r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfb72f04bd7a4410640c0543bb4bd402
7c63b7e220b337b6a4f39864e11d6aa9e26c38ac
b7f7a4d355ed3b847a5e28f16030d5cbc715d47326aea20f292cd76dcaf59794
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7F7A4D355ED3B847A5E28F16030D5CBC715D47326AEA20F292CD76DCAF59794"
Last-Modified: Mon, 21 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3669
Expires: Thu, 24 Nov 2022 02:02:00 GMT
Date: Thu, 24 Nov 2022 01:00:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8c63b226725ca6e92e3ef586ac19e603
d21ae42a1927501e5293ff3564f52b49f6b0decc
141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10142
Expires: Thu, 24 Nov 2022 03:49:53 GMT
Date: Thu, 24 Nov 2022 01:00:51 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 770d09773b5f304acf141fd66a4862b4
5ddc46ab75de26c858a9a6f6d1beaaec9bb181f5
c7bcc6928fa1c0bb225ce8a2f6badd6cb1bd6ea002fb808ed34e8dafbd7b3b26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5702
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:00:51 GMT
Last-Modified: Wed, 23 Nov 2022 23:25:49 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /Z8JhYbtz73+9WoXiy6zoOsMv3ssMZ5KvLxdtIMk8gr4yNQqaFC2yx52QVTw6u9yL+BrxmJqRNcDHda9Uz8MCQ==
x-amz-request-id: SKDGA79YF1N9ACR3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 00:40:12 GMT
age: 1239
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 00:18:52 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2519
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 01:00:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
bpsjambi.id/
301 Moved Permanently 330 B IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9282473a4ca5afd491bd7684f910cce8
fd8be777871e463828e2229b758473f6c732c5c5
4c04aacf62bc41e51bb67a5cc4cb2ea9f6cfcc57281103575aac36879a8fbbe5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 24 Nov 2022 01:00:51 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Location: https://bpsjambi.id/
Content-Length: 330
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 00:11:11 GMT
cache-control: public,max-age=3600
age: 2981
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash eb52164d651f5f45416e873aec29eb04
405b29bb7e7cd4367cf82988f8603e53db65f139
ed885e05db822ff30fe951e10b6d4f21e574d053939afca792992a1549a15301
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6461
Cache-Control: max-age=122022
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:00:52 GMT
Etag: "637de2ad-1d7"
Expires: Fri, 25 Nov 2022 10:54:34 GMT
Last-Modified: Wed, 23 Nov 2022 09:06:53 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
200 OK 472 B IP
Hash 52baaac56cbb2fcae04d673c260243e4
03fd07935e87a440af5568b97d25643b00ab28d4
4f2aff1721b7f7ab21897e9954aea04cf06081e4cfd11e3b862ebd51552f9f4b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:52 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 17:04:37 GMT
Expires: Wed, 30 Nov 2022 17:04:36 GMT
Etag: "03fd07935e87a440af5568b97d25643b00ab28d4"
Cache-Control: max-age=575623,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76ee35cabaf00b4d-OSL
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FVWH2zV4ot5tQNcByGsrOw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YAezDhUbKVdSnKQpvmVoesKQnMY=
bpsjambi.id/
200 OK 278 kB IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type HTML document, ASCII text, with CRLF, LF line terminators
Size 278 kB (278122 bytes)
Hash 78927c009e233dfaa2789862e92e722c
e41da8c4c1f4d9601652109162a56e0b4dfbc705
f7b72e342b58e431dd87e705f5a1a30b31347db8edbe9e35e385eb6dc6a3d24d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:52 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
X-Powered-By: PHP/7.4.19
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:00:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3569
Expires: Thu, 24 Nov 2022 02:00:22 GMT
Date: Thu, 24 Nov 2022 01:00:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YJuHCuUgkLuFFiQUlrPWgv9grHznufMTU08hi4ZMpQTBmou6BGWrhQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:52 GMT
age: 11581
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3569
Expires: Thu, 24 Nov 2022 02:00:22 GMT
Date: Thu, 24 Nov 2022 01:00:53 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 065495ec7a963a205abd9c8dbc75cb5d
ea416d0df4f6706150bda5da2077174f5cdd986b
1b2a2afee887651b23a849f14ace89b330329f6bf61c331545a3f6d12037aee5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:00:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3569
Expires: Thu, 24 Nov 2022 02:00:22 GMT
Date: Thu, 24 Nov 2022 01:00:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f6118fc03f31862ff68fef8a2b9a7f
318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8089
x-amzn-requestid: f3c55266-9b03-4b7f-b076-fdf56704318e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QQyECioAMFzdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6b-3e10cef6117a10a4115cfce7;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:35 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ngJvyUydpRDSiYy9kfeh8JmydmR_K8mjfZtGLgT0qeE2JaABbDMSaQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:06:51 GMT
age: 10442
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:08:16 GMT
age: 10357
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3569
Expires: Thu, 24 Nov 2022 02:00:22 GMT
Date: Thu, 24 Nov 2022 01:00:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a16068e-5377-48a5-aaf5-19e46c86681d.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a16068e-5377-48a5-aaf5-19e46c86681d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e091109c8f54cf23b221d8d0a35d6914
a67bdea6358146f7de38d6be37e9f69a8edd5f22
362dc1665e27a4307a7ce832019a6e5e3d8edb0d18db084e4dc9dd026ea68df4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a16068e-5377-48a5-aaf5-19e46c86681d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11447
x-amzn-requestid: fb600f6e-d936-4255-b79f-528d9cb8e729
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvYTEqyIAMFalg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5ce-2bc3102e268ccdff7f960289;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mKjDkTbptvN8DvzCnw88-xjLOC6wi-72-rLF9Hp7yzCEBDVmJoHgIA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:26:09 GMT
age: 63284
etag: "a67bdea6358146f7de38d6be37e9f69a8edd5f22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b75c00c21f5854618bc06d14b8d83c40
ae14f585ae9682e6c2fad146c12c00ee4d83e8f3
a8e7585e49b01a64520051f8d38f499c8cb82645e3d146e6ca34378eac684e69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8E7585E49B01A64520051F8D38F499C8CB82645E3D146E6CA34378EAC684E69"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3569
Expires: Thu, 24 Nov 2022 02:00:22 GMT
Date: Thu, 24 Nov 2022 01:00:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6dee69c-a683-4448-a26a-ed78ea0cb4a0.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6dee69c-a683-4448-a26a-ed78ea0cb4a0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b88331b5cbc633ee1ae21a77a983e92
acc9dd298e87e1079229d2c958ec088023603974
299e0c024f5209289e27aea403337e05ec7da447e706eee79aae6e982986faee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6dee69c-a683-4448-a26a-ed78ea0cb4a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5553
x-amzn-requestid: 203724f3-e044-4533-ae46-af79c11e5460
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b_c6lFucoAMFs7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637c7510-4dad6a426642a025759eb363;Sampled=0
x-amzn-remapped-date: Tue, 22 Nov 2022 07:06:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JRqctghettaL53ADxhP7pd9gib0TsC6RZI8ERQldNYuusuha5qohpg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 07:15:07 GMT
age: 63946
etag: "acc9dd298e87e1079229d2c958ec088023603974"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bpsjambi.id/assets/vendor/aos/aos.css
200 OK 26 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/aos/aos.css
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type ASCII text, with very long lines (26053), with no line terminators
Hash 847da8fca8060ca1a70f976aab1210b9
0557d37454b67f42f2cb101e57e5070fb1193570
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/aos/aos.css HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:53 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "65c5-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 26053
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DYBcunpyI0FBJsJGh1kKpFI3X8kzCkO3mCxzUtWnaMKBT-Bv-zkq3Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:59:18 GMT
age: 10895
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
bpsjambi.id/assets/vendor/bootstrap-icons/bootstrap-icons.css
200 OK 89 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/bootstrap-icons/bootstrap-icons.css
IP
ASN #9341 PT INDONESIA COMNETS PLUS
Hash 91f7cf4a3d3f0660b4e3914e5ac9298a
6e12e1ebcd983f848e5c280ab77649eeb44e74bc
f0cf9bd878febf2ff6279b59f696031deb8f0f9f4ab1a1199f55d78f7c558638
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/bootstrap-icons/bootstrap-icons.css HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:53 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "15a09-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 88585
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
bpsjambi.id/assets/css/style.css
200 OK 32 kB URL HTTP/1.1 bpsjambi.id/assets/css/style.css
IP
ASN #9341 PT INDONESIA COMNETS PLUS
Hash 0af6550242a1f9188e646599c30c11f7
7c2231be0d96f5c6ed63561491bf3d4c916878a2
76ff1230c3b07415e2ef5e4858f256f8e994a811827c5ea3a82948c09ad5ec4b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/css/style.css HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:54 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Tue, 16 Aug 2022 04:31:16 GMT
ETag: "7bfc-5e654382114ea"
Accept-Ranges: bytes
Content-Length: 31740
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
bpsjambi.id/assets/vendor/glightbox/css/glightbox.min.css
200 OK 14 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/glightbox/css/glightbox.min.css
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type ASCII text, with very long lines (13749), with no line terminators
Hash 9b438b29cef1c212d1c65a877ffc7232
3b5b7904f4f4bcf55959c2ecef50821bd9110021
6d3f62d4d17969f9c70e9438cf671004725019e868123f2ebc295a006f8d5d2d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/glightbox/css/glightbox.min.css HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:54 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "35b5-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 13749
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:00:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bpsjambi.id
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 05:42:51 GMT
expires: Fri, 17 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 587883
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bpsjambi.id
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:13:13 GMT
expires: Tue, 21 Nov 2023 21:13:13 GMT
cache-control: public, max-age=31536000
age: 186461
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://bpsjambi.id
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 18:59:14 GMT
expires: Tue, 21 Nov 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 194500
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 4f22437494cab8f3b1de6d48c3677f43
42461557365b59e300ae356c37b95f652e10dacd
420bc8cc7c6624d9201c6e12fb6478f4a9cf77e90aad033b4d12687968003ccf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 01:00:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bpsjambi.id/assets/vendor/purecounter/purecounter_vanilla.js
200 OK 5.4 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/purecounter/purecounter_vanilla.js
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type ASCII text, with very long lines (5156), with CRLF line terminators
Hash 306b61cceb925965f85d9b377f1539ad
b6c8a987f5cb8b4aa99e2fcc5769baea50228a1c
fee31474403c6f8d140b83d8db9d3eb855c48aea51a41bf273d1f61367c730fb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/purecounter/purecounter_vanilla.js HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:54 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "1529-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 5417
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
bpsjambi.id/assets/vendor/aos/aos.js
200 OK 15 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/aos/aos.js
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type ASCII text, with very long lines (14690), with no line terminators
Hash d3718e34eeb0355be8e3179a2e2bccb7
850ee2e5c9fba610840137c6c4e92b5abbc428fe
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/aos/aos.js HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:54 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "3962-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 14690
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
bpsjambi.id/assets/vendor/bootstrap/css/bootstrap.min.css
200 OK 195 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/bootstrap/css/bootstrap.min.css
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type Unicode text, UTF-8 text, with very long lines (65305)
Size 195 kB (194699 bytes)
Hash f1a8fe9e98944b9d682ec5c3efac8f17
633e9b216d60d40eab6873175134e935b554f891
ed959b654022f7bae48ab9380dc129e065833e45a944c70d684c971ac3578cb8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:53 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "2f88b-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 194699
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
bpsjambi.id/assets/vendor/swiper/swiper-bundle.min.css
200 OK 16 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/swiper/swiper-bundle.min.css
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type ASCII text, with very long lines (16213)
Hash 9f19bcd3909008f03d1f6ed0bd48520e
60e9958b3402919d5ea06eadfde7adffd37b187b
d519e904f38d7cf39624a5d9277264b13151dce88586aa8c10763fd29235c220
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/swiper/swiper-bundle.min.css HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:54 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "4052-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 16466
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
bpsjambi.id/assets/vendor/boxicons/css/boxicons.min.css
200 OK 67 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/boxicons/css/boxicons.min.css
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type ASCII text, with very long lines (65536), with no line terminators
Hash 81e673f24e5b2c310a3fef63dbe116dd
b2df125458560b44161c8375883713eb3ae91305
b29cd63064611eeb851354145a1c984fe883d87971b53105206ad1d5da3de824
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/boxicons/css/boxicons.min.css HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:54 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "1040b-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 66571
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
bpsjambi.id/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
200 OK 80 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/bootstrap/js/bootstrap.bundle.min.js
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type ASCII text, with very long lines (65299)
Hash 2faceb2d3db75ced808545e78fab94ed
c663baa051856b64d746629a961e23bbf0fbaf8c
c0c09020adb6f602b16d48374166b9e38ca92383a81650b6a9097c43cc43f31f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/bootstrap/js/bootstrap.bundle.min.js HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:54 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "137ae-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 79790
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
bpsjambi.id/assets/vendor/isotope-layout/isotope.pkgd.min.js
200 OK 35 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/isotope-layout/isotope.pkgd.min.js
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type ASCII text, with very long lines (32019)
Hash 2afcff647ed260006faa71c8e779e8d4
c4e5994f24ee8c8d2cf2d6602f0b56b9096a2e98
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/isotope-layout/isotope.pkgd.min.js HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:54 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "8a75-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 35445
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
bpsjambi.id/assets/vendor/php-email-form/validate.js
200 OK 2.7 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/php-email-form/validate.js
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type ASCII text, with CRLF line terminators
Hash 225c117f2aa22955c8751c6496d67b51
d61e00f40f679c23285a7b25fc56f668497e0eea
98298ee749afc403099e6b7275b6741c93455cb59816cbcee110f0df2726f75f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/php-email-form/validate.js HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:55 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "aab-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 2731
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
bpsjambi.id/assets/js/main.js
200 OK 6.3 kB URL HTTP/1.1 bpsjambi.id/assets/js/main.js
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type ASCII text, with CRLF line terminators
Hash 1cb96728e725bab82642dc87d06ad4ed
272fa0ed12c4404a801b1c2d7c944671d14801ac
abf074d3313dbb58db801120e4fd053657af22d8f03882bbd74d9e85b8df993b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/js/main.js HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:55 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "18ab-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 6315
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
bpsjambi.id/assets/vendor/glightbox/js/glightbox.min.js
200 OK 56 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/glightbox/js/glightbox.min.js
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type ASCII text, with very long lines (55880), with no line terminators
Hash 2b4c8cbaade24ecb58bcb0d89694ccee
7c58d3bcb1c2ade0657cfd1642cb30d8b68e0917
03dfe1fbce92a9f17fcd1a1501213bd820d050ab085c338419ab06a3631c9459
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/glightbox/js/glightbox.min.js HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:54 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "da48-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 55880
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
bpsjambi.id/assets/vendor/remixicon/remixicon.css
200 OK 110 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/remixicon/remixicon.css
IP
ASN #9341 PT INDONESIA COMNETS PLUS
Size 110 kB (110438 bytes)
Hash a8aec561d3b9b905472b815cb2b818c2
300eda4d6282a06d056239258fd3d3c344df4853
13e29a29baade86f4e7a88d8e076d6a6f3ac8950757b50a0f8bbea1c33658d5c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/remixicon/remixicon.css HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:54 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "1af66-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 110438
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
bpsjambi.id/assets/vendor/remixicon/remixicon.woff2?t=1590207869815
200 OK 125 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/remixicon/remixicon.woff2?t=1590207869815
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type Web Open Font Format (Version 2), TrueType, length 125268, version 1.0\012- data
Size 125 kB (125268 bytes)
Hash 9915fef980fa539085da55b84dfde760
4d375abf43ed18aa54264c1b59714b0a59c593a4
e61f0d10c8cac8cd0ecb36790d6cce883380c0b185ff3c9bf849ed336ba8285c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/remixicon/remixicon.woff2?t=1590207869815 HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bpsjambi.id/assets/vendor/remixicon/remixicon.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:55 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "1e954-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 125268
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: font/woff2
bpsjambi.id/assets/img/hero2.png
200 OK 44 kB URL HTTP/1.1 bpsjambi.id/assets/img/hero2.png
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type PNG image data, 1379 x 815, 8-bit/color RGBA, non-interlaced\012- data
Hash bf28fc76b3e761a18bd781f433adfa75
e658a012d23e51f9cf159845223094c1c575bee9
929a9c53b62559632ae5723eb475d1a93b880f66c0f2b2abe46dc5741e7218a9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/hero2.png HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:55 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Sun, 14 Aug 2022 04:19:08 GMT
ETag: "acb7-5e62bd106384b"
Accept-Ranges: bytes
Content-Length: 44215
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
bpsjambi.id/assets/vendor/swiper/swiper-bundle.min.js
200 OK 143 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/swiper/swiper-bundle.min.js
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type ASCII text, with very long lines (65283)
Size 143 kB (143070 bytes)
Hash 38ef180eaf570243775427085e2ea834
e0d97d1c702c90dbb22a6294b3c1e4126ba1662a
b624e1e378abe009ef0de69a698b0a3e734af47efcdbd6816d5fcb8fc64c8bfe
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/swiper/swiper-bundle.min.js HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:54 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "22ede-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 143070
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
bpsjambi.id/assets/img/counts-img.svg
200 OK 46 kB URL HTTP/1.1 bpsjambi.id/assets/img/counts-img.svg
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (46242), with no line terminators
Hash bdf68e18eb7ece68ba92566d357730a4
7c7c12555628a7e361d4e2165b9a196549e75086
b278d751f3c9b5c427e2a4e8b1e92f300895a5c4b1dc33de978bb10553b1a915
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/counts-img.svg HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:57 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "b4a2-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 46242
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
bpsjambi.id/assets/vendor/bootstrap-icons/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf
200 OK 112 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/bootstrap-icons/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type Web Open Font Format (Version 2), TrueType, length 112440, version 1.0\012- data
Size 112 kB (112440 bytes)
Hash 31e1300d419245fd27614630601dc74d
3a284b0618771f29da8eb6be900e99439253dce0
c69bf1ccae5f13b5aa4345dcfeb209a8148ad0bfa1e0678b93792aae0429c764
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/bootstrap-icons/fonts/bootstrap-icons.woff2?8d200481aa7f02a2d63a331fc782cfaf HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bpsjambi.id/assets/vendor/bootstrap-icons/bootstrap-icons.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:55 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "1b738-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 112440
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: font/woff2
bpsjambi.id/assets/vendor/boxicons/fonts/boxicons.woff2
200 OK 115 kB URL HTTP/1.1 bpsjambi.id/assets/vendor/boxicons/fonts/boxicons.woff2
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type Web Open Font Format (Version 2), TrueType, length 115388, version 1.0\012- data
Size 115 kB (115388 bytes)
Hash 3d97761636a97b1be38c1198ca245e59
e435243b82ac5c0cbf1de50cf8f131fad02554e1
dab4eb1c17eef51499352bddfcd12dd99e1b86d9549f5051614867bcff004ca1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vendor/boxicons/fonts/boxicons.woff2 HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://bpsjambi.id/assets/vendor/boxicons/css/boxicons.min.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:55 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Mon, 25 Jul 2022 04:28:52 GMT
ETag: "1c2bc-5e4999efc0900"
Accept-Ranges: bytes
Content-Length: 115388
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/woff2
bpsjambi.id/assets/img/apple-touch-icon.png
404 Not Found 299 B URL HTTP/1.1 bpsjambi.id/assets/img/apple-touch-icon.png
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b4fd7c0951b94dc195ed64fe1ffaab1b
436a26299e549ccded3a293b8e3a1161bc8e6e63
1ac2f2f92e127f06fc2576cb98aab53c6fc46e23a9b545bc4af96a1b95c15cfa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/apple-touch-icon.png HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Date: Thu, 24 Nov 2022 01:00:58 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Content-Length: 299
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
bpsjambi.id/assets/img/favicon.png
200 OK 22 kB URL HTTP/1.1 bpsjambi.id/assets/img/favicon.png
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash 27b1ec0dded94702e56ff405ba3b573b
72bc249d99bb2ad9c527c359b15f496d94bc347e
fa3d25eb7a79a193b3df3036de94e871c47b82f614ea475e8001cb95bd3992cb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/favicon.png HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:58 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Sun, 14 Aug 2022 02:45:14 GMT
ETag: "5733-5e62a8136c94b"
Accept-Ranges: bytes
Content-Length: 22323
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
bpsjambi.id/assets/img/bglogin2.jpg
200 OK 674 kB URL HTTP/1.1 bpsjambi.id/assets/img/bglogin2.jpg
IP
ASN #9341 PT INDONESIA COMNETS PLUS
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 6000x4000, components 3\012- data
Size 674 kB (673511 bytes)
Hash 86f7490c74175e9005e439d80c967e1a
baddeda06b32be0e21231b5a1589ef4e0973a676
150d1985db8c572268be3ddd98ef3150768a4ec17da808e8736a5719417cdb90
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/bglogin2.jpg HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/assets/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:55 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Tue, 26 Jul 2022 04:22:08 GMT
ETag: "a46e7-5e4ada4c3550e"
Accept-Ranges: bytes
Content-Length: 673511
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
bpsjambi.id/assets/img/bps1500.png
200 OK 0 B URL HTTP/1.1 bpsjambi.id/assets/img/bps1500.png
IP
ASN #9341 PT INDONESIA COMNETS PLUS
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/img/bps1500.png HTTP/1.1
Host: bpsjambi.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 01:00:55 GMT
Server: Apache/2.4.47 (Win64) OpenSSL/1.1.1k PHP/7.4.19
Last-Modified: Thu, 20 May 2021 07:58:14 GMT
ETag: "45434-5c2be4e2cb61e"
Accept-Ranges: bytes
Content-Length: 283700
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i
IP
GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i|Raleway:300,300i,400,400i,500,500i,600,600i,700,700i|Poppins:300,300i,400,400i,500,500i,600,600i,700,700i HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://bpsjambi.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 01:00:53 GMT
date: Thu, 24 Nov 2022 01:00:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
103.144.228.238
172.64.155.188
93.184.220.29
23.36.77.32