firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 20:15:31 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: USNZ5YX8SsbVf51Ziy3rxkr5cadBJP-znoU2KKKLX_H_YU5DBZg76g==
Age: 3138
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7899
Expires: Tue, 27 Sep 2022 23:19:28 GMT
Date: Tue, 27 Sep 2022 21:07:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3jceo2Bykb4OBeEJSIGYzQbvWtBmHNIvyUV_BADZzqG1_OtLWxtD2w==
age: 42216
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 21:07:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sabunputih.click/
172.67.178.94200 OK 438 B IP 172.67.178.94:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a8733eee5fb29baa4326e8fedcd344dd
f0d419077357ff47ce3c90e0aaf2090c09453c7b
a28ae1602db6f06c43972778dc3db85d65cbed0c72734da40d8012c1de75ac00
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: sabunputih.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BELqV6DySPu9UHnp5xh8oBtMvSm4xH6ybyIul9c218MtMiBqJNDcvfXp5ygkqawA%2B7AlZ86WoWg0ZnyCP%2FugoSX0w8YX3AuUJhAb0HdpTaeYWH6%2FgI7itnAJ1L0WLnkrIm2N"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 751736071dd7b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 17883491aa4a759d270aefa42730e0ba
8e2f48dbf2b1af81b843f1880b459fdeeb10abd8
03d112eafbd3be87bf30191f6c1eae2cf3f4a665b903f35efe40aca4253cc3da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3765
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 21:07:49 GMT
Last-Modified: Tue, 27 Sep 2022 20:05:04 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 21:07:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32030)
Hash 04ba0252a9f264db106d4eaab8df4ccb
cf52d9b3df7839c5c64fbf33aafeced74b3db750
397852429e768ffbd12a78ce4b94f14e3ab4afabf84acb07c0bb5b7798e6e0b2
GET /ajax/libs/jquery/3.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sabunputih.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30244
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 09:07:49 GMT
expires: Thu, 21 Sep 2023 09:07:49 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 561600
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 17883491aa4a759d270aefa42730e0ba
8e2f48dbf2b1af81b843f1880b459fdeeb10abd8
03d112eafbd3be87bf30191f6c1eae2cf3f4a665b903f35efe40aca4253cc3da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3765
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 21:07:49 GMT
Last-Modified: Tue, 27 Sep 2022 20:05:04 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 21:07:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 27 Sep 2022 20:10:46 GMT
Expires: Tue, 27 Sep 2022 21:07:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 9jmEvCi-z4L15E0fkp1Jc46nqUlX8FJF1VzeBVktijtsLpxdV2Y2xA==
Age: 3423
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5350
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 21:07:49 GMT
Last-Modified: Tue, 27 Sep 2022 19:38:39 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5303
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 21:07:50 GMT
Last-Modified: Tue, 27 Sep 2022 19:39:27 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.25.14200 OK 5.8 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a7e25a22602a2b2ed35f90fd5210cff1
148c4f275b60e6cf6253d6b4c7bdc486515b2202
312d94bafa68e11e3a4a8d7c06bc25ee161d1d965afb1fa99db79815a272d0bf
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 21:07:50 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6468513
expires: Sun, 17 Sep 2023 21:07:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=owaEv596XaM9B7ACOAVQZConV5boq95nfdkinbQQkuguMd8Tr%2Feyyl6O%2F0dYBdktRhu9r%2FKaKa6yzJ7Q64OEeQnOpG%2Fh2sb6FrQMcm9EuE7XzZYJuhX2MF2QDgSop%2BMKgzAD2c2X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7517360eaaf5b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5303
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 21:07:50 GMT
Last-Modified: Tue, 27 Sep 2022 19:39:27 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 278
push.services.mozilla.com/
35.161.230.192101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.230.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: gAQ9CQAmqwKZKf1K7MKF5w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FsVQX3RuCGrM59jwk7V4A+GpgrI=
i.ibb.co/Wg8qQxh/facebook-text.png
51.210.32.132200 OK 29 kB URL HTTP/2 i.ibb.co/Wg8qQxh/facebook-text.png
IP 51.210.32.132:0
File type PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 21:07:50 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.ibb.co/V9rgBqw/twitter-text.png
51.210.32.132200 OK 4.3 kB URL HTTP/2 i.ibb.co/V9rgBqw/twitter-text.png
IP 51.210.32.132:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /V9rgBqw/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 21:07:50 GMT
content-type: image/png
content-length: 4298
last-modified: Mon, 18 Oct 2021 19:35:41 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
donathitam.my.id/
20.59.108.222200 OK 45 kB IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source, Unicode text, UTF-8 text, with very long lines (6242), with CRLF line terminators
Hash 400d7dbbae87768ed0e75a5859aadee4
3bf47c0c355abc15b3b05c41e7eaec295ac04080
f429fcfcef913dd7698baed9c921730980b751ccd501a073302488c0568f0ceb
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET / HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sabunputih.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:50 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
i.postimg.cc/pV8Q4L9L/footer-img.png
141.94.200.42200 OK 14 kB URL HTTP/2 i.postimg.cc/pV8Q4L9L/footer-img.png
IP 141.94.200.42:0
File type PNG image data, 669 x 99, 8-bit/color RGBA, non-interlaced\012- data
Hash d8e7ade119fece88de74909f9625a4f4
fcd55a597136e98a1ef13fb4ec78b5fdfe5ddffb
49c48ca56906e272d341083c726fc29a7304b7e66647ffd08b4ce7edd67430b4
GET /pV8Q4L9L/footer-img.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 21:07:50 GMT
content-type: image/png
content-length: 14457
last-modified: Sun, 26 Dec 2021 01:40:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/SxQ04Qn4/navbar-logo.png
141.94.200.42200 OK 177 kB URL HTTP/2 i.postimg.cc/SxQ04Qn4/navbar-logo.png
IP 141.94.200.42:0
File type PNG image data, 1074 x 800, 8-bit/color RGBA, non-interlaced\012- data
Size 177 kB (177317 bytes)
Hash d2d4c42a8bef48daa7c8151a838870c9
7ad25c9e369e069f97093188699bd58a2b298888
a817051e4bb4f6a94ffc632b32ba786440fb33f2028b99a83c836631299ff587
GET /SxQ04Qn4/navbar-logo.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 21:07:50 GMT
content-type: image/png
content-length: 177317
last-modified: Tue, 22 Mar 2022 04:46:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
donathitam.my.id/js-zone/main-zone.js
20.59.108.222200 OK 610 B URL HTTP/1.1 donathitam.my.id/js-zone/main-zone.js
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (316)
Hash 61c46dba509ed4003d18053b613edb39
f20c38330a2dd1ec8fae7f53220d8a3a5cff8177
6a66a6f467e40c2ef0c8f0c6c77ff558538b20a4f9f0ce7c9c31331df5bf4b9e
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/main-zone.js HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:50 GMT
Server: Apache
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Accept-Ranges: bytes
Content-Length: 610
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
donathitam.my.id/css-zone/facebook.css
20.59.108.222200 OK 3.8 kB URL HTTP/1.1 donathitam.my.id/css-zone/facebook.css
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash dcba42d7ea50a7706ca4446348e7695c
047682d0bd797f82e3c84b7de82fa10c75873c38
8d64eab0c3ffcdcbb10224d6562060dc6bf87c3f5d2e93e489308d8af702479e
Analyzer Verdict Alert openphish Tencent
GET /css-zone/facebook.css HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:50 GMT
Server: Apache
Last-Modified: Fri, 24 Jun 2022 17:52:08 GMT
Accept-Ranges: bytes
Content-Length: 3767
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
donathitam.my.id/css-zone/twitter.css
20.59.108.222200 OK 2.5 kB URL HTTP/1.1 donathitam.my.id/css-zone/twitter.css
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 39ee5453156501fa828fb59c8fae9f8a
4b1a92f38e91435613041aca21913ded7c2857da
15382d40a988eb9b41e8dca3a1df9e1cce8b5c397fa63189c99e47cecd2b9e66
Analyzer Verdict Alert openphish Tencent
GET /css-zone/twitter.css HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:50 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 07:46:08 GMT
Accept-Ranges: bytes
Content-Length: 2542
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
donathitam.my.id/js-zone/jquery.js
20.59.108.222200 OK 2.3 kB URL HTTP/1.1 donathitam.my.id/js-zone/jquery.js
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type exported SGML document, ASCII text, with very long lines (1757)
Hash 27335de838e10bf2a4b4d5999c517d76
83b660b19244c170d715f4da30013cf57284682b
e654612977b4226247e6dacd00df39e20942b906c9aed2fe405da0de47af6e91
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/jquery.js HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:50 GMT
Server: Apache
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Accept-Ranges: bytes
Content-Length: 2253
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
donathitam.my.id/index_files/gift-zone.js
20.59.108.222200 OK 1.6 kB URL HTTP/1.1 donathitam.my.id/index_files/gift-zone.js
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 8a7070c37555b088456c76ce726411b4
4881f93f412d44adc3a5c7545066e2b31788f0c4
62aef8e3cbee29c420f1f4d7e57078698071ddde9f2b96050a5d2eac8c67422c
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /index_files/gift-zone.js HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:50 GMT
Server: Apache
Last-Modified: Fri, 12 Aug 2022 21:19:52 GMT
Accept-Ranges: bytes
Content-Length: 1643
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
donathitam.my.id/js-zone/showHide.js
20.59.108.222200 OK 1.1 kB URL HTTP/1.1 donathitam.my.id/js-zone/showHide.js
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash d3e46c4a7d95270da519489746521b1a
5f5a383b6a1a635695e2c72aace79363708f82be
8023fc37af7de956061342860b38dd1646ce1f1fa7ecc2ce703e2b544b2bd283
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/showHide.js HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:50 GMT
Server: Apache
Last-Modified: Thu, 04 Aug 2022 07:48:42 GMT
Accept-Ranges: bytes
Content-Length: 1075
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
donathitam.my.id/js-zone/slider.js
20.59.108.222200 OK 588 B URL HTTP/1.1 donathitam.my.id/js-zone/slider.js
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with CRLF line terminators
Hash 2164c6d5165fe540ed4889f6396ae32b
e0a83804b1872a933d8398195c860861990d08fa
20087c03a5deb12faebad778ee76e59d846595b075de68810b366db32ffcee56
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/slider.js HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:50 GMT
Server: Apache
Last-Modified: Wed, 12 Jan 2022 17:59:22 GMT
Accept-Ranges: bytes
Content-Length: 588
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
donathitam.my.id/index_files/jquery.min.js.download
20.59.108.222200 OK 87 kB URL HTTP/1.1 donathitam.my.id/index_files/jquery.min.js.download
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /index_files/jquery.min.js.download HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:50 GMT
Server: Apache
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Accept-Ranges: bytes
Content-Length: 86927
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
donathitam.my.id/index_files/css
20.59.108.222200 OK 62 kB URL HTTP/1.1 donathitam.my.id/index_files/css
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (1116)
Hash 755df17a408beddb747e36f27ae4dedc
53daa61ef477c0badec68fa8942cb5ffce0c38b0
a2db023c6c27693f044211498c952a94f002c75b80926bde95c24d5dbab187f4
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /index_files/css HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:50 GMT
Server: Apache
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Accept-Ranges: bytes
Content-Length: 62268
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
donathitam.my.id/css-zone/animate.css
20.59.108.222200 OK 78 kB URL HTTP/1.1 donathitam.my.id/css-zone/animate.css
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 8eae1a9cfafdc593321d4d59ec4905ea
232f5f3f4c3a0a56823e0e933f9c7fec3aa9cbcc
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab
Analyzer Verdict Alert openphish Tencent
GET /css-zone/animate.css HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:50 GMT
Server: Apache
Last-Modified: Sat, 28 May 2022 13:12:30 GMT
Accept-Ranges: bytes
Content-Length: 77906
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.pubgmobile.com/common/images/icon_logo.jpg
23.36.76.250200 OK 982 kB URL HTTP/2 www.pubgmobile.com/common/images/icon_logo.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, baseline, precision 8, 1024x1024, components 3\012- data
Size 982 kB (982437 bytes)
Hash b83d8d3e9beecfac081f4e742d27661c
448330670bef8c2ee17baf6d2410ca974341cb88
5899c82b2f0563679a9c1ee79b5b28f2545864d95c7627c1a70e36a2f034497d
GET /common/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sabunputih.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 982437
last-modified: Mon, 30 Nov 2020 12:10:45 GMT
etag: "5fc4e145-efda5"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=136
expires: Tue, 27 Sep 2022 21:10:07 GMT
date: Tue, 27 Sep 2022 21:07:51 GMT
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 36 kB URL HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (30837)
Hash 01600263c66990781ca831be8e2e7237
42e0c9184aa4ff52ec9f2548ff360a20c308c7a0
0bec70edd94890a054611535ed9d7dca3ab67f56761862270c07de54c539cd8b
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://donathitam.my.id
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 21:07:50 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 08/20/2022 02:30:56
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b5d00a9bbe93917fbdc43e8479943858
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7517360e9a520afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
donathitam.my.id/img/reward/4.png
20.59.108.222200 OK 17 kB URL HTTP/1.1 donathitam.my.id/img/reward/4.png
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash 72615c2c7ecb6c5f4a3594989977942a
ab838b0534be5e1ea1cecfb5320d4bc42010a2fc
2f4ffd63fd3649017bd1081dd82778e330d623902bb7be8e0fd48330c8728a1e
Analyzer Verdict Alert openphish Tencent
GET /img/reward/4.png HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Sat, 03 Sep 2022 05:23:36 GMT
Accept-Ranges: bytes
Content-Length: 17186
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
www.pubgmobile.com/en/images/nav_menu.svg
23.36.76.250200 OK 426 B URL HTTP/2 www.pubgmobile.com/en/images/nav_menu.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Hash 76f5753e4fe160785df31ef342ada1c1
a78cc3e318b79b7fe5e7eb8df11683706b518e8f
52c48564638e7f165f23fae7f76b72d07905f2179ff659b939bfab7ec8b82a26
GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 27 Sep 2022 21:07:51 GMT
content-length: 426
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_download.svg
23.36.76.250200 OK 485 B URL HTTP/2 www.pubgmobile.com/en/images/nav_download.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (999), with no line terminators
Hash 105955f14143a23be57cadef8e91950e
98cc1e76113b4b2a2a77805bb1f1d6b364344d88
b85bdfd2887c4fe7681cae97896e604e74d27f150feb49598e1e7efebd3c6fc2
GET /en/images/nav_download.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:17 GMT
etag: "62387c81-3ef"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 27 Sep 2022 21:07:51 GMT
content-length: 485
X-Firefox-Spdy: h2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
23.36.76.250200 OK 75 kB URL HTTP/2 www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Hash 92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
unused62: 8096267
cache-control: max-age=300
expires: Tue, 27 Sep 2022 21:12:51 GMT
date: Tue, 27 Sep 2022 21:07:51 GMT
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_language.svg
23.36.76.250200 OK 675 B URL HTTP/2 www.pubgmobile.com/en/images/nav_language.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Hash 77e7b8dcd13159c59219706782b1a897
a3c73409a8e9841a00b771d96ce6cb0ce76d222e
4f61e0a210a58bdf43f8a93bf658275291e6a16979f8090c0731f06b6fb3c5a4
GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 27 Sep 2022 21:07:51 GMT
content-length: 675
X-Firefox-Spdy: h2
donathitam.my.id/img/reward/5.png
20.59.108.222200 OK 30 kB URL HTTP/1.1 donathitam.my.id/img/reward/5.png
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash 8825da92670b3fb030989789b8584def
c518aa8cc62130d6b27cc4a23ab4763112586974
dd42f9e53e020a3875da9314ac6d45e62327afd02130b038c44426e220eec7cd
Analyzer Verdict Alert openphish Tencent
GET /img/reward/5.png HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Sat, 03 Sep 2022 05:23:36 GMT
Accept-Ranges: bytes
Content-Length: 30065
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
donathitam.my.id/img/reward/2.png
20.59.108.222200 OK 55 kB URL HTTP/1.1 donathitam.my.id/img/reward/2.png
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash 5dc04adf5eedff23a1120620d575e1d5
da53f8a22aa7227b6c74d7fe9db48be7d4686706
64be0bd1715e46e24950853b1ac1ef6fc191de2ac7e07b31ea9e8a185f456eff
Analyzer Verdict Alert openphish Tencent
GET /img/reward/2.png HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Sat, 03 Sep 2022 05:23:36 GMT
Accept-Ranges: bytes
Content-Length: 55087
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
donathitam.my.id/img/reward/6.png
20.59.108.222200 OK 28 kB URL HTTP/1.1 donathitam.my.id/img/reward/6.png
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash 0415eba484629c23fe4be9cab3348673
19a60f9bff63296e3955496ec1332654a90f4e15
0fe08bbda28becc2634b1f1cf5dcc4723e727d1f73f463b6ee26052eb14280e7
Analyzer Verdict Alert openphish Tencent
GET /img/reward/6.png HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Sat, 03 Sep 2022 05:23:36 GMT
Accept-Ranges: bytes
Content-Length: 28098
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
donathitam.my.id/img/reward/3.png
20.59.108.222200 OK 32 kB URL HTTP/1.1 donathitam.my.id/img/reward/3.png
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 480 x 480, 8-bit colormap, non-interlaced\012- data
Hash 9f07be59e3ec25f0734a09d21c36de7d
8ec9f04373f7279ed58f7ae2b6721f15c8780a44
bf295a8d7776366a23cd43ab845d37c4d5e301ced7ef4f9497a520240948c79c
Analyzer Verdict Alert openphish Tencent
GET /img/reward/3.png HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Sat, 03 Sep 2022 05:23:36 GMT
Accept-Ranges: bytes
Content-Length: 32547
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
donathitam.my.id/js-zone/zero-zone.js
20.59.108.222200 OK 861 B URL HTTP/1.1 donathitam.my.id/js-zone/zero-zone.js
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type exported SGML document, ASCII text, with very long lines (612)
Hash e2fa33d030064bc3c6e44da71cf39659
4907034831c9244c5bce315c3aabbbbdf06cd687
b6b1475306c19ac27e78c3483123346379ea4a356ad9bf0d01319cee2b8f30c6
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/zero-zone.js HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Accept-Ranges: bytes
Content-Length: 861
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
donathitam.my.id/js-zone/alert-zone.js
20.59.108.222200 OK 121 kB URL HTTP/1.1 donathitam.my.id/js-zone/alert-zone.js
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (64301)
Size 121 kB (120664 bytes)
Hash 2d8819d4b15ffe076a804a074e0229da
0e76d42421e78a58d71c99e233335f39b8b47645
b49a2dab55008d7ba1277b3adbb0b5f590f9b3ee25e3e89a9d78696efd262dde
Analyzer Verdict Alert openphish Tencent
fortinet Phishing
GET /js-zone/alert-zone.js HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Fri, 22 Apr 2022 11:48:20 GMT
Accept-Ranges: bytes
Content-Length: 120664
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
donathitam.my.id/img/draw.png
20.59.108.222200 OK 13 kB URL HTTP/1.1 donathitam.my.id/img/draw.png
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 175 x 175, 8-bit colormap, non-interlaced\012- data
Hash e365d0c4c4dee465acd6faa2b48983ef
feb2f8e6fc02c007cb893701a969368e7e8e2b0a
d5b48033f5533cb5048eabf17a5eaf5d37f282ecd10dddd6d077397644e08331
Analyzer Verdict Alert openphish Tencent
GET /img/draw.png HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Sat, 03 Sep 2022 05:23:36 GMT
Accept-Ranges: bytes
Content-Length: 13032
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3724
Expires: Tue, 27 Sep 2022 22:09:55 GMT
Date: Tue, 27 Sep 2022 21:07:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3724
Expires: Tue, 27 Sep 2022 22:09:55 GMT
Date: Tue, 27 Sep 2022 21:07:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3724
Expires: Tue, 27 Sep 2022 22:09:55 GMT
Date: Tue, 27 Sep 2022 21:07:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3724
Expires: Tue, 27 Sep 2022 22:09:55 GMT
Date: Tue, 27 Sep 2022 21:07:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Lgk0Wfp2D_s6Hw283xY6Us2OQrDmZGSsIcusJ_Nuz5hftqHdTjs6zg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:02:29 GMT
age: 322
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 84304
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 83913
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 70919
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 46e31aa06b8e86a9a5f9ba1cc3feca08
75df3341e30281fcbf78c7074980356fdf0be8e2
d1fd4f81b7e0f43de960f0ee024d9e87bcb395f032a4ab0360e3829d1ec8a42b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F63a7aeb3-999a-4e57-9255-c40e0376d08e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5319
x-amzn-requestid: d4c13fa8-eb03-4abf-9516-b74eac712b87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreHL5IAMFcOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-487923453bd27d6a744b5a31;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gGfaq_dx7NIHH43-iNn0Ah61HRLT8H3NxPGVoDvkKgBgy8zJWYwRuw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 83913
etag: "75df3341e30281fcbf78c7074980356fdf0be8e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 72116
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
donathitam.my.id/css-zone/style-zone.css
20.59.108.222200 OK 26 kB URL HTTP/1.1 donathitam.my.id/css-zone/style-zone.css
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (411), with CRLF line terminators
Hash 420d5a3bac99faa8b404f1dc64f408b2
75cc65b16328ddf6951775403a5b87135defd538
f39ae2877301373d8bee6a73423b5d0fb5bb4299057b1aaee0bd924900febb1f
Analyzer Verdict Alert openphish Tencent
GET /css-zone/style-zone.css HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Tue, 16 Aug 2022 13:01:32 GMT
Accept-Ranges: bytes
Content-Length: 26304
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/css
donathitam.my.id/css-zone/zero-zone.css
20.59.108.222200 OK 5.2 kB URL HTTP/1.1 donathitam.my.id/css-zone/zero-zone.css
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 2bddde371eb791f9c3e9eb5dc6eb941a
68ae470723bc948f9ff4a8ab57914acef9e377ff
58b2516d282cc61b53f32029c244fc53791a4d19333e6c7ec79db5f1545705f0
Analyzer Verdict Alert openphish Tencent
GET /css-zone/zero-zone.css HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Fri, 12 Aug 2022 22:53:02 GMT
Accept-Ranges: bytes
Content-Length: 5162
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
i.postimg.cc/02KwtTc7/footer-bg.jpg
141.94.200.42200 OK 12 kB URL HTTP/2 i.postimg.cc/02KwtTc7/footer-bg.jpg
IP 141.94.200.42:0
File type JPEG image data, progressive, precision 8, 579x800, components 3\012- data
Hash 27b8ceba13cb26a4ac6951cecdd4a5d3
accbec4f1b6038f0bcd2032da80c2ee342033d2e
d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f
GET /02KwtTc7/footer-bg.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 21:07:51 GMT
content-type: image/jpeg
content-length: 11651
last-modified: Wed, 23 Mar 2022 19:15:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 21:07:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Hash b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v15/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://donathitam.my.id
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 20:23:43 GMT
expires: Thu, 21 Sep 2023 20:23:43 GMT
cache-control: public, max-age=31536000
age: 521048
last-modified: Wed, 27 Apr 2022 17:05:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8d2072f2773e877aae4831172677d337
3c44056c16efdea3399a097cbf0ecac0ced2cac6
829d1a76a9f7a42937b26140fe508280a25e88a5d427406903d3b3e8a6fbbe3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "829D1A76A9F7A42937B26140FE508280A25E88A5D427406903D3B3E8A6FBBE3A"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7590
Expires: Tue, 27 Sep 2022 23:14:21 GMT
Date: Tue, 27 Sep 2022 21:07:51 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 21:07:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Teko&display=swap
142.250.74.10200 OK 105 kB URL HTTP/2 fonts.googleapis.com/css2?family=Teko&display=swap
IP 142.250.74.10:0
Size 105 kB (105243 bytes)
Hash fc5097029eee7a12a8cf8a256a12f6af
96cfec318b56fbe318f06a1f96ecf41b05c75de1
8dc3fe671d3022f5c4a5071090b4bcae485c8ef84afb539ef776d97441eded25
GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 21:07:50 GMT
date: Tue, 27 Sep 2022 21:07:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
donathitam.my.id/img/subheader1.png
20.59.108.222200 OK 32 kB URL HTTP/1.1 donathitam.my.id/img/subheader1.png
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x256, components 3\012- data
Hash 49538c67cfd93f6c02b4348161b63829
1f2642b38710979eca90020ba60afeb7e718b96c
351faf0a8881e53c115f61e09f74ec735e5e686506c57d75fe23e28756808e85
Analyzer Verdict Alert openphish Tencent
GET /img/subheader1.png HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/css-zone/style-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Sat, 03 Sep 2022 05:23:36 GMT
Accept-Ranges: bytes
Content-Length: 31990
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
donathitam.my.id/img/container.jpg
20.59.108.222200 OK 173 kB URL HTTP/1.1 donathitam.my.id/img/container.jpg
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1600x1136, components 3\012- data
Size 173 kB (172955 bytes)
Hash 3b780e3e1de259a6faba67a7f2e10fdf
c6c67b3627bda41eae19ba48f0110d32f5a06c70
74e317ea2daa740c05b24cbd3bba45df07a1b687886deb972d6ff8cdb47c49f9
Analyzer Verdict Alert openphish Tencent
GET /img/container.jpg HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/css-zone/style-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Sat, 03 Sep 2022 05:23:36 GMT
Accept-Ranges: bytes
Content-Length: 172955
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
donathitam.my.id/img/bg.png
20.59.108.222200 OK 28 kB URL HTTP/1.1 donathitam.my.id/img/bg.png
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 802x1280, components 3\012- data
Hash 2291314eeb6573e098fab0a0773ea98d
a009e9f8a1e4bd2bb55a2368ed40656ceb19f13d
37982fc24780650b9b39d78e71803e7b5aa456de9a791d1d64843d3514dc1d5e
Analyzer Verdict Alert openphish Tencent
GET /img/bg.png HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/css-zone/style-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Sat, 03 Sep 2022 05:23:36 GMT
Accept-Ranges: bytes
Content-Length: 27482
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
donathitam.my.id/img/item.png
20.59.108.222200 OK 1.8 kB URL HTTP/1.1 donathitam.my.id/img/item.png
IP 20.59.108.222:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 700 x 458, 1-bit colormap, non-interlaced\012- data
Hash 1cd3644f1e43a586db48777cac4df135
8695b4c71c6d6a3e4b1d6febe800688277729859
09cf3a653a29789193bdf3273da3a85c1ba435e82a82408ce38406482ed043be
Analyzer Verdict Alert openphish Tencent
GET /img/item.png HTTP/1.1
Host: donathitam.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/css-zone/zero-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 21:07:51 GMT
Server: Apache
Last-Modified: Sat, 03 Sep 2022 05:23:36 GMT
Accept-Ranges: bytes
Content-Length: 1766
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
l.top4top.io/m_1725u5z7i1.mp3
65.21.235.194206 Partial Content 20 kB URL HTTP/2 l.top4top.io/m_1725u5z7i1.mp3
IP 65.21.235.194:0
ASN #24940 Hetzner Online GmbH
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
Analyzer Verdict Alert fortinet Malware
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Tue, 27 Sep 2022 21:07:51 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 28 Sep 2022 20:44:31 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Tue, 27 Sep 2022 23:07:51 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
www.pubgmobile.com/en/images/nav_shop.svg
23.36.76.250200 OK 526 B URL HTTP/2 www.pubgmobile.com/en/images/nav_shop.svg
IP 23.36.76.250:0
ASN #20940 Akamai International B.V.
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (985), with no line terminators
Hash ad0548f5478991acc360e6464247e82a
40e3e327eebfc39a8e45b1aa46b725d65390cdcc
6654577abe5f4be7b3f9089fa76e5f746c8d0f5c7eae1cc8202a94fae1193fe3
GET /en/images/nav_shop.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-3e1"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 27 Sep 2022 21:07:51 GMT
content-length: 526
X-Firefox-Spdy: h2
a.top4top.io/m_1725zobal2.mp3
51.159.64.45206 Partial Content 18 kB URL HTTP/2 a.top4top.io/m_1725zobal2.mp3
IP 51.159.64.45:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
Analyzer Verdict Alert fortinet Malware
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Tue, 27 Sep 2022 21:07:51 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 28 Sep 2022 20:44:31 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Tue, 27 Sep 2022 23:07:51 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ff2dbdbf6d450f0d9774777b3c5aa6e
2f7876bd0e4b52aa04ccf1c2a45359156eaefb97
4c2184b8150834adf1e9ec807f3175b6fcd574920a98c857db2cfb01b78da2fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbde62996-d83a-4f97-a8ad-f7719aff0bff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7701
x-amzn-requestid: 63bfd7b5-f18e-4396-99a8-fb24dee1ee0c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGCmmGswoAMF2zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324af6-04fa1b18525182b7213f844c;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:59:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KT47E-2_0O70MgMbGzSjvVaFrWwQybXKo_dkWMw2vnqBElOZtT_Big==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
age: 72123
etag: "2f7876bd0e4b52aa04ccf1c2a45359156eaefb97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/3.3.7/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://sabunputih.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 21:07:49 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 2021-04-23 06:29:02
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 6a91d2c867066733b6d92a7a528c5c2e
cdn-cache: HIT
cf-cache-status: HIT
age: 12423206
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7517360a7f541bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
g.top4top.io/m_2246xtcs10.mp3
163.172.24.234206 Partial Content 0 B URL HTTP/2 g.top4top.io/m_2246xtcs10.mp3
IP 163.172.24.234:0
Analyzer Verdict Alert fortinet Malware
GET /m_2246xtcs10.mp3 HTTP/1.1
Host: g.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://donathitam.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 206 Partial Content
server: nginx
date: Tue, 27 Sep 2022 21:07:52 GMT
content-type: audio/mpeg
content-length: 132739
set-cookie: klj_40d147_downloads=qnriu; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Wed, 28 Sep 2022 20:44:32 GMT
last-modified: Thu, 24 Feb 2022 14:21:08 GMT
content-disposition: inline; filename="nizam.mp3"
etag: "62179454-20683"
expires: Tue, 27 Sep 2022 23:07:52 GMT
cache-control: max-age=7200
x-file-id: x44778774x
content-range: bytes 0-132738/132739
X-Firefox-Spdy: h2