r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8789
Expires: Mon, 14 Nov 2022 03:16:56 GMT
Date: Mon, 14 Nov 2022 00:50:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash b1e969be0f3201087da138cbc8b89f10
d0a27f525f2b242b5dafa157f126c2ba880c8809
f7e5f39372b5adcc30c27e727eee1b19e6d13ed1b54fa1ad67235dc8ee08ac51
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5718
Cache-Control: max-age=126972
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:50:27 GMT
Etag: "6370c779-1d7"
Expires: Tue, 15 Nov 2022 12:06:39 GMT
Last-Modified: Sun, 13 Nov 2022 10:31:21 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 14 Nov 2022 00:44:29 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 358
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10782
Expires: Mon, 14 Nov 2022 03:50:09 GMT
Date: Mon, 14 Nov 2022 00:50:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ykS10y3Mj5u7RK6NrU7LZ46BA15OHQX2vPhpIb1QhXQwpnnh9+XN+vn2jciLEhklHLMQMSoOwcU=
x-amz-request-id: G245MPBC9JQJSFRH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 14 Nov 2022 00:13:38 GMT
age: 2209
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 14 Nov 2022 00:50:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
protechasia.com/
103.58.102.38200 OK 14 kB IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (423), with CRLF, LF line terminators
Hash 5b21cbb954c496a7afce7cded9601f22
08fc0b1e4756431b831e79e74ee6c3ae93c521f5
90c619784426c1ba35fa9e12039c6750adbda3f595c8084e14778e2f5a30e31a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:27 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 14 Nov 2022 00:44:48 GMT
cache-control: public,max-age=3600
age: 339
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
protechasia.com/colors/color1.css
103.58.102.38200 OK 3.7 kB URL HTTP/1.1 protechasia.com/colors/color1.css
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type assembler source text\012- assembler source, ASCII text, with very long lines (833)
Hash c37dd497f07725d2a3ca9c07bf79a200
e1189bbd3c1133dd1ebf216ec6b48451cb8c21dc
fc14e22c72ec72b243906c8f748432b1359bc430a81d8eef08807b63b51b35b3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /colors/color1.css HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:27 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 04:19:27 GMT
Accept-Ranges: bytes
Content-Length: 3694
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
protechasia.com/style-switcher/css/style-switcher.css
103.58.102.38200 OK 2.8 kB URL HTTP/1.1 protechasia.com/style-switcher/css/style-switcher.css
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type ASCII text, with very long lines (342)
Hash 4c13bbc2cfda40ecd456a77363cef4a9
f9aaba0fe135c1b470bab9748afebf0bcbd5eca6
a3d2aa984540225f57e9960b965b5f5087b9cf04fdc5c68201d2c58bb9d0e878
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /style-switcher/css/style-switcher.css HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:27 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 06:40:15 GMT
Accept-Ranges: bytes
Content-Length: 2771
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
protechasia.com/js/jquery-2.0.0.min.js
103.58.102.38200 OK 83 kB URL HTTP/1.1 protechasia.com/js/jquery-2.0.0.min.js
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type ASCII text, with very long lines (32110)
Hash 2edc942c0bd2476be8967a9f788d9e26
0be05c714a7e6cf28fe692629ece5b3769901dca
d482871a5e948cb4884fa0972ea98a81abca057b6bd3f8c995a18c12487e761c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery-2.0.0.min.js HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:27 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 04:27:08 GMT
Accept-Ranges: bytes
Content-Length: 83095
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
protechasia.com/plugins/prettyphoto/css/prettyPhoto.css
103.58.102.38200 OK 19 kB URL HTTP/1.1 protechasia.com/plugins/prettyphoto/css/prettyPhoto.css
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type ASCII text, with very long lines (402)
Hash 4e07913e453f49367442f0c31d7e5044
f33bcba7b17188c34c8db583ac828ca5596ad97a
a2d483308f75d3a234ee4c0fd95c26dacf526f92b8c7615f9c258a58b2e76106
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/prettyphoto/css/prettyPhoto.css HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:27 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 06:50:11 GMT
Accept-Ranges: bytes
Content-Length: 18688
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0a9a357f652868f9317812b8103ba15d
95a90c7a07b591dce7f39c6f9ab27974d1a1ed2a
16fd52c7ee6806455e724f30af8d58630a141a8a3823c48c20b5da3a71f066da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4587
Cache-Control: max-age=120771
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:50:28 GMT
Etag: "6370b3ac-1d7"
Expires: Tue, 15 Nov 2022 10:23:19 GMT
Last-Modified: Sun, 13 Nov 2022 09:06:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
protechasia.com/js/modernizr.js
103.58.102.38200 OK 15 kB URL HTTP/1.1 protechasia.com/js/modernizr.js
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type HTML document, ASCII text, with very long lines (14502)
Hash cf6d24b271a128c1564697131d29cd07
281c5937a9c49402bff5ed2d9374578f9dd68801
1acda5dc3f8982d34c308da783d450a9ff4ca79ee6a2b27414bb6a7400ebfd15
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/modernizr.js HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:27 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 04:27:26 GMT
Accept-Ranges: bytes
Content-Length: 15153
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
protechasia.com/plugins/prettyphoto/js/prettyphoto.js
103.58.102.38200 OK 22 kB URL HTTP/1.1 protechasia.com/plugins/prettyphoto/js/prettyphoto.js
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type ASCII text, with very long lines (21798)
Hash 5272a51ec2824cd72c2648348e0333fe
0fac65659b62b50234eef663673229cb5d9d4cc0
320f10572e79a1f0a0149f465bcd0033426ac686973c7f0d793b0603e71ffb71
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/prettyphoto/js/prettyphoto.js HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 15 Apr 2020 03:41:48 GMT
Accept-Ranges: bytes
Content-Length: 22081
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
protechasia.com/plugins/mediaelement/mediaelementplayer.css
103.58.102.38200 OK 22 kB URL HTTP/1.1 protechasia.com/plugins/mediaelement/mediaelementplayer.css
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type ASCII text, with very long lines (303)
Hash 818803ea8cab091d9fcf619db9a6de0b
63ef7698daed46e7046d8555120b415b004d9dc2
edf96e4119e82be33fb840bfcef9e77a16adf6dc89274d64c5234ddc2e013039
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/mediaelement/mediaelementplayer.css HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 06:47:12 GMT
Accept-Ranges: bytes
Content-Length: 21687
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
protechasia.com/css/bootstrap.css
103.58.102.38200 OK 112 kB URL HTTP/1.1 protechasia.com/css/bootstrap.css
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type assembler source, ASCII text
Size 112 kB (111741 bytes)
Hash cbdd95a3711af61e7e07cbd55a4743fb
4fdc292417e5e9c6f96f8130c790c905cfd058a9
fe748f09b7a4fc2a7b3a1d158c7066e4163cb5de72817ba0e05cb3acaf20e255
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/bootstrap.css HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:27 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 04:20:14 GMT
Accept-Ranges: bytes
Content-Length: 111741
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
protechasia.com/js/bootstrap.js
103.58.102.38200 OK 28 kB URL HTTP/1.1 protechasia.com/js/bootstrap.js
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type ASCII text, with very long lines (27674)
Hash 40f62439a6f677b539e363c230671b0f
cf2c16e7bda28bd9681b8730b0bd934f281c3153
0a0d44714c6844b88d225d57c55af1563e8c00272fa2be8ff9fc906602b92166
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/bootstrap.js HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 04:26:46 GMT
Accept-Ranges: bytes
Content-Length: 27908
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OeLUVkvkTZ21hvjF+meE8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NHCjKn5hOWgt43sa3ctr9K0mkSI=
protechasia.com/js/helper-plugins.js
103.58.102.38200 OK 85 kB URL HTTP/1.1 protechasia.com/js/helper-plugins.js
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type Unicode text, UTF-8 text, with very long lines (15714)
Hash 4e749774cffef99db3e7d7019c86dff7
c557daab4977704bd029f0f054dd2ef5f0d9f511
dd8deb7dc63cb34c16c61e899777bf32bc3f82c2f89ccbdab5bc202e9508e77b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/helper-plugins.js HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 04:27:01 GMT
Accept-Ranges: bytes
Content-Length: 85109
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
protechasia.com/js/waypoints.js
103.58.102.38200 OK 8.0 kB URL HTTP/1.1 protechasia.com/js/waypoints.js
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type ASCII text, with very long lines (7808)
Hash b72a7b8d3d65ebc954b5b3103fdff409
c0c0d473a9bc5a9739f8f44158027d34e31bd642
d271120b283f037391dcecfb7e65de5ac6d4feaf3a990ba2a4a2d5289a40333e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/waypoints.js HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 04:27:41 GMT
Accept-Ranges: bytes
Content-Length: 8044
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
protechasia.com/js/init.js
103.58.102.38200 OK 20 kB URL HTTP/1.1 protechasia.com/js/init.js
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
Hash 72f71d19d63acbcbef384cdea09385cf
66b5d8118e176e28f7b81305b1b736967837d1df
c4c353ae0c1905f66f7e08836c3f97c81c076fd77374cfc362f9f6a7675323af
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/init.js HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 04:27:02 GMT
Accept-Ranges: bytes
Content-Length: 20420
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
protechasia.com/css/style.css
103.58.102.38200 OK 64 kB URL HTTP/1.1 protechasia.com/css/style.css
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type assembler source, ASCII text, with very long lines (492)
Hash e1727dfc631707b840e5ddc57d40a894
7f5140b05a719af1b8027ad3671d4c684a545be4
ad35c8c158dd5dd19b800689218af70b561c763e17368f5320061bae83443dee
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/style.css HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 04:20:48 GMT
Accept-Ranges: bytes
Content-Length: 64211
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Volkhov:400italic
142.250.74.10200 OK 268 B URL HTTP/1.1 fonts.googleapis.com/css?family=Volkhov:400italic
IP 142.250.74.10:0
Hash 538567fd4879896060d6747ee288ea7d
9d2916acb9c7b44df144cbc0836566bdb9904613
8302cd32239e8527343e4b40f965b3c4780c552721fedc37cc1165d91620a418
GET /css?family=Volkhov:400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 14 Nov 2022 00:50:28 GMT
Date: Mon, 14 Nov 2022 00:50:28 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Roboto+Condensed:400,700
142.250.74.10200 OK 620 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto+Condensed:400,700
IP 142.250.74.10:0
Hash 74900660ded6c003e699d9605f148add
3b66d24de055890dc9feced4be50b34d4a0e552b
1fb549760cf9910f4d8d854886eed242ee3e9f7aac1ba6de99ca85969e05df4d
GET /css?family=Roboto+Condensed:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 14 Nov 2022 00:50:28 GMT
Date: Mon, 14 Nov 2022 00:50:28 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
fonts.googleapis.com/css?family=Roboto:400,700
142.250.74.10200 OK 592 B URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:400,700
IP 142.250.74.10:0
Hash fb296e9a415e72d4395d2be2dd679085
f23a16fd98073b2bce91d58f06d4467044ed62fc
7683e392c0712d01ceff8e729e6aace131f8acf754873520a8f3749d2473678b
GET /css?family=Roboto:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 14 Nov 2022 00:50:28 GMT
Date: Mon, 14 Nov 2022 00:50:28 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
protechasia.com/plugins/flexslider/js/jquery.flexslider.js
103.58.102.38200 OK 40 kB URL HTTP/1.1 protechasia.com/plugins/flexslider/js/jquery.flexslider.js
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
Hash 4b8e19f3dc3a22572352e6abc41762b3
10bbcc4f3054fc460b4554f67d6b12c1478eb061
026b7d9dec37d7235d687d1d5d55e14c840ebcda96d536a4cb42821e51aa831d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/flexslider/js/jquery.flexslider.js HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 06:44:34 GMT
Accept-Ranges: bytes
Content-Length: 40487
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
protechasia.com/plugins/countdown/js/jquery.countdown.min.js
103.58.102.38200 OK 4.8 kB URL HTTP/1.1 protechasia.com/plugins/countdown/js/jquery.countdown.min.js
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
Hash 4a3c06bd1010abc9fa6ee6d1e7a9e765
05021dd935d1ecae373282dfd42cce8e5af61c18
324658eefd5787f1ab915e28f13570706945da4d3007b8eb74a6469624c24026
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/countdown/js/jquery.countdown.min.js HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 06:43:50 GMT
Accept-Ranges: bytes
Content-Length: 4818
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
protechasia.com/style-switcher/js/jquery_cookie.js
103.58.102.38200 OK 4.4 kB URL HTTP/1.1 protechasia.com/style-switcher/js/jquery_cookie.js
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
Hash 55b1628285ccd6efd528973502a66c4c
f3a5e396fccc0a96afd032e129dd39d7e84e096f
ef4ab692ee92e8a823c1c0437489f9b485e1277c8b92eb6bea97b868f85aa4f5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /style-switcher/js/jquery_cookie.js HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 06:40:42 GMT
Accept-Ranges: bytes
Content-Length: 4356
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
protechasia.com/plugins/mediaelement/mediaelement-and-player.min.js
103.58.102.38200 OK 72 kB URL HTTP/1.1 protechasia.com/plugins/mediaelement/mediaelement-and-player.min.js
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type HTML document, ASCII text, with very long lines (660)
Hash 3d0dc06857315eac8a0a0aed20d584e8
b0344ce9c7f430becf242c545c72a20c999f0452
3aa06e71d7c496ee9969dac950661680947176649403cb5f232effca8936c489
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /plugins/mediaelement/mediaelement-and-player.min.js HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 06:47:10 GMT
Accept-Ranges: bytes
Content-Length: 71501
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
protechasia.com/style-switcher/js/script.js
103.58.102.38200 OK 4.0 kB URL HTTP/1.1 protechasia.com/style-switcher/js/script.js
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
Hash 8f43d5e4c58273bc638c9498bde3f5ba
d37ebdba509fa97cdc4c8a8cf6c459cb468f217a
9d917f8b026f1c635d6a1838b5d308b6da821b754d171f1677aa853cae5e5961
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /style-switcher/js/script.js HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 06:40:44 GMT
Accept-Ranges: bytes
Content-Length: 3963
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
protechasia.com/images/giving.jpg
103.58.102.38404 Not Found 315 B URL HTTP/1.1 protechasia.com/images/giving.jpg
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /images/giving.jpg HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
protechasia.com/css/animations.css
103.58.102.38200 OK 28 kB URL HTTP/1.1 protechasia.com/css/animations.css
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type ASCII text, with very long lines (460)
Hash f0ba34586dd51597fa8cf260d3ada2d6
bffab034ad5a3e8e06d6a15406d21602cb9113ad
fe1fe98bf4992245660e1b9747dbf026144e23d39edd9a6b78d4aeea667d4d47
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/animations.css HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/css/style.css
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 04:20:13 GMT
Accept-Ranges: bytes
Content-Length: 28286
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
protechasia.com/css/font-awesome.css
103.58.102.38200 OK 24 kB URL HTTP/1.1 protechasia.com/css/font-awesome.css
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type ASCII text, with very long lines (23583)
Hash 100467576347c97309f3973a5906d1a4
524b50a6a4ae0ec5b473a52da065a7aa85f1362e
ed45b7106ddd028f6b2c2cd62d6f8fc28d8a7aefaf84c32bcdbe1b1be0891006
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/font-awesome.css HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/css/style.css
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 04:20:21 GMT
Accept-Ranges: bytes
Content-Length: 23745
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://protechasia.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15744
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 09 Nov 2022 20:16:46 GMT
Expires: Thu, 09 Nov 2023 20:16:46 GMT
Cache-Control: public, max-age=31536000
Age: 362022
Last-Modified: Wed, 11 May 2022 19:24:48 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15700, version 1.0\012- data
Hash 3d7f7413fca69bff4d231ebdc50aaab0
cb18e7943b6a8a0e3672d7242197c19a226b92e8
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
GET /s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://protechasia.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15700
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 09 Nov 2022 02:53:21 GMT
Expires: Thu, 09 Nov 2023 02:53:21 GMT
Cache-Control: public, max-age=31536000
Age: 424628
Last-Modified: Tue, 19 Apr 2022 18:51:55 GMT
Content-Type: font/woff2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 25e43ddf8623077222fd85e2e27997c5
1b92bc7e8cf6be84f02f75981a428b877fd152ac
4d91ca4a4207493951f048d0b97f9a277548b107c63ec408c340dec364808116
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1541
Cache-Control: max-age=123521
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:50:29 GMT
Etag: "6370ca51-1d7"
Expires: Tue, 15 Nov 2022 11:09:10 GMT
Last-Modified: Sun, 13 Nov 2022 10:43:29 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15660, version 1.0\012- data
Hash d7b0b953a50fddaa88089b5b787cf719
2f85bc568b27659a3d6452f58f9fd7678450326d
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
GET /s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://protechasia.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15660
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 08 Nov 2022 01:27:53 GMT
Expires: Wed, 08 Nov 2023 01:27:53 GMT
Cache-Control: public, max-age=31536000
Age: 516156
Last-Modified: Tue, 19 Apr 2022 18:42:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://protechasia.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 09 Nov 2022 20:16:46 GMT
Expires: Thu, 09 Nov 2023 20:16:46 GMT
Cache-Control: public, max-age=31536000
Age: 362023
Last-Modified: Wed, 11 May 2022 19:24:42 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/volkhov/v17/SlGSmQieoJcKemNecTA0h1R3.woff2
216.58.207.195200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/volkhov/v17/SlGSmQieoJcKemNecTA0h1R3.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 22768, version 1.0\012- data
Hash 20832a0590b6ec3679ec13e9574180c2
103db6099dc6db1689a135b6ebb2fb662df57316
95056cde8fc60350eece66c30a6b3926915d469ad7f55ab883d8d3ca033f0f39
GET /s/volkhov/v17/SlGSmQieoJcKemNecTA0h1R3.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://protechasia.com
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 22768
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 09 Nov 2022 20:17:12 GMT
Expires: Thu, 09 Nov 2023 20:17:12 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Wed, 27 Apr 2022 16:11:47 GMT
Content-Type: font/woff2
Age: 361997
protechasia.com/images/gallery.jpg
103.58.102.38404 Not Found 315 B URL HTTP/1.1 protechasia.com/images/gallery.jpg
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /images/gallery.jpg HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
protechasia.com/uploads/workshop_25.jpeg
103.58.102.38404 Not Found 315 B URL HTTP/1.1 protechasia.com/uploads/workshop_25.jpeg
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/workshop_25.jpeg HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 00:50:29 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
protechasia.com/uploads/workshop_26.jpeg
103.58.102.38404 Not Found 315 B URL HTTP/1.1 protechasia.com/uploads/workshop_26.jpeg
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/workshop_26.jpeg HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 00:50:29 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
protechasia.com/uploads/workshop_27.jpeg
103.58.102.38404 Not Found 315 B URL HTTP/1.1 protechasia.com/uploads/workshop_27.jpeg
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/workshop_27.jpeg HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 00:50:28 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 25e43ddf8623077222fd85e2e27997c5
1b92bc7e8cf6be84f02f75981a428b877fd152ac
4d91ca4a4207493951f048d0b97f9a277548b107c63ec408c340dec364808116
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1541
Cache-Control: max-age=123521
Content-Type: application/ocsp-response
Date: Mon, 14 Nov 2022 00:50:29 GMT
Etag: "6370ca51-1d7"
Expires: Tue, 15 Nov 2022 11:09:10 GMT
Last-Modified: Sun, 13 Nov 2022 10:43:29 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/w2PEQfSDEAr.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.4 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y9/l/0,cross/w2PEQfSDEAr.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4431)
Hash be7e67ac088f5113bd59b28dd91b7992
0eceb436d39c09350f853eecad0a8a114d0cd543
232466ffad41e5a7b0a9f6ea978097f466436f672023a8aa81b639844facf751
GET /rsrc.php/v3/y9/l/0,cross/w2PEQfSDEAr.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 18:12:15 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: vn5nrAiPURO9WbKN2Rt5kg==
x-fb-debug: Ch6PCEFIGMnN6Pr/QIfDoVjsYnn9sFVhwz31XRtXHenOGR+jhRSYXhW+6DKQGfK86aKq3nmIqN6BZqEJNN0GlA==
priority: u=3,i
content-length: 5435
x-fb-trip-id: 1904183273
date: Mon, 14 Nov 2022 00:50:29 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
protechasia.com/images/giving.jpg
103.58.102.38404 Not Found 315 B URL HTTP/1.1 protechasia.com/images/giving.jpg
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /images/giving.jpg HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 00:50:29 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
protechasia.com/images/loader.gif
103.58.102.38200 OK 673 B URL HTTP/1.1 protechasia.com/images/loader.gif
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type GIF image data, version 89a, 16 x 16\012- data
Hash 2a6692973429d7a74513bfa8bcb5be20
f2af060f1cadbc9065c8c465c648dc01be67cc12
1eb9e7880f723999a4ed63eece6a6e4d4976833d3c16dc18b4ace3971728ab0d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /images/loader.gif HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/css/style.css
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:29 GMT
Server: Apache
Last-Modified: Thu, 09 Apr 2020 06:12:58 GMT
Accept-Ranges: bytes
Content-Length: 673
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
protechasia.com/css/fonts/fontawesome-webfonte0a5.woff2?v=4.3.0
103.58.102.38200 OK 57 kB URL HTTP/1.1 protechasia.com/css/fonts/fontawesome-webfonte0a5.woff2?v=4.3.0
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/fonts/fontawesome-webfonte0a5.woff2?v=4.3.0 HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://protechasia.com/css/font-awesome.css
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:29 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 07:43:26 GMT
Accept-Ranges: bytes
Content-Length: 56780
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff2
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash c7612cf7a8a867ba6be2fb94e82ab6f0
f880640a3af306308756cca88f3a05ca211761bb
91853cc6e1fd13669ea2bce28ec6b50374c009e906b5631cc8a3b01aa7a100f8
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 64b492bb245f10a16fc28192fa368f29
ETag: "b64fb00af2e992b24049e5c5f565152f"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Mon, 14 Nov 2022 01:04:32 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: x2Es96ioZ7pr4vuU6Cq28A==
X-FB-Debug: oV07L1rJFaCurYxqvr9nBmF90J+OgbGr/KDoTL0HWoAT9DA51z2WuIv1x99DWSRY4YWVXIh1CYQOqf6CCndQeg==
Priority: u=3,i
X-FB-TRIP-ID: 1904183273
Date: Mon, 14 Nov 2022 00:50:29 GMT
Alt-Svc: h3=":443"; ma=86400
Connection: keep-alive
Content-Length: 1688
connect.facebook.net/en_US/sdk.js?hash=61b716c3978db1f8fd049761634ba37d
31.13.72.12200 OK 88 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js?hash=61b716c3978db1f8fd049761634ba37d
IP 31.13.72.12:0
File type ASCII text, with very long lines (18530)
Hash 8513a481a5267c0b08fdc5a0f16439d7
161859c5cbacbed94002a4de45af7ad40e6b1e38
34baf123677072eb7d4dee49272318461bca296e1d33a71b7bc32b7510e5bca6
GET /en_US/sdk.js?hash=61b716c3978db1f8fd049761634ba37d HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://protechasia.com
Connection: keep-alive
Referer: http://protechasia.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: d1f0485c31f64d9e278976354966a05e
etag: "66bd48613aa213a49e72c39d82b341a7"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Mon, 13 Nov 2023 23:12:10 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: hROkgaUmfAsI/cWg8WQ51w==
x-fb-debug: nAW+v8l6/kVpU3Uu80k4JwRMNwnv4rzLj46DldWo5vm6NmB6JEwXkvr1LlozVFIPYEaVch3CUxuiYJDarQ5n0Q==
content-length: 88352
x-fb-trip-id: 1904183273
date: Mon, 14 Nov 2022 00:50:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
protechasia.com/favicon.ico
103.58.102.38404 Not Found 315 B URL HTTP/1.1 protechasia.com/favicon.ico
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 404 Not Found
Date: Mon, 14 Nov 2022 00:50:29 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8854
Expires: Mon, 14 Nov 2022 03:18:03 GMT
Date: Mon, 14 Nov 2022 00:50:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8854
Expires: Mon, 14 Nov 2022 03:18:03 GMT
Date: Mon, 14 Nov 2022 00:50:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8854
Expires: Mon, 14 Nov 2022 03:18:03 GMT
Date: Mon, 14 Nov 2022 00:50:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 929d046b7cbed155022099e982ba0592
18ff58f5b4d98748552d6604bdcba9c57eb8f412
3c70c27c11afeaea96e782a0e7b7ae9c2f3ed35c94673fcd4361cb7406b078a9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C70C27C11AFEAEA96E782A0E7B7AE9C2F3ED35C94673FCD4361CB7406B078A9"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8854
Expires: Mon, 14 Nov 2022 03:18:03 GMT
Date: Mon, 14 Nov 2022 00:50:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0db3498954921b58948ad8a4e7fd49f
6b618c3ff6e589f9e01650bd0a619acb70d8004e
fa3baa9e32e455ab2eeefab0c76714bf0ff5f67a5ccd7c10b3f5c21d8138c5cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5797e726-229b-4f42-9376-00ae67e14407.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6535
x-amzn-requestid: 3333aa65-c0c7-4704-9af1-fb0a49f830fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDtHbhoAMFSsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-51c3e4513240b7e5662b8e6e;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 6dTOcWIKFuo-Thf3zUH_1WY70yFyQkj3w2xPrb6Ntjf8TUFPVG-_lA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:54:01 GMT
age: 10588
etag: "6b618c3ff6e589f9e01650bd0a619acb70d8004e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79bb215a-e89c-4283-a75c-00553c3b1d23.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79bb215a-e89c-4283-a75c-00553c3b1d23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 918075949ca1f968bcd5a4041e4abb04
a2118691872703130115af5c310f54608fd553c6
48d27ae81f2947f110fb02700f13ce07624c209dafc859ebe597bd78a98e5b92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79bb215a-e89c-4283-a75c-00553c3b1d23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6733
x-amzn-requestid: de724003-b580-4376-beb4-f24775ea9967
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjzMlGtJoAMFT8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63716583-2610d36a6f418f1806023957;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:45:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: MD-kF8yO3EDoc7F8JkDdRoAJEAj6R8Bw95Q0Z9a60Du2ROvxad1Hgw==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:53:45 GMT
age: 10604
etag: "a2118691872703130115af5c310f54608fd553c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f1e763f44800e4de06d69a3b2af74da
35afe48832221fe42de30260b9bcb15867109031
5f234c025d1f586b4364d2ef8c2818d3d4d441691444bb885e89f4c150b3d2a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F213417cd-cf64-4d28-ae86-bd6f16cecb3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9322
x-amzn-requestid: 0becd817-a29e-46bf-b9d6-2d18e12f5fe9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyDvE8DoAMFsiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-5b4bf1674c4edf80458cf53f;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dMpz1U6HlmADIQZWvt1WR4D_nqlatl0mYBwg4rI6HDkKFbJCnivOgA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:50:08 GMT
age: 10821
etag: "35afe48832221fe42de30260b9bcb15867109031"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F702f26c8-d862-4990-8495-2cead297cba5.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F702f26c8-d862-4990-8495-2cead297cba5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd7b84df82a13b2ea007322eab69b77
e2803d3c0c7dfe4c052b3159f2d54cc66a379d5d
c38b65bba8ec8817930831c76c09b4dd620c8f5394d87c3b60e1753a0ee0ef60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F702f26c8-d862-4990-8495-2cead297cba5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: 4c6840b8-17b3-425e-9b9f-3a44f6a1f53f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjybyH8hoAMFWCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371644b-18076898244705c50282e0c1;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:40:27 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5hFnfiQW9lh7eMkBGqkHJAkMcokct21U6V7927YNiQTVLdU6Xph1lQ==
via: 1.1 f6fac6150e74e246a088cfa5c1ab6452.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 22:33:59 GMT
age: 8190
etag: "e2803d3c0c7dfe4c052b3159f2d54cc66a379d5d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e7a51c-5de3-477d-928f-95ab858d7616.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e7a51c-5de3-477d-928f-95ab858d7616.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 32cd1a339ce2c05c0d0e57e0d706068f
9d223cfd46c57e901a892dbdb10d9be5a33017b3
a98f05d589d44c9d03e785253c9655f846a283425a84f9282ae96bc3e0487d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e7a51c-5de3-477d-928f-95ab858d7616.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5401
x-amzn-requestid: 45142688-ad31-425c-9391-c7a8c8c74a1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhz-5FKyIAMFYDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637099f8-71be2fa256fd345c5f3436c6;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 07:17:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: InAofPuyHHjnQpW1oK5EwPMe5jOpGLq8HoCVTGRU_157FHD-SBnA2A==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 07:40:47 GMT
age: 61782
etag: "9d223cfd46c57e901a892dbdb10d9be5a33017b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: 4778d1bd-28c3-4665-89da-046e356087f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bjyD1HE-oAMF0QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637163b1-53c7330c5fd36d3c4d9e6aed;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 21:37:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ubqvgLaJlGIxyJC1KBJP4ncx_2ltXS0C5dLGddjtbkt6pJmX84_VAg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 13 Nov 2022 21:54:01 GMT
age: 10588
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
protechasia.com/uploads/slider/slide2.jpg
103.58.102.38200 OK 388 kB URL HTTP/1.1 protechasia.com/uploads/slider/slide2.jpg
IP 103.58.102.38:0
ASN #133800 PT Biznet Gio Nusantara
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=670, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 1280x635, components 3\012- data
Size 388 kB (388249 bytes)
Hash e7ce8384eead4c9c330e97bd87800af7
ea29480f3a4ce95a90b612b6dd09f438bd8ad0d7
2e2092ef0e0981de442069b2be4db4c9d61853c21506a12dd0aa3ccfc85687c0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /uploads/slider/slide2.jpg HTTP/1.1
Host: protechasia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://protechasia.com/
HTTP/1.1 200 OK
Date: Mon, 14 Nov 2022 00:50:29 GMT
Server: Apache
Last-Modified: Wed, 08 Apr 2020 06:33:03 GMT
Accept-Ranges: bytes
Content-Length: 388249
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fcodeprojectsdotorg%2F&tabs=timeline&width=214&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fcodeprojectsdotorg%2F&tabs=timeline&width=214&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId
IP 31.13.72.36:0
GET /plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fcodeprojectsdotorg%2F&tabs=timeline&width=214&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://protechasia.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: tiVVw0kVpKc7M7MOXnWSkvQY/u3+7AfzkxGAb+mJqfg0SAZrhh9afbbTBCxEzKhrfEGFBmkQMAnHEUyinb3n4w==
date: Mon, 14 Nov 2022 00:50:29 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2