Report - kep.lpem.org/guidelines/

Report Overview

Submitted URL
kep.lpem.org/guidelines/
IP
182.23.64.24
ASN
#38513 PT Aplikanusa Lintasarta
Submitted
2022-10-25 06:40:05
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-10T10:58:09Z	370 B	44 kB	142.250.74.168
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	594 B	127 B	34.210.158.59
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	60 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	1.1 kB	1.5 kB	142.250.74.10
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-10T05:10:00Z	758 B	2.8 kB	143.204.55.27
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.76.226
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.3 kB	4.9 kB	142.250.74.35
www.lpem.org	unknown	2018-02-05T12:02:45Z	2023-02-27T01:43:43Z	426 B	4.0 kB	182.23.64.24
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-10T13:35:34Z	736 B	22 kB	142.250.74.174
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	401 B	5.8 kB	34.160.144.191
kep.lpem.org	unknown	2019-08-14T13:12:07Z	2022-12-03T12:29:40Z	20 kB	552 kB	182.23.64.24
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	329 B	796 B	93.184.220.29
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T13:37:03Z	1.4 kB	26 kB	216.58.207.195

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-25	medium	kep.lpem.org/guidelines/	Malware
2022-10-25	medium	kep.lpem.org/guidelines/	Malware
2022-10-25	medium	kep.lpem.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/font-awesome.css?ver=6.0.3	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/goodlayers-core/include/css/page-builder.css?ver=6.0.3	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.0	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.11	Malware
2022-10-25	medium	kep.lpem.org/wp-content/themes/kingster/css/style-core.css?ver=6.0.3	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.9.1	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.8.0	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	Malware
2022-10-25	medium	kep.lpem.org/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5	Malware
2022-10-25	medium	kep.lpem.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	Malware
2022-10-25	medium	kep.lpem.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.8.0	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.8	Malware
2022-10-25	medium	kep.lpem.org/wp-content/themes/kingster/js/script-core.js?ver=1.0.0	Malware
2022-10-25	medium	kep.lpem.org/wp-content/themes/kingster/learnpress/kingster-learnpress.js?ver=6.0.3	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.woff2?v=4.7.0	Malware
2022-10-25	medium	kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.11	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (30)

	URL	Size	First Seen	Last Seen
	kep.lpem.org/wp-content/plugins/qtranslate-to-wpml-export/js/scripts.js?ver=6.0.3	8.1 kB	2023-03-09	2023-12-16
Pretty URL kep.lpem.org/wp-content/plugins/qtranslate-to-wpml-export/js/scripts.js?ver=6.0.3 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 11:30:05 Last Seen2023-12-16 11:46:59 Times Seen3 Hash d3df06ff213933a0eefdbacce90bf1ea 2d7e2e5a5746ee3248c8249b39922c80a4c2e151 40293992b3a7917a1761ce1cfa209bbab03a28c214ac4473ac96045570ea70d4 Loading...

	kep.lpem.org/wp-content/themes/kingster/js/script-core.js?ver=1.0.0	57 kB	2023-03-08	2024-04-14
Pretty URL kep.lpem.org/wp-content/themes/kingster/js/script-core.js?ver=1.0.0 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:21:46 Last Seen2024-04-14 23:42:31 Times Seen19 Hash 989f77341034f92ab6f549cc52440139 cfc95b1b98323b21d05d7462e0bed6332f67cd58 521cb5ca917586cc1fa5e1dd24590a46058e07ab2819b0b644c821bfab9bd1c0 Loading...

	kep.lpem.org/guidelines/	95 B	2023-03-10	2023-03-10
Pretty URL kep.lpem.org/guidelines/ IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:43:23 Last Seen2023-03-10 14:43:23 Times Seen1 Hash 0d97e0ca0169c67f6ea2701e3046195b 3ecea1877c31080f49a6d85a4da215932e04c7b5 396fae8a3869d585d09b01a78c20a97ad925c59abcd989c05113187a4e506f57 Loading...

	kep.lpem.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	12 kB	2023-03-08	2024-04-24
Pretty URL kep.lpem.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3481 Hash 1f9968a7c7a2a02491393fb9d4103dae 0032c8a6a692e6f072b2cef20828449402fdd57d f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49 Loading...

	kep.lpem.org/guidelines/	126 B	2023-03-10	2023-03-10
Pretty URL kep.lpem.org/guidelines/ IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:43:23 Last Seen2023-03-10 14:43:23 Times Seen1 Hash 208776ebcd2d980b0294ebbd33966de1 545eb82537284e63081ff231cb8b1841dee9172d 9d587bccbd30c5932133e49fdb8a19dbb241b391c4add0b5e7cc9deb28ffa89d Loading...

	kep.lpem.org/guidelines/	162 B	2023-03-10	2023-03-10
Pretty URL kep.lpem.org/guidelines/ IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:43:23 Last Seen2023-03-10 14:43:23 Times Seen1 Hash 879c736e6075bd50098e07cf6c58c6b3 958e9d2945540ffae491d9edaa01dbd9f0bb18a9 2eab1c63a84c0d2179e069942827018a538002a2a38b3b849cee58b42917470f Loading...

	kep.lpem.org/guidelines/	5.6 kB	2023-03-10	2023-03-10
Pretty URL kep.lpem.org/guidelines/ IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:43:23 Last Seen2023-03-10 14:43:23 Times Seen1 Hash 253dd5199ef4392b6e9cebefcd680caf 89adda41c0968d5fc5476ae1b3328d1ff84ca5eb 2e066fbfef0aa0928ccf8089e9dfde2228ff465d38f17ee3c2085207af58fea9 Loading...

	kep.lpem.org/wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.8.0	15 kB	2023-03-07	2024-04-18
Pretty URL kep.lpem.org/wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.8.0 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:38 Last Seen2024-04-18 15:56:49 Times Seen1280 Hash 3fb461c1b082f494c9e0eaaafcf8bd72 55ff6230e8ec9d8c5b38657707d2f0bf5605ba0f 3e6e949591faad693c28eed80090b54c666ddb12dbb20af284acedb9f3b70834 Loading...

	kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5	25 kB	2023-03-07	2024-03-19
Pretty URL kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:38 Last Seen2024-03-19 10:03:54 Times Seen506 Hash 35dba86729f7328d9d79eb1d13792393 860560994a5717d9e3df391bb5f51f03f2e61a5f cfa956b9f39aec424ed6f9411c71da1f9fbd0c77e4cdccd9089d394a1877d866 Loading...

	kep.lpem.org/guidelines/	1.2 kB	2023-03-10	2023-03-10
Pretty URL kep.lpem.org/guidelines/ IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:43:23 Last Seen2023-03-10 14:43:23 Times Seen1 Hash 5c9d8185e023e00097edf5609b7f3253 41ee21241070436a485a414f4ae8f0ba4a361662 9f5d8768079b683bd4566559a291f667c65b0086980d7a3e15a853707c3f695d Loading...

	kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5	46 kB	2023-03-07	2024-04-24
Pretty URL kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:38 Last Seen2024-04-24 01:32:17 Times Seen1251 Hash 47caf35a29f15dd5c20a41298b3586ea c4ee5f891da78820029f9974a65e01a07d88f7eb d281c3057af206c0a210770246ef115057cd21081778be6229fd85f4a99d18bb Loading...

	kep.lpem.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	9.9 kB	2023-03-08	2024-04-24
Pretty URL kep.lpem.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:19 Last Seen2024-04-24 20:13:16 Times Seen3136 Hash dc74c9954b1944928eca0172c3b8c6b3 e9e00e587e0e28491b69563b4e768945ff2e0ed5 d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-24
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-24 18:41:20 Times Seen1526 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	kep.lpem.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-25
Pretty URL kep.lpem.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 09:54:53 Times Seen31826 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	kep.lpem.org/guidelines/	2.2 kB	2023-03-10	2023-03-10
Pretty URL kep.lpem.org/guidelines/ IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:43:23 Last Seen2023-03-10 14:43:23 Times Seen1 Hash 4ab164e910a707155ff2b4ff13af9ac1 817529b31e312463c97a518b329157d44cb69fb1 9adddfc335df453ff23d9b0acc0917516058842e6de5a4c1b26d6da6400319fb Loading...

	www.googletagmanager.com/gtag/js?id=UA-203932692-1	111 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-203932692-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:43:23 Last Seen2023-03-10 14:43:23 Times Seen1 Hash 319f53c6bdae4a380b14692abbd14c20 e6f6a80718271db0825b8c0d51b41a8425269b36 0303b945dc07d98dba2263abda7c103600f29b000935f95cafd430ecc79dff74 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 11:55:37 Times Seen37062646 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	kep.lpem.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-25
Pretty URL kep.lpem.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 10:34:46 Times Seen68619 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6	22 kB	2023-03-07	2024-04-24
Pretty URL kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:38 Last Seen2024-04-24 01:32:17 Times Seen985 Hash 2ed97891e0a448815edd04a37a5d5da3 d79a3b0fff5930bf1a7838836157b35f94eb378c 5555617065279e031d5d4f93dfd8ce37aab481221c6c1d38eda5d90798cc4ea5 Loading...

	kep.lpem.org/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1	17 kB	2023-03-07	2024-04-15
Pretty URL kep.lpem.org/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:41 Last Seen2024-04-15 06:53:32 Times Seen595 Hash aa5fef7b171510a2a430328d4a0f3b03 cf6377f9bd83d9ce5f18c3de8ac7e57c047168d4 5f030eda75a32de3b4f63e28a38e83642b8a723c84ae73bf3726b85cd411bfee Loading...

	kep.lpem.org/guidelines/	366 B	2023-03-10	2023-03-10
Pretty URL kep.lpem.org/guidelines/ IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:43:23 Last Seen2023-03-10 14:43:23 Times Seen1 Hash 5866e86d08c87d35f90094b12ecc3f98 39f26e239fb8e330d9760f04b8d0468f80368f7b 15ac4d8ec05d1e98dfe59ef31ce94db616a868ddbe8da1cd990b02b0e4cb3810 Loading...

	kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.11	364 kB	2023-03-07	2024-04-03
Pretty URL kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.11 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:50 Last Seen2024-04-03 01:53:41 Times Seen596 Hash 3fb3e6ddca8e7e7e2c17e90d3dd13c76 0648731e5e4258941e1815c3e9597e4983bcb680 7f63e8476900f0a7600e621e33b3f18b878664cfad27df525a88385c9b37ea6f Loading...

	kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0	6.3 kB	2023-03-07	2024-04-24
Pretty URL kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:36:38 Last Seen2024-04-24 01:32:17 Times Seen1129 Hash 9365b9e965c8e638a21745217e5f2d5c 2a1964476db3f43551f24c1754e272b2917a934b e959dd8ec932148a2df2bc3f2d63d9fe02104910a31ed6dab421e96c03692088 Loading...

	kep.lpem.org/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.8.0	193 kB	2023-03-09	2023-12-02
Pretty URL kep.lpem.org/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.8.0 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:48:26 Last Seen2023-12-02 07:31:39 Times Seen32 Hash de4deaee74e687805df8d49630a73c4b 2e0636c229a750febfd2a2700792d0362589cb87 e9b6066cf4228b09039a9d044e9e1f9f19be1a49577d2ade3fd35a2dd637c6f7 Loading...

	www.google-analytics.com/plugins/ua/linkid.js	1.6 kB	2023-03-07	2024-04-15
Pretty URL www.google-analytics.com/plugins/ua/linkid.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-15 19:01:06 Times Seen1974 Hash 0cc3a63fe10060af4a349e5df666eefe 3e8d3925b550345123f2cab26568221fd4154f9c 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54 Loading...

	kep.lpem.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3	19 kB	2023-03-07	2024-04-25
Pretty URL kep.lpem.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-25 04:27:26 Times Seen38041 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.8	124 kB	2023-03-07	2024-04-25
Pretty URL kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.8 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:51 Last Seen2024-04-25 08:34:07 Times Seen2246 Hash 04f0a5790668162c9241bfd598d6400c dd55a501364bbd8a0b43eca3cd681748cd89a03e 463f24ed151c0bc8775c09e92c3885fd96dc17f1e91ca64d70f3ba9600e0eb86 Loading...

	kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/script.js?ver=1662621341	377 kB	2023-03-07	2024-02-13
Pretty URL kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/script.js?ver=1662621341 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:02:51 Last Seen2024-02-13 02:18:39 Times Seen44 Hash fe0b35492f3eb8e716abf275aff4e44e 934eefd2ed355c97ed4292acddd030849b4f673f f86103e8429689e680842fe125e3749f4ce92f2cfd2955408c5f90c550c5b11b Loading...

	kep.lpem.org/wp-content/themes/kingster/learnpress/kingster-learnpress.js?ver=6.0.3	1.4 kB	2023-03-08	2024-04-14
Pretty URL kep.lpem.org/wp-content/themes/kingster/learnpress/kingster-learnpress.js?ver=6.0.3 IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:42:57 Last Seen2024-04-14 23:42:31 Times Seen33 Hash 5c163d869aa87ba87ec15a34cb992303 a98b089b35a34544548c52fefdcdb7fc7a3dc396 861bd453d188cf427c6e1fa0e9de221642c1c8e093edd51fb28d6f7da7985412 Loading...

	kep.lpem.org/guidelines/	2.3 kB	2023-03-07	2024-04-25
Pretty URL kep.lpem.org/guidelines/ IP 182.23.64.24 ASN #38513 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-25 08:34:06 Times Seen4795 Hash 6f740b956919fbaa673bb496be184ac1 fa7d2aef8069f1be31c655fb889c897eae36757a c8d83f1bd6a850a6f197b9bcce38828132ad627358b9c2c78e7c4bef4d22c304 Loading...

HTTP Transactions (76)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.27

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
6223248c33009fd48ef053d1ba379132
bb14f9500425f64883101297baeda1a69ca65fb2
4db22da1db8573be87bd7cf4fb98dd69a47e4938c0e81cb21f015c5a9d485c6f

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Content-Type, Backoff, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 25 Oct 2022 05:52:56 GMT
Expires: Tue, 25 Oct 2022 06:42:13 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: XbXQ1sPRlKJ62hvc7tAI7empVoKMeRh6zwnTO-La8Wnkc0GIEyRlZQ==
Age: 2817

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b3537658770790ad6cf0d727f0c0acd2
8365cadda05ef27b2ebd627d545e31886b512bde
df992311f130f15459739841de925c7eec2604d5a68ca6b2a67b6dc8d229212c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF992311F130F15459739841DE925C7EEC2604D5A68CA6B2A67B6DC8D229212C"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5330
Expires: Tue, 25 Oct 2022 08:08:43 GMT
Date: Tue, 25 Oct 2022 06:39:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8db408c487f7d35bba323046736e8d3a
01b91e2dce7c6d3de9adfe6ff4d38f9b24ab7db0
9aeafc72c1a969243e1fc96f68ce18888034a749ee70582208bf814bd40b61a5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AEAFC72C1A969243E1FC96F68CE18888034A749EE70582208BF814BD40B61A5"
Last-Modified: Tue, 25 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12549
Expires: Tue, 25 Oct 2022 10:09:02 GMT
Date: Tue, 25 Oct 2022 06:39:53 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: OFGBDEScyhlRFQmhYp3/Fmv0rOxrn0lh9+U5JqX1oLqLpXK9qIOKtiT+fePOP/hA82lpCJb1sXE=
x-amz-request-id: MS43224R3MPJK8VY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 25 Oct 2022 06:38:41 GMT
age: 72
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

kep.lpem.org/guidelines/

182.23.64.24

301 Moved Permanently

240 B

URL HTTP/1.1
kep.lpem.org/guidelines/
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
240 B (240 bytes)
Hash
b6671a996618e844d0bd6f7dd3081cbd
0d53a662b30ebb9a765c3f8c3985a44cc8983a4b
b3b2e53e5418e1e745d5eaac4f9febeec89c16858d20a3fefba0b6a2e7ce2080

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /guidelines/ HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 25 Oct 2022 06:39:53 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Location: https://kep.lpem.org/guidelines/
Content-Length: 240
Keep-Alive: timeout=5, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 25 Oct 2022 06:39:53 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.27

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.27:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 25 Oct 2022 06:33:32 GMT
Cache-Control: max-age=3600
Expires: Tue, 25 Oct 2022 07:05:26 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uOla_1pVHOehJ8aIVhizsfDrw1WfslRK5KpOkw6jVq7DWRWi8LHmHA==
Age: 381

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7c6fdc8e76ef5875b5c965ade2df503e
45d548aa2a9d7ede163743274790700878eaea62
d2ff6eacd48af4892a2642e5d7bb925ca683062139f5a5cb4047f6f706830618

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5585
Cache-Control: max-age=97196
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:54 GMT
Etag: "63564795-1d7"
Expires: Wed, 26 Oct 2022 09:39:50 GMT
Last-Modified: Mon, 24 Oct 2022 08:06:45 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.210.158.59

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.210.158.59:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VGLIE6ARj6ay6HAciHQ4Kw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NRDyGY8TZw/0LEHBGEn/KC1qObw=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2905
Expires: Tue, 25 Oct 2022 07:28:20 GMT
Date: Tue, 25 Oct 2022 06:39:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2905
Expires: Tue, 25 Oct 2022 07:28:20 GMT
Date: Tue, 25 Oct 2022 06:39:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2905
Expires: Tue, 25 Oct 2022 07:28:20 GMT
Date: Tue, 25 Oct 2022 06:39:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
398e3c90084d7d71fc1e9fd833116f5f
3e202da5559a8f219144adee3639d063a98559c0
724547db3ed9f1779308e9dd6604664e6ffa3580ca076fbdc1dfb1b75591bba4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "724547DB3ED9F1779308E9DD6604664E6FFA3580CA076FBDC1DFB1B75591BBA4"
Last-Modified: Mon, 24 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2905
Expires: Tue, 25 Oct 2022 07:28:20 GMT
Date: Tue, 25 Oct 2022 06:39:55 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef3c0d77-2886-483b-9a17-7f2b14ab4c98.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef3c0d77-2886-483b-9a17-7f2b14ab4c98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11336 bytes)
Hash
f3a22310cf16199a90b8b653e5788a7d
acc2091598928d3ce5b2f58f4ae3730a13109303
7b4b73e2d4558a15c36895b51cad3898397abe49af2015d0eece44ded025a8ba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef3c0d77-2886-483b-9a17-7f2b14ab4c98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11336
x-amzn-requestid: 741d0f67-b9f4-4789-bf65-0ca01fdc8c61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0fEjHMbIAMFobA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344dee9-08fc20196abbcb0c73f9c8a3;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:11:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XYPBhWQn1k6R4wtvbyFzWdGxH1EUp_lMHCc57gtQUfYkHPJHqSfmbg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 22:06:08 GMT
age: 30827
etag: "acc2091598928d3ce5b2f58f4ae3730a13109303"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.1 kB (8090 bytes)
Hash
531f350512ac7712d932234803aa4602
2fb4599ad3d513a160c1f29fefda27b45852c381
7a4da3420f736c098806676359b8ff80578a2e1e98fc0e20e45e2d6192e1d566

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda327ff0-bd82-4034-a53b-e04d5c486276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8090
x-amzn-requestid: a84a2888-e0eb-40d3-8377-9c1ea2af733c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aVb2oH2uoAMFueA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63520cf7-204870ee3f63ced427033eb5;Sampled=0
x-amzn-remapped-date: Fri, 21 Oct 2022 03:07:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TkdgdFp1dXipnGokyVpkamtD5qLRUC7aNYJrX_OKkEujnQsplMsgXA==
via: 1.1 1de1880e08f1cae7d1aca174a29a5c1e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 04:35:17 GMT
age: 7478
etag: "2fb4599ad3d513a160c1f29fefda27b45852c381"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49bb46dd-5578-4e72-9aed-dc70960d4c97.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7633 bytes)
Hash
edae4c2a51941f9d01ea6658430a95b8
ed419179e1460d655f14735e430cbbd76ab2a869
92f280cc9ad01c6901b08269a12908b927877082952ec52fe9a082910c181076

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49bb46dd-5578-4e72-9aed-dc70960d4c97.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7633
x-amzn-requestid: e85011ac-422d-44b3-8af4-32d1c657597f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ah3D6EYXIAMFRlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6357054c-4f56cf37570dfcbe64ce4778;Sampled=0
x-amzn-remapped-date: Mon, 24 Oct 2022 21:36:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NFDP9zPOwbHBAu0eMIt4sefrNehfkLPcEYn2CYKykM7qVZsMxiVnDw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 21:39:46 GMT
age: 32409
etag: "ed419179e1460d655f14735e430cbbd76ab2a869"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47edb01a-a8e6-4baf-848d-db16e2f70211.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6251 bytes)
Hash
65d8d48ccc1c14c53b1ab16057d641d8
36f72d915609993e908d41cb5cf0b1c6b4c79830
8558f68db30b99216752cc3b5861fdd315313821c81efbb56420b3d101cdc5b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47edb01a-a8e6-4baf-848d-db16e2f70211.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6251
x-amzn-requestid: a81718c4-ac06-4388-bb9b-d92c02528226
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aYvM2E-ToAMFTQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63535f1e-2176b3c742eab3242fa1d58a;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 03:10:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: alnPUjWwzi5g_0XVI1Wmkavc2vnv6pqq8-WewDTX0XPyDAvwEqyudw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 07:30:48 GMT
age: 83347
etag: "36f72d915609993e908d41cb5cf0b1c6b4c79830"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8735 bytes)
Hash
8502c90bf679dce29b1c2a87606bbb3e
7940c911dea3882ab8a7ff70240f4edc1b89a56d
ccc5ab3068b7f90276124148a812eb26951a95d7c146bdcf28a69a3d05f76ee2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Facb7f3ea-1b51-4cac-a5ab-7201a12df641.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: 51dfaabc-ee88-465f-8da7-fd6739cf7794
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aZSHjHeLIAMF8mQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635396fc-1e4ad2d647a7f07a094574be;Sampled=0
x-amzn-remapped-date: Sat, 22 Oct 2022 07:08:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dgxcF8hXUOo_WqQwpd0yctMNPuB-IfmSRxD1_TRG7zuV3b5EbpVIig==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 24 Oct 2022 07:28:23 GMT
age: 83492
etag: "7940c911dea3882ab8a7ff70240f4edc1b89a56d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe70105c7-5a5d-48c2-a113-06846e24dff9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11822 bytes)
Hash
e43859d91550f002f2fc145b8a044f40
762e9f0ce9256ff9a54e08d76dca7596d44677df
3d39a87540b716721e9d4e28aa499233ccde5ed4c6e7f1a902010e56572c8f46

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe70105c7-5a5d-48c2-a113-06846e24dff9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11822
x-amzn-requestid: 1702783e-fce4-4c9d-96a9-ee0477cff0ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aHpINH1LIAMFZjg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634c889a-0cc362f90671a9827f4573f9;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 22:41:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: thgTEUrC7cZ8TpDm4rsmFgxj7QDNWeYiuwGkkF6bQf16xgdQUK9ygg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 03:29:50 GMT
age: 11405
etag: "762e9f0ce9256ff9a54e08d76dca7596d44677df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

kep.lpem.org/guidelines/

182.23.64.24

200 OK

12 kB

URL HTTP/2
kep.lpem.org/guidelines/
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (8047), with CRLF, LF line terminators
Size
12 kB (12453 bytes)
Hash
2a42f619f088dd1567ed855278aa40a5
4e99ef9affb7425cefabf41a2bbf2a00523e8090
6dd0dca712504a873a362f37c507714dba094a643a81f9a6b2072d9277f8d491

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /guidelines/ HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
link: <https://kep.lpem.org/wp-json/>; rel="https://api.w.org/", <https://kep.lpem.org/wp-json/wp/v2/pages/102>; rel="alternate"; type="application/json", <https://kep.lpem.org/?p=102>; rel=shortlink
set-cookie: qtrans_front_language=id; expires=Wed, 25-Oct-2023 06:39:55 GMT; Max-Age=31536000; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 12453
content-type: text/html; charset=UTF-8
date: Tue, 25 Oct 2022 06:39:53 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1ae675435a8f16bc0b04ec012c41979
182f87a81464c80b0b25fb524c59592cd40b0ef4
9191ced121d8740b4ed3af75db3033e72c0c44c0b45004abd714583deaa749a4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-203932692-1

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-203932692-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1588)
Size
44 kB (43590 bytes)
Hash
7b03726041335af2bd475c8fae4f955f
4c42deddef1b05d8e87234ccbad843cbf2d75eca
69d80f6db3d6177e8cc87081d3b4245b146fd5d4ea23e846507c28a034472c3a

HTTP Headers

GET /gtag/js?id=UA-203932692-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 25 Oct 2022 06:39:56 GMT
expires: Tue, 25 Oct 2022 06:39:56 GMT
cache-control: private, max-age=900
last-modified: Tue, 25 Oct 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43590
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d114ab00b1cfe7f9b4f56c7b3655b55d
641e580d6148329b0c9eb2d49f5f8a30c08f30e9
e5420e919b2c05c148179c7d85a210941be6862b1f65ccfafcfc38d960bf38d7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1ae675435a8f16bc0b04ec012c41979
182f87a81464c80b0b25fb524c59592cd40b0ef4
9191ced121d8740b4ed3af75db3033e72c0c44c0b45004abd714583deaa749a4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kep.lpem.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3

182.23.64.24

200 OK

15 kB

URL HTTP/2
kep.lpem.org/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (43771)
Size
15 kB (15141 bytes)
Hash
bf35c103a20814c77700ce356e3bbd34
dfc3389b9ea5a5b250a8d3c78fc7b4ab778fe85f
7c203dc4d91160389a46a2d319d3a356ce816f97aa0ebe43d0a3a5eeb39c9ecc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 01:41:44 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 15141
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4

182.23.64.24

200 OK

1.0 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text
Size
1.0 kB (1048 bytes)
Hash
71b280bd7e5fb3b9f802068cd2fed62c
e28340cdc4157de949703f6d8ac5ef30062d4b03
7fd1e96c6fb9768e9fe2efd586f8a02c3b58a503e2783dc9e5724e765b1d3219

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:31 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 1048
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/font-awesome.css?ver=6.0.3

182.23.64.24

200 OK

7.9 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/font-awesome.css?ver=6.0.3
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (30800), with CRLF line terminators
Size
7.9 kB (7883 bytes)
Hash
17daf59bb99b3ad107441703976da7a2
4e72e1e49f27e7d451d2d1dc7621623cf042f488
eae4f2ee67ce355ca83f017a0a6aaa9989af2771c880b18f8cc6cbd3eb122fcc

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/goodlayers-core/plugins/fontawesome/font-awesome.css?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 01:02:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 7883
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/elegant/elegant-font.css?ver=6.0.3

182.23.64.24

200 OK

4.7 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/elegant/elegant-font.css?ver=6.0.3
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (21733), with no line terminators
Size
4.7 kB (4699 bytes)
Hash
cb3a8def299fd2d81a34faadb8e17f8c
18d9383da51dae257cc8e5d00e4eb2afdade192e
f1c8c03e0e409a8f28b989eb558f2b80bdee7ce40d5cf4ac8758046b8e25640c

HTTP Headers

GET /wp-content/plugins/goodlayers-core/plugins/elegant/elegant-font.css?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 01:02:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 4699
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/style.css?ver=1662621341

182.23.64.24

200 OK

7.9 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/style.css?ver=1662621341
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (39108)
Size
7.9 kB (7918 bytes)
Hash
e013b59c2d82ed1c81fd0296b3ce91df
a86ebcc9dde303f3dd5e46db48e742373b419b29
097df06c4ba0def384090bcf4bbbd3fccd7186f4ed27d7ae97e847e3c972fbea

HTTP Headers

GET /wp-content/plugins/goodlayers-core/plugins/style.css?ver=1662621341 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 08 Sep 2022 07:15:41 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 7918
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1

182.23.64.24

200 OK

926 B

URL HTTP/2
kep.lpem.org/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text
Size
926 B (926 bytes)
Hash
ce9a1d702b6ca01b7f503201b26e5d1e
af4cc748d5231aeeb94265cd5e9c585e393747e1
d10ee89b63134293ffa41bec5dab346ebc32a75860b0ecc3ad54e6edbf6df5e0

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 926
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6

182.23.64.24

200 OK

2.3 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (7609)
Size
2.3 kB (2347 bytes)
Hash
c0f89388cdbbc6aaacfb811ef56744a5
a16ab4e7e24b2aed3375add29c994ea5515b339a
6931f709aba218d53630f73b5635910751fb92cf0aa3e1cac3e1f75b63bd78bc

HTTP Headers

GET /wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 2347
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5

182.23.64.24

200 OK

5.5 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (42839), with no line terminators
Size
5.5 kB (5522 bytes)
Hash
d6dd83fd224e7f2ae4ceda27833822e1
ac4c32e72ed6211288fb72c0859676f6f5718fc5
45be5b82e891a6e32fd2e1b041b9692d0b63805be162528f400586244b7f4cb1

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 5522
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/goodlayers-core/include/css/page-builder.css?ver=6.0.3

182.23.64.24

200 OK

49 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/goodlayers-core/include/css/page-builder.css?ver=6.0.3
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text
Size
49 kB (48893 bytes)
Hash
0893afef3af29d31f7a71f3dd02d1bd9
2e7480713dcee21b463522ae9442a0061edc9bc7
321ffa8bb777a9582613bc8f97e0b1dbc21d11de1cfe0cec009315a7fdfa7f8b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/goodlayers-core/include/css/page-builder.css?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 01:02:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 48893
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.0

182.23.64.24

200 OK

9.5 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.0
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (45857), with no line terminators
Size
9.5 kB (9547 bytes)
Hash
ab89172e9713f5f9f69c679ad3549ac6
013a8b8c5b2f32fab2c9e0521c146172fc79344d
d0e88c99b75c3a73d49f33074184da8c9b1a29061c9b06b38a2ae97bfba0e169

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.8.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 9547
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.11

182.23.64.24

200 OK

16 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.11
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
16 kB (15847 bytes)
Hash
b753d9cf99909bc746dc6b2579b68e13
cebbb2c5cb524cb7352c74f8a869d8802c5e73fa
e3ade89ceddf5365597563946b221a33744815af4ceb24f652fa1f7a31bbf026

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.4.11 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 17:49:16 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 15847
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/themes/kingster/css/style-core.css?ver=6.0.3

182.23.64.24

200 OK

24 kB

URL HTTP/2
kep.lpem.org/wp-content/themes/kingster/css/style-core.css?ver=6.0.3
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text
Size
24 kB (24103 bytes)
Hash
8ac052aba3b03d4c382a75d9fea03b63
960b85eea620fac7276e69b5e2289395efd731cb
43a55eefcfc55f2f08dee0ce6e34c8df1deacb62032c2db8289f10b2b82a51ea

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/kingster/css/style-core.css?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:57:59 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 24103
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/uploads/kingster-style-custom.css?1662621341&ver=6.0.3

182.23.64.24

200 OK

15 kB

URL HTTP/2
kep.lpem.org/wp-content/uploads/kingster-style-custom.css?1662621341&ver=6.0.3
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (1069)
Size
15 kB (14898 bytes)
Hash
d408712f8ec605ce25a9f2ff4a1f3eeb
167dcc47ea89e966d6f5eff125226d7f7486db9f
110efcc0d5aee6a6dd1819224fb6f7c3f8ca24260848f8e638082fb68d22a908

HTTP Headers

GET /wp-content/uploads/kingster-style-custom.css?1662621341&ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 08 Sep 2022 07:15:41 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 14898
content-type: text/css
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/qtranslate-to-wpml-export/js/scripts.js?ver=6.0.3

182.23.64.24

200 OK

1.5 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/qtranslate-to-wpml-export/js/scripts.js?ver=6.0.3
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text
Size
1.5 kB (1509 bytes)
Hash
2320962e0ba06fa415ae3a5fce5f1ac0
1cf2ae8569686ea8dee1beb7a0063defb4ee67f6
6af391f2d0154a29fb434d3da7f5ee975387115921eee549f50167ba75744cf2

HTTP Headers

GET /wp-content/plugins/qtranslate-to-wpml-export/js/scripts.js?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 01:37:23 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 1509
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0

182.23.64.24

200 OK

2.4 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
Unicode text, UTF-8 text, with very long lines (5661)
Size
2.4 kB (2365 bytes)
Hash
47261a811d739c1fba01ff83aeea678f
5b7b57114b6a09da6354be20dfc66e2f3cd89c3b
62421ccdeb51ae3443f3fe17741981fb3bd3988d64959ae3d4b5fa43a1baf686

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 2365
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.9.1

182.23.64.24

200 OK

3.6 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.9.1
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (1577)
Size
3.6 kB (3555 bytes)
Hash
9e1370ab315a89cf4e927de54f98644c
5cce4a5194da26c0298aa968d5d02cf787e5e581
ba043db569a269062a1d4911ee9a301df70c55a36a19ab7f3cbbb9153fed637a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=8.9.1 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 11 Oct 2022 21:30:25 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 3555
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

182.23.64.24

200 OK

4.6 kB

URL HTTP/2
kep.lpem.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (11126)
Size
4.6 kB (4563 bytes)
Hash
7cec71a53f4e94ce6da66a0fd94b9e5c
ac8f00b06df2956b97202b24ce8d818934283b5b
9bdd49aa215000ec53e722aa93cbe0e30f509bd1430ac5b5b509bf9b78a78d31

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 01:41:44 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 4563
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6

182.23.64.24

200 OK

8.9 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (1518)
Size
8.9 kB (8852 bytes)
Hash
69be0492110454eb6a00388b22e79cf9
de7e0552c167a8d0251400b75554e5e72c76053c
02547985fef41ab7da7b14befaf159588e9b7c2e8c85bc2e7dfd6db2be5b5335

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 8852
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.8.0

182.23.64.24

200 OK

5.2 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.8.0
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text
Size
5.2 kB (5179 bytes)
Hash
f8dea3704c2a202b58a4a7b6d7fd559b
958b45c8f5611a9358327805ec8733ce59e7867e
aa072aa45f2793507a68faab6438b6c49f90c72423ff5cb12faf703de7b6c49b

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/photo-gallery/js/circle-progress.js?ver=1.8.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 5179
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

182.23.64.24

200 OK

4.4 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
HTML document, ASCII text, with very long lines (12310), with no line terminators
Size
4.4 kB (4409 bytes)
Hash
fa14ffb163d9477d5f78606eab73b515
be14a005b63cf40489d19ab925a83ca1c8dc0f14
92580baa17fa9c9041b2b0d3f63c1791d923ef8f06800bdf25b628f151ab88b8

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:31 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 4409
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5

182.23.64.24

200 OK

15 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (32001)
Size
15 kB (15180 bytes)
Hash
91284abd43d6a9f9d91b60516c6bb73f
0acdb590f8473f125967f3f8a870aed43dcdcc4d
7566e1d6ad3a9bcec6f4f0fbd8410125c3489d2b7526e9cb82a80e7b909796d3

HTTP Headers

GET /wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 15180
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1

182.23.64.24

200 OK

7.2 kB

URL HTTP/2
kep.lpem.org/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (15439)
Size
7.2 kB (7163 bytes)
Hash
f9db5ac4eef28e71547d0ed1e890f5ae
943aa3e61c8e93d15d40ce18b0d4c300fd04700b
79f9a1b1d6e0a831cee1c8adb696792a90a4e74f0d4e7ac3bf63d42326927e9a

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 01:41:44 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 7163
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5

182.23.64.24

200 OK

10 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
HTML document, ASCII text, with very long lines (25075)
Size
10 kB (10194 bytes)
Hash
ea8a82b3277446e2f40f27d6fbfdea92
496c31c8f7a6318443a0e8addebaa984c87edef5
b50388241be422a6665bacfe85d47a40d57ac9f117ecf0c2f4aee873d11ef955

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 10194
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4

182.23.64.24

200 OK

3.2 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (9937), with no line terminators
Size
3.2 kB (3229 bytes)
Hash
916d9875d3513738cf0628b63414c37a
f0f771fc8bee031a5f07e981100d899bd4e19b8a
5005bf5395df14a11ea73484dfc084395c4aac253b69ac043b46fc879b22c43f

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:31 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 3229
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/uploads/2019/01/makara-web.png

182.23.64.24

200 OK

14 kB

URL HTTP/2
kep.lpem.org/wp-content/uploads/2019/01/makara-web.png
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
PNG image data, 213 x 85, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14331 bytes)
Hash
912467b159bfa35f2b7549ce65cce97c
8273a863f4e2d7fe5d4b0defbef7576c592e1020
944f5258711bbac9166f730732e8ebe62f85d16bf3d2f2a20b174c52a9b79649

HTTP Headers

GET /wp-content/uploads/2019/01/makara-web.png HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Jan 2019 09:14:56 GMT
accept-ranges: bytes
content-length: 14331
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/png
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3

182.23.64.24

200 OK

5.8 kB

URL HTTP/2
kep.lpem.org/wp-includes/js/wp-emoji-release.min.js?ver=6.0.3
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (15660)
Size
5.8 kB (5792 bytes)
Hash
5dd90c13d1cb6624cba0f3bc7828c4bb
734a400e956fed5389a6e20fabf89327710cf6eb
e573bfe941e733fe9f4580cd6fd65468cf7398b6403488229dbbd7687c42f55c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 01:41:44 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 5792
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/goodlayers-core/include/js/page-builder.js?ver=1.3.9

182.23.64.24

200 OK

21 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/goodlayers-core/include/js/page-builder.js?ver=1.3.9
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (317), with CRLF line terminators
Size
21 kB (21224 bytes)
Hash
a82b8ac1477bde0ac23150cc94ae2e05
70abe6b67cf450b6e174185b794f0ccd56313079
3f360de5c19a9659c3ee04af2d303b6cee956bc96d06d8fbe6552742e85092d9

HTTP Headers

GET /wp-content/plugins/goodlayers-core/include/js/page-builder.js?ver=1.3.9 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 01:02:29 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 21224
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/qtranslate-xt/flags/id.png

182.23.64.24

200 OK

123 B

URL HTTP/2
kep.lpem.org/wp-content/plugins/qtranslate-xt/flags/id.png
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
123 B (123 bytes)
Hash
0e750ecbc866906e31b38a21d1b2960e
4ab704dd7538d083082b2e97dae4c67fdedcbdcf
36e6707ba1d2a840de4a29c4026acf7493951e1ffd091a4c57c37410dcf5a189

HTTP Headers

GET /wp-content/plugins/qtranslate-xt/flags/id.png HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 11 Dec 2018 13:53:40 GMT
accept-ranges: bytes
content-length: 123
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/png
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/qtranslate-xt/flags/gb.png

182.23.64.24

200 OK

398 B

URL HTTP/2
kep.lpem.org/wp-content/plugins/qtranslate-xt/flags/gb.png
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
PNG image data, 18 x 12, 8-bit/color RGB, non-interlaced\012- data
Size
398 B (398 bytes)
Hash
c37d7808c8c177a0074f40217bc3bb02
19d5ebaaca76dcfdeb4566466fadafdb75579bba
78cba0d68a87a8db2d5fd6b38d222ab74c4af7a11fe8c716dee390ec0582aecd

HTTP Headers

GET /wp-content/plugins/qtranslate-xt/flags/gb.png HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 11 Dec 2018 13:53:40 GMT
accept-ranges: bytes
content-length: 398
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/png
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

182.23.64.24

200 OK

36 kB

URL HTTP/2
kep.lpem.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (65447)
Size
36 kB (36108 bytes)
Hash
19794544ea8a95a7f373243810e83876
ddc367f688e43f1fb864933be9ba4a425d98b146
e02d14430d46b20d28fa1a666b5b31996c2afe85f58e933d8d6acd473cc4957e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 06 Sep 2022 01:41:44 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 36108
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.8.0

182.23.64.24

200 OK

44 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.8.0
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (65536), with no line terminators
Size
44 kB (43661 bytes)
Hash
766423bd60a965c413a8812965ac3768
75276bc62f66e4be91fb548bb9804b909b21be4a
9bb1b27bd45c9c2703923e11e60148eaaaee4219f0eb3a97f49530ce29eb1e14

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.8.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 20 Oct 2022 06:17:36 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 43661
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.8

182.23.64.24

200 OK

53 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.8
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
ASCII text, with very long lines (42889)
Size
53 kB (53184 bytes)
Hash
2d53b08aec0b47ab58ad663d1195f34b
c5ce363579442686d417dedf73e9a19a1fbd183f
11b27dcb1ff54d5f6698e16f17b7434f21ac67e67cd1d9c262e599393d71c51e

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.4.8 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 17:49:16 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 53184
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

www.lpem.org/wp-content/uploads/2016/11/logo-lpem-baru-general-alt-1.png

182.23.64.24

200 OK

3.7 kB

URL HTTP/2
www.lpem.org/wp-content/uploads/2016/11/logo-lpem-baru-general-alt-1.png
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
PNG image data, 300 x 75, 8-bit colormap, non-interlaced\012- data
Size
3.7 kB (3654 bytes)
Hash
dbd26f259a6bc471197095b2bbf3b250
1ae950d991a6aaf7102a469a6ff2304bab8207e9
f82506ca19d1037978974cba14bdf4fe7d57346d9aa47caccf50fede17a8cc5a

HTTP Headers

GET /wp-content/uploads/2016/11/logo-lpem-baru-general-alt-1.png HTTP/1.1
Host: www.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:55:18 GMT
accept-ranges: bytes
content-length: 3654
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/png
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 25 Oct 2022 06:39:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

kep.lpem.org/wp-content/themes/kingster/js/script-core.js?ver=1.0.0

182.23.64.24

200 OK

472 B

URL HTTP/2
kep.lpem.org/wp-content/themes/kingster/js/script-core.js?ver=1.0.0
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
data
Size
472 B (472 bytes)
Hash
eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/kingster/js/script-core.js?ver=1.0.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:57:59 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 16724
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

216.58.207.195

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kep.lpem.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 21:48:50 GMT
expires: Thu, 19 Oct 2023 21:48:50 GMT
cache-control: public, max-age=31536000
age: 463867
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

216.58.207.195

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kep.lpem.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:30:59 GMT
expires: Thu, 19 Oct 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 472138
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

216.58.207.195

200 OK

7.7 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kep.lpem.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 19 Oct 2022 19:31:00 GMT
expires: Thu, 19 Oct 2023 19:31:00 GMT
cache-control: public, max-age=31536000
age: 472137
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/themes/kingster/learnpress/kingster-learnpress.js?ver=6.0.3

182.23.64.24

200 OK

472 B

URL HTTP/2
kep.lpem.org/wp-content/themes/kingster/learnpress/kingster-learnpress.js?ver=6.0.3
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
data
Size
472 B (472 bytes)
Hash
eb9238eaa63063c98563a1961fbbfefa
9b23eea87129d9516b8e7527cce7b8b1efcfa1fe
ff87d571f813dd558347df32a52e27ebb6c66968a6d2e584e6b6467944ef40fb

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/themes/kingster/learnpress/kingster-learnpress.js?ver=6.0.3 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:57:58 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-length: 497
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/themes/kingster/images/page-title-background.jpg

182.23.64.24

200 OK

23 kB

URL HTTP/2
kep.lpem.org/wp-content/themes/kingster/images/page-title-background.jpg
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1800x496, components 3\012- data
Size
23 kB (23389 bytes)
Hash
cb5797910a3d4ce841d28d96cc8132ce
53f81d2a9be329c3bad259e938976c5eeedce7c5
b13ca1fd2f584f494da29f352c506ae1927b7ae4c87ef72881ec473eb004637e

HTTP Headers

GET /wp-content/themes/kingster/images/page-title-background.jpg HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/wp-content/themes/kingster/css/style-core.css?ver=6.0.3
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Tue, 22 Feb 2022 09:57:58 GMT
accept-ranges: bytes
content-length: 23389
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/jpeg
date: Tue, 25 Oct 2022 06:39:57 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.woff2?v=4.7.0

182.23.64.24

200 OK

77 kB

URL HTTP/2
kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.woff2?v=4.7.0
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/goodlayers-core/plugins/fontawesome/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/fontawesome/font-awesome.css?ver=6.0.3
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 01:02:29 GMT
accept-ranges: bytes
content-length: 77160
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
date: Tue, 25 Oct 2022 06:39:57 GMT
server: Apache
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 25 Oct 2022 04:41:09 GMT
expires: Tue, 25 Oct 2022 06:41:09 GMT
cache-control: public, max-age=7200
age: 7128
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/plugins/ua/linkid.js

142.250.74.174

200 OK

859 B

URL HTTP/2
www.google-analytics.com/plugins/ua/linkid.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1335)
Size
859 B (859 bytes)
Hash
904463ce35aee800847ab85ec948aaf6
904e4d2647466c7f7e0f7412019984e3b2ccfb24
057b4d29359dfe2536a2ec40243bdfa7b151222efcc1eb358608994a14c34237

HTTP Headers

GET /plugins/ua/linkid.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 859
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 25 Oct 2022 06:02:26 GMT
expires: Tue, 25 Oct 2022 07:02:26 GMT
cache-control: public, max-age=3600
age: 2251
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/uploads/2019/01/cropped-makara-web-192x192.png

182.23.64.24

200 OK

20 kB

URL HTTP/2
kep.lpem.org/wp-content/uploads/2019/01/cropped-makara-web-192x192.png
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19454 bytes)
Hash
fa700fd3e732c5225d1e796cdcf27c94
0251b4e2956128d0f951d5ea0cd92300dc2c6575
c6de1e9777c62a832af33c23cc33461077fdfcd74419d926ef99b9a6d9f37a6a

HTTP Headers

GET /wp-content/uploads/2019/01/cropped-makara-web-192x192.png HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 00:55:53 GMT
accept-ranges: bytes
content-length: 19454
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/png
date: Tue, 25 Oct 2022 06:39:57 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/uploads/2019/01/cropped-makara-web-32x32.png

182.23.64.24

200 OK

1.3 kB

URL HTTP/2
kep.lpem.org/wp-content/uploads/2019/01/cropped-makara-web-32x32.png
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1266 bytes)
Hash
fdf1da1ff0c54d6e4d9502449dc0d2fb
e1db980bb2ace0a40c1c1e7a6280404946007e44
ff765b58513391c20826620369e247aa92c7b15654ee64a4cbf31eea8cf440c2

HTTP Headers

GET /wp-content/uploads/2019/01/cropped-makara-web-32x32.png HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Wed, 07 Sep 2022 00:55:53 GMT
accept-ranges: bytes
content-length: 1266
x-frame-options: DENY, SAMEORIGIN
vary: User-Agent
content-type: image/png
date: Tue, 25 Oct 2022 06:39:57 GMT
server: Apache
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.11

182.23.64.24

200 OK

0 B

URL HTTP/2
kep.lpem.org/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.11
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.4.11 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 29 Apr 2021 17:49:16 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3Aregular%2Citalic&subset=devanagari%2Clatin%2Clatin-ext&ver=6.0.3

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3Aregular%2Citalic&subset=devanagari%2Clatin%2Clatin-ext&ver=6.0.3
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2Cregular%2Citalic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CABeeZee%3Aregular%2Citalic&subset=devanagari%2Clatin%2Clatin-ext&ver=6.0.3 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 25 Oct 2022 06:39:56 GMT
date: Tue, 25 Oct 2022 06:39:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Ubuntu&subset=greek,latin,greek-ext,vietnamese,cyrillic-ext,latin-ext,cyrillic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 25 Oct 2022 06:39:56 GMT
date: Tue, 25 Oct 2022 06:39:56 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/script.js?ver=1662621341

182.23.64.24

200 OK

0 B

URL HTTP/2
kep.lpem.org/wp-content/plugins/goodlayers-core/plugins/script.js?ver=1662621341
IP
182.23.64.24:0
ASN
#38513 PT Aplikanusa Lintasarta

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/goodlayers-core/plugins/script.js?ver=1662621341 HTTP/1.1
Host: kep.lpem.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kep.lpem.org/guidelines/
Cookie: qtrans_front_language=id
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Thu, 08 Sep 2022 07:15:41 GMT
accept-ranges: bytes
vary: Accept-Encoding,User-Agent
content-encoding: gzip
x-frame-options: DENY, SAMEORIGIN
content-type: application/x-javascript
date: Tue, 25 Oct 2022 06:39:56 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations