Report - 157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri

Report Overview

Visited public
2023-11-04 18:54:07
Tags
URL
157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri
Finishing URL
157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
IP / ASN
157.230.246.42
#14061 DIGITALOCEAN-ASN
Title
Sex Bersama Keponakan Sendiri | Cerita Sex Bahasa Indonesia

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
157.230.246.42	unknown	unknown	2019-08-21 03:57:14	2019-08-21 03:57:14	14 kB	335 kB	157.230.246.42
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-04 13:05:27	440 B	1.4 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-04 12:53:38	1.4 kB	126 kB	216.58.207.227
c303.pw	unknown	unknown	2016-10-13 18:41:37	2023-03-28 18:17:16	787 B	422 kB	172.67.178.134
0.gravatar.com	6977	2004-07-15	2012-05-21 09:08:47	2023-11-04 06:17:37	846 B	1.8 kB	192.0.73.2

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-04 18:53:51	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-11-04 18:53:51	medium	Client IP	Internal IP	ET DNS Query to a *.pw domain - Likely Hostile
2023-11-04 18:53:51	low	Client IP	172.67.178.134	ET INFO HTTP Request to a *.pw domain
2023-11-04 18:53:52	low	Client IP	172.67.178.134	ET INFO HTTP Request to a *.pw domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed
2023-11-04	medium	157.230.246.42	Sinkholed

ThreatFox

No alerts detected

JavaScript (17)

	URL	From	Size	First Seen	Last Seen
	157.230.246.42/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp	ScriptElement	97 kB	2023-03-07	2025-04-25
Pretty URL 157.230.246.42/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-25 01:14 Times Seen6452 Hash 49edccea2e7ba985cadc9ba0531cbed1 f8747f8ee704d9af31d0950015e01d3f9635b070 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Loading...

	157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/owl.carousel/js/owl.carousel.min.js?ver=2.2.1	ScriptElement	43 kB	2023-03-07	2025-04-24
Pretty URL 157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/owl.carousel/js/owl.carousel.min.js?ver=2.2.1 IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-04-24 15:18 Times Seen961 Hash 56b28ad35f1816c6894b14190a0a006d 967ceaa9e6f67e636d818f42b4d5d15c7a4a254e b5757aa153f991c82c949e638c56b4913042196240f3a41cec5a40c3366d1bdd Loading...

	157.230.246.42/wp-includes/js/masonry.min.js?ver=3.3.2	ScriptElement	29 kB	2023-03-07	2025-03-19
Pretty URL 157.230.246.42/wp-includes/js/masonry.min.js?ver=3.3.2 IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23 Last Seen2025-03-19 03:53 Times Seen85 Hash d58f7afc0296717c2a7a93b01b569b40 c8e3d801d7d916c8f9b18ed61500bc287c6bc41c 047ff7cfd5956ecf06bd9fc9fd123772f2c5825cce3d124418ba418d540a5b98 Loading...

	157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/	ScriptElement	181 B	2023-03-29	2024-08-20
Pretty URL 157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/ IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 23:36 Last Seen2024-08-20 20:54 Times Seen1 Hash 77fc1e9ed523c19302d08738630a94f3 5621cb07228a4b1d21df011096d54377baad29c9 32e3cb04f277cc438ae2122280cbc08c302ead7f80327c0c3842bcf25fdf1bbd Loading...

	157.230.246.42/wp-content/themes/ceritasexhot-net/assets/js/skip-link-focus-fix.js?ver=20151215	ScriptElement	913 B	2023-03-07	2025-04-24
Pretty URL 157.230.246.42/wp-content/themes/ceritasexhot-net/assets/js/skip-link-focus-fix.js?ver=20151215 IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03 Last Seen2025-04-24 12:36 Times Seen206 Hash c29b9c67eb69f593acfce7cec1b34f7c 17933de3b676638ed0525f7fd56b0e8e2c5417d5 9d0e1c0dcd908c46d13404d733ba76ff92427f32e66f455cc4c2370d17a2d535 Loading...

	157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/parallax/parallax.min.js?ver=1.5.0	ScriptElement	6.9 kB	2023-03-07	2025-04-22
Pretty URL 157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/parallax/parallax.min.js?ver=1.5.0 IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11 Last Seen2025-04-22 17:21 Times Seen23 Hash b54f8d862e49002905c6a5be54a01201 cdb4a95d406368cbd90db482614f6619dd447f19 983a210700fa13b615bbc7523a9dd40e8ff79cb9dd0d2cc67b0400c1b6e90477 Loading...

	157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/	ScriptElement	2.2 kB	2024-08-20	2024-08-20
Pretty URL 157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/ IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 20:54 Last Seen2024-08-20 20:54 Times Seen1 Hash 01245fa5d741ae99e1d3ed84a98495e1 4561df599052e23009a39d5ee2d7f51c5899548b 91377d2c5f74789465a8975fb8b55c0c990b489d4d76fa3e25df3211babc6614 Loading...

	157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/	ScriptElement	118 B	2023-03-29	2024-08-20
Pretty URL 157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/ IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 23:36 Last Seen2024-08-20 20:54 Times Seen1 Hash 1733324f78ae176fb0376aeb042bd542 c9918b0d2c4c26044b9891164acd92ec42432205 44409af42ea24ed60cdcc015f7bdef90b180c6aa761f1790cc642b32d877f9eb Loading...

	157.230.246.42/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1	ScriptElement	10 kB	2023-03-07	2025-04-25
Pretty URL 157.230.246.42/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-04-25 01:14 Times Seen14902 Hash 7121994eec5320fbe6586463bf9651c2 90532aff6d4121954254cdf04994d834f7ec169b 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d Loading...

	157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/	ScriptElement	383 B	2023-03-29	2024-08-20
Pretty URL 157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/ IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 23:36 Last Seen2024-08-20 20:54 Times Seen1 Hash 7d576c3ec5f9f0b7e18bfc9e8dddecf5 406923564cdf7f8cdd73b4ceb62eb09f4dabef1e e054b8d648b8224cbddcaed70098954d47b2457d0b0d746d5b36a7e675c3782c Loading...

	157.230.246.42/wp-includes/js/imagesloaded.min.js?ver=3.2.0	ScriptElement	8.1 kB	2023-03-07	2025-04-13
Pretty URL 157.230.246.42/wp-includes/js/imagesloaded.min.js?ver=3.2.0 IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23 Last Seen2025-04-13 03:58 Times Seen189 Hash b89ed002fd8fa08062ac8018e5416432 8196c522a7a1a506dde696f68de76c1658a61610 afbd6d3dbf677900ec3d80e8057a7b9f93f72e5971494ed7ce7a4be1cb7c9ae8 Loading...

	157.230.246.42/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b	ScriptElement	1.8 kB	2023-03-07	2025-04-25
Pretty URL 157.230.246.42/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07 Last Seen2025-04-25 01:18 Times Seen4443 Hash cd0eb3406096ff80266e7c9d7d419186 0e3709691bf96233766de30e2fd473b84166c5b6 c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25 Loading...

	157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/sandbox%20eval%20code		147 B	2023-04-11	2025-04-25
Pretty URL 157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-04-25 05:05 Times Seen337749 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-04-25
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-04-25 05:05 Times Seen336950 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	157.230.246.42/wp-includes/js/wp-emoji-release.min.js?ver=5.4.14	ScriptElement	14 kB	2023-03-07	2025-04-25
Pretty URL 157.230.246.42/wp-includes/js/wp-emoji-release.min.js?ver=5.4.14 IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-04-25 01:14 Times Seen1028 Hash c8d5a4cd14632bc2bdf15b5e45ca9d4d cdf210b710c2792eda450a1a11e5dc1f8dae8594 956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694 Loading...

	157.230.246.42/wp-content/themes/ceritasexhot-net/assets/js/main.min.js?ver=1.0.0	ScriptElement	4.3 kB	2023-03-29	2023-11-04
Pretty URL 157.230.246.42/wp-content/themes/ceritasexhot-net/assets/js/main.min.js?ver=1.0.0 IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:36 Last Seen2023-11-04 19:54 Times Seen1 Hash c08f3a4f5d7732802c8373e733d903ff 5e031d3a457414297a4a65cc27a483349fef1c59 9ddf6d6f9961393a9188d7b1206e0b9f4abd073df74a717bd6d2b287c55dbe9b Loading...

	157.230.246.42/wp-includes/js/wp-embed.min.js?ver=5.4.14	ScriptElement	1.5 kB	2023-05-16	2025-04-25
Pretty URL 157.230.246.42/wp-includes/js/wp-embed.min.js?ver=5.4.14 IP 157.230.246.42 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-16 22:22 Last Seen2025-04-25 03:36 Times Seen6212 Hash 7c5c36baa69fcdb57bd891cda90920b3 9d8b3df7a4fa2968403290d69a60b2eab20734f5 6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd Loading...

HTTP Transactions (42)

URL IP Response Size

157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri

157.230.246.42

301 Moved Permanently

0 B

URL User Request GET HTTP/1.1
157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /2020/06/30/sex-bersama-keponakan-sendiri HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Nov 2023 18:53:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.4.4RC1
Vary: Accept-Encoding,Cookie
X-Redirect-By: WordPress
Location: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Cache-Control: max-age=3600
Expires: Sat, 04 Nov 2023 19:53:49 GMT

fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext

142.250.74.106

200 OK

872 B

URL GET HTTP/1.1
fonts.googleapis.com/css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext
IP
142.250.74.106:80
ASN
#15169 GOOGLE

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text
Size
872 B (872 bytes)
Hash
c4d238d22efdc849d4c346bace8e2a7e
f382d0a5f1073cb1d0a6d1403686d0968434b77c
e070a27523e7fb9cfa6b408726ce484e9bd7f9b9874001c236dfe7e7b1062d3e

HTTP Headers

GET /css?family=Open+Sans%3A400%2C700%2C300%2C400italic%2C700italic%7COpen+Sans%3A400%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 04 Nov 2023 18:53:50 GMT
Date: Sat, 04 Nov 2023 18:53:50 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

157.230.246.42

16 kB

URL User Request GET
157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
IP
157.230.246.42:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3121), with CRLF, LF line terminators
Size
16 kB (15984 bytes)
Hash
e44642d2a1bb96a73bea3a3eaf89d322
be685125bba420fa5e446aa82c4c5906f11c32e1
69a9b5f40e69c95758d252aee7fd537056d514292d3294d45e45e81d82187697

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /2020/06/30/sex-bersama-keponakan-sendiri/ HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:50 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 15984
Connection: keep-alive
Keep-Alive: timeout=60
X-Powered-By: PHP/7.4.4RC1
Vary: Accept-Encoding,Cookie
Cache-Control: max-age=3, must-revalidate, max-age=3600
Content-Encoding: gzip
Expires: Sat, 04 Nov 2023 19:53:50 GMT

157.230.246.42/wp-content/themes/ceritasexhot-net/assets/js/skip-link-focus-fix.js?ver=20151215

157.230.246.42

200 OK

480 B

URL GET HTTP/1.1
157.230.246.42/wp-content/themes/ceritasexhot-net/assets/js/skip-link-focus-fix.js?ver=20151215
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with CRLF line terminators
Size
480 B (480 bytes)
Hash
c29b9c67eb69f593acfce7cec1b34f7c
17933de3b676638ed0525f7fd56b0e8e2c5417d5
9d0e1c0dcd908c46d13404d733ba76ff92427f32e66f455cc4c2370d17a2d535

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ceritasexhot-net/assets/js/skip-link-focus-fix.js?ver=20151215 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/javascript
Content-Length: 480
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Sat, 04 May 2019 14:33:08 GMT
ETag: "391-58810bef2f100-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/font-awesome/css/font-awesome.css?ver=4.7

157.230.246.42

200 OK

7.4 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/font-awesome/css/font-awesome.css?ver=4.7
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
7.4 kB (7436 bytes)
Hash
3ca12dd1acae5ea7c4e44a8a6d533aa7
5088068719110c148d952da77746464c6e9847c7
128469e7c28b40ae12e317e2d27d25fff6e477179583044360b3807da98f855d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ceritasexhot-net/assets/lib/font-awesome/css/font-awesome.css?ver=4.7 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/css
Content-Length: 7436
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Sat, 04 May 2019 14:33:08 GMT
ETag: "9226-58810bef2f100-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/owl.carousel/css/owl.carousel.min.css?ver=4.7

157.230.246.42

200 OK

954 B

URL GET HTTP/1.1
157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/owl.carousel/css/owl.carousel.min.css?ver=4.7
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with very long lines (3317), with CRLF line terminators
Size
954 B (954 bytes)
Hash
27d2d69f3c498687859cbbd419cdfba7
f6ee39bd17ad8e804541b23b9405324a2b8b1a2c
17e30673e136081c36b20484d6818fc293d25d4be7c01b3770aade9c90e8816d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ceritasexhot-net/assets/lib/owl.carousel/css/owl.carousel.min.css?ver=4.7 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/css
Content-Length: 954
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Sat, 04 May 2019 14:33:08 GMT
ETag: "d54-58810bef2f100-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-content/themes/ceritasexhot-net/style.css?ver=1.0.0

157.230.246.42

200 OK

89 B

URL GET HTTP/1.1
157.230.246.42/wp-content/themes/ceritasexhot-net/style.css?ver=1.0.0
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text
Size
89 B (89 bytes)
Hash
565ae3efb520fdb9c33191a626aff625
525e3abee56f30c564a2502b698c6d596677e7e0
1edcf15f1a6d6f79d00dd599842502022a930d36f84ff293b87cad97390df534

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ceritasexhot-net/style.css?ver=1.0.0 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/css
Content-Length: 89
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Sat, 04 May 2019 14:34:02 GMT
ETag: "5b-58810c22aea80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1

157.230.246.42

200 OK

4.0 kB

URL GET HTTP/1.1
157.230.246.42/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with very long lines (9959)
Size
4.0 kB (4014 bytes)
Hash
7121994eec5320fbe6586463bf9651c2
90532aff6d4121954254cdf04994d834f7ec169b
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/javascript
Content-Length: 4014
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 20 May 2016 06:11:28 GMT
ETag: "2748-5333ff613c400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-includes/js/wp-emoji-release.min.js?ver=5.4.14

157.230.246.42

200 OK

4.6 kB

URL GET HTTP/1.1
157.230.246.42/wp-includes/js/wp-emoji-release.min.js?ver=5.4.14
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with very long lines (10927)
Size
4.6 kB (4646 bytes)
Hash
c8d5a4cd14632bc2bdf15b5e45ca9d4d
cdf210b710c2792eda450a1a11e5dc1f8dae8594
956fa56f513e1a8025bc85f9314a1747eb061d434403393591145e4ae898c694

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.4.14 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/javascript
Content-Length: 4646
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 15 Apr 2021 12:34:46 GMT
ETag: "363c-5c00216b27739-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-includes/css/dist/block-library/style.min.css?ver=5.4.14

157.230.246.42

200 OK

7.6 kB

URL GET HTTP/1.1
157.230.246.42/wp-includes/css/dist/block-library/style.min.css?ver=5.4.14
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with very long lines (28088)
Size
7.6 kB (7642 bytes)
Hash
7d2051e6c59f3598b17877bf41637ec4
e3fbc1265f4cd1eacf83c045e4f21d5f9b92bf8d
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=5.4.14 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/css
Content-Length: 7642
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Wed, 29 Apr 2020 20:34:45 GMT
ETag: "d159-5a473e0f37123-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-content/themes/ceritasexhot-net/assets/css/lekh.css?ver=1.0.0

157.230.246.42

200 OK

18 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/themes/ceritasexhot-net/assets/css/lekh.css?ver=1.0.0
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
assembler source, Unicode text, UTF-8 text, with very long lines (328)
Size
18 kB (18301 bytes)
Hash
cb9f285eb5c236f376c9461dc2420509
47766a0e8241c7d7cf73a998a764975fbb0740eb
cb0746761462736a99852c812404e33e65299c60bc4b9dfa2bbc6d2dc6167190

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ceritasexhot-net/assets/css/lekh.css?ver=1.0.0 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/css
Content-Length: 18301
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Sun, 05 May 2019 08:13:12 GMT
ETag: "198ff-5881f8e0af600-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-content/plugins/all-in-one-seo-pack-pro/css/admin-toolbar-menu.css?ver=3.4.1

157.230.246.42

200 OK

894 B

URL GET HTTP/1.1
157.230.246.42/wp-content/plugins/all-in-one-seo-pack-pro/css/admin-toolbar-menu.css?ver=3.4.1
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with very long lines (1354)
Size
894 B (894 bytes)
Hash
bf3a09928731fd5f8f1df9bd9a721bd2
5406be491848a94c581906ca8584b3686174613a
2d090d4f80cdd8fe978baa00643d1b63aedfed91efca66b835c894451296aae7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/plugins/all-in-one-seo-pack-pro/css/admin-toolbar-menu.css?ver=3.4.1 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/css
Content-Length: 894
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Mon, 06 Apr 2020 08:21:40 GMT
ETag: "655-5a29af4e70ccf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

157.230.246.42

200 OK

34 kB

URL GET HTTP/1.1
157.230.246.42/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with very long lines (31997)
Size
34 kB (33776 bytes)
Hash
49edccea2e7ba985cadc9ba0531cbed1
f8747f8ee704d9af31d0950015e01d3f9635b070
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/javascript
Content-Length: 33776
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 17 May 2019 04:25:54 GMT
ETag: "17a69-5890dc7401880-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/1.1
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:80
ASN
#15169 GOOGLE

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://157.230.246.42
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 48432
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 31 Oct 2023 01:26:06 GMT
Expires: Wed, 30 Oct 2024 01:26:06 GMT
Cache-Control: public, max-age=31536000
Age: 408465
Last-Modified: Thu, 14 Sep 2023 00:40:31 GMT
Content-Type: font/woff2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/1.1
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:80
ASN
#15169 GOOGLE

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://157.230.246.42
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 48432
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 31 Oct 2023 01:26:06 GMT
Expires: Wed, 30 Oct 2024 01:26:06 GMT
Cache-Control: public, max-age=31536000
Age: 408465
Last-Modified: Thu, 14 Sep 2023 00:40:31 GMT
Content-Type: font/woff2

157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/parallax/parallax.min.js?ver=1.5.0

157.230.246.42

200 OK

2.3 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/parallax/parallax.min.js?ver=1.5.0
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with very long lines (6681), with CRLF line terminators
Size
2.3 kB (2326 bytes)
Hash
b54f8d862e49002905c6a5be54a01201
cdb4a95d406368cbd90db482614f6619dd447f19
983a210700fa13b615bbc7523a9dd40e8ff79cb9dd0d2cc67b0400c1b6e90477

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ceritasexhot-net/assets/lib/parallax/parallax.min.js?ver=1.5.0 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/javascript
Content-Length: 2326
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Sat, 04 May 2019 14:33:08 GMT
ETag: "1ad5-58810bef2f100-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/owl.carousel/js/owl.carousel.min.js?ver=2.2.1

157.230.246.42

200 OK

11 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/owl.carousel/js/owl.carousel.min.js?ver=2.2.1
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with very long lines (32000), with CRLF line terminators
Size
11 kB (10933 bytes)
Hash
56b28ad35f1816c6894b14190a0a006d
967ceaa9e6f67e636d818f42b4d5d15c7a4a254e
b5757aa153f991c82c949e638c56b4913042196240f3a41cec5a40c3366d1bdd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ceritasexhot-net/assets/lib/owl.carousel/js/owl.carousel.min.js?ver=2.2.1 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/javascript
Content-Length: 10933
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Sat, 04 May 2019 14:33:08 GMT
ETag: "a714-58810bef2f100-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-includes/js/imagesloaded.min.js?ver=3.2.0

157.230.246.42

200 OK

2.6 kB

URL GET HTTP/1.1
157.230.246.42/wp-includes/js/imagesloaded.min.js?ver=3.2.0
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with very long lines (7996)
Size
2.6 kB (2575 bytes)
Hash
b89ed002fd8fa08062ac8018e5416432
8196c522a7a1a506dde696f68de76c1658a61610
afbd6d3dbf677900ec3d80e8057a7b9f93f72e5971494ed7ce7a4be1cb7c9ae8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/imagesloaded.min.js?ver=3.2.0 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/javascript
Content-Length: 2575
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Mon, 06 Apr 2020 08:21:06 GMT
ETag: "1fd4-5a29af2d47d7e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-includes/js/masonry.min.js?ver=3.3.2

157.230.246.42

200 OK

8.6 kB

URL GET HTTP/1.1
157.230.246.42/wp-includes/js/masonry.min.js?ver=3.3.2
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with very long lines (28817)
Size
8.6 kB (8550 bytes)
Hash
d58f7afc0296717c2a7a93b01b569b40
c8e3d801d7d916c8f9b18ed61500bc287c6bc41c
047ff7cfd5956ecf06bd9fc9fd123772f2c5825cce3d124418ba418d540a5b98

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/masonry.min.js?ver=3.3.2 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/javascript
Content-Length: 8550
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Mon, 06 Apr 2020 08:21:06 GMT
ETag: "713c-5a29af2d43efd-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b

157.230.246.42

200 OK

716 B

URL GET HTTP/1.1
157.230.246.42/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with very long lines (1626)
Size
716 B (716 bytes)
Hash
cd0eb3406096ff80266e7c9d7d419186
0e3709691bf96233766de30e2fd473b84166c5b6
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/javascript
Content-Length: 716
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 18 Aug 2016 18:55:30 GMT
ETag: "71b-53a5d2030ec80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-content/themes/ceritasexhot-net/assets/js/main.min.js?ver=1.0.0

157.230.246.42

200 OK

1.5 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/themes/ceritasexhot-net/assets/js/main.min.js?ver=1.0.0
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with very long lines (4332), with no line terminators
Size
1.5 kB (1542 bytes)
Hash
c08f3a4f5d7732802c8373e733d903ff
5e031d3a457414297a4a65cc27a483349fef1c59
9ddf6d6f9961393a9188d7b1206e0b9f4abd073df74a717bd6d2b287c55dbe9b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ceritasexhot-net/assets/js/main.min.js?ver=1.0.0 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/javascript
Content-Length: 1542
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Sat, 04 May 2019 14:33:08 GMT
ETag: "10ec-58810bef2f100-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-includes/js/wp-embed.min.js?ver=5.4.14

157.230.246.42

200 OK

804 B

URL GET HTTP/1.1
157.230.246.42/wp-includes/js/wp-embed.min.js?ver=5.4.14
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
ASCII text, with very long lines (1443)
Size
804 B (804 bytes)
Hash
7c5c36baa69fcdb57bd891cda90920b3
9d8b3df7a4fa2968403290d69a60b2eab20734f5
6a482d2d94c0d1bc6937a1759389d01b475e6b28a0d9b5d7eaa3f9cc8f59f3cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-includes/js/wp-embed.min.js?ver=5.4.14 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/javascript
Content-Length: 804
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Tue, 16 May 2023 20:33:55 GMT
ETag: "5c6-5fbd57d83b7a1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-content/uploads/2020/09/xz4as6d4x-1-1-150x150.jpg

157.230.246.42

200 OK

4.5 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2020/09/xz4as6d4x-1-1-150x150.jpg
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Size
4.5 kB (4455 bytes)
Hash
0b108c0b55604001d80c182d0940b84c
748545de461e347275338051cd454f44cfd82c5d
1333c928ea3c1fdb9199165d2504a4232115d8d01d484b3eb6ab4e02b11ae64e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/09/xz4as6d4x-1-1-150x150.jpg HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: image/jpeg
Content-Length: 4455
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Wed, 09 Sep 2020 17:56:14 GMT
ETag: "11ba-5aee52af3c1f3-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

216.58.207.227

200 OK

27 kB

URL GET HTTP/1.1
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
IP
216.58.207.227:80
ASN
#15169 GOOGLE

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
Web Open Font Format (Version 2), TrueType, length 26640, version 1.0\012- data
Size
27 kB (26640 bytes)
Hash
2a5269c4257ebafd1110c7a7ca52a893
6d62fe7e6727de10721018e131ed30c6835f6bab
a1f50e52a7fda97827e6e3d2cd3bb2788a68a78296728fa2592be8e89d54b5b8

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://157.230.246.42
DNT: 1
Connection: keep-alive
Referer: http://fonts.googleapis.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 26640
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 31 Oct 2023 10:21:42 GMT
Expires: Wed, 30 Oct 2024 10:21:42 GMT
Cache-Control: public, max-age=31536000
Age: 376329
Last-Modified: Thu, 14 Sep 2023 01:00:59 GMT
Content-Type: font/woff2

157.230.246.42/wp-content/uploads/2020/06/0007-2-706x1024.jpg

157.230.246.42

200 OK

44 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2020/06/0007-2-706x1024.jpg
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 706x1024, components 3\012- data
Size
44 kB (43913 bytes)
Hash
79e24f35c3d33195a6f195cce58010d8
a4f9c225ccc923613d4149adb45042a920c0aae6
c76179622cf14f406d0da9d10b51a76cf06671f39309e9edcf67d524891d6a7d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/06/0007-2-706x1024.jpg HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: image/jpeg
Content-Length: 43913
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Tue, 30 Jun 2020 21:48:35 GMT
ETag: "ac97-5a9542321f0ab-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

c303.pw/benua303/daftar.html

172.67.178.134

200 OK

130 B

URL GET HTTP/1.1
c303.pw/benua303/daftar.html
IP
172.67.178.134:80
ASN
#13335 CLOUDFLARENET

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
HTML document, ASCII text
Size
130 B (130 bytes)
Hash
42ec6c9fcd7a156a53645ffc574ac1c0
0931465c8dc5b1b9bdd716cfae2a6b1087869bb2
f49c02ed55dadb5586ced79450258f658240a3d823751a18668d13d24af3afde

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.pw domain

HTTP Headers

GET /benua303/daftar.html HTTP/1.1
Host: c303.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 May 2019 15:35:57 GMT
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CS2xB1yk5xn7Pe6JtLyFInmLA%2FtGxCG58cR1kMEjlAE7YjN0C03Ye2JitXgty00IIW8YmoiFQtgpeDcy3dhgiwYDX3AH8BT7s5UvDz99Wt6oyDNrYaNyNRXJ"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 820f0fed89e9b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

157.230.246.42/wp-content/uploads/2020/06/0010-1-1-1024x644.jpg

157.230.246.42

200 OK

33 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2020/06/0010-1-1-1024x644.jpg
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1024x644, components 3\012- data
Size
33 kB (33008 bytes)
Hash
2c5824c5f3ccfebd967f3592c207747a
716051aeb083002c838a1ddfe9131caecf93d627
39a0b50aecfd964755eaa7e35a6d0ce01c411b6d00d3e32d714379e7a98631d8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/06/0010-1-1-1024x644.jpg HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: image/jpeg
Content-Length: 33008
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Tue, 30 Jun 2020 21:48:21 GMT
ETag: "835d-5a9542248ed7b-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

c303.pw/benua303/kotak.gif

172.67.178.134

200 OK

420 kB

URL GET HTTP/1.1
c303.pw/benua303/kotak.gif
IP
172.67.178.134:80
ASN
#13335 CLOUDFLARENET

Requested by
http://c303.pw/benua303/daftar.html

File type
GIF image data, version 89a, 728 x 90\012- data
Size
420 kB (420085 bytes)
Hash
6051b07ac7118d570b99add02bc84905
27861ca1e67743fd647ac35dec6e74c288cf8b4e
bb5064a08c82b2ed1504d860ee7c46aa2b9589dec913b5db4ef95375b7a803af

Detections

NIDS	Severity	Alert
suricata	low	ET INFO HTTP Request to a *.pw domain

HTTP Headers

GET /benua303/kotak.gif HTTP/1.1
Host: c303.pw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://c303.pw/benua303/daftar.html
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Nov 2023 18:53:52 GMT
Content-Type: image/gif
Content-Length: 420085
Connection: keep-alive
Last-Modified: Sat, 04 May 2019 15:35:21 GMT
ETag: "5ccdb139-668f5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
CF-Cache-Status: HIT
Age: 140127
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnDyBr2mTtUa41v0dAqZ3tra3tWNnv0BFBhIAXdmzU4fe8UzV%2FLYu8xgQ1gpOflyP1njLl2MbFEfkWcHX97Ju8A4ndHuZcgs9hnh3VTnFoF8vxtvUPwvO53V"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 820f0ff06c91b509-OSL
alt-svc: h2=":443"; ma=60

157.230.246.42/wp-content/uploads/2020/09/Nikmatnya-Ngewe-Dengan-Guru-Bahasa-Indonesiaku-150x150.jpg

157.230.246.42

200 OK

3.5 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2020/09/Nikmatnya-Ngewe-Dengan-Guru-Bahasa-Indonesiaku-150x150.jpg
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Size
3.5 kB (3472 bytes)
Hash
bae56eec340d9c640280e1d8892f5c91
37379186f593be8572fc9cf3c5c4d9d826b55fb2
0d3e07418e63594636fe862785c8f5bb381c85051660c28d9aabf0623b650191

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/09/Nikmatnya-Ngewe-Dengan-Guru-Bahasa-Indonesiaku-150x150.jpg HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Type: image/jpeg
Content-Length: 3472
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Tue, 08 Sep 2020 22:32:46 GMT
ETag: "ddc-5aed4ea08e545-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

157.230.246.42/wp-content/uploads/2020/09/a54ds6a4d-150x150.jpg

157.230.246.42

200 OK

4.8 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2020/09/a54ds6a4d-150x150.jpg
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Size
4.8 kB (4781 bytes)
Hash
3be8f8767e5f58278d12d568b8f4cf05
940a1e4555f4c888264bb13fa5027e279b37523b
1f7102b36cc3db507f8eea0c5ed5924dfc8b54be1f17b92abaaf8d618262639e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/09/a54ds6a4d-150x150.jpg HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:52 GMT
Content-Type: image/jpeg
Content-Length: 4781
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Sun, 06 Sep 2020 16:16:59 GMT
ETag: "1310-5aea76e756199-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

157.230.246.42/wp-content/uploads/2020/09/x54a54s6d-150x150.jpg

157.230.246.42

200 OK

4.5 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2020/09/x54a54s6d-150x150.jpg
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Size
4.5 kB (4466 bytes)
Hash
6181f4ac9f546547414e84326b8c7012
4dc20a70d53fc0db4550b664db0b4ef5ac878528
00a739918181b5cb7d316f73166cfcb4761a013e963b74a4a52bed1d1ccc932f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/09/x54a54s6d-150x150.jpg HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:52 GMT
Content-Type: image/jpeg
Content-Length: 4466
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 03 Sep 2020 14:25:49 GMT
ETag: "11d8-5ae698759faea-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0

157.230.246.42

200 OK

77 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/themes/ceritasexhot-net/assets/lib/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/wp-content/themes/ceritasexhot-net/assets/lib/font-awesome/css/font-awesome.css?ver=4.7
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:51 GMT
Content-Length: 77160
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Sat, 04 May 2019 14:33:08 GMT
ETag: "12d68-58810bef2f100"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:51 GMT

157.230.246.42/wp-content/uploads/2020/09/xz4das56-150x150.jpg

157.230.246.42

200 OK

2.1 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2020/09/xz4das56-150x150.jpg
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Size
2.1 kB (2145 bytes)
Hash
60056a53bae67103dff315c0f607f6ae
869eb276c173a97ae4ec804ef0180db489b479b0
2f439b6625ad9faa3b907638f154612f3e175b66544d8007be86e5100531321d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/09/xz4das56-150x150.jpg HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:52 GMT
Content-Type: image/jpeg
Content-Length: 2145
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Tue, 01 Sep 2020 16:15:53 GMT
ETag: "8af-5ae42d5505942-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

157.230.246.42/wp-content/uploads/2020/08/gfn-150x150.jpg

157.230.246.42

200 OK

3.4 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2020/08/gfn-150x150.jpg
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Size
3.4 kB (3407 bytes)
Hash
ad90620a07895beedecf497527149be7
04b23ef1899e094141dd65f49d9f73a968e73c58
ea9c45302ff5d6d391229f9600f33b44b3c4789a31cf94de5c40ab32bd2050d6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/08/gfn-150x150.jpg HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:52 GMT
Content-Type: image/jpeg
Content-Length: 3407
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Mon, 31 Aug 2020 13:09:32 GMT
ETag: "da2-5ae2c1d0406ea-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

157.230.246.42/wp-content/uploads/2020/08/CBVB-NG-150x150.jpg

157.230.246.42

200 OK

4.4 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2020/08/CBVB-NG-150x150.jpg
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Size
4.4 kB (4434 bytes)
Hash
8a48f6490c02e57b237e9ad49c070e34
a8f495ea1ce17e14c5e7b964b1bfcc4b7e7de1a8
a0897fdd3f94baa07ff59611b90335bfeab3e4b802513bc3f679555fe8e4d42b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/08/CBVB-NG-150x150.jpg HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:52 GMT
Content-Type: image/jpeg
Content-Length: 4434
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Fri, 28 Aug 2020 08:15:38 GMT
ETag: "1194-5adeba8710480-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

157.230.246.42/wp-content/uploads/2020/08/dzsv-150x150.jpg

157.230.246.42

200 OK

3.4 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2020/08/dzsv-150x150.jpg
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Size
3.4 kB (3413 bytes)
Hash
c5caccf663cc6351cb4d24260846cbfd
bd6518105cb368bf53ac0b73e7f527bb7e0e21d5
1e435691bb9d007d6cb93af206a31b326ca423a3ddaf798f84b304dec7d07cb2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/08/dzsv-150x150.jpg HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:52 GMT
Content-Type: image/jpeg
Content-Length: 3413
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 27 Aug 2020 13:20:04 GMT
ETag: "db2-5addbcb50bfcc-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

157.230.246.42/wp-content/uploads/2020/08/1321-150x150.jpg

157.230.246.42

200 OK

4.9 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2020/08/1321-150x150.jpg
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Size
4.9 kB (4891 bytes)
Hash
b5fa8a49e588894760077ad0c04c01cf
2b51a71d945134d8cb2d81bffebca2c9525735d7
22843e984df136e63cc13f0dc9c49fcba5168c90b3cadc59d1ae4d038c2a27fa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/08/1321-150x150.jpg HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:52 GMT
Content-Type: image/jpeg
Content-Length: 4891
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Tue, 25 Aug 2020 13:42:20 GMT
ETag: "1373-5adb3df518fcc-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

157.230.246.42/wp-content/uploads/2020/08/ascv-150x150.jpg

157.230.246.42

200 OK

4.4 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2020/08/ascv-150x150.jpg
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x150, components 3\012- data
Size
4.4 kB (4384 bytes)
Hash
5549e333e104444373b72dfdc52dac32
fc476bd2cfc242352bb7b2118c8ab7439c88f51d
0d6519cb8b5cd53dc185605f3d1683a8aa0947ad6ea558ca2fb413cd9b39c875

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2020/08/ascv-150x150.jpg HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:52 GMT
Content-Type: image/jpeg
Content-Length: 4384
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Mon, 24 Aug 2020 12:50:31 GMT
ETag: "116e-5ad9f081cbebc-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

0.gravatar.com/avatar/f3e945daec274c53c9eb70192646931f?s=24&d=mm&r=g

192.0.73.2

301 Moved Permanently

162 B

URL GET HTTP/1.1
0.gravatar.com/avatar/f3e945daec274c53c9eb70192646931f?s=24&d=mm&r=g
IP
192.0.73.2:80
ASN
#2635 AUTOMATTIC

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

HTTP Headers

GET /avatar/f3e945daec274c53c9eb70192646931f?s=24&d=mm&r=g HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Nov 2023 18:53:52 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://0.gravatar.com/avatar/f3e945daec274c53c9eb70192646931f?s=24&d=mm&r=g

0.gravatar.com/avatar/f3e945daec274c53c9eb70192646931f?s=24&d=mm&r=g

192.0.73.2

301 Moved Permanently

866 B

URL GET HTTP/1.1
0.gravatar.com/avatar/f3e945daec274c53c9eb70192646931f?s=24&d=mm&r=g
IP
192.0.73.2:80
ASN
#2635 AUTOMATTIC

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 24x24, components 3\012- data
Size
866 B (866 bytes)
Hash
6e5de59e307f00955f9b8dd5cfea8898
1cc625eb31e5e74d79462ea61bae50c659e71e94
2a034c62a53ed04ad902625048baac560d4524f9d41b9906064af3a5dfb5e904

HTTP Headers

GET /avatar/f3e945daec274c53c9eb70192646931f?s=24&d=mm&r=g HTTP/1.1
Host: 0.gravatar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://157.230.246.42/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 Nov 2023 18:53:52 GMT
content-type: image/jpeg
content-length: 866
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
link: <https://www.gravatar.com/avatar/f3e945daec274c53c9eb70192646931f?s=24&d=mm&r=g>; rel="canonical"
access-control-allow-origin: *
content-disposition: inline; filename="f3e945daec274c53c9eb70192646931f.png"
expires: Sat, 04 Nov 2023 18:58:52 GMT
cache-control: max-age=300
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
accept-ranges: bytes
X-Firefox-Spdy: h2

157.230.246.42/wp-content/uploads/2018/11/cropped-logo-ceritasexhot-1-192x192.png

157.230.246.42

200 OK

5.4 kB

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2018/11/cropped-logo-ceritasexhot-1-192x192.png
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Size
5.4 kB (5394 bytes)
Hash
ac3a2e7c361349989b8da924797fd459
ce85f48028d1cf7c15a44a305132cc32f16b61c2
edb610832070c70b890efe01e7e191c54b1816eae93fbbf726163fa399326eac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2018/11/cropped-logo-ceritasexhot-1-192x192.png HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:52 GMT
Content-Type: image/png
Content-Length: 5394
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 22 Nov 2018 09:16:54 GMT
ETag: "14fb-57b3d53e08d80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

157.230.246.42/wp-content/uploads/2018/11/cropped-logo-ceritasexhot-1-32x32.png

157.230.246.42

200 OK

989 B

URL GET HTTP/1.1
157.230.246.42/wp-content/uploads/2018/11/cropped-logo-ceritasexhot-1-32x32.png
IP
157.230.246.42:80
ASN
#14061 DIGITALOCEAN-ASN

Requested by
http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
989 B (989 bytes)
Hash
fac667d821702fd6830a820d4e355606
221379816a7f389f69256a4670c0eda3c202c624
a18c6c8f26f416aa05ec73aa69c3fd46ad2c6eb09ca58bdc9b8900345f9f4edd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /wp-content/uploads/2018/11/cropped-logo-ceritasexhot-1-32x32.png HTTP/1.1
Host: 157.230.246.42
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://157.230.246.42/2020/06/30/sex-bersama-keponakan-sendiri/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Nov 2023 18:53:52 GMT
Content-Type: image/png
Content-Length: 989
Connection: keep-alive
Keep-Alive: timeout=60
Last-Modified: Thu, 22 Nov 2018 09:16:54 GMT
ETag: "3da-57b3d53e08d80-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Mon, 04 Dec 2023 18:53:52 GMT
Vary: Accept-Encoding
Content-Encoding: gzip

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by