bc970c07f","sha1":"a82190fc530c265aa40a045c21770d967f4767b8","sha256":"d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3","sha512":"42e53d96e5961e95b7a984d9c9778a1d3bd8ee0c87b8b3b515fa31f67c2d073c8565afc2f4b962c43668c4efa1e478da9bb0ecffa79479c7e880731bc4c55765","ssdeep":"","tlshash":"b0e0e75f41473347402252907dc110d1d505236b797161fd3d85b4ab501dc3dc99f7dc","first_seen":"2023-03-07T01:02:33Z","last_seen":"2026-05-08T12:13:43.01317Z","times_seen":145138,"resource_available":true,"data":null}},"time_used":529,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":529,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-11","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"z-p3-static.xx.fbcdn.net/rsrc.php/yz/r/lOol7j-zq4u.svg","fqdn":"z-p3-static.xx.fbcdn.net","domain":"fbcdn.net","tld":"net"},"ip":{"addr":"31.13.72.54","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://whatsappxirkqu1.klik-disini.my.id/chat/","date":"2023-11-27T12:28:08.018Z","timestamp":1701088088018,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.facebook.com","organization":"Meta Platforms, Inc."},"issuer":{"commonName":"DigiCert SHA2 High Assurance Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Sep 2023 00:00:00 GMT","end":"Mon, 04 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"9E:7B:C9:BE:FF:91:63:EE:46:C8:86:7B:69:0A:FD:00:26:0B:F8:F2","sha256":"8F:8D:F3:4E:C8:3C:B7:C6:1D:0D:D4:CF:EE:85:B6:6A:F7:8E:69:0D:11:23:83:60:E3:42:FA:81:97:DB:CF:05"}}},"request":{"raw":"GET /rsrc.php/yz/r/lOol7j-zq4u.svg HTTP/1.1\r\nHost: z-p3-static.xx.fbcdn.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://whatsappxirkqu1.klik-disini.my.id/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nvary: Accept-Encoding\r\ncontent-encoding: br\r\ncontent-type: image/svg+xml\r\naccess-control-allow-origin: *\r\nlast-modified: Mon, 01 Jan 2001 08:00:00 GMT\r\nexpires: Sun, 24 Nov 2024 10:18:49 GMT\r\ncache-control: public,max-age=31536000,immutable\r\ntiming-allow-origin: *\r\ndocument-policy: force-load-at-top\r\npermissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nreporting-endpoints: \r\nx-fb-optimizer: 0\r\ncontent-md5: vQiA34i6I9zhuN5oMyk4pQ==\r\nx-fb-debug: +cf595D70Y3J1/OmLlxJNW719D14AvPvkDVMFBXFcnfbhkw4J6OZm9gLbyVP9Zq1k7sbrU8+JqtxeqNkRXPNRg==\r\ncontent-length: 1145\r\ndate: Mon, 27 Nov 2023 12:28:04 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":1145,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image\\012- , ASCII text, with very long lines (2647)","md5":"6b3ee5e3877cc19d1154cbe98eea6f66","sha1":"56d4b7556cebad6129ebb61a980d5964be476b4a","sha256":"533ef6670e3d9c0e44718d0afa43f2edda11b58586e9da4e8f621145cf84d4d2","sha512":"b7f80f17eaa3f33a16a6a1accdb1c6125dca281e639092a077d18c2ae471044c5beefea41420e95a7c0882a72effe2c22f7a2ce29fbb1c2a3649fd91cd6c0713","ssdeep":"","tlshash":"6351b8e8d15ca56fe049c77cefa69485684b30be70c34b9fc494539a80869c77708a35","first_seen":"2023-04-30T21:42:38Z","last_seen":"2025-12-03T01:41:48.843584Z","times_seen":1986,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":0,"dns":0,"connect":8,"send":0,"wait":10,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"na.apps.amsoveasea.com/swoole/?actid=2020\u0026r=index/getCountry\u0026_only_service_response_=1","fqdn":"na.apps.amsoveasea.com","domain":"amsoveasea.com","tld":"com"},"ip":{"addr":"129.226.2.89","port":443,"asn":132203,"as":"Tencent Building, Kejizhongyi Avenue","country":"Singapore","country_code":"SG"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://whatsappxirkqu1.klik-disini.my.id/chat/","date":"2023-11-27T12:28:06.331Z","timestamp":1701088086331,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"na.apps.amsoveasea.com","organization":""},"issuer":{"commonName":"TrustAsia RSA DV TLS CA G2","organization":"TrustAsia Technologies, Inc."},"validity":{"start":"Sun, 23 Apr 2023 00:00:00 GMT","end":"Wed, 22 May 2024 23:59:59 GMT"},"fingerprint":{"sha1":"A1:C8:27:B5:06:21:F0:D9:56:0E:8A:07:87:B3:F9:02:A2:7A:9A:6C","sha256":"48:34:DB:A7:97:80:38:6D:91:FF:69:71:3A:59:06:10:76:7C:58:E4:6B:D2:F6:E9:D7:DB:30:72:84:2D:AE:D0"}}},"request":{"raw":"GET /swoole/?actid=2020\u0026r=index/getCountry\u0026_only_service_response_=1 HTTP/1.1\r\nHost: na.apps.amsoveasea.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: application/json, text/javascript, */*; q=0.01\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://whatsappxirkqu1.klik-disini.my.id\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://whatsappxirkqu1.klik-disini.my.id/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Mon, 27 Nov 2023 12:28:04 GMT\r\ncontent-type: text/html\r\ncontent-length: 55\r\nserver: nginx\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":55,"size_decoded":0,"mime_type":"text/html","magic":"JSON data\\012- , ASCII text, with no line terminators","md5":"6f805925944ef9fa79bd0a02e00e2e99","sha1":"ceb834e8fd10d2f4c8f2b1e6d8800b9e845834df","sha256":"3ef013039e6df373c7ef0730658c403527318c307c67145ac08c728492392800","sha512":"ba60076e291e81c9f43d0d755a461242468502102efa19654333ad0feb8ea26a16e4e5ee6cdbc474f55b07e26342584bd875ae21b9734b2c9077833e00183540","ssdeep":"","tlshash":"0480043500504714dc50c14dd507131153d54105c3070044c5c03715c5107fc1140031","first_seen":"2023-04-10T08:30:32Z","last_seen":"2026-05-08T11:10:13.474332Z","times_seen":4027,"resource_available":false,"data":null}},"time_used":3654,"timings":{"blocked":1688,"dns":298,"connect":525,"send":0,"wait":278,"receive":0,"ssl":863},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"whatsappxirkqu1.klik-disini.my.id/chat","fqdn":"whatsappxirkqu1.klik-disini.my.id","domain":"klik-disini.my.id","tld":"my.id"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-27T12:28:04.839Z","timestamp":1701088084839,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"klik-disini.my.id","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 01 Oct 2023 09:01:33 GMT","end":"Sat, 30 Dec 2023 09:01:32 GMT"},"fingerprint":{"sha1":"C1:9E:E5:4E:BB:58:B5:24:1E:88:A8:53:AD:DC:DF:8D:73:42:A6:D5","sha256":"45:AF:5D:F3:30:85:D5:8E:61:94:04:32:F3:2C:0A:A0:FF:F9:3A:3D:A6:FC:BA:E8:E0:A5:F3:6C:36:96:C6:75"}}},"request":{"raw":"GET /chat HTTP/1.1\r\nHost: whatsappxirkqu1.klik-disini.my.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 301 Moved Permanently\r\ndate: Mon, 27 Nov 2023 12:28:01 GMT\r\ncontent-type: text/html; charset=iso-8859-1\r\nlocation: http://whatsappxirkqu1.klik-disini.my.id/chat/\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=TM%2BN7PeMYhpR6OxNbOm2bDy%2FDy3hFoQwMqRTda1EX7jX5tWc%2BcTscukOMRhmL2YoN5SdEN076FB8Nbk3X6SLOYxzuXxXHLPVhIslv9qqHjj89ry8CdrfDmbqZ86wG79848DvXi1m5Uume89GillCEPCzGAA%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82ca5e5b5edab4f1-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"301","status_text":"Moved Permanently","fingerprints":null,"data":{"size":9909,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T12:53:20.27382Z","times_seen":14838021,"resource_available":true,"data":null}},"time_used":551,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":551,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-11","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"whatsappxirkqu1.klik-disini.my.id/chat/","fqdn":"whatsappxirkqu1.klik-disini.my.id","domain":"klik-disini.my.id","tld":"my.id"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"Colombia","country_code":"CO"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2023-11-27T12:28:05.385Z","timestamp":1701088085385,"http_version":"HTTP/3","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"klik-disini.my.id","organization":""},"issuer":{"commonName":"GTS CA 1P5","organization":"Google Trust Services LLC"},"validity":{"start":"Sun, 01 Oct 2023 09:01:33 GMT","end":"Sat, 30 Dec 2023 09:01:32 GMT"},"fingerprint":{"sha1":"C1:9E:E5:4E:BB:58:B5:24:1E:88:A8:53:AD:DC:DF:8D:73:42:A6:D5","sha256":"45:AF:5D:F3:30:85:D5:8E:61:94:04:32:F3:2C:0A:A0:FF:F9:3A:3D:A6:FC:BA:E8:E0:A5:F3:6C:36:96:C6:75"}}},"request":{"raw":"GET /chat/ HTTP/1.1\r\nHost: whatsappxirkqu1.klik-disini.my.id\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Mon, 27 Nov 2023 12:28:02 GMT\r\ncontent-type: text/html; charset=UTF-8\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"endpoints\":[{\"url\":\"https:\\/\\/a.nel.cloudflare.com\\/report\\/v3?s=g4Jt%2FsUTMpf8iFy0N9mAqHuqu2ozc1%2B6yvhcg1Z%2BP6FWVqlwouw0XflWro2Q2nNn1L8Y2%2FRX5ZckaDW0olW%2BPnr6OBqf%2FL5ER338P0JQsQn9hiBftcNYrfFdc8chutYFHUIBff7e%2F2LrEIK2H07MTasFec4%3D\"}],\"group\":\"cf-nel\",\"max_age\":604800}\r\nnel: {\"success_fraction\":0,\"report_to\":\"cf-nel\",\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 82ca5e5eda37b4f1-OSL\r\ncontent-encoding: br\r\nalt-svc: h3=\":443\"; ma=86400\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":9909,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- HTML document text\\012- exported SGML document text\\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (10750), with no line terminators","md5":"a0794f46d84e69440b9a2d4d6d916fcf","sha1":"932e537d320c172907e0c13ab1a0e052e7a90421","sha256":"7a8daf8cee8a01d7a32d9e9dc146b324622990b73b328b2c70ed72860719e481","sha512":"ad90261adf2225f606b5dc651471f398f694988e37514e53395d2ff7e424e0c10382e8744007634b25fc2aad5b97720bad5dbbfd915af98d882e2b1e327f379f","ssdeep":"96:RGMZjx8UYNqjifwsQ1FhykMmBFKT6y5RrRaRAR1RaRUR5R1RGA:kMZjx8UYNtfwsxkMmBU2yLVGM3GAL3GA","tlshash":"a022642e390c70360a02837d28b164396a5fb84d6d320a11b6fc69cce3d6d68dc63ee5","first_seen":"2023-10-25T13:21:38Z","last_seen":"2023-12-02T02:31:07Z","times_seen":17,"resource_available":false,"data":null}},"time_used":376,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":376,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"openphish","sensor_type":"url","title":"","description":"OpenPhish","scan_date":"2023-11-10","alert":"WhatsApp","trigger":"whatsappxirkqu1.klik-disini.my.id/chat/","verdict":"phishing","severity":"medium","comment":"WhatsApp","link":"https://openphish.com","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www-cdn.whatsapp.net/img/v4/whatsapp-logo.svg?v=46fe27fc8","fqdn":"www-cdn.whatsapp.net","domain":"whatsapp.net","tld":"net"},"ip":{"addr":"31.13.72.52","port":443,"asn":32934,"as":"FACEBOOK","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://whatsappxirkqu1.klik-disini.my.id/chat/","date":"2023-11-27T12:28:06.285Z","timestamp":1701088086285,"http_version":"HTTP/2","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.whatsapp.net","organization":"Meta Platforms, Inc."},"issuer":{"commonName":"DigiCert SHA2 High Assurance Server CA","organization":"DigiCert Inc"},"validity":{"start":"Tue, 05 Sep 2023 00:00:00 GMT","end":"Mon, 04 Dec 2023 23:59:59 GMT"},"fingerprint":{"sha1":"E7:FE:9C:97:3A:66:15:93:32:2F:44:03:2B:E8:EE:A5:E6:6C:1F:20","sha256":"77:F2:7C:E8:08:9D:3E:6A:57:E4:FB:21:13:35:B0:62:E1:6F:7B:27:42:03:60:ED:93:C0:47:A2:FA:98:AF:7F"}}},"request":{"raw":"GET /img/v4/whatsapp-logo.svg?v=46fe27fc8 HTTP/1.1\r\nHost: www-cdn.whatsapp.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://whatsappxirkqu1.klik-disini.my.id/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nlocation: https://www.whatsapp.com/img/v4/whatsapp-logo.svg\r\ncontent-type: text/plain\r\ncontent-length: 0\r\nserver: proxygen-bolt\r\ndate: Mon, 27 Nov 2023 12:28:02 GMT\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-08T12:53:20.27382Z","times_seen":14838021,"resource_available":true,"data":null}},"time_used":291,"timings":{"blocked":140,"dns":92,"connect":7,"send":0,"wait":8,"receive":1,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}