firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 6223248c33009fd48ef053d1ba379132
bb14f9500425f64883101297baeda1a69ca65fb2
4db22da1db8573be87bd7cf4fb98dd69a47e4938c0e81cb21f015c5a9d485c6f
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 25 Oct 2022 05:52:56 GMT
Expires: Tue, 25 Oct 2022 06:42:13 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XbXQ1sPRlKJ62hvc7tAI7empVoKMeRh6zwnTO-La8Wnkc0GIEyRlZQ==
Age: 2817
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b3537658770790ad6cf0d727f0c0acd2
8365cadda05ef27b2ebd627d545e31886b512bde
df992311f130f15459739841de925c7eec2604d5a68ca6b2a67b6dc8d229212c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF992311F130F15459739841DE925C7EEC2604D5A68CA6B2A67B6DC8D229212C"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5330
Expires: Tue, 25 Oct 2022 08:08:43 GMT
Date: Tue, 25 Oct 2022 06:39:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12549
Expires: Tue, 25 Oct 2022 10:09:02 GMT
Date: Tue, 25 Oct 2022 06:39:53 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OFGBDEScyhlRFQmhYp3/Fmv0rOxrn0lh9+U5JqX1oLqLpXK9qIOKtiT+fePOP/hA82lpCJb1sXE=
x-amz-request-id: MS43224R3MPJK8VY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 25 Oct 2022 06:38:41 GMT
age: 72
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
kep.lpem.org/guidelines/
182.23.64.24301 Moved Permanently 240 B IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b6671a996618e844d0bd6f7dd3081cbd
0d53a662b30ebb9a765c3f8c3985a44cc8983a4b
b3b2e53e5418e1e745d5eaac4f9febeec89c16858d20a3fefba0b6a2e7ce2080
Analyzer Verdict Alert fortinet Malware
GET /guidelines/ HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 25 Oct 2022 06:39:53 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Location: https://kep.lpem.org/guidelines/
Content-Length: 240
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 06:39:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 06:33:32 GMT
Cache-Control: max-age=3600
Expires: Tue, 25 Oct 2022 07:05:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uOla_1pVHOehJ8aIVhizsfDrw1WfslRK5KpOkw6jVq7DWRWi8LHmHA==
Age: 381
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7c6fdc8e76ef5875b5c965ade2df503e
45d548aa2a9d7ede163743274790700878eaea62
d2ff6eacd48af4892a2642e5d7bb925ca683062139f5a5cb4047f6f706830618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5585
Cache-Control: max-age=97196
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:54 GMT
Etag: "63564795-1d7"
Expires: Wed, 26 Oct 2022 09:39:50 GMT
Last-Modified: Mon, 24 Oct 2022 08:06:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.210.158.59101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VGLIE6ARj6ay6HAciHQ4Kw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NRDyGY8TZw/0LEHBGEn/KC1qObw=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2905
Expires: Tue, 25 Oct 2022 07:28:20 GMT
Date: Tue, 25 Oct 2022 06:39:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2905
Expires: Tue, 25 Oct 2022 07:28:20 GMT
Date: Tue, 25 Oct 2022 06:39:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2905
Expires: Tue, 25 Oct 2022 07:28:20 GMT
Date: Tue, 25 Oct 2022 06:39:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2905
Expires: Tue, 25 Oct 2022 07:28:20 GMT
Date: Tue, 25 Oct 2022 06:39:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef3c0d77-2886-483b-9a17-7f2b14ab4c98.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef3c0d77-2886-483b-9a17-7f2b14ab4c98.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f3a22310cf16199a90b8b653e5788a7d
acc2091598928d3ce5b2f58f4ae3730a13109303
7b4b73e2d4558a15c36895b51cad3898397abe49af2015d0eece44ded025a8ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef3c0d77-2886-483b-9a17-7f2b14ab4c98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11336
x-amzn-requestid: 741d0f67-b9f4-4789-bf65-0ca01fdc8c61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0fEjHMbIAMFobA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344dee9-08fc20196abbcb0c73f9c8a3;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:11:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XYPBhWQn1k6R4wtvbyFzWdGxH1EUp_lMHCc57gtQUfYkHPJHqSfmbg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 22:06:08 GMT
age: 30827
etag: "acc2091598928d3ce5b2f58f4ae3730a13109303"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TkdgdFp1dXipnGokyVpkamtD5qLRUC7aNYJrX_OKkEujnQsplMsgXA==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 04:35:17 GMT
age: 7478
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49bb46dd-5578-4e72-9aed-dc70960d4c97.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49bb46dd-5578-4e72-9aed-dc70960d4c97.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash edae4c2a51941f9d01ea6658430a95b8
ed419179e1460d655f14735e430cbbd76ab2a869
92f280cc9ad01c6901b08269a12908b927877082952ec52fe9a082910c181076
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49bb46dd-5578-4e72-9aed-dc70960d4c97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7633
x-amzn-requestid: e85011ac-422d-44b3-8af4-32d1c657597f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3D6EYXIAMFRlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054c-4f56cf37570dfcbe64ce4778;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NFDP9zPOwbHBAu0eMIt4sefrNehfkLPcEYn2CYKykM7qVZsMxiVnDw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:39:46 GMT
age: 32409
etag: "ed419179e1460d655f14735e430cbbd76ab2a869"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47edb01a-a8e6-4baf-848d-db16e2f70211.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47edb01a-a8e6-4baf-848d-db16e2f70211.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65d8d48ccc1c14c53b1ab16057d641d8
36f72d915609993e908d41cb5cf0b1c6b4c79830
8558f68db30b99216752cc3b5861fdd315313821c81efbb56420b3d101cdc5b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47edb01a-a8e6-4baf-848d-db16e2f70211.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6251
x-amzn-requestid: a81718c4-ac06-4388-bb9b-d92c02528226
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aYvM2E-ToAMFTQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63535f1e-2176b3c742eab3242fa1d58a;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 03:10:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: alnPUjWwzi5g_0XVI1Wmkavc2vnv6pqq8-WewDTX0XPyDAvwEqyudw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 07:30:48 GMT
age: 83347
etag: "36f72d915609993e908d41cb5cf0b1c6b4c79830"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8502c90bf679dce29b1c2a87606bbb3e
7940c911dea3882ab8a7ff70240f4edc1b89a56d
ccc5ab3068b7f90276124148a812eb26951a95d7c146bdcf28a69a3d05f76ee2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: 51dfaabc-ee88-465f-8da7-fd6739cf7794
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aZSHjHeLIAMF8mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635396fc-1e4ad2d647a7f07a094574be;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 07:08:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dgxcF8hXUOo_WqQwpd0yctMNPuB-IfmSRxD1_TRG7zuV3b5EbpVIig==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 07:28:23 GMT
age: 83492
etag: "7940c911dea3882ab8a7ff70240f4edc1b89a56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe70105c7-5a5d-48c2-a113-06846e24dff9.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe70105c7-5a5d-48c2-a113-06846e24dff9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e43859d91550f002f2fc145b8a044f40
762e9f0ce9256ff9a54e08d76dca7596d44677df
3d39a87540b716721e9d4e28aa499233ccde5ed4c6e7f1a902010e56572c8f46
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe70105c7-5a5d-48c2-a113-06846e24dff9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11822
x-amzn-requestid: 1702783e-fce4-4c9d-96a9-ee0477cff0ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aHpINH1LIAMFZjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634c889a-0cc362f90671a9827f4573f9;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 22:41:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: thgTEUrC7cZ8TpDm4rsmFgxj7QDNWeYiuwGkkF6bQf16xgdQUK9ygg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 03:29:50 GMT
age: 11405
etag: "762e9f0ce9256ff9a54e08d76dca7596d44677df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kep.lpem.org/guidelines/
182.23.64.24200 OK 12 kB IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Hash 2a42f619f088dd1567ed855278aa40a5
4e99ef9affb7425cefabf41a2bbf2a00523e8090
6dd0dca712504a873a362f37c507714dba094a643a81f9a6b2072d9277f8d491
Analyzer Verdict Alert fortinet Malware
GET /guidelines/ HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://kep.lpem.org/wp-json/>; rel="https://api.w.org/", <https://kep.lpem.org/wp-json/wp/v2/pages/102>; rel="alternate"; type="application/json", <https://kep.lpem.org/?p=102>; rel=shortlink
set-cookie: qtrans_front_language=id; expires=Wed, 25-Oct-2023 06:39:55 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 12453
content-type: text/html; charset=UTF-8
date: Tue, 25 Oct 2022 06:39:53 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f1ae675435a8f16bc0b04ec012c41979
182f87a81464c80b0b25fb524c59592cd40b0ef4
9191ced121d8740b4ed3af75db3033e72c0c44c0b45004abd714583deaa749a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-203932692-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-203932692-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash 7b03726041335af2bd475c8fae4f955f
4c42deddef1b05d8e87234ccbad843cbf2d75eca
69d80f6db3d6177e8cc87081d3b4245b146fd5d4ea23e846507c28a034472c3a
GET /gtag/js?id=UA-203932692-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 25 Oct 2022 06:39:56 GMT
expires: Tue, 25 Oct 2022 06:39:56 GMT
cache-control: private, max-age=900
last-modified: Tue, 25 Oct 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f1ae675435a8f16bc0b04ec012c41979
182f87a81464c80b0b25fb524c59592cd40b0ef4
9191ced121d8740b4ed3af75db3033e72c0c44c0b45004abd714583deaa749a4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kep.lpem.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
182.23.64.24200 OK 15 kB URL HTTP/2 kep.lpem.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (43771)
Hash bf35c103a20814c77700ce356e3bbd34
dfc3389b9ea5a5b250a8d3c78fc7b4ab778fe85f
7c203dc4d91160389a46a2d319d3a356ce816f97aa0ebe43d0a3a5eeb39c9ecc
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 01:41:44 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 15141
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
182.23.64.24200 OK 1.0 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash 71b280bd7e5fb3b9f802068cd2fed62c
e28340cdc4157de949703f6d8ac5ef30062d4b03
7fd1e96c6fb9768e9fe2efd586f8a02c3b58a503e2783dc9e5724e765b1d3219
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:31 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 1048
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/font-awesome.css?ver=6.0.3
182.23.64.24200 OK 7.9 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/font-awesome.css?ver=6.0.3
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (30800), with CRLF line terminators
Hash 17daf59bb99b3ad107441703976da7a2
4e72e1e49f27e7d451d2d1dc7621623cf042f488
eae4f2ee67ce355ca83f017a0a6aaa9989af2771c880b18f8cc6cbd3eb122fcc
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/goodlayers-core/plugins/fontawesome/font-awesome.css?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 01:02:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 7883
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/elegant/elegant-font.css?ver=6.0.3
182.23.64.24200 OK 4.7 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/elegant/elegant-font.css?ver=6.0.3
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (21733), with no line terminators
Hash cb3a8def299fd2d81a34faadb8e17f8c
18d9383da51dae257cc8e5d00e4eb2afdade192e
f1c8c03e0e409a8f28b989eb558f2b80bdee7ce40d5cf4ac8758046b8e25640c
GET /wp-content/plugins/goodlayers-core/plugins/elegant/elegant-font.css?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 01:02:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 4699
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/style.css?ver=1662621341
182.23.64.24200 OK 7.9 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/style.css?ver=1662621341
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (39108)
Hash e013b59c2d82ed1c81fd0296b3ce91df
a86ebcc9dde303f3dd5e46db48e742373b419b29
097df06c4ba0def384090bcf4bbbd3fccd7186f4ed27d7ae97e847e3c972fbea
GET /wp-content/plugins/goodlayers-core/plugins/style.css?ver=1662621341 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 08 Sep 2022 07:15:41 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 7918
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
182.23.64.24200 OK 926 B URL HTTP/2 kep.lpem.org/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash ce9a1d702b6ca01b7f503201b26e5d1e
af4cc748d5231aeeb94265cd5e9c585e393747e1
d10ee89b63134293ffa41bec5dab346ebc32a75860b0ecc3ad54e6edbf6df5e0
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 926
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6
182.23.64.24200 OK 2.3 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (7609)
Hash c0f89388cdbbc6aaacfb811ef56744a5
a16ab4e7e24b2aed3375add29c994ea5515b339a
6931f709aba218d53630f73b5635910751fb92cf0aa3e1cac3e1f75b63bd78bc
GET /wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 2347
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
182.23.64.24200 OK 5.5 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (42839), with no line terminators
Hash d6dd83fd224e7f2ae4ceda27833822e1
ac4c32e72ed6211288fb72c0859676f6f5718fc5
45be5b82e891a6e32fd2e1b041b9692d0b63805be162528f400586244b7f4cb1
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 5522
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/goodlayers-core/include/css/page-builder.css?ver=6.0.3
182.23.64.24200 OK 49 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/goodlayers-core/include/css/page-builder.css?ver=6.0.3
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash 0893afef3af29d31f7a71f3dd02d1bd9
2e7480713dcee21b463522ae9442a0061edc9bc7
321ffa8bb777a9582613bc8f97e0b1dbc21d11de1cfe0cec009315a7fdfa7f8b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/goodlayers-core/include/css/page-builder.css?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 01:02:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 48893
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.0
182.23.64.24200 OK 9.5 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.0
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (45857), with no line terminators
Hash ab89172e9713f5f9f69c679ad3549ac6
013a8b8c5b2f32fab2c9e0521c146172fc79344d
d0e88c99b75c3a73d49f33074184da8c9b1a29061c9b06b38a2ae97bfba0e169
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 9547
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.11
182.23.64.24200 OK 16 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.11
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Hash b753d9cf99909bc746dc6b2579b68e13
cebbb2c5cb524cb7352c74f8a869d8802c5e73fa
e3ade89ceddf5365597563946b221a33744815af4ceb24f652fa1f7a31bbf026
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.11 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 17:49:16 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 15847
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/themes/kingster/css/style-core.css?ver=6.0.3
182.23.64.24200 OK 24 kB URL HTTP/2 kep.lpem.org/wp-content/themes/kingster/css/style-core.css?ver=6.0.3
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash 8ac052aba3b03d4c382a75d9fea03b63
960b85eea620fac7276e69b5e2289395efd731cb
43a55eefcfc55f2f08dee0ce6e34c8df1deacb62032c2db8289f10b2b82a51ea
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/kingster/css/style-core.css?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:57:59 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 24103
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/uploads/kingster-style-custom.css?1662621341&ver=6.0.3
182.23.64.24200 OK 15 kB URL HTTP/2 kep.lpem.org/wp-content/uploads/kingster-style-custom.css?1662621341&ver=6.0.3
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (1069)
Hash d408712f8ec605ce25a9f2ff4a1f3eeb
167dcc47ea89e966d6f5eff125226d7f7486db9f
110efcc0d5aee6a6dd1819224fb6f7c3f8ca24260848f8e638082fb68d22a908
GET /wp-content/uploads/kingster-style-custom.css?1662621341&ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 08 Sep 2022 07:15:41 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 14898
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/qtranslate-to-wpml-export/js/scripts.js?ver=6.0.3
182.23.64.24200 OK 1.5 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/qtranslate-to-wpml-export/js/scripts.js?ver=6.0.3
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash 2320962e0ba06fa415ae3a5fce5f1ac0
1cf2ae8569686ea8dee1beb7a0063defb4ee67f6
6af391f2d0154a29fb434d3da7f5ee975387115921eee549f50167ba75744cf2
GET /wp-content/plugins/qtranslate-to-wpml-export/js/scripts.js?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 01:37:23 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 1509
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0
182.23.64.24200 OK 2.4 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type Unicode text, UTF-8 text, with very long lines (5661)
Hash 47261a811d739c1fba01ff83aeea678f
5b7b57114b6a09da6354be20dfc66e2f3cd89c3b
62421ccdeb51ae3443f3fe17741981fb3bd3988d64959ae3d4b5fa43a1baf686
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 2365
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.9.1
182.23.64.24200 OK 3.6 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.9.1
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (1577)
Hash 9e1370ab315a89cf4e927de54f98644c
5cce4a5194da26c0298aa968d5d02cf787e5e581
ba043db569a269062a1d4911ee9a301df70c55a36a19ab7f3cbbb9153fed637a
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.9.1 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 11 Oct 2022 21:30:25 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 3555
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
182.23.64.24200 OK 4.6 kB URL HTTP/2 kep.lpem.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (11126)
Hash 7cec71a53f4e94ce6da66a0fd94b9e5c
ac8f00b06df2956b97202b24ce8d818934283b5b
9bdd49aa215000ec53e722aa93cbe0e30f509bd1430ac5b5b509bf9b78a78d31
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 01:41:44 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 4563
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6
182.23.64.24200 OK 8.9 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (1518)
Hash 69be0492110454eb6a00388b22e79cf9
de7e0552c167a8d0251400b75554e5e72c76053c
02547985fef41ab7da7b14befaf159588e9b7c2e8c85bc2e7dfd6db2be5b5335
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 8852
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.8.0
182.23.64.24200 OK 5.2 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.8.0
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash f8dea3704c2a202b58a4a7b6d7fd559b
958b45c8f5611a9358327805ec8733ce59e7867e
aa072aa45f2793507a68faab6438b6c49f90c72423ff5cb12faf703de7b6c49b
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.8.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 5179
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
182.23.64.24200 OK 4.4 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type HTML document, ASCII text, with very long lines (12310), with no line terminators
Hash fa14ffb163d9477d5f78606eab73b515
be14a005b63cf40489d19ab925a83ca1c8dc0f14
92580baa17fa9c9041b2b0d3f63c1791d923ef8f06800bdf25b628f151ab88b8
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:31 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 4409
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5
182.23.64.24200 OK 15 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (32001)
Hash 91284abd43d6a9f9d91b60516c6bb73f
0acdb590f8473f125967f3f8a870aed43dcdcc4d
7566e1d6ad3a9bcec6f4f0fbd8410125c3489d2b7526e9cb82a80e7b909796d3
GET /wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 15180
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
182.23.64.24200 OK 7.2 kB URL HTTP/2 kep.lpem.org/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (15439)
Hash f9db5ac4eef28e71547d0ed1e890f5ae
943aa3e61c8e93d15d40ce18b0d4c300fd04700b
79f9a1b1d6e0a831cee1c8adb696792a90a4e74f0d4e7ac3bf63d42326927e9a
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 01:41:44 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 7163
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
182.23.64.24200 OK 10 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type HTML document, ASCII text, with very long lines (25075)
Hash ea8a82b3277446e2f40f27d6fbfdea92
496c31c8f7a6318443a0e8addebaa984c87edef5
b50388241be422a6665bacfe85d47a40d57ac9f117ecf0c2f4aee873d11ef955
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 10194
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
182.23.64.24200 OK 3.2 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (9937), with no line terminators
Hash 916d9875d3513738cf0628b63414c37a
f0f771fc8bee031a5f07e981100d899bd4e19b8a
5005bf5395df14a11ea73484dfc084395c4aac253b69ac043b46fc879b22c43f
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:31 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 3229
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/uploads/2019/01/makara-web.png
182.23.64.24200 OK 14 kB URL HTTP/2 kep.lpem.org/wp-content/uploads/2019/01/makara-web.png
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type PNG image data, 213 x 85, 8-bit/color RGBA, non-interlaced\012- data
Hash 912467b159bfa35f2b7549ce65cce97c
8273a863f4e2d7fe5d4b0defbef7576c592e1020
944f5258711bbac9166f730732e8ebe62f85d16bf3d2f2a20b174c52a9b79649
GET /wp-content/uploads/2019/01/makara-web.png HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Jan 2019 09:14:56 GMT
accept-ranges: bytes
content-length: 14331
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/png
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
182.23.64.24200 OK 5.8 kB URL HTTP/2 kep.lpem.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (15660)
Hash 5dd90c13d1cb6624cba0f3bc7828c4bb
734a400e956fed5389a6e20fabf89327710cf6eb
e573bfe941e733fe9f4580cd6fd65468cf7398b6403488229dbbd7687c42f55c
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 01:41:44 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 5792
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/goodlayers-core/include/js/page-builder.js?ver=1.3.9
182.23.64.24200 OK 21 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/goodlayers-core/include/js/page-builder.js?ver=1.3.9
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (317), with CRLF line terminators
Hash a82b8ac1477bde0ac23150cc94ae2e05
70abe6b67cf450b6e174185b794f0ccd56313079
3f360de5c19a9659c3ee04af2d303b6cee956bc96d06d8fbe6552742e85092d9
GET /wp-content/plugins/goodlayers-core/include/js/page-builder.js?ver=1.3.9 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 01:02:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 21224
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/qtranslate-xt/flags/id.png
182.23.64.24200 OK 123 B URL HTTP/2 kep.lpem.org/wp-content/plugins/qtranslate-xt/flags/id.png
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash 0e750ecbc866906e31b38a21d1b2960e
4ab704dd7538d083082b2e97dae4c67fdedcbdcf
36e6707ba1d2a840de4a29c4026acf7493951e1ffd091a4c57c37410dcf5a189
GET /wp-content/plugins/qtranslate-xt/flags/id.png HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 11 Dec 2018 13:53:40 GMT
accept-ranges: bytes
content-length: 123
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/png
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/qtranslate-xt/flags/gb.png
182.23.64.24200 OK 398 B URL HTTP/2 kep.lpem.org/wp-content/plugins/qtranslate-xt/flags/gb.png
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash c37d7808c8c177a0074f40217bc3bb02
19d5ebaaca76dcfdeb4566466fadafdb75579bba
78cba0d68a87a8db2d5fd6b38d222ab74c4af7a11fe8c716dee390ec0582aecd
GET /wp-content/plugins/qtranslate-xt/flags/gb.png HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 11 Dec 2018 13:53:40 GMT
accept-ranges: bytes
content-length: 398
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/png
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
182.23.64.24200 OK 36 kB URL HTTP/2 kep.lpem.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (65447)
Hash 19794544ea8a95a7f373243810e83876
ddc367f688e43f1fb864933be9ba4a425d98b146
e02d14430d46b20d28fa1a666b5b31996c2afe85f58e933d8d6acd473cc4957e
Analyzer Verdict Alert fortinet Malware
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 01:41:44 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 36108
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.8.0
182.23.64.24200 OK 44 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.8.0
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (65536), with no line terminators
Hash 766423bd60a965c413a8812965ac3768
75276bc62f66e4be91fb548bb9804b909b21be4a
9bb1b27bd45c9c2703923e11e60148eaaaee4219f0eb3a97f49530ce29eb1e14
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.8.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 43661
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.8
182.23.64.24200 OK 53 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.8
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type ASCII text, with very long lines (42889)
Hash 2d53b08aec0b47ab58ad663d1195f34b
c5ce363579442686d417dedf73e9a19a1fbd183f
11b27dcb1ff54d5f6698e16f17b7434f21ac67e67cd1d9c262e599393d71c51e
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.8 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 17:49:16 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 53184
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
www.lpem.org/wp-content/uploads/2016/11/logo-lpem-baru-general-alt-1.png
182.23.64.24200 OK 3.7 kB URL HTTP/2 www.lpem.org/wp-content/uploads/2016/11/logo-lpem-baru-general-alt-1.png
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type PNG image data, 300 x 75, 8-bit colormap, non-interlaced\012- data
Hash dbd26f259a6bc471197095b2bbf3b250
1ae950d991a6aaf7102a469a6ff2304bab8207e9
f82506ca19d1037978974cba14bdf4fe7d57346d9aa47caccf50fede17a8cc5a
GET /wp-content/uploads/2016/11/logo-lpem-baru-general-alt-1.png HTTP/1.1
Host: www.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:55:18 GMT
accept-ranges: bytes
content-length: 3654
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/png
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kep.lpem.org/wp-content/themes/kingster/js/script-core.js?ver=1.0.0
182.23.64.24200 OK 472 B URL HTTP/2 kep.lpem.org/wp-content/themes/kingster/js/script-core.js?ver=1.0.0
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/kingster/js/script-core.js?ver=1.0.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:57:59 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 16724
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.195200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kep.lpem.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 21:48:50 GMT
expires: Thu, 19 Oct 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 463867
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.195200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kep.lpem.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:30:59 GMT
expires: Thu, 19 Oct 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 472138
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
216.58.207.195200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kep.lpem.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:31:00 GMT
expires: Thu, 19 Oct 2023 19:31:00 GMT
cache-control: public, max-age=31536000
age: 472137
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/themes/kingster/learnpress/kingster-learnpress.js?ver=6.0.3
182.23.64.24200 OK 472 B URL HTTP/2 kep.lpem.org/wp-content/themes/kingster/learnpress/kingster-learnpress.js?ver=6.0.3
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Hash eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb
Analyzer Verdict Alert fortinet Malware
GET /wp-content/themes/kingster/learnpress/kingster-learnpress.js?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:57:58 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 497
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/themes/kingster/images/page-title-background.jpg
182.23.64.24200 OK 23 kB URL HTTP/2 kep.lpem.org/wp-content/themes/kingster/images/page-title-background.jpg
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x496, components 3\012- data
Hash cb5797910a3d4ce841d28d96cc8132ce
53f81d2a9be329c3bad259e938976c5eeedce7c5
b13ca1fd2f584f494da29f352c506ae1927b7ae4c87ef72881ec473eb004637e
GET /wp-content/themes/kingster/images/page-title-background.jpg HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/wp-content/themes/kingster/css/style-core.css?ver=6.0.3
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:57:58 GMT
accept-ranges: bytes
content-length: 23389
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/jpeg
date: Tue, 25 Oct 2022 06:39:57 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.woff2?v=4.7.0
182.23.64.24200 OK 77 kB URL HTTP/2 kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.woff2?v=4.7.0
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/font-awesome.css?ver=6.0.3
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 01:02:29 GMT
accept-ranges: bytes
content-length: 77160
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
date: Tue, 25 Oct 2022 06:39:57 GMT
server: Apache
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 25 Oct 2022 04:41:09 GMT
expires: Tue, 25 Oct 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 7128
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/plugins/ua/linkid.js
142.250.74.174200 OK 859 B URL HTTP/2 www.google-analytics.com/plugins/ua/linkid.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1335)
Hash 904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237
GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Oct 2022 06:02:26 GMT
expires: Tue, 25 Oct 2022 07:02:26 GMT
cache-control: public, max-age=3600
age: 2251
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/uploads/2019/01/cropped-makara-web-192x192.png
182.23.64.24200 OK 20 kB URL HTTP/2 kep.lpem.org/wp-content/uploads/2019/01/cropped-makara-web-192x192.png
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash fa700fd3e732c5225d1e796cdcf27c94
0251b4e2956128d0f951d5ea0cd92300dc2c6575
c6de1e9777c62a832af33c23cc33461077fdfcd74419d926ef99b9a6d9f37a6a
GET /wp-content/uploads/2019/01/cropped-makara-web-192x192.png HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 00:55:53 GMT
accept-ranges: bytes
content-length: 19454
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/png
date: Tue, 25 Oct 2022 06:39:57 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/uploads/2019/01/cropped-makara-web-32x32.png
182.23.64.24200 OK 1.3 kB URL HTTP/2 kep.lpem.org/wp-content/uploads/2019/01/cropped-makara-web-32x32.png
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash fdf1da1ff0c54d6e4d9502449dc0d2fb
e1db980bb2ace0a40c1c1e7a6280404946007e44
ff765b58513391c20826620369e247aa92c7b15654ee64a4cbf31eea8cf440c2
GET /wp-content/uploads/2019/01/cropped-makara-web-32x32.png HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 00:55:53 GMT
accept-ranges: bytes
content-length: 1266
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/png
date: Tue, 25 Oct 2022 06:39:57 GMT
server: Apache
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.11
182.23.64.24200 OK 0 B URL HTTP/2 kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.11
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
Analyzer Verdict Alert fortinet Malware
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.11 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 17:49:16 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3Aregular%2Citalic&subset=devanagari%2Clatin%2Clatin-ext&ver=6.0.3
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3Aregular%2Citalic&subset=devanagari%2Clatin%2Clatin-ext&ver=6.0.3
IP 142.250.74.10:0
GET /css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3Aregular%2Citalic&subset=devanagari%2Clatin%2Clatin-ext&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 25 Oct 2022 06:39:56 GMT
date: Tue, 25 Oct 2022 06:39:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic
IP 142.250.74.10:0
GET /css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 25 Oct 2022 06:39:56 GMT
date: Tue, 25 Oct 2022 06:39:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/script.js?ver=1662621341
182.23.64.24200 OK 0 B URL HTTP/2 kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/script.js?ver=1662621341
IP 182.23.64.24:0
ASN #38513 PT Aplikanusa Lintasarta
GET /wp-content/plugins/goodlayers-core/plugins/script.js?ver=1662621341 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 08 Sep 2022 07:15:41 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2