Report - infocektariflayanan.com/

Report Overview

Submitted URL
infocektariflayanan.com/
IP
20.232.123.181
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Submitted
2022-10-23 16:00:24
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
54

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
getpocket.cdn.mozilla.net	1369	2018-08-28T15:15:36Z	2023-03-09T06:10:01Z	423 B	43 kB	34.120.5.221
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
shavar.services.mozilla.com	3602	2015-09-28T08:30:01Z	2023-03-09T05:09:17Z	441 B	204 B	35.82.2.166
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	662 B	1.4 kB	142.250.74.35
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	434 B	1.7 kB	142.250.74.10
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	35.165.143.157
infocektariflayanan.com	unknown			6.6 kB	1.2 MB	20.232.123.181
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	978 B	2.7 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	329 B	796 B	93.184.220.29
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia
2022-10-23	medium	infocektariflayanan.com/	Bank Rakyat Indonesia

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-23	medium	infocektariflayanan.com/	Phishing
2022-10-23	medium	infocektariflayanan.com/	Phishing
2022-10-23	medium	infocektariflayanan.com/js/jquery.min_1.js	Phishing
2022-10-23	medium	infocektariflayanan.com/js/jquery.min_4.js	Phishing
2022-10-23	medium	infocektariflayanan.com/fonts/helvetica_neue.woff	Phishing
2022-10-23	medium	infocektariflayanan.com/js/jquery.min_3.js	Phishing
2022-10-23	medium	infocektariflayanan.com/js/jquery.min_2.js	Phishing
2022-10-23	medium	infocektariflayanan.com/js/jquery-3.5.1.min.js	Phishing
2022-10-23	medium	infocektariflayanan.com/js/jquery-1.10.2.min.js	Phishing
2022-10-23	medium	infocektariflayanan.com/js/jquery.min.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (8)

	URL	Size	First Seen	Last Seen
	infocektariflayanan.com/js/jquery-3.5.1.min.js	90 kB	2023-03-10	2024-01-21
Pretty URL infocektariflayanan.com/js/jquery-3.5.1.min.js IP 20.232.123.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 13:56:18 Last Seen2024-01-21 07:47:39 Times Seen21 Hash a1467418b7fcf350b49fc5eef4cfbbdd a5e638e4315e74cbb49dabf36c300a165c2a8e50 6a19f1c7fe126a43807f3a3401349414834236557303a77580ab755850614a33 Loading...

	infocektariflayanan.com/js/jquery-1.10.2.min.js	93 kB	2023-03-07	2024-04-26
Pretty URL infocektariflayanan.com/js/jquery-1.10.2.min.js IP 20.232.123.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 16:48:39 Times Seen10177 Hash 628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Loading...

	infocektariflayanan.com/js/jquery.min.js	84 kB	2023-03-07	2024-04-26
Pretty URL infocektariflayanan.com/js/jquery.min.js IP 20.232.123.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 07:33:06 Times Seen14095 Hash 32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Loading...

	infocektariflayanan.com/	188 B	2023-03-08	2024-01-25
Pretty URL infocektariflayanan.com/ IP 20.232.123.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:56:53 Last Seen2024-01-25 06:39:30 Times Seen5 Hash fba6b3e1e6f8be9837dbda2708af7d85 330d3fc812189dcc2c4b5f898b3b3ea164294265 3ce9d8b3ed29e1b82c714c97c202306badf4f38f68ac0a6669dab2a823227568 Loading...

	infocektariflayanan.com/js/jquery.min_1.js	90 kB	2023-03-07	2024-04-26
Pretty URL infocektariflayanan.com/js/jquery.min_1.js IP 20.232.123.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 16:26:24 Times Seen139394 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	infocektariflayanan.com/js/jquery.min_4.js	90 kB	2023-03-07	2024-04-26
Pretty URL infocektariflayanan.com/js/jquery.min_4.js IP 20.232.123.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-26 16:02:08 Times Seen261683 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 16:49:48 Times Seen37096569 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	infocektariflayanan.com/js/jquery.min_2.js	84 kB	2023-03-07	2024-04-26
Pretty URL infocektariflayanan.com/js/jquery.min_2.js IP 20.232.123.181 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-26 14:21:48 Times Seen13752 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

HTTP Transactions (31)

URL IP Response Size

infocektariflayanan.com/

20.232.123.181

301 Moved Permanently

240 B

URL HTTP/1.1
infocektariflayanan.com/
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
240 B (240 bytes)
Hash
ebf29e59d9f04bb0a5b3a38b21b0d384
38f1c271264a4237adf89b6c1fc34352945f4e87
f7c17c6cb990b6240355fc920928f777fc4db5513c7b5bb9f6803feb90cfa8cd

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 23 Oct 2022 16:00:01 GMT
Server: Apache
Location: https://infocektariflayanan.com/
Content-Length: 240
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73c4166ca864f777db2cc1cd8658a7c2
c56b66b0b7c8516d4d5bfafe0c166711c78f3d25
310c633350812c064e159275b6dbbdba6d6a5991a54ccfcc23459320c6513572

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "310C633350812C064E159275B6DBBDBA6D6A5991A54CCFCC23459320C6513572"
Last-Modified: Sat, 22 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8364
Expires: Sun, 23 Oct 2022 18:19:26 GMT
Date: Sun, 23 Oct 2022 16:00:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d9e45f302871456506fdbc00b0b2beb8
1a8f89c27d6a8b8f9561363546d569163df9c64e
acd167422cff7e6e72030c43b57e71d25d3e04559e3fb60ab8d0b79b24d1f845

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ACD167422CFF7E6E72030C43B57E71D25D3E04559E3FB60AB8D0B79B24D1F845"
Last-Modified: Fri, 21 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2276
Expires: Sun, 23 Oct 2022 16:37:58 GMT
Date: Sun, 23 Oct 2022 16:00:02 GMT
Connection: keep-alive

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

42 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (42056 bytes)
Hash
edcd1eb8afdabdda0b09785ec18d91f1
dd9599b3e69f698651bca0a27f2201ee2c0fb3b1
18643a2d88b93f972ef74f2dcc6ed186b3bcb1d343786f8b3603b16829efaf36

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: Gxe6C35WTown4oGQVJKM7zdskp6vlFvAq-_g1ggCcHN7shJuhPjFyg==
content-encoding: gzip
via: 1.1 f62c9ca47e35df5c65764381977823a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 23 Oct 2022 15:49:46 GMT
content-type: application/json
content-length: 42056
age: 616
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 23 Oct 2022 16:00:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

infocektariflayanan.com/

20.232.123.181

200 OK

24 kB

URL HTTP/1.1
infocektariflayanan.com/
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (502), with CRLF line terminators
Size
24 kB (23456 bytes)
Hash
bdff6c5e096fa5d463006d475f48985a
7fc256312d762ad192f9f1969bc71651274c90f0
aaadb152db1e244f9f326df0120d0859bb211ff9b01b4e4c56063ec7160c5143

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:02 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ae56efd62a0d9249d98573172eb8b28b
5ff4e9959be677ad76c26ca73f9ef4feb9fa2f28
82d9ee4948fce839f7edb1f8490c4213cded3912464a4169b0bf6a61278694bd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82D9EE4948FCE839F7EDB1F8490C4213CDED3912464A4169B0BF6A61278694BD"
Last-Modified: Sat, 22 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8440
Expires: Sun, 23 Oct 2022 18:20:42 GMT
Date: Sun, 23 Oct 2022 16:00:02 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
48ca0beea419a9039591cf1aee5179e0
9e92629f505fcc07aab51221e8fe62197a23e307
630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: cI+swgwI9AWXmJwsSWXiVFce0m8KNBpy3TEqIw97MLPC05Nbaf3Ds4Ia/rrX0EKV8ogqUMx+99Y=
x-amz-request-id: R6QRVA0252DHS7RS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 23 Oct 2022 15:28:26 GMT
age: 1896
last-modified: Wed, 11 May 2022 19:51:39 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f99c7c27eb66e04e5065698fa6d5ed63
1bd642e9884f42e81611009cb3d5bd1730b4fe15
7c57740e9b41991ce6a86ea15492ce7ea9baf4caf32f6e6c4cb46982d38b94fc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1657
Cache-Control: max-age=91373
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 16:00:02 GMT
Etag: "63542076-1d7"
Expires: Mon, 24 Oct 2022 17:22:55 GMT
Last-Modified: Sat, 22 Oct 2022 16:55:18 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 23 Oct 2022 15:17:28 GMT
Expires: Sun, 23 Oct 2022 15:39:36 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iKLLpgm1LlTV8-LrK0_Wy2gyqeFmfDURBTWUDo9Dp8YaQrqN0tqHoA==
Age: 2555

shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2

35.82.2.166

200 OK

8 B

URL HTTP/1.1
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
35.82.2.166:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
8 B (8 bytes)
Hash
29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b

HTTP Headers

POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Sun, 23 Oct 2022 16:00:03 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ea20460028066b7fba2f10b51d883192
a73b8263a4477aceeda349c7beff7050de9df38b
f933a7ff2c6ec9189ba29fdf09da9125ac59d9c03b4a14e14e9f1b5fa5322b1c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 16:00:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

infocektariflayanan.com/css/ionicons.min.css

20.232.123.181

200 OK

51 kB

URL HTTP/1.1
infocektariflayanan.com/css/ionicons.min.css
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (50806)
Size
51 kB (51284 bytes)
Hash
1690997909aae14b023a6580d4a2f33f
a4fd9551382a3b5c9c43e14adb8c4c4149cd2352
92ac508220f5bb60ec94e07650528eb66625f82a4740ada068cde05365781286

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia

HTTP Headers

GET /css/ionicons.min.css HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:03 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 51284
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

infocektariflayanan.com/js/jquery.min_1.js

20.232.123.181

200 OK

90 kB

URL HTTP/1.1
infocektariflayanan.com/js/jquery.min_1.js
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia
fortinet	Phishing

HTTP Headers

GET /js/jquery.min_1.js HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:03 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 89476
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4c236f4ca13cd8fafc580bceb0995642
b6a7de7a8d994ed2cfb5ac74b6d7703de515ecdb
671228953eba5b2678df03acebb493e411752c6f5f72ff7f1e485032241d4aeb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 23 Oct 2022 16:00:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

infocektariflayanan.com/js/jquery.min_4.js

20.232.123.181

200 OK

90 kB

URL HTTP/1.1
infocektariflayanan.com/js/jquery.min_4.js
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia
fortinet	Phishing

HTTP Headers

GET /js/jquery.min_4.js HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:04 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 89501
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

infocektariflayanan.com/fonts/helvetica_neue.woff

20.232.123.181

200 OK

21 kB

URL HTTP/1.1
infocektariflayanan.com/fonts/helvetica_neue.woff
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Web Open Font Format, CFF, length 20808, version 0.0\012- data
Size
21 kB (20808 bytes)
Hash
32292b2faf73a06f5f85350ba1a18cbd
468c07d9222bae984334bde5aa34c6095e625a33
63ca2449da804cd434ede5949b743397c693357731250bf10ebf8eeeab4524de

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia
fortinet	Phishing

HTTP Headers

GET /fonts/helvetica_neue.woff HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:04 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 20808
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff

infocektariflayanan.com/images/mo.png

20.232.123.181

200 OK

154 kB

URL HTTP/1.1
infocektariflayanan.com/images/mo.png
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 1920 x 1440, 8-bit/color RGBA, non-interlaced\012- data
Size
154 kB (153651 bytes)
Hash
6ba18adb82e9e1119b537a415e032d55
c5c44a846c0656813b22103cba8e2459f853c86d
dcfa22f575dcf73f860553ff2fc39ccffab99896145e9ae7e938630bee7fb8ce

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia

HTTP Headers

GET /images/mo.png HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:04 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 153651
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png

infocektariflayanan.com/js/jquery.min_3.js

20.232.123.181

200 OK

86 kB

URL HTTP/1.1
infocektariflayanan.com/js/jquery.min_3.js
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (32065)
Size
86 kB (85656 bytes)
Hash
1d35678c5edbb639ab7aa5cce0856f57
3b0f35285a7088b1fd321773696f9d3b45d31942
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia
fortinet	Phishing

HTTP Headers

GET /js/jquery.min_3.js HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:04 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 85656
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

infocektariflayanan.com/js/jquery.min_2.js

20.232.123.181

200 OK

84 kB

URL HTTP/1.1
infocektariflayanan.com/js/jquery.min_2.js
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (32061)
Size
84 kB (84245 bytes)
Hash
e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia
fortinet	Phishing

HTTP Headers

GET /js/jquery.min_2.js HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:04 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 84245
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

infocektariflayanan.com/js/jquery-3.5.1.min.js

20.232.123.181

200 OK

90 kB

URL HTTP/1.1
infocektariflayanan.com/js/jquery-3.5.1.min.js
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Unicode text, UTF-8 text, with very long lines (65438)
Size
90 kB (89961 bytes)
Hash
a1467418b7fcf350b49fc5eef4cfbbdd
a5e638e4315e74cbb49dabf36c300a165c2a8e50
6a19f1c7fe126a43807f3a3401349414834236557303a77580ab755850614a33

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia
fortinet	Phishing

HTTP Headers

GET /js/jquery-3.5.1.min.js HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:04 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 89961
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

infocektariflayanan.com/js/jquery-1.10.2.min.js

20.232.123.181

200 OK

93 kB

URL HTTP/1.1
infocektariflayanan.com/js/jquery-1.10.2.min.js
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (32072)
Size
93 kB (93107 bytes)
Hash
628072e7212db1e8cdacb22b21752cda
0511abe9863c2ea7084efa7e24d1d86c5b3974f1
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia
fortinet	Phishing

HTTP Headers

GET /js/jquery-1.10.2.min.js HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:04 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 93107
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

infocektariflayanan.com/images/2.jpg

20.232.123.181

200 OK

52 kB

URL HTTP/1.1
infocektariflayanan.com/images/2.jpg
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1024x445, components 3\012- data
Size
52 kB (52350 bytes)
Hash
19b019da9e871cebfcf45538d6c0681d
7199a562a96f625da8784897e1c430781b86dc37
c01f4a119e51b122eb17fecb83111d220563b19c413ef1560666969041094522

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia

HTTP Headers

GET /images/2.jpg HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:04 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 52350
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

infocektariflayanan.com/js/jquery.min.js

20.232.123.181

200 OK

84 kB

URL HTTP/1.1
infocektariflayanan.com/js/jquery.min.js
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (32180)
Size
84 kB (84320 bytes)
Hash
32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia
fortinet	Phishing

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:04 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 84320
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

infocektariflayanan.com/images/logo-ojk.png

20.232.123.181

200 OK

46 kB

URL HTTP/1.1
infocektariflayanan.com/images/logo-ojk.png
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 600 x 315, 8-bit/color RGBA, non-interlaced\012- data
Size
46 kB (45960 bytes)
Hash
883c16c692fa7ff6c3d58c14d1447c93
2043d443b2f2f4398f0e3b86c1d769637bdcf2bb
cb425bf8c81af69b5850278eca430aa7e6edd0f27f7653c072c3437faeb8319b

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia

HTTP Headers

GET /images/logo-ojk.png HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:05 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 45960
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

infocektariflayanan.com/images/1.jpg

20.232.123.181

200 OK

116 kB

URL HTTP/1.1
infocektariflayanan.com/images/1.jpg
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2022:08:29 14:43:48], progressive, precision 8, 1024x445, components 3\012- data
Size
116 kB (116272 bytes)
Hash
37d8812f043f9b7218840a19571d21e9
020cd933c06c4785bff4cb18eee923d76e3d28d6
7ca3f3bc5dac2fd9efe7e46c499338f54ad491a7e76b69d1de22917d97416c0b

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia

HTTP Headers

GET /images/1.jpg HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:04 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 116272
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

infocektariflayanan.com/images/logo-lps.png

20.232.123.181

200 OK

16 kB

URL HTTP/1.1
infocektariflayanan.com/images/logo-lps.png
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 500 x 203, 8-bit colormap, non-interlaced\012- data
Size
16 kB (15795 bytes)
Hash
e698f4d246fab302a286d1e8eb7049e4
0737bae7c61e87ed547e4408ff1e7432edb43f48
de9a7b06966c704cc5e8da25eba02339e2842a40285e768a99f43d0318740e2a

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia

HTTP Headers

GET /images/logo-lps.png HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:05 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 15795
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 23 Oct 2022 15:43:40 GMT
Cache-Control: max-age=3600
Expires: Sun, 23 Oct 2022 16:40:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zBUDlias_7SpBg3-TaoDaeLWNTFUopuHtNGjFNuMPE1vztnrV6f77Q==
Age: 985

fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0

142.250.74.10

200 OK

906 B

URL HTTP/2
fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
906 B (906 bytes)
Hash
7ca119360e523d764490f009be41ce48
187f7f619009184969255027d842c17630927572
79fdf10826a283b7038c0009e3cb9693150c92d13121dae4a58b0616328ddf0e

HTTP Headers

GET /css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 23 Oct 2022 16:00:03 GMT
date: Sun, 23 Oct 2022 16:00:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

infocektariflayanan.com/images/Epf-Y2q-Uc-AAj4ol-1.jpg

20.232.123.181

200 OK

71 kB

URL HTTP/1.1
infocektariflayanan.com/images/Epf-Y2q-Uc-AAj4ol-1.jpg
IP
20.232.123.181:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 918x460, components 3\012- data
Size
71 kB (71208 bytes)
Hash
f1bccd1fbda9781b919be3f80e7f81c5
124e423a333f6be2dfcec578613a60624eae856f
92451fbc51c5b692d7dc227a99f5aa2d9506fdf6cc90c52fbce5708a87630cd3

Detections

Analyzer	Verdict	Alert
openphish	Bank Rakyat Indonesia

HTTP Headers

GET /images/Epf-Y2q-Uc-AAj4ol-1.jpg HTTP/1.1
Host: infocektariflayanan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://infocektariflayanan.com/
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Sun, 23 Oct 2022 16:00:05 GMT
Server: Apache
Last-Modified: Sun, 09 Oct 2022 12:14:10 GMT
Accept-Ranges: bytes
Content-Length: 71208
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg

push.services.mozilla.com/

35.165.143.157

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.165.143.157:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VeI2sTEvy2wDvDot97S42Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r0disYUC61hl1ySKDHEeTF+Xjv0=

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (8)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (31)

URL HTTP/1.1