r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9773
Expires: Mon, 12 Sep 2022 08:35:01 GMT
Date: Mon, 12 Sep 2022 05:52:08 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 12 Sep 2022 05:08:10 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MrPdu5iEkzoo9lAucB4JIHOtkj5tohUzyQbyD7clubiNPDXkkinXXw==
Age: 2638
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 11 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: i4jiiwIVlzrGU1QMzLCp7ii_xf4MEIH2O8G-5DgFGMOPRYBE_NF-1A==
age: 81296
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mlgass.click
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 5117572
expires: Sat, 02 Sep 2023 05:52:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9i26sQwutzN21UMfZQmikdrlFAVq2PfhZzB6PmJRv7HnCGHe05yhgqzh%2BZi9xqcilnhuGPUPf2CqpKL%2B4etVrC6huJ1CuBoPF%2F8p8KQUfMJGvljAKMPagJGQq2Z6uLt23ykFolF5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749660192c89b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
200 OK 4.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP
File type ASCII text, with very long lines (65348)
Hash eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 1594140
expires: Sat, 02 Sep 2023 05:52:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jAKOR0ckWDHUG9n1Y3PnOs7vAobEzAyPp8iF3pN4nSIIsFvNgW0idqgnuyhyCMxtWn9Fo0MMzYRWN0VZgaQB6TXpICarjzpOsx3RJByut8Fa1Rl4bIH2GEPecO52WzmHM4w34tn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749660193ca3b50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (65326)
Hash 77348602be5574ea01c6e042f63a9b12
1a0d5e8fdf352f8e58351f85152be5d141547e11
57e4cabfd2685370ba747eb1216a753a389200451202efd886758debf0d33a2a
GET /npm/bootstrap@4.5.3/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mlgass.click
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"27288-jtLWNQ0j+FfZKAVzfQ+XxnXeZms"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 12 Sep 2022 05:52:09 GMT
age: 15026881
x-served-by: cache-fra19178-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 23906
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP
Hash 1584885c4fc1dbf3153529f738fda098
c6f3ae1083434f1a496b3be92e85c510437f7aaf
aadfceadc3b7da77e6bd5f7ea06c00418fc1a7bbcdae0aea0aa81baf2bad486d
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:09 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "444693725EA30B08589868C0979E5593ED4609F8"
Expires: Mon, 12 Sep 2022 17:00:00 GMT
Last-Modified: Mon, 12 Sep 2022 05:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1613
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7496601a2d1eb505-OSL
mlgass.click/
200 OK 50 kB IP
ASN #141968 PT Industri Kreatif Digital
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4737)
Hash fb01e1968fede3e5b2d9a5b665d592b1
e55b712df3dbab6ae1ed27095a4770b7abf2e3ca
e55200f0be3e1f41047a2f3f0560b991b9fcab867c8356373b2ae809cdf318f5
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:08 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 437c7ccd2c357dd83d6b9a5118d4b402
e0002389b286a960b454a92aeb3d1a1e08317ff2
9a5b3bdb7765ea21d7147a0c8022198a1be6c8256fa594b53732cf59e86532b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ibb.co/K6gX71h/Capture.png
200 OK 121 kB URL HTTP/2 i.ibb.co/K6gX71h/Capture.png
IP
File type PNG image data, 158 x 259, 8-bit/color RGBA, non-interlaced\012- data
Size 121 kB (120801 bytes)
Hash c6fc9af2ad6cde27f714a725fdd222c5
be01795da5190dd9d883505b8dda2450848f53ff
0a3c7d66a0b3d5e13aaaa02daf7dbe332670e6f047e132f27336f729fd752ac8
GET /K6gX71h/Capture.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/png
content-length: 120801
last-modified: Thu, 18 Mar 2021 18:21:59 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/d3c3FcM4/Valir.jpg
200 OK 37 kB URL HTTP/2 i.postimg.cc/d3c3FcM4/Valir.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 248x408, components 3\012- data
Hash f7275a5fcbe45309b28cf1b9478b9867
fe00691f885ade4086069856308494e89fcb71cf
107f7ccbb2991e724498a2344b6296b816432e29b27be5c3702090dd5e57de7b
GET /d3c3FcM4/Valir.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 36811
last-modified: Sun, 17 Oct 2021 20:01:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
IP
File type ASCII text, with very long lines (65299)
Hash 151629f36761d6fb6d0e0330239884a6
ebb9c30e5565793e2767735f0647bdf26fed4ab5
53c395dd774b12c572c9f1b453f7903c08de32f6958d974bc5db38634a6509d6
GET /npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mlgass.click
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.5.3
x-jsd-version-type: version
etag: W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 12 Sep 2022 05:52:09 GMT
age: 12623394
x-served-by: cache-fra19179-FRA, cache-bma1647-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
content-length: 21785
X-Firefox-Spdy: h2
i.postimg.cc/MGr3FKph/Laylaaa.jpg
200 OK 110 kB URL HTTP/2 i.postimg.cc/MGr3FKph/Laylaaa.jpg
IP
File type JPEG image data, progressive, precision 8, 486x800, components 3\012- data
Size 110 kB (110326 bytes)
Hash ea49da8a836f0d2ebdc520a5d77efdab
785da2684ae1286b29f3ff0d8587b42df2bec61e
411aed626e1a9d80fa36efcd6c827e2730f29885407a04c5de6bc68b062713fd
GET /MGr3FKph/Laylaaa.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 110326
last-modified: Mon, 24 Jan 2022 04:02:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/6Q28NpYw/IMG-20220524-181348.jpg
200 OK 84 kB URL HTTP/2 i.postimg.cc/6Q28NpYw/IMG-20220524-181348.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:24 11:11:37, GPS-Data, width=0], baseline, precision 8, 259x420, components 3\012- data
Hash 2c0b805aac8e851fa50c09d85b17b2e3
831f9ffecc963c91629ac2a9c9c2d693607b8575
981016fe4c87fadcc6272ff88a64ff983111930816aec5cb439f936c1d5287a8
GET /6Q28NpYw/IMG-20220524-181348.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 84260
last-modified: Tue, 24 May 2022 11:24:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/0QVFd91M/IMG-20220524-181304.jpg
200 OK 86 kB URL HTTP/2 i.postimg.cc/0QVFd91M/IMG-20220524-181304.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:24 11:11:51, GPS-Data, width=0], baseline, precision 8, 265x422, components 3\012- data
Hash a8fec8974135dfdfe138a98ed768dd6e
d33c83970e7d1925731fcc597038dc8da0875488
2c83907d79a687a1d8491370042cf5571834d4ce7f71430a2c79d2c889f0bc93
GET /0QVFd91M/IMG-20220524-181304.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 86172
last-modified: Tue, 24 May 2022 11:26:27 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/PJxGBPQQ/IMG-20220524-181326.jpg
200 OK 76 kB URL HTTP/2 i.postimg.cc/PJxGBPQQ/IMG-20220524-181326.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:24 11:11:44, GPS-Data, width=0], baseline, precision 8, 260x422, components 3\012- data
Hash 89e965277b68daee285511ff5bfa4f85
a6d8025e96056cfc40f00d5b34dfc1fb34b90512
3d48acf1c00e69c6ff84a2b69e43fb741f22c7cc573dea1a2b35800899ff9976
GET /PJxGBPQQ/IMG-20220524-181326.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 75839
last-modified: Tue, 24 May 2022 11:25:54 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/W3vX7c5g/IMG-20220513-160904.jpg
200 OK 76 kB URL HTTP/2 i.postimg.cc/W3vX7c5g/IMG-20220513-160904.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2022:05:13 09:08:28, GPS-Data, width=0], baseline, precision 8, 254x416, components 3\012- data
Hash 64c708f0b35767924807decf78122ca3
efe909b3135ad2851b5d8cf43b36d268f387f15c
703d05bb4b445cc412aaa63247360c5f5be317c18ba61a2baaf940ece930e947
GET /W3vX7c5g/IMG-20220513-160904.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 75848
last-modified: Fri, 13 May 2022 12:23:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/Z5BNzfCg/IMG-20220608-WA0006.jpg
200 OK 98 kB URL HTTP/2 i.postimg.cc/Z5BNzfCg/IMG-20220608-WA0006.jpg
IP
File type JPEG image data, progressive, precision 8, 494x800, components 3\012- data
Hash 51caaa55dd8525217118bead91291ff4
c95dde7b518e1f9037d8f39034dce2878d8c416d
af1fd5ff7bbb5b2c0de54966a5ab1363d3388769115967d04ca6de276a1b0ef4
GET /Z5BNzfCg/IMG-20220608-WA0006.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 97968
last-modified: Wed, 08 Jun 2022 06:20:17 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/fyJcLQjr/1650272368820.jpg
200 OK 105 kB URL HTTP/2 i.postimg.cc/fyJcLQjr/1650272368820.jpg
IP
File type JPEG image data, progressive, precision 8, 491x800, components 3\012- data
Size 105 kB (105367 bytes)
Hash 4eb38f8b33c43d8580fc5500ce375e2c
752c363b4545a9888f209f2b812121b5c7fd5117
66bbdb1800220ebc78c9276fde2679387be09a4931f327794269faf4324574f0
GET /fyJcLQjr/1650272368820.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 105367
last-modified: Mon, 18 Apr 2022 09:00:02 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/G2M4RvBJ/Legend-Guin.jpg
200 OK 103 kB URL HTTP/2 i.postimg.cc/G2M4RvBJ/Legend-Guin.jpg
IP
File type JPEG image data, progressive, precision 8, 484x800, components 3\012- data
Size 103 kB (102924 bytes)
Hash f95fb8fbfbabaf772d003cce10c46190
dbb0a7e52d6f499ee371a0a30855f4db57476ab8
7aeb2dfb02d524ecf9f04330334322abd7c878a8dd24c305b91e04408a14f071
GET /G2M4RvBJ/Legend-Guin.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 102924
last-modified: Tue, 26 Apr 2022 05:28:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/bJ8Sbp3c/IMG-20220608-WA0005.jpg
200 OK 108 kB URL HTTP/2 i.postimg.cc/bJ8Sbp3c/IMG-20220608-WA0005.jpg
IP
File type JPEG image data, progressive, precision 8, 494x800, components 3\012- data
Size 108 kB (108322 bytes)
Hash 3751a713af077c0a193ff6b7be6eb98f
6a88f1015175420f4812bc5f7bf64124087615e2
e80b2171f65b2fe668af4196f0afe5df85f8043b04d100c7ca1fe612b1f20ec6
GET /bJ8Sbp3c/IMG-20220608-WA0005.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 108322
last-modified: Wed, 08 Jun 2022 06:20:45 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
mlgass.click/static/css/animate.css
404 Not Found 315 B URL HTTP/1.1 mlgass.click/static/css/animate.css
IP
ASN #141968 PT Industri Kreatif Digital
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /static/css/animate.css HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 05:52:09 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mlgass.click/static/css/imryu.css
200 OK 8.0 kB URL HTTP/1.1 mlgass.click/static/css/imryu.css
IP
ASN #141968 PT Industri Kreatif Digital
File type assembler source, ASCII text
Hash 76e3638ab31368cd7202cebf5ef7d75e
f4a57a257ba1c3e30c6c4c863d6e3fe945b7e831
9a79806faaf5b56306eafaaa46a1d32a0aae3fed51f8567d38f3ed330a74263b
GET /static/css/imryu.css HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:09 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 17:36:23 GMT
Accept-Ranges: bytes
Content-Length: 7952
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
i.postimg.cc/x1P6XcsQ/Zilong.jpg
200 OK 112 kB URL HTTP/2 i.postimg.cc/x1P6XcsQ/Zilong.jpg
IP
File type JPEG image data, progressive, precision 8, 491x800, components 3\012- data
Size 112 kB (112475 bytes)
Hash bc54c820d676775bcd81234f7b751605
8d0ce0766608d6089244ebf577ae69246530a0ac
df66a08721326009f5f5be05e08d0056a38d128217ab1341ce33268451b3d1b5
GET /x1P6XcsQ/Zilong.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 112475
last-modified: Mon, 07 Feb 2022 22:49:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
mlgass.click/static/css/facebook.css
200 OK 3.3 kB URL HTTP/1.1 mlgass.click/static/css/facebook.css
IP
ASN #141968 PT Industri Kreatif Digital
File type ASCII text, with CRLF line terminators
Hash 58dc4225bfbf7130797b0bf8761ee7b8
5461aa46b0e3031ffa5954add9a609ce34160329
087764b9784e72f3f1c765013db0b2c03a94cdb04682e89518df4ab71b38a356
GET /static/css/facebook.css HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:09 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 3296
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mlgass.click/static/css/twitter.css
200 OK 2.0 kB URL HTTP/1.1 mlgass.click/static/css/twitter.css
IP
ASN #141968 PT Industri Kreatif Digital
File type ASCII text, with CRLF line terminators
Hash af05fa8bfe74c37ab77a82eddf03e978
add6a79e073b51c9e3237fb142486c1fd8e3c13a
224c8d9be2339139817630c550b92e803d43fe15516bbe3a9939b6107d48e204
GET /static/css/twitter.css HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:09 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 1956
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
i.postimg.cc/6p5mKm7h/1655721923429.jpg
200 OK 127 kB URL HTTP/2 i.postimg.cc/6p5mKm7h/1655721923429.jpg
IP
File type JPEG image data, progressive, precision 8, 500x800, components 3\012- data
Size 127 kB (127065 bytes)
Hash 021b91e3be1eace2e2618433748bb88d
b8a1ace010d96c063148725ca2f849faa512a5f4
932a81f4a7e27849aa47403afdac2911b6446c102134150433933c970a6c9f51
GET /6p5mKm7h/1655721923429.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 127065
last-modified: Mon, 20 Jun 2022 10:50:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/cCNwZbMj/Hanabiclll.jpg
200 OK 138 kB URL HTTP/2 i.postimg.cc/cCNwZbMj/Hanabiclll.jpg
IP
File type JPEG image data, progressive, precision 8, 505x800, components 3\012- data
Size 138 kB (138084 bytes)
Hash d16c03d4212819b428da0006364ab721
b5513f255eef1da0453048c2602084f08db3ad00
f7073e83bb987c11e76cd66dddd603baca400711405fc259241c46eb63e2421c
GET /cCNwZbMj/Hanabiclll.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 138084
last-modified: Thu, 06 Jan 2022 17:42:03 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7178a43ba987078296946a97fa2fa609
a43fc4248914b2aa86d6148bfb11fdfc3ef1b759
2844d3e684d0474156afffb8f06e99f0f5b37dd8c7234137c2a3891f4dfb587e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-3.5.1.slim.min.js
200 OK 25 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.slim.min.js
IP
File type ASCII text, with very long lines (65245)
Hash 63f8c134408852106835db2f928cf0e0
7ca0035d2a05154f1f93e19793b2298973cc8733
2555d061e6c2337cc0b62e309c8d0464e8f88d6a44dab74246c37cd0154d73a5
GET /jquery-3.5.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mlgass.click
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 05:52:09 GMT
content-encoding: gzip
content-length: 24606
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-11abc"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1662961929.dop212.sk1.t,1662961929.cds259.sk1.hn,1662961929.cds202.sk1.c
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
200 OK 31 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 903bc7a7e510f87aa5d0201eb59a0832
ac9aa4dd94cde1bcba9037e94087138b127e41fc
41a7ac8150cc9f38421451d5143c1ffec7a1f1fafbf7a7fc0f51b98ad699cf8f
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 Sep 2022 10:39:21 GMT
expires: Fri, 08 Sep 2023 10:39:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 328368
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mlgass.click/static/js/imryu.js
200 OK 2.6 kB URL HTTP/1.1 mlgass.click/static/js/imryu.js
IP
ASN #141968 PT Industri Kreatif Digital
File type ASCII text, with CRLF line terminators
Hash 8e543d2eb89c1b0dfa0ab2e9999a8bf0
3ab8691beb6aaabd3d8673f8b04280bf808aa8de
58d992a48cbf10612fd8f2fa112d612b22f86cb5fa64278ceed17efe171a1027
Analyzer Verdict Alert fortinet Phishing
GET /static/js/imryu.js HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:09 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 2591
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7178a43ba987078296946a97fa2fa609
a43fc4248914b2aa86d6148bfb11fdfc3ef1b759
2844d3e684d0474156afffb8f06e99f0f5b37dd8c7234137c2a3891f4dfb587e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash bff3a3f3f4f889b08163e7d307438790
c430c7c151973fa0e63ddf52e5624e1ce2282161
bce7d12a2343d8e43fbd05522fe82807ed48933a984aa113c284267364981750
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 12 Sep 2022 04:56:07 GMT
Cache-Control: max-age=3600
Expires: Mon, 12 Sep 2022 05:41:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: g5W7CM32qHu0tzr4Q5ckR_q9M93l8-QevKZeJmPYSjHOxmWrrcGIqw==
Age: 3362
i.ibb.co/w4bp4C1/IMG-20220830-012332.jpg
200 OK 60 kB URL HTTP/2 i.ibb.co/w4bp4C1/IMG-20220830-012332.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:30 01:22:38, width=0], baseline, precision 8, 338x600, components 3\012- data
Hash fb0ba7bf741eeab4579c36896e874ff5
9b42c554961b7fa611a261822b10cb85475b6e02
cbb055eb75ed51a2cd95e0647bab4d9e1bbdfad39ecce855465abef9a983d6f7
GET /w4bp4C1/IMG-20220830-012332.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 59475
last-modified: Mon, 29 Aug 2022 17:35:58 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mlgass.click/static/img/borders/10.jpeg
200 OK 14 kB URL HTTP/1.1 mlgass.click/static/img/borders/10.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 129x123, components 3\012- data
Hash 5594fba93fa048c23b78ab94585d2c06
13ce3970dfd6ff588fc50fb18cf09f5016d9daf7
682d7221d4009f85742bf6e94480a7c7b552e26cec03f8bff41e5406d48dd39f
Analyzer Verdict Alert fortinet Phishing
GET /static/img/borders/10.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:09 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 13776
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mlgass.click
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 20:23:38 GMT
expires: Thu, 07 Sep 2023 20:23:38 GMT
cache-control: public, max-age=31536000
age: 379711
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mlgass.click/static/img/borders/8.jpeg
200 OK 12 kB URL HTTP/1.1 mlgass.click/static/img/borders/8.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 135x131, components 3\012- data
Hash bb3a6821a831388426333e7ff7c21b93
9b3ed817773e8a3cc88e7a7493855b0a68525444
afb9170b3c58fb81966bcf994426ada17c689040546525719b51b527bf4bee06
Analyzer Verdict Alert fortinet Phishing
GET /static/img/borders/8.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:09 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 12391
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/borders/9.jpeg
200 OK 12 kB URL HTTP/1.1 mlgass.click/static/img/borders/9.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x125, components 3\012- data
Hash 12b66031d66c51b1861e2e964def545d
78e00bc755458b2662979fab06e3aeebeb5abf1c
336abc805d5ecf4e7b22df535cf7ccbedb2e0f7e4a8a78d2d5f67a3fa0f9ce02
Analyzer Verdict Alert fortinet Phishing
GET /static/img/borders/9.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:09 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 11893
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 10 Sep 2022 12:31:58 GMT
expires: Sun, 10 Sep 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 148811
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 4894843dd17150368f9e81305262c361
09c1036ec45f4da92b1749c5b0a76062d32ee681
5242d2bcde6e9f49b38e0749771de0388b9687af78be7b13a27e147b3e38684e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash 26e829ba5f754918e20cbd316dc4348e
ba198501da0812dd11ca3b38a51325b5de6cfa60
4352c25d4af7637a8435b0df6d042fc606d37a348e966b99fecce8a853b8ebc0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 508
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:10 GMT
Last-Modified: Mon, 12 Sep 2022 05:43:43 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
mlgass.click/static/img/dm/5000.jpg
200 OK 82 kB URL HTTP/1.1 mlgass.click/static/img/dm/5000.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash c890d2d8fabf64205bd762858235f7ab
de805d94df0985d9500905318002589a3c5c3706
e83fbcfc8112158d8a8afd66acebbbad99d942217ecad0c0975c2f4e4db7a216
GET /static/img/dm/5000.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:09 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 81805
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9e49275aaf0d1bfa618853ff5dd58eb3
487ed119173c474058dd51af6cadd7c107ae9e5e
2fb8cb56254e6f9b0f408b941ce9e93534a40ab79127ca40244f6ad2f60fb3f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 05:44:23 GMT
expires: Mon, 12 Sep 2022 05:59:23 GMT
cache-control: public, max-age=900
age: 467
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 12 Sep 2022 05:52:10 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 9e49275aaf0d1bfa618853ff5dd58eb3
487ed119173c474058dd51af6cadd7c107ae9e5e
2fb8cb56254e6f9b0f408b941ce9e93534a40ab79127ca40244f6ad2f60fb3f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mlgass.click/jabes/02.jpg
200 OK 30 kB URL HTTP/1.1 mlgass.click/jabes/02.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:33:29, width=0], baseline, precision 8, 145x257, components 3\012- data
Hash 4fae539b14c385cde860b007c4d2b3fa
a442c48e83af5cbc8bf67c177f1e71d1b84e705c
cc0a71bc85a0d6dc6fa1ff4eb163f4efa35e9eeca14f8405f3823d784ddc1b24
GET /jabes/02.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:10 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 19:35:51 GMT
Accept-Ranges: bytes
Content-Length: 29618
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 324364e9311c1f7cb5e4068f3d947d5d
ddb00dc97404cee267838983ce8bb4ae48d6647a
d6cc296b22c48f9e7bb3a905dd9e899441ae7c29faec4a62e71628e1f23d61a2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mlgass.click/jabes/000.jpg
200 OK 65 kB URL HTTP/1.1 mlgass.click/jabes/000.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:30 00:57:21, width=0], baseline, precision 8, 226x376, components 3\012- data
Hash 696ed59187ba381773d4489010c867c9
24912f17cee9784a03a2792384b3715b99dfb6ca
de7bee49980a1bd6f55fbe498966fb6b71daeda09edaba69f2b1f5a5d67c2b96
GET /jabes/000.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:10 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 17:34:50 GMT
Accept-Ranges: bytes
Content-Length: 65170
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 12 Sep 2022 05:52:10 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4sDsIXuuolA03VWFK9MR0A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GgzMdneC0E/7OOqR/WI1uiYW+RQ=
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 8d6379229c542008209e9ce2fecbb465
8f8a73ae8cce1882616753a42dc0f70dc8352d72
b6d09674679a84bd4bbfa5d88553ccad080fd0196f7378d9a232994a2ad55529
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 12 Sep 2022 05:52:10 GMT
server: ESF
cache-control: private
content-length: 30936
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 45b55c678e2944a30a6d8160bb6e4a94
a1ac0c9681902e7d64e49bd9e146820ce2c60f4f
5a89db56a9b47aa3e426799671db9b25a42d7dd7d6881c66eca7ed37facf6bd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js
IP
File type ASCII text, with very long lines (35963)
Hash 0a10e1669fa5f54a96c02562d935783f
fb9c033841ed0848caeede748301a5c91de6c800
25215608c929fe6c434b08bdb327df9b9ca11355840c6408602b8612073f99f5
GET /js/th/9e5Q9JddguzAeYJyBJt7GsINCHbvQKKYaWDK5a7IWAA.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14185
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 07 Sep 2022 05:03:42 GMT
expires: Thu, 07 Sep 2023 05:03:42 GMT
cache-control: public, max-age=31536000
age: 434908
last-modified: Mon, 29 Aug 2022 11:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 026155feefbacf7f49ce790ae1f79688
79d2e5ec8ab82bdefb633ab1c2c93f202dcf1852
d8c7c6f60fd9a261a1dabbac113d8eb6811d3f3ead219f25db5ea794fe04fae8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8C7C6F60FD9A261A1DABBAC113D8EB6811D3F3EAD219F25DB5EA794FE04FAE8"
Last-Modified: Sat, 10 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17060
Expires: Mon, 12 Sep 2022 10:36:30 GMT
Date: Mon, 12 Sep 2022 05:52:10 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0c475956c17fecf985e692f4728f8b75
ceb52b6095d6429bc16e94d07dfb3da2f8500d07
bbeb19fdf0df52440f1e03e9f964f14e492fad8dbf6d4ec43c31047f976296ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/m9BweRP-L6wrdJJp24JCKUAZ1MVpk2Uxn3KdAvGZjKTBGR5xVLZwozXKZUq9YDLvXBh_3xwQYsI=s68-c-k-c0x00ffffff-no-rj
200 OK 4.9 kB URL HTTP/2 yt3.ggpht.com/m9BweRP-L6wrdJJp24JCKUAZ1MVpk2Uxn3KdAvGZjKTBGR5xVLZwozXKZUq9YDLvXBh_3xwQYsI=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash 23fb59dbdd6b7dc76cd71088fecb56be
2c0ed5d42d5651037c27f7a070e3935aba026534
c0bd67f0c5c74150fcaf4f174c8133fc74ef2d2340b548974126612096e9c7c9
GET /m9BweRP-L6wrdJJp24JCKUAZ1MVpk2Uxn3KdAvGZjKTBGR5xVLZwozXKZUq9YDLvXBh_3xwQYsI=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 4909
x-xss-protection: 0
date: Mon, 12 Sep 2022 02:20:04 GMT
expires: Tue, 21 Jun 2022 08:57:50 GMT
cache-control: public, max-age=86400, no-transform
age: 12726
etag: "v1"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 0c475956c17fecf985e692f4728f8b75
ceb52b6095d6429bc16e94d07dfb3da2f8500d07
bbeb19fdf0df52440f1e03e9f964f14e492fad8dbf6d4ec43c31047f976296ea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mlgass.click/jabes/03.jpg
200 OK 27 kB URL HTTP/1.1 mlgass.click/jabes/03.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:33:29, width=0], baseline, precision 8, 148x260, components 3\012- data
Hash 16df2a4c7f71de466f66837d577e7dd2
d38e80ae6ee5dd22cb9406c43e2bb7b2e7339fd7
c4cc742ae92b2b40477417090046abdce40cdd4fe06b1ce01517333066f5e14a
GET /jabes/03.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:10 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 19:35:54 GMT
Accept-Ranges: bytes
Content-Length: 27173
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/jabes/04.jpg
200 OK 26 kB URL HTTP/1.1 mlgass.click/jabes/04.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:33:29, width=0], baseline, precision 8, 150x259, components 3\012- data
Hash a4e7f9f345de741267674ac39cd80720
809c6543a8761be30b05a8b1b2259664139cf933
67e5afd8ff28ec8e7a10a7da249feb3a1e822f91dae26aae6dc6873c8229abb5
GET /jabes/04.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:10 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 19:35:59 GMT
Accept-Ranges: bytes
Content-Length: 25550
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/jabes/01.jpg
200 OK 156 kB URL HTTP/1.1 mlgass.click/jabes/01.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=0, orientation=[*0*], datetime=2022:08:14 03:32:47, width=0], baseline, precision 8, 402x656, components 3\012- data
Size 156 kB (155520 bytes)
Hash 6e34331b2e7768b9a3e25e3bfcf7ac67
61b4ee57783e94ce7f798eaacc3cbccdede67d96
3ff48fd457ecfda559d4617bea1a3aeca2a0b0ca8059bbc1060aa8bb1b56e6e2
GET /jabes/01.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:10 GMT
Server: Apache
Last-Modified: Sat, 13 Aug 2022 19:35:48 GMT
Accept-Ranges: bytes
Content-Length: 155520
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/jabes/1.jpg
200 OK 12 kB IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 167x270, components 3\012- data
Hash 6bdafba8b4be45ebc808ada032e5892d
77c8e76b77f0367d59c4530313f34282e5e1e89f
930e1b3f4826f0e907f7e619405b0e1f22f9334ed14a65af13ca1b0fa8ffb2a5
GET /jabes/1.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:10 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 08:26:53 GMT
Accept-Ranges: bytes
Content-Length: 12117
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/jabes/2.jpg
200 OK 11 kB IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 167x268, components 3\012- data
Hash c90ffbab6f77dc72dd0f700b7b393583
5759f94da7133ded80829fbbd74545aec8e08767
4930b40e8e2dbdd7ec33b887123328514ec1aaf6a0264aae7745689507796048
GET /jabes/2.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:10 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 08:27:19 GMT
Accept-Ranges: bytes
Content-Length: 11192
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/jabes/3.jpg
200 OK 9.0 kB IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x269, components 3\012- data
Hash 60d750b421b89aa2313d184fcf094b7d
eac5212fb8bf7b7bef1599a106b93b6b6c62e445
f5712248a6e5777a0cf3bf3c9c39cec914167ffd803d7c16ef2f0456415f7d9a
GET /jabes/3.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:10 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 08:27:25 GMT
Accept-Ranges: bytes
Content-Length: 8971
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/jabes/4.jpg
200 OK 10 kB IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 164x270, components 3\012- data
Hash 509b677d65fb7f1039c4df9f0b62f088
1db73c62f220cba650d5667abff5808f4247d115
034fb410f7fe0e639129377082faed19736d0197f21d7ef994827936af04f733
GET /jabes/4.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:10 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 08:42:22 GMT
Accept-Ranges: bytes
Content-Length: 10361
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 12 Sep 2022 05:52:10 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 8ddabf1972c243ae655e3f7f6a79a296
cbc823051a94b1604f670bf3d7030ae94c9c151b
4fa1b60a9e4226ee1aeb2f255eeb0c252a4bb6bd9e9a3d01f743afc9e85a5c09
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1231
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 12 Sep 2022 05:52:10 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mlgass.click/static/img/kof/6.png
200 OK 118 kB URL HTTP/1.1 mlgass.click/static/img/kof/6.png
IP
ASN #141968 PT Industri Kreatif Digital
File type PNG image data, 200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size 118 kB (117996 bytes)
Hash c8cf836eebc8bd0d7d29f56d1e4fae8c
1daa116901e043b2d97f68a5483451b3da1bf68e
e65f73ce0ba58ef5d687d3e0ddfb9e65d2681f8e4175519f5303632f57103192
GET /static/img/kof/6.png HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:10 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 117996
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
pht.qoo-static.com/VObo_efVQ255Uny-K5k6EEMxQ9PQYk6PFNSReWDQxKf19HiXBH8BbluIzH1e43iQiw=w512
403 Forbidden 169 B URL HTTP/2 pht.qoo-static.com/VObo_efVQ255Uny-K5k6EEMxQ9PQYk6PFNSReWDQxKf19HiXBH8BbluIzH1e43iQiw=w512
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3944b69d2e5ed0868bbe4fdcd35e6773
cc891b47510aaaec347a5880913f720b4f13db4a
28379c5f15ea5ffb7fda52f940cf73555f02b2d7e4f20032633b98ac079621b5
Analyzer Verdict Alert fortinet Malware
GET /VObo_efVQ255Uny-K5k6EEMxQ9PQYk6PFNSReWDQxKf19HiXBH8BbluIzH1e43iQiw=w512 HTTP/1.1
Host: pht.qoo-static.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx/1.12.2
date: Mon, 12 Sep 2022 05:52:10 GMT
content-type: text/html; charset=utf-8
content-length: 169
x-frame-options: sameorigin
X-Firefox-Spdy: h2
mlgass.click/static/img/kof/4.png
200 OK 109 kB URL HTTP/1.1 mlgass.click/static/img/kof/4.png
IP
ASN #141968 PT Industri Kreatif Digital
File type PNG image data, 200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size 109 kB (109303 bytes)
Hash 41e8948125d3fe59c6972d5b12939453
c31f4fefebf281f4f0ebaeb40f11324412d5287b
f0cc7c414d92a31d68ab3b38e78b463098946fad4c5f62eaa38c393d4782f435
GET /static/img/kof/4.png HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:10 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 109303
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 77f5c6511fe6f68f1ff447a24181bf91
1a516e27279a27cf6e26602ed45559c8a42be40f
64f5870bedad43a0d34d16a8cb7865978e33946c19ad18fc28595ec9525a72cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 77f5c6511fe6f68f1ff447a24181bf91
1a516e27279a27cf6e26602ed45559c8a42be40f
64f5870bedad43a0d34d16a8cb7865978e33946c19ad18fc28595ec9525a72cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 645f87ab673d0c7d50dd689cee202801
55a4c28d5435cb616c9df1215ca0fabb4a35f010
3d85b3085b5119871208204334b6f360462ca03942611a11f80686fe86cce80e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
200 OK 7.3 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (30837)
Hash a11198efa753d279d9d97307d07692e0
6f42171cd31f408c90b91c71eb352927819f169e
88987e910f56e831d734964071d49267286ae0c86157eb1d05f6970d92742c07
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/15/2021 21:49:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cdn-cache: HIT
cf-cache-status: HIT
age: 8408683
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7496601948951c16-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662983530&ei=CskeY4KdGJqOyQWQp7S4Bw&ip=91.90.42.154&id=o-AMZjDdargJJa5sFXUqZsKUY9naX5GqyX-vQoAMJINTD5&itag=251&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=u&mvi=2&pcm2cms=yes&pl=21&bui=0&spc=lT-KhsFL_Ey2vsxwWZlL96mgCCokt_k&vprv=1&mime=audio%2Fwebm&ns=eU610n1j6mQWbMdyCVBgbzYH&gir=yes&clen=1165670&dur=75.601&lmt=1661687855270943&mt=1662960722&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5432434&n=LYfQb0lfFwHhEA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cbui%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgcBeDlpuvIsIUAPgYA2x43KqNzt_UXZiInnrDBIbMqhMCIQD4OnQWXLzaGzBzCBE2fIHzOO_hfRYPZ5gI1_PbhUggug%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl&lsig=AG3C_xAwRQIhAJRxQ6W1ipOOry3MFkkxkPOZ77gMa7vQq1DXTW_prewyAiBWNeT9lshgRQ5OFPpZojubRPUafJhp7YH2XlC_VaxFIA%3D%3D&alr=yes&cpn=lubg4CRRQltdTQHO&cver=1.20220907.01.00&range=0-65934&rn=2&rbuf=0
200 OK 66 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662983530&ei=CskeY4KdGJqOyQWQp7S4Bw&ip=91.90.42.154&id=o-AMZjDdargJJa5sFXUqZsKUY9naX5GqyX-vQoAMJINTD5&itag=251&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=u&mvi=2&pcm2cms=yes&pl=21&bui=0&spc=lT-KhsFL_Ey2vsxwWZlL96mgCCokt_k&vprv=1&mime=audio%2Fwebm&ns=eU610n1j6mQWbMdyCVBgbzYH&gir=yes&clen=1165670&dur=75.601&lmt=1661687855270943&mt=1662960722&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5432434&n=LYfQb0lfFwHhEA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cbui%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgcBeDlpuvIsIUAPgYA2x43KqNzt_UXZiInnrDBIbMqhMCIQD4OnQWXLzaGzBzCBE2fIHzOO_hfRYPZ5gI1_PbhUggug%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl&lsig=AG3C_xAwRQIhAJRxQ6W1ipOOry3MFkkxkPOZ77gMa7vQq1DXTW_prewyAiBWNeT9lshgRQ5OFPpZojubRPUafJhp7YH2XlC_VaxFIA%3D%3D&alr=yes&cpn=lubg4CRRQltdTQHO&cver=1.20220907.01.00&range=0-65934&rn=2&rbuf=0
IP
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Hash 30291d76b7807a3f14a79b7a0b356c12
de296641a599d4c1186984218532c7c23af93224
7204bdf9d76106267e9654c99e1edd1f729fd4805244ca1d3522a0fd7c51d39d
GET /videoplayback?expire=1662983530&ei=CskeY4KdGJqOyQWQp7S4Bw&ip=91.90.42.154&id=o-AMZjDdargJJa5sFXUqZsKUY9naX5GqyX-vQoAMJINTD5&itag=251&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=u&mvi=2&pcm2cms=yes&pl=21&bui=0&spc=lT-KhsFL_Ey2vsxwWZlL96mgCCokt_k&vprv=1&mime=audio%2Fwebm&ns=eU610n1j6mQWbMdyCVBgbzYH&gir=yes&clen=1165670&dur=75.601&lmt=1661687855270943&mt=1662960722&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5432434&n=LYfQb0lfFwHhEA&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cbui%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgcBeDlpuvIsIUAPgYA2x43KqNzt_UXZiInnrDBIbMqhMCIQD4OnQWXLzaGzBzCBE2fIHzOO_hfRYPZ5gI1_PbhUggug%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl&lsig=AG3C_xAwRQIhAJRxQ6W1ipOOry3MFkkxkPOZ77gMa7vQq1DXTW_prewyAiBWNeT9lshgRQ5OFPpZojubRPUafJhp7YH2XlC_VaxFIA%3D%3D&alr=yes&cpn=lubg4CRRQltdTQHO&cver=1.20220907.01.00&range=0-65934&rn=2&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 28 Aug 2022 11:57:35 GMT
Content-Type: audio/webm
Date: Mon, 12 Sep 2022 05:52:11 GMT
Expires: Mon, 12 Sep 2022 05:52:11 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 65935
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
mlgass.click/static/sound.mp3
206 Partial Content 1.1 MB URL HTTP/1.1 mlgass.click/static/sound.mp3
IP
ASN #141968 PT Industri Kreatif Digital
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 48 kHz, Stereo\012- data
Size 1.1 MB (1104524 bytes)
Hash 015384eeafba5d69507e7440eb54127e
9c50059810626cae8d2beabbafa0c2a52f961863
f9d4d283265ce49509451b07326652e87f7985c9963329fd51128e5c0347b111
Analyzer Verdict Alert fortinet Phishing
GET /static/sound.mp3 HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 206 Partial Content
Date: Mon, 12 Sep 2022 05:52:09 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 1104524
Content-Range: bytes 0-1104523/1104524
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: audio/mpeg
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 77f5c6511fe6f68f1ff447a24181bf91
1a516e27279a27cf6e26602ed45559c8a42be40f
64f5870bedad43a0d34d16a8cb7865978e33946c19ad18fc28595ec9525a72cd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/Acv5oGFllDs/sddefault.webp
200 OK 38 kB URL HTTP/2 i.ytimg.com/vi_webp/Acv5oGFllDs/sddefault.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7cb67e1362d8ea77b65fffecee36326f
de14ecf39e3164e689e1b9e0c19d35c197b26caa
a107b245b70d9fed5d261bbf182b47a1bda695fc01fe5b3a9c92b8d784521875
GET /vi_webp/Acv5oGFllDs/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 37536
date: Mon, 12 Sep 2022 05:52:11 GMT
expires: Mon, 12 Sep 2022 07:52:11 GMT
cache-control: public, max-age=7200
etag: "1661507883"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mlgass.click/static/img/card.c777c1a0.png
200 OK 1.2 MB URL HTTP/1.1 mlgass.click/static/img/card.c777c1a0.png
IP
ASN #141968 PT Industri Kreatif Digital
File type PNG image data, 850 x 1280, 8-bit/color RGBA, non-interlaced\012- data
Size 1.2 MB (1178525 bytes)
Hash f61a082b230f98bcd23879c9fa7f92d5
3f54c318324a9ed2a5c4ec4521d359b4e3ccef62
1c1992ca0652089198af657792f6f23513c93c7788b1cc433a2c5c77da83e0fc
GET /static/img/card.c777c1a0.png HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:10 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 17:50:42 GMT
Accept-Ranges: bytes
Content-Length: 1178525
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
mlgass.click/static/img/skins/chou.jpg
404 Not Found 315 B URL HTTP/1.1 mlgass.click/static/img/skins/chou.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
GET /static/img/skins/chou.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 404 Not Found
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Content-Length: 315
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
mlgass.click/static/img/skins/12.jpeg
200 OK 36 kB URL HTTP/1.1 mlgass.click/static/img/skins/12.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:44:47, GPS-Data], baseline, precision 8, 189x343, components 3\012- data
Hash dcdc088e8f7fb04bbb9820f35b0fd2b0
2b16826763293304421cf7703a9eb493ad6a125f
517619ca5c8d4db6bc0133e6e7a493bebfd3cc5ab8c13d0d5057a64c677bf8a0
Analyzer Verdict Alert fortinet Phishing
GET /static/img/skins/12.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 36471
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662983530&ei=CskeY4KdGJqOyQWQp7S4Bw&ip=91.90.42.154&id=o-AMZjDdargJJa5sFXUqZsKUY9naX5GqyX-vQoAMJINTD5&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=u&mvi=2&pcm2cms=yes&pl=21&bui=0&spc=lT-KhsFL_Ey2vsxwWZlL96mgCCokt_k&vprv=1&mime=video%2Fwebm&ns=eU610n1j6mQWbMdyCVBgbzYH&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&mt=1662960722&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5437434&n=LYfQb0lfFwHhEA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cbui%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgXyjdUWNpZH3nxmSA5MBnvZ0JTF_7R4WV7kumx_YkKHoCIQDZbi6W8riOzVrm84B4K36yC9YOr6jBztgymH8G-3jkJg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl&lsig=AG3C_xAwRQIhAJRxQ6W1ipOOry3MFkkxkPOZ77gMa7vQq1DXTW_prewyAiBWNeT9lshgRQ5OFPpZojubRPUafJhp7YH2XlC_VaxFIA%3D%3D&alr=yes&cpn=lubg4CRRQltdTQHO&cver=1.20220907.01.00&range=0-124752&rn=1&rbuf=0
200 OK 125 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1662983530&ei=CskeY4KdGJqOyQWQp7S4Bw&ip=91.90.42.154&id=o-AMZjDdargJJa5sFXUqZsKUY9naX5GqyX-vQoAMJINTD5&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=u&mvi=2&pcm2cms=yes&pl=21&bui=0&spc=lT-KhsFL_Ey2vsxwWZlL96mgCCokt_k&vprv=1&mime=video%2Fwebm&ns=eU610n1j6mQWbMdyCVBgbzYH&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&mt=1662960722&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5437434&n=LYfQb0lfFwHhEA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cbui%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgXyjdUWNpZH3nxmSA5MBnvZ0JTF_7R4WV7kumx_YkKHoCIQDZbi6W8riOzVrm84B4K36yC9YOr6jBztgymH8G-3jkJg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl&lsig=AG3C_xAwRQIhAJRxQ6W1ipOOry3MFkkxkPOZ77gMa7vQq1DXTW_prewyAiBWNeT9lshgRQ5OFPpZojubRPUafJhp7YH2XlC_VaxFIA%3D%3D&alr=yes&cpn=lubg4CRRQltdTQHO&cver=1.20220907.01.00&range=0-124752&rn=1&rbuf=0
IP
ASN #50304 Blix Solutions AS
File type WebM\012- EBML file, creator webmB\20\012- data
Size 125 kB (124753 bytes)
Hash ae4863f2e947cbe2de436123533aa0b3
21f3f54a95343bdd2977144810dd956eb584c620
0f2cf1134d6df2f6e38118d27885f55bd992555d426babdf46cb3d1bf30f6f01
GET /videoplayback?expire=1662983530&ei=CskeY4KdGJqOyQWQp7S4Bw&ip=91.90.42.154&id=o-AMZjDdargJJa5sFXUqZsKUY9naX5GqyX-vQoAMJINTD5&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278&source=youtube&requiressl=yes&mh=6_&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=u&mvi=2&pcm2cms=yes&pl=21&bui=0&spc=lT-KhsFL_Ey2vsxwWZlL96mgCCokt_k&vprv=1&mime=video%2Fwebm&ns=eU610n1j6mQWbMdyCVBgbzYH&gir=yes&clen=3448545&dur=75.566&lmt=1661689946062401&mt=1662960722&fvip=4&keepalive=yes&fexp=24001373%2C24007246&c=WEB_EMBEDDED_PLAYER&rbqsm=fr&txp=5437434&n=LYfQb0lfFwHhEA&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cbui%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgXyjdUWNpZH3nxmSA5MBnvZ0JTF_7R4WV7kumx_YkKHoCIQDZbi6W8riOzVrm84B4K36yC9YOr6jBztgymH8G-3jkJg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpcm2cms%2Cpl&lsig=AG3C_xAwRQIhAJRxQ6W1ipOOry3MFkkxkPOZ77gMa7vQq1DXTW_prewyAiBWNeT9lshgRQ5OFPpZojubRPUafJhp7YH2XlC_VaxFIA%3D%3D&alr=yes&cpn=lubg4CRRQltdTQHO&cver=1.20220907.01.00&range=0-124752&rn=1&rbuf=0 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sun, 28 Aug 2022 12:32:26 GMT
Content-Type: video/webm
Date: Mon, 12 Sep 2022 05:52:11 GMT
Expires: Mon, 12 Sep 2022 05:52:11 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 124753
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 645f87ab673d0c7d50dd689cee202801
55a4c28d5435cb616c9df1215ca0fabb4a35f010
3d85b3085b5119871208204334b6f360462ca03942611a11f80686fe86cce80e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mlgass.click/static/clicks.mp3
206 Partial Content 4.4 kB URL HTTP/1.1 mlgass.click/static/clicks.mp3
IP
ASN #141968 PT Industri Kreatif Digital
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 48 kHz, Stereo\012- data
Hash f4e03882d4fb310098454903605c0083
abf913469f6c4dd8670789bac07d69b4815e4431
7510e1443a74343942ced29dd7d8d7a8009346002a08b82aeda0ef65c43de649
Analyzer Verdict Alert fortinet Phishing
GET /static/clicks.mp3 HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 206 Partial Content
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 4364
Content-Range: bytes 0-4363/4364
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: audio/mpeg
mlgass.click/static/img/logo.png
200 OK 3.1 kB URL HTTP/1.1 mlgass.click/static/img/logo.png
IP
ASN #141968 PT Industri Kreatif Digital
File type PNG image data, 143 x 57, 8-bit colormap, non-interlaced\012- data
Hash ade52d82cc35a17e99ccbb20439cbcbc
9f700e422c6a803a4aefa816a2d9ea2640c17547
18cabba213026d1cfdb15168bd00de62a36dd0705aeff0e3274292ebb9d39384
GET /static/img/logo.png HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 3110
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
mlgass.click/static/img/boxOn.png
200 OK 603 kB URL HTTP/1.1 mlgass.click/static/img/boxOn.png
IP
ASN #141968 PT Industri Kreatif Digital
File type PNG image data, 1280 x 481, 8-bit/color RGBA, non-interlaced\012- data
Size 603 kB (602563 bytes)
Hash 510f616bc35a268f24ce98d15f9a2429
bf674acfde2279acf8e2d103f52a78d64f718604
f8cdd47205cd93c5e0b7b47611ae2c5c33100a1593039fe271efe2df3eeec4a6
GET /static/img/boxOn.png HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Mon, 29 Aug 2022 17:50:08 GMT
Accept-Ranges: bytes
Content-Length: 602563
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
mlgass.click/static/img/skins/2newc.jpg
200 OK 71 kB URL HTTP/1.1 mlgass.click/static/img/skins/2newc.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2020:11:13 10:36:12, GPS-Data, width=0], baseline, precision 8, 233x345, components 3\012- data
Hash 373429187851e808386569195d205f39
c5bafb63e19dac26dc1022e392145a31a24ff53f
b32e5ecdf802d2b19ab9753e42213146931b2a1969d876fbd3500598e54a7e0b
GET /static/img/skins/2newc.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 71090
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/skins/13.jpeg
200 OK 34 kB URL HTTP/1.1 mlgass.click/static/img/skins/13.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:44:34, GPS-Data], baseline, precision 8, 188x308, components 3\012- data
Hash c27db983a51a794b36da8c05b5666e63
6a5d9710651b38c7de3f130d10537bca214955f3
c625eab36994864ee26e6c57ddede1b5a3b3bf7fdac31b2160de1bb6fa91a68a
Analyzer Verdict Alert fortinet Phishing
GET /static/img/skins/13.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 33463
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16275
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 05:52:11 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16275
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 05:52:11 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16275
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 05:52:11 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16275
Expires: Mon, 12 Sep 2022 10:23:26 GMT
Date: Mon, 12 Sep 2022 05:52:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8625e0707046e7a3715a8dbb40b1cae2
0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78
abc4c12561be08897341d9c8104c30a289357c0907e55c46895f7fb6afb2f75d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6c05fb6-7f49-4d2f-96eb-0b6c468353f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13568
x-amzn-requestid: ad06f499-3e04-414a-8a3f-6daa9e0124ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3yN1F2BIAMFoqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312fd8b-3a17f11440d2f37b23ac7f6a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 07:08:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iNRnq8nMhoTo9oY379Ynb6uPW0vNyf3dNufU_HpXNfzxvhrAEKEzJQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 14:06:07 GMT
age: 56764
etag: "0f44ee871ad9d0a0ddd07d0c87d54f7e72b56f78"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i.postimg.cc/C1BrTTZd/FanyFuni.jpg
200 OK 10 kB URL HTTP/2 i.postimg.cc/C1BrTTZd/FanyFuni.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5bdaf9b909a8b8fd2f02eeb8930e2d19
3df316da4ed46403a50a0cdc688613cb1334da0b
177e68bddbfdafe455c5aa1aad9c0654c83ab91500043cbc366d1397aea53e22
GET /C1BrTTZd/FanyFuni.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 12 Sep 2022 05:52:09 GMT
content-type: image/jpeg
content-length: 107076
last-modified: Mon, 24 Jan 2022 04:02:01 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NKM6RRhJ5AuRF4NKSyBO6-KMkd1UGaw3DuZBkBao_8fzzpkMeDrn0w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:55:40 GMT
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
age: 28591
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: u_jETr8miiFyuhq7R09yb0lAP-hUv_6eTRV81Xzd9gSqU31VXwC9CQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 03:15:48 GMT
age: 9383
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c14088c4ca0d576e087feed41b7f1565
172b23f2ef39b6c3fdebb5441b10a95712206d0a
2699efa811ceac5420f5bd26c35a6f48b51854e29cbce7cbb62efb613db7d6b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75931920-737e-40b5-8dd6-d2070639ea2d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8799
x-amzn-requestid: 1bcdf387-9ad2-449a-861e-3352b1744d23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUI-0G6vIAMFgbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e552b-42aa46af6315148106c4fdee;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: g2mxKK8L5T4YkeD8JqNUuV_KfsIq8ypRMvxhsyzSZSEIP4gDl4zLVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 21:41:51 GMT
age: 29420
etag: "172b23f2ef39b6c3fdebb5441b10a95712206d0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mlgass.click/static/sound.mp3
200 OK 9.1 kB URL HTTP/1.1 mlgass.click/static/sound.mp3
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash beca122055c554548ca6ef68a66a4e2e
cf5ec3650282d05c082eb0534f1b70a59f9f4bbe
a9cf7ef5dfb6a58c66bc29b2a280c2253e56a28ce317d8271273ddae2008d9d5
Analyzer Verdict Alert fortinet Phishing
GET /static/sound.mp3 HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:09 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 1104524
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: audio/mpeg
mlgass.click/static/img/skins/1new.jpg
200 OK 83 kB URL HTTP/1.1 mlgass.click/static/img/skins/1new.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, baseline, precision 8, 208x336, components 3\012- data
Hash f42415aa51283f8556c4d3682802e4ab
18e99d8f5ac756876a26a96fc800680555eb7b8a
03f93970ab1710a1abca976673b7195c7601fe2e253132ed8d45b97dc94fd626
GET /static/img/skins/1new.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 83305
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/skins/2new.jpg
200 OK 79 kB URL HTTP/1.1 mlgass.click/static/img/skins/2new.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, baseline, precision 8, 204x338, components 3\012- data
Hash bb0d2324852a75596459207141b8e7cf
66e73ffad47e43c4b94d8051b3d526629218d3de
2a8bf990df2caed939e832d38e44f8f3a916a537cbc6118af0e1cfb2b92778bf
GET /static/img/skins/2new.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 78700
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/skins/16.jpeg
200 OK 37 kB URL HTTP/1.1 mlgass.click/static/img/skins/16.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:25 09:42:21, GPS-Data], baseline, precision 8, 207x334, components 3\012- data
Hash b0e4b1911e83beec214d12ffc244a85e
be31911792f61503fd1ecf3d20e96f0cd0bab365
e1773d3bd72c93e893f9629c37878f2c2b8d4157c5023ee7f0648df5edc016a6
Analyzer Verdict Alert fortinet Phishing
GET /static/img/skins/16.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 36699
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/skins/7.jpeg
200 OK 15 kB URL HTTP/1.1 mlgass.click/static/img/skins/7.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 210x338, components 3\012- data
Hash fa6f89590fa29d956b348eab35c10e32
594d0b64f1390dd8de4a069ea9743814969d3aa5
df18c8af2cb52fd9d34bedb9d77021d16311c6b53f17a61e99f9446fa0de5813
Analyzer Verdict Alert fortinet Phishing
GET /static/img/skins/7.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 14591
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/skins/3.jpeg
200 OK 32 kB URL HTTP/1.1 mlgass.click/static/img/skins/3.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:46:04, GPS-Data], baseline, precision 8, 191x310, components 3\012- data
Hash a821cb25aedb8f21ee5c03373f8c6204
b9da5997bc68fd683f3d37472f7a195c3768e5a8
4cc8564668053a9c742519471135bbac27debac4b6973ac3acebace82b545740
Analyzer Verdict Alert fortinet Phishing
GET /static/img/skins/3.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 31966
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/kof/5.png
200 OK 113 kB URL HTTP/1.1 mlgass.click/static/img/kof/5.png
IP
ASN #141968 PT Industri Kreatif Digital
File type PNG image data, 200 x 320, 8-bit/color RGBA, non-interlaced\012- data
Size 113 kB (112990 bytes)
Hash 8ebd1c2e91fe2a579c51e002b9fb5ebf
b1f6838a5728e92a44d18dcf9593824c5d7dfcb3
9c88d54f5dea3dcefa99feb9a724aafac3065ba23b2e17ff9fa5851231524bc8
GET /static/img/kof/5.png HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 112990
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
mlgass.click/static/img/skins/2.jpg
200 OK 58 kB URL HTTP/1.1 mlgass.click/static/img/skins/2.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2020:10:14 14:07:10, GPS-Data, width=0], baseline, precision 8, 211x342, components 3\012- data
Hash 1cf7efd64ad6cc1439c3539cc20fbc84
296485c7d4c0907843e717c1454ffb2150f20c39
4cb41fdd49332ca98fa3b95cb11dea46f2ea4a92dba60e2563d71b327cc66543
GET /static/img/skins/2.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 58389
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/skins/6.jpeg
200 OK 17 kB URL HTTP/1.1 mlgass.click/static/img/skins/6.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 215x340, components 3\012- data
Hash e5da1e2012e6d30a5a7e200a1082d861
09f77c3bcf56cb03d003d1ee9b2aa579d9ea4186
ad04ea1d3edf662dfb76489ccbc8879b070747697f5da08ebdf2fefa6b858ab0
Analyzer Verdict Alert fortinet Phishing
GET /static/img/skins/6.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 16900
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/skins/4.jpeg
200 OK 32 kB URL HTTP/1.1 mlgass.click/static/img/skins/4.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, orientation=[*0*], software=Snapseed 2.0, datetime=2020:10:14 14:45:50, GPS-Data], baseline, precision 8, 191x310, components 3\012- data
Hash 532de4ebbd562ab3608324f1ea71c9fc
07d647d6d682277cab99464c62084a83864fcfd2
8c713e3f2eec756fe2be399b64a26fee2ce9699c09907ab84e011d760e187f9b
Analyzer Verdict Alert fortinet Phishing
GET /static/img/skins/4.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 32183
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/skins/9.jpeg
200 OK 38 kB URL HTTP/1.1 mlgass.click/static/img/skins/9.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 163x267, components 3\012- data
Hash 0669b7019bc06eddbd03dd49b8d02390
4f91de987444900fc5bc062cf9b7adaa4f11a879
71d715e750841ec57b2e8cc623ef77c25b4ecb9f958fa703f16353ab12567ddb
Analyzer Verdict Alert fortinet Phishing
GET /static/img/skins/9.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 37838
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/skins/8.jpeg
200 OK 12 kB URL HTTP/1.1 mlgass.click/static/img/skins/8.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 204x340, components 3\012- data
Hash 668564e4473038f448976765df11af0d
8933a2ba272e2df2f25572d2b3c908dbf3fc2d22
32f800cf39608715be8f8737eeaf8783121d7279c56dcac21fdf5095426dde92
Analyzer Verdict Alert fortinet Phishing
GET /static/img/skins/8.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 11717
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/skins/10.jpeg
200 OK 36 kB URL HTTP/1.1 mlgass.click/static/img/skins/10.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 160x266, components 3\012- data
Hash f38c6a3098302151fc7189d44bb8eb23
b3e943a7c24326216c02b1fda1a10c04b44efc56
14a6a45ed5d0d4de29a998a2166a9654c08e28d4ec53651b7f9037fa45dd0364
Analyzer Verdict Alert fortinet Phishing
GET /static/img/skins/10.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 36512
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/dm/2500.jpg
200 OK 81 kB URL HTTP/1.1 mlgass.click/static/img/dm/2500.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash 8f66c7a0904e304b14cd3cbbd31eafb8
92d81b84c9554f8ac5c1a85f21ded1659e709287
8dff9b35c156d6e7f4cdbf0c3499d5a41dd673360cd3ebb92d34b44b0ee6d9ad
GET /static/img/dm/2500.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 81165
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/dm/1500.jpg
200 OK 70 kB URL HTTP/1.1 mlgass.click/static/img/dm/1500.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash 71fdfc59ac4b79cd315f750e2f4d6dbd
12d5c30c5832d81d20f71575a480b696441b6ba8
a3f8bf6e347121460e5aabb4779bfb7f0f7e32166c414a1458e20ec6bc8761ac
GET /static/img/dm/1500.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 69616
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/dm/500.jpg
200 OK 64 kB URL HTTP/1.1 mlgass.click/static/img/dm/500.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash a5ad315a073e74e09b2d4d8294f15a94
57f386aa235168725dedfab8763bfba9a9e77fe4
32cf399c29db81a1e0362fbd3a925ab217fee31de6a092c2396807a2ade9a6cb
GET /static/img/dm/500.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 63592
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/dm/1000.jpg
200 OK 64 kB URL HTTP/1.1 mlgass.click/static/img/dm/1000.jpg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=1280], progressive, precision 8, 292x212, components 3\012- data
Hash 2f3a912fb5a0576b7884466a499d546a
c5f08eeee75a0d0ebfd8f887f7b43939c7578df8
6e8a2198ba7e7e8c1e71c908445c2274bdbd48d414fbb0a7fc044df49c3ab0cd
GET /static/img/dm/1000.jpg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:11 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 63898
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/borders/1.jpeg
200 OK 14 kB URL HTTP/1.1 mlgass.click/static/img/borders/1.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 127x125, components 3\012- data
Hash c3f23c759474b52b605376efbc3358ca
8aa3921a9d9996aa58400f7789c1b3a8d6bef993
bbfc84c4fbf2b869a000a32099492c9978c23d3a80695805c2c9fc8678b256d5
Analyzer Verdict Alert fortinet Phishing
GET /static/img/borders/1.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:12 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 13882
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/borders/3.jpeg
200 OK 12 kB URL HTTP/1.1 mlgass.click/static/img/borders/3.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 124x127, components 3\012- data
Hash 943b4a00399dc4e693e4931cf33bef96
df0216e09753f2d2ca2efe7e5baa4b600308d020
de0441e81786232488b2a73e9c56e78040cdd2f9adf82dcda25f4e9d166fd925
Analyzer Verdict Alert fortinet Phishing
GET /static/img/borders/3.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:12 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 12468
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/borders/4.jpeg
200 OK 12 kB URL HTTP/1.1 mlgass.click/static/img/borders/4.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 137x131, components 3\012- data
Hash ed0142f6c936e02fa902084dfb20d32f
a551891b9b27510ad06787329490b9614875519c
292e4dab178b1ff88f05e2cf3060f3ff3af4eb09d22d8b70e19b5c4cce119c6e
Analyzer Verdict Alert fortinet Phishing
GET /static/img/borders/4.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:12 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 11944
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/borders/7.jpeg
200 OK 10 kB URL HTTP/1.1 mlgass.click/static/img/borders/7.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 123x125, components 3\012- data
Hash a45314cdf40507ef02c3ee779d608aca
bece15ef6fcb3339a5c9d32545a49d883ced5299
fb91a9fbfacfb720ffe9403476f8f0320cb6387492413191ef944555579dbe31
Analyzer Verdict Alert fortinet Phishing
GET /static/img/borders/7.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:12 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 10538
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/borders/6.jpeg
200 OK 14 kB URL HTTP/1.1 mlgass.click/static/img/borders/6.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 130x130, components 3\012- data
Hash 8d8317eea9213928e3c0319cf237e8ab
34073433e542bfcae6c627a09796828e6b2758f0
5eee23e2ba4c13b2a0d20266aa99d61d20f41725365760f63821ceaf836914b2
Analyzer Verdict Alert fortinet Phishing
GET /static/img/borders/6.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:12 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 13578
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/borders/2.jpeg
200 OK 12 kB URL HTTP/1.1 mlgass.click/static/img/borders/2.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 137x130, components 3\012- data
Hash 89dd611dc90e68c564dd9a332a461c40
6fa24fa9061cb2a6f0b5424854e4de35600ae2f5
1e714f2533ca0e0913503199304bc6ce466ec054705866c2ae340fe596ad4d05
Analyzer Verdict Alert fortinet Phishing
GET /static/img/borders/2.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:12 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 12408
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
mlgass.click/static/img/borders/5.jpeg
200 OK 13 kB URL HTTP/1.1 mlgass.click/static/img/borders/5.jpeg
IP
ASN #141968 PT Industri Kreatif Digital
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 128x135, components 3\012- data
Hash 110de4b3386b174aa91799da526a5fa4
ca04da5930727af1dbcbe934b42dce6fe170fa72
567c71f609014824e4e9d15baccf60508b5a6fd9c32b89f4809b3f2d9dcd61f1
Analyzer Verdict Alert fortinet Phishing
GET /static/img/borders/5.jpeg HTTP/1.1
Host: mlgass.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mlgass.click/
HTTP/1.1 200 OK
Date: Mon, 12 Sep 2022 05:52:12 GMT
Server: Apache
Last-Modified: Sun, 27 Feb 2022 04:58:42 GMT
Accept-Ranges: bytes
Content-Length: 12875
Keep-Alive: timeout=5, max=88
Connection: Keep-Alive
Content-Type: image/jpeg
i.pinimg.com/originals/5f/3f/e8/5f3fe88ff2c07d4ebd0a85f64b272e05.jpg
200 OK 29 kB URL HTTP/2 i.pinimg.com/originals/5f/3f/e8/5f3fe88ff2c07d4ebd0a85f64b272e05.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 216x216, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash 9099099d9d7683a1f7df4c453a3b5250
8a5c119fa1bbfaa30e73b899a7cc2f3e6b307162
6015be6edadd8c2d0e36d1d91b3235986f11e9f42379a3faffe4737b80b37413
GET /originals/5f/3f/e8/5f3fe88ff2c07d4ebd0a85f64b272e05.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "9099099d9d7683a1f7df4c453a3b5250"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Mon, 12 Sep 2022 05:52:12 GMT
content-length: 28766
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 5eaaa3608ae6729d004364d8e8889638
bdc104af69134af2b175d3e4b7b682e7807b627d
c426e92aae5289776e9a1805ee6971d380e289fd6adc2d7cf06b3d5299a2586b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5847
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 12 Sep 2022 05:52:12 GMT
Last-Modified: Mon, 12 Sep 2022 04:14:45 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/css2?family=Teko&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Teko&display=swap
IP
GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 12 Sep 2022 05:52:09 GMT
date: Mon, 12 Sep 2022 05:52:09 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
200 OK 0 B URL HTTP/2 www.youtube.com/embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
IP
GET /embed/Acv5oGFllDs?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mlgass.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 12 Sep 2022 05:52:09 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=1D-TtOwYEB4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=34KudcI-MVY; Domain=.youtube.com; Expires=Sat, 11-Mar-2023 05:52:09 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+058; expires=Wed, 11-Sep-2024 05:52:09 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
103.180.124.186
142.250.74.3
104.18.21.226
91.90.45.173
93.184.220.29
52.76.96.242
141.94.200.42
151.101.85.229