Report - ladt.ovo3s.my.id/

Report Overview

Visited public
2023-12-06 15:58:12
Tags
URL
ladt.ovo3s.my.id/
Finishing URL
ladt.ovo3s.my.id/
IP / ASN
104.21.42.231
#13335 CLOUDFLARENET
Title
Mobile Legends: Bang Bang

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-06 07:08:39	474 B	12 kB	142.250.74.106
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-12-06 06:59:18	1.1 kB	46 kB	104.17.25.14
ladt.ovo3s.my.id	unknown	unknown	No data	No data	10 kB	1.6 MB	172.67.167.172
play-lh.googleusercontent.com	407	2008-11-17	2019-09-30 08:57:53	2023-12-05 19:44:27	506 B	74 kB	142.250.74.86
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-12-06 10:16:15	473 B	32 kB	104.18.10.207
raw.githubusercontent.com	35802	2014-02-06	2014-03-01 08:08:08	2023-12-06 05:16:20	1.2 kB	1.6 kB	185.199.109.133
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-12-06 08:09:09	886 B	61 kB	142.250.74.42
www.pubgmobile.com	21653	2017-10-18	2018-04-27 13:06:13	2023-12-05 10:10:52	463 B	700 B	95.101.11.50
unpkg.com	11693	2016-01-06	2016-01-08 00:26:01	2023-12-06 07:26:10	438 B	488 B	104.16.125.175
rawcdn.githack.com	72170	2013-10-12	2016-07-04 13:09:52	2023-12-05 08:59:25	1.1 kB	2.0 kB	104.21.234.231
m.mobilelegends.com	143892	2015-06-07	2018-01-30 13:38:44	2023-12-05 02:02:08	453 B	4.6 kB	95.101.11.25
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-06 06:43:40	423 B	33 kB	151.101.66.137
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-12-06 05:09:53	466 B	56 kB	151.101.129.229
i.ibb.co	13485	2010-07-20	2018-11-25 11:13:48	2023-12-05 17:52:11	907 B	60 kB	162.19.58.161
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-06 07:50:48	1.1 kB	32 kB	216.58.207.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent
2023-12-06	medium	ladt.ovo3s.my.id/	Tencent

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	ladt.ovo3s.my.id/	ScriptElement	4.9 kB	2023-03-14	2024-08-21
Pretty URL ladt.ovo3s.my.id/ IP 172.67.167.172 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 02:45 Last Seen2024-08-21 08:24 Times Seen50 Hash 22e443f5bd13b088f8397d97e2d5a8f5 8ba6e75b8c9ae4f547c4f2228216d45045fec017 2f19e0fae972358ebf2d973ba477f66931d72c0c3c8aa6e08c0370b8c6444489 Loading...

	code.jquery.com/jquery-1.10.2.min.js	ScriptElement	93 kB	2023-03-07	2025-05-11
Pretty URL code.jquery.com/jquery-1.10.2.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 06:17 Times Seen6561 Hash 628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 16:30 Times Seen8056 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 14:38 Times Seen7271 Hash 32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Loading...

	ladt.ovo3s.my.id/js/ryucodex.js	ScriptElement	4.3 kB	2023-03-07	2024-08-21
Pretty URL ladt.ovo3s.my.id/js/ryucodex.js IP 172.67.167.172 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29 Last Seen2024-08-21 08:24 Times Seen202 Hash 3c6b357da9a9c2229aa9db0d95f09fa6 7b15d8f866df1f83d3cebc72f8b29df8335b5bb4 d65b12be8cd3346554199d0d81fed9e1bf66ee7aa0da40a7f1b715e046f065e3 Loading...

HTTP Transactions (42)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.25.14

200 OK

5.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
e9365fe85b7e4db79a87015e52c3db6c
2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 15:57:54 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1071723
expires: Mon, 25 Nov 2024 15:57:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ThfuL7HQZVjQw6GScnJFiasvpiRhZWWcPX%2ByKQjyOReIpqjo1sGm%2B%2FSEv1Gxf6aj3eR45TdNnsnpt4lUBo0qoz1lv6Azu6HZM9aFQiG2SlGBdr44wZeJjiDT3r%2FZfZdQIJGejxS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8315ba307f46b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.10.2.min.js

151.101.66.137

200 OK

33 kB

URL GET HTTP/2
code.jquery.com/jquery-1.10.2.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32072)
Size
33 kB (32788 bytes)
Hash
628072e7212db1e8cdacb22b21752cda
0511abe9863c2ea7084efa7e24d1d86c5b3974f1
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

HTTP Headers

GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 06 Dec 2023 15:57:54 GMT
age: 7076074
x-served-by: cache-lga13622-LGA, cache-bma1622-BMA
x-cache: HIT, HIT
x-cache-hits: 47, 64599
x-timer: S1701878275.727099,VS0,VE0
vary: Accept-Encoding
content-length: 32788
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

142.250.74.42

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (32180)
Size
30 kB (29707 bytes)
Hash
32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 22:03:28 GMT
expires: Tue, 03 Dec 2024 22:03:28 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 150866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

142.250.74.42

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (32061)
Size
30 kB (29671 bytes)
Hash
e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

HTTP Headers

GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 12:03:49 GMT
expires: Wed, 04 Dec 2024 12:03:49 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 100445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/mlbb.webp

151.101.129.229

200 OK

55 kB

URL GET HTTP/2
cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/mlbb.webp
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
55 kB (54914 bytes)
Hash
903889e33eee9dc3c5e0931f33c0b814
621b1593bb4deb35f3858a25e2638ab5e22b5c16
78d66ff1ab1bd23f7fd6d9cdb93854881cb8f0b69e8a301faaf4f4eab058d19e

HTTP Headers

GET /gh/gowebid/assets@main/go_login/mlbb.webp HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/webp
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"d682-YhsVk7tN6zXzhYol4mOKteIrXBY"
accept-ranges: bytes
date: Wed, 06 Dec 2023 15:57:54 GMT
age: 27430
x-served-by: cache-fra-eddf8230088-FRA, cache-bma1655-BMA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 54914
X-Firefox-Spdy: h2

i.ibb.co/pKhn20Y/images-removebg-preview.png

162.19.58.161

200 OK

40 kB

URL GET HTTP/2
i.ibb.co/pKhn20Y/images-removebg-preview.png
IP
162.19.58.161:443
ASN
#16276 OVH SAS

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerLet's Encrypt
Subjectibb.co
FingerprintCC:72:96:95:90:7F:15:8E:AC:C5:40:3A:D2:6F:83:A3:DF:5E:72:56
ValidityMon, 09 Oct 2023 14:39:49 GMT - Sun, 07 Jan 2024 14:39:48 GMT

File type
PNG image data, 639 x 131, 8-bit/color RGBA, non-interlaced\012- data
Size
40 kB (39909 bytes)
Hash
97dafde2b3e0d87a4a8e564693c37c64
32d5bd7b6cb7fabba36381fe07e9c46b136e7bc0
58410b06a7a9c9c34be02ad30f46b67952d9cd2c8b3eebe1d33f2f4d2d3f4abd

HTTP Headers

GET /pKhn20Y/images-removebg-preview.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 15:57:54 GMT
content-type: image/png
content-length: 39909
last-modified: Fri, 13 Oct 2023 10:45:33 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.ibb.co/CPLNhns/Facebook-svg.png

162.19.58.161

200 OK

19 kB

URL GET HTTP/2
i.ibb.co/CPLNhns/Facebook-svg.png
IP
162.19.58.161:443
ASN
#16276 OVH SAS

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerLet's Encrypt
Subjectibb.co
FingerprintCC:72:96:95:90:7F:15:8E:AC:C5:40:3A:D2:6F:83:A3:DF:5E:72:56
ValidityMon, 09 Oct 2023 14:39:49 GMT - Sun, 07 Jan 2024 14:39:48 GMT

File type
PNG image data, 640 x 241, 8-bit/color RGB, non-interlaced\012- data
Size
19 kB (19224 bytes)
Hash
ff8a112ced1863753537602aa94d1f64
7c65c733a9a639207fb0f889293f5fa99207a42c
68c2458f31853921b2f7549efaa820b828dd534398c2c7d77532119fca83ebd6

HTTP Headers

GET /CPLNhns/Facebook-svg.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 06 Dec 2023 15:57:54 GMT
content-type: image/png
content-length: 19224
last-modified: Wed, 22 Nov 2023 09:01:37 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_menu.svg

95.101.11.50

200 OK

426 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_menu.svg
IP
95.101.11.50:443
ASN
#20940 Akamai International B.V.

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Size
426 B (426 bytes)
Hash
a1f09c4f5c87271dbccf8cb05885ad42
18bbacc9c372dcb6bc77c2475595e058c1ad1594
b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a

HTTP Headers

GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 426
date: Wed, 06 Dec 2023 15:57:55 GMT
X-Firefox-Spdy: h2

ladt.ovo3s.my.id/static/img/reward/1.png

172.67.167.172

200 OK

51 kB

URL GET HTTP/3
ladt.ovo3s.my.id/static/img/reward/1.png
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x416, components 3\012- data
Size
51 kB (51394 bytes)
Hash
b15c4f0b9eceb3444e07b351d7388a9c
06f518b4b26e39e15a3aa9f7428c18beb06eee06
8e3e4f33e6daf063e092d0f76a654f3baa94e8d4bab1de49f62cac1f0659654f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /static/img/reward/1.png HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:55 GMT
content-type: image/png
content-length: 51394
last-modified: Mon, 09 Jan 2023 10:43:26 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sw630XIrJFOoAoi0p%2BR0AV9uStMuI%2F1DnXG5wwtRt4LbhIrNrQS3vurJLmuAoiBL%2F80WPvRlek8oMx1YAzECPr5zUm3QmGrp3Be0jr8Z2HSPJt2YqfTNDodQaG5QNKfK5iQg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba305fc4b521-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14964, version 1.0\012- data
Size
15 kB (14964 bytes)
Hash
d6d554615ae9902f2173476e77d079fa
b5064acc8ba1c63153bfab733b915092e2b62cb6
4a0ce7a531a41b6fb56b8027541951ffe1ad67ab9e49a12ee4816247178d5bca

HTTP Headers

GET /s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ladt.ovo3s.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 02:44:45 GMT
expires: Wed, 04 Dec 2024 02:44:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:55:07 GMT
content-type: font/woff2
age: 133990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0

104.17.25.14

200 OK

38 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 38384, version 1.0\012- data
Size
38 kB (38384 bytes)
Hash
a4d31128b633bc0b1cc1f18a34fb3851
6ee4c79372c3fd679706306ede47e4b03cf53d60
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ladt.ovo3s.my.id
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:55 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 38384
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03ed9-95f0"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1244357
expires: Mon, 25 Nov 2024 15:57:55 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nca1W9jmbuEgR6fxB2rEvOIUSTFyh6gWFqaN09uq93GhL1IAJUnTiYyE5dFycSxA0dTdye2EArYAoMbK1RT3Fx3CWrgEqr2ZSPdf%2BU1v%2FdBO21KGGjABqrGoRFyjCMXUBSuSxbVQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8315ba373f7156af-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14964, version 1.0\012- data
Size
15 kB (14964 bytes)
Hash
d6d554615ae9902f2173476e77d079fa
b5064acc8ba1c63153bfab733b915092e2b62cb6
4a0ce7a531a41b6fb56b8027541951ffe1ad67ab9e49a12ee4816247178d5bca

HTTP Headers

GET /s/teko/v20/LYjNdG7kmE0gfaN9pQlEpVsHVQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ladt.ovo3s.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14964
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 02:44:45 GMT
expires: Wed, 04 Dec 2024 02:44:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:55:07 GMT
content-type: font/woff2
age: 133990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ladt.ovo3s.my.id/img/yzm5.jpg

172.67.167.172

200 OK

144 kB

URL GET HTTP/3
ladt.ovo3s.my.id/img/yzm5.jpg
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 820x360, components 3\012- data
Size
144 kB (143689 bytes)
Hash
0434c7c49d18d2a9194c89dbe14d1eae
a191749aa8e879d3f2db2fd7cb9f9b217e1ce505
b7010d3bdc69a7227412621e02abe6ecf6efff563c09b3bfe8f4cff53ba46e10

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/yzm5.jpg HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:55 GMT
content-type: image/jpeg
content-length: 143689
last-modified: Wed, 22 Nov 2023 08:40:44 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0a%2FR15dBYoQickP6f9qgEk2m408eBrt%2BvJjJhgiKroiMj8biFakkF0U7%2B7mMe5AHZ9HQSKfvlImgIlSeQxZsLAxv6uFoiFoDhyXKQ7Jd724xZd2XMBJjCpnS1VctlBmC2Q88"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba304f9db521-OSL
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/static/img/reward/4.png

172.67.167.172

200 OK

42 kB

URL GET HTTP/3
ladt.ovo3s.my.id/static/img/reward/4.png
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 250x407, components 3\012- data
Size
42 kB (41765 bytes)
Hash
7b4bd634b05e4a48b04b7550a2d39069
2e5d865122c7482d6a9212ab381a4ad1fc65504a
30449f27ae1b52c53a8540fb46916209151632688829164c7a24cd11debce22b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /static/img/reward/4.png HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:56 GMT
content-type: image/png
content-length: 41765
last-modified: Mon, 26 Dec 2022 18:52:48 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ykBJhgQIV8m3EtbF%2Bddqh8nBdtBVp5w5hINWTrPFn4x2DRi0EUwQabRUXMQ3rFVG%2BpwS%2BTvqcBg3eP%2FplPNPVpq6Ci%2F0Q2xfRC2u%2Fk7VHbe5EGYu36qQr8iwIMMxGipt19g"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba306fdcb521-OSL
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/static/img/reward/7.png

172.67.167.172

200 OK

3.8 kB

URL GET HTTP/3
ladt.ovo3s.my.id/static/img/reward/7.png
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 215x127, components 3\012- data
Size
3.8 kB (3813 bytes)
Hash
97d0470da9e7c51438ceb9c1c5daf8d5
871b8338bbb27e337878b5ee58032788079d4cf4
5bfdd7bb4ce7d59d5c0a87560d3255642c3d2fac41174e0ec49dbafb705750d5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /static/img/reward/7.png HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:56 GMT
content-type: image/png
content-length: 3813
last-modified: Tue, 29 Nov 2022 23:16:22 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRpIYp1cNIIuEQLiRnkjP0PLV5NNVJTgJzuoZQH%2BKlNNVnFilnSSb4YwcwK15Sf7QoL%2F7ustDjqz8paIuYFoM9%2FI4pyFi%2BahO45qhxn5CaotJNluIOB9yKtYDj3iRSfJXZoR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba307fecb521-OSL
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/static/img/reward/0.png

172.67.167.172

200 OK

44 kB

URL GET HTTP/3
ladt.ovo3s.my.id/static/img/reward/0.png
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 255x414, components 3\012- data
Size
44 kB (43460 bytes)
Hash
2090ddca3307f34fb4d8fe0b9a06cfb3
19790bb3265039752aedd4b22d4ec919e5609ec8
8243165262b2d60e7a3545f6e928c2a8ec007739ea7880934b94e1a8e8b2e67c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /static/img/reward/0.png HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:56 GMT
content-type: image/png
content-length: 43460
last-modified: Mon, 26 Dec 2022 18:51:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWk8OJO7DGDPaobFiYMKOfp%2B%2FGTAaSuCGRLfNugsfIZGeapvpoIDuEvJjO0Tb4FpIo7WE5ePaO6rw8YP3NbSlWRU1sghhzHR464gFXa1B7%2F9%2FQ2jiE%2BwCSO5QWpIpcR4q%2Fn5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba307ff6b521-OSL
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/static/img/reward/3.png

172.67.167.172

200 OK

5.7 kB

URL GET HTTP/3
ladt.ovo3s.my.id/static/img/reward/3.png
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 131x129, components 3\012- data
Size
5.7 kB (5729 bytes)
Hash
f78c3d99018e1bd3a8805c86782e3dbf
2b9d8f872b25baf0bfce0f6fee9de69d3fbca6d9
d9bf7fd3c05ec4119ac80f79ff61eebf3ae46ca4a63c65b9e9fdfbc452a3023a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /static/img/reward/3.png HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:57 GMT
content-type: image/png
content-length: 5729
last-modified: Tue, 29 Nov 2022 23:16:22 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J2fpd2kWq8HYZcbcw9xCZ4LLaSU8q2fruS3UEV4aL7H33Ts1OythEux2dwVNJ4Y0pDJvUKSD6gOpWldcDjXFS4YGJ6Dd3LIAjCj8A8eMkrKdOg8XA0BTK%2FTpmzWzEK775874"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba306fdbb521-OSL
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/static/img/reward/2.png

172.67.167.172

200 OK

14 kB

URL GET HTTP/3
ladt.ovo3s.my.id/static/img/reward/2.png
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 165x162, components 3\012- data
Size
14 kB (13812 bytes)
Hash
5afd62e20e7de6b4a917e45f33499565
53d66288a57f36d55a806b2f085136ae7d7a63ac
1fc65c15db81e3f762f78de2cfad5af6466cb209edea6096a89389b332593066

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /static/img/reward/2.png HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:57 GMT
content-type: image/png
content-length: 13812
last-modified: Tue, 29 Nov 2022 23:16:22 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEeQUPQEQZ2iK%2BEcEVpXozecLeY40IAotZIGsWBoOhzn%2FxJ%2Bwl1644m7iiCzH%2F%2FgHWUWUL7Ozb5VuWYspOLA%2FBzyNUMKJE8YaA8dzWK%2FM1ZGHZQEPci9KAX6UC48Us5j5rkq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba306fcdb521-OSL
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/static/img/reward/5.png

172.67.167.172

200 OK

27 kB

URL GET HTTP/3
ladt.ovo3s.my.id/static/img/reward/5.png
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 216x220, components 3\012- data
Size
27 kB (26799 bytes)
Hash
380098b2667fa15e91b0e56076adfc40
010a5481975f5c69852acfe2faecb84bda7a518c
429f106153f6465a36a3268c84179fcfb5981bba22da5657235e0aa27e3eacc9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /static/img/reward/5.png HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:57 GMT
content-type: image/png
content-length: 26799
last-modified: Tue, 29 Nov 2022 23:16:22 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xUpa8BgQPHQgHkUSzDdeGkIxi9HQemJdSuUNwchjfpw8n7KrkD4tPXmPcFpYG7m5jYwKy9hYf20fu4lK1CM4W9bZc5e6lo3fYAihWVrcpYpRg%2BcYFQlm1Ptd1qTm0Fwl85g9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba306fddb521-OSL
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/static/img/reward/6.png

172.67.167.172

200 OK

45 kB

URL GET HTTP/3
ladt.ovo3s.my.id/static/img/reward/6.png
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 252x417, components 3\012- data
Size
45 kB (45287 bytes)
Hash
422880d3fc795c06deb90812d3afb41e
f28ab1b56c4e4223bf0f6ce3935fabb9a40a3197
ee7a193785b111e26dedbd1a4db5d5734eb8cfa7e3f4bca36e66f198f16d9036

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /static/img/reward/6.png HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:57 GMT
content-type: image/png
content-length: 45287
last-modified: Fri, 06 Jan 2023 21:27:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttFUqY%2FkEY4k1mukZEql2ypwLD5bDJYoBFqRsaovZh2akh%2FNwp2Zkq8ziVujTgE5ih7CrX%2F3Sf0kruYEr7OS7nq%2BcP0HmTbn%2FGBeX8gG8gy6hoE6QE9%2B1Pn8XslLuYeGZ7HZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba306fdeb521-OSL
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/img/btn-off.png

172.67.167.172

200 OK

737 B

URL GET HTTP/3
ladt.ovo3s.my.id/img/btn-off.png
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
PNG image data, 195 x 58, 8-bit colormap, non-interlaced\012- data
Size
737 B (737 bytes)
Hash
0ec1c29e13291ba7838177581aaf9578
f9fe0f9a9e9d5333c6c21ee099766e67ed076778
5c53b5b7d34dc07cb451499f37ff279a87d87033e9f3b6589c887a667fedfc4d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/btn-off.png HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:58 GMT
content-type: image/png
content-length: 737
last-modified: Tue, 29 Nov 2022 23:13:36 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OKEPKBA%2BKEmsPrzFeEt%2FIhVwHL%2FVs8xkLtPxCIsxGz1p3HPt9ExDBJVu9P1W73thUAwt4gb942neLL1EYK2G96g8NK6LBBKbK0F412s074RHGXaSy2sLXfiuUO7eaBIN01bH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba36f8d3b521-OSL
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/img/wheel.png

172.67.167.172

200 OK

14 kB

URL GET HTTP/3
ladt.ovo3s.my.id/img/wheel.png
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
PNG image data, 397 x 340, 8-bit colormap, non-interlaced\012- data
Size
14 kB (13514 bytes)
Hash
1646fc0d8fe6a5b04c9b302c04fd5491
105a59093e892fd5ed0570ae466188e947fe8902
e703d2c7aaa7eec1ae51d2d4920253eb8a657eab1bc4a38d490caeb75e7b94dd

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/wheel.png HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:58 GMT
content-type: image/png
content-length: 13514
last-modified: Tue, 29 Nov 2022 23:13:36 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGSD7fUnHm5oo5PWAnbarpoHtVJnjVt%2FqJFBF7lF0NoRsvIgnp8OhbfYg4g3GjzG5jnayVK8Xtk%2FPkrRmRle%2BCncdmRVh%2FLpAPUrI%2BpnP9x4WKz%2Bz%2FbjnR51QzthN3ggYAa%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba304fa1b521-OSL
alt-svc: h3=":443"; ma=86400

rawcdn.githack.com/AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3

104.21.234.231

301 Moved Permanently

191 B

URL GET HTTP/2
rawcdn.githack.com/AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3
IP
104.21.234.231:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgithack.com
FingerprintE0:4C:6A:3D:28:60:EF:AD:74:3C:0F:96:F0:1E:27:17:61:4F:F6:1E
ValiditySat, 04 Nov 2023 09:58:56 GMT - Fri, 02 Feb 2024 09:58:55 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
191 B (191 bytes)
Hash
071fd8ecafea25912fcd3ac36da047f8
1df9fbcde3170de426d4ca7fa23870e69ac7f5a7
6a0441175769a66b712c9e317a0c46df05120400370b4f9fc9828d30e9338b08

HTTP Headers

GET /AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3 HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Wed, 06 Dec 2023 15:57:58 GMT
content-type: text/html
content-length: 191
location: https://raw.githubusercontent.com/AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3
expires: Thu, 07 Dec 2023 07:07:58 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8s3c37KpHNFuXEtTfPeDJ7MmN%2B8pzVsF6PX0zj%2FO%2F%2BFrK3JHF8TSxcJiP%2BxJDbfIdJlR13Uwyct5EFBLkITsvu%2B8i2lws8fjz2eZVOkCYLYRqelXzUEGqCXf5I7InjcvPQbWtqc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba48dd620afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

rawcdn.githack.com/AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3

104.21.234.231

301 Moved Permanently

191 B

URL GET HTTP/2
rawcdn.githack.com/AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3
IP
104.21.234.231:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectgithack.com
FingerprintE0:4C:6A:3D:28:60:EF:AD:74:3C:0F:96:F0:1E:27:17:61:4F:F6:1E
ValiditySat, 04 Nov 2023 09:58:56 GMT - Fri, 02 Feb 2024 09:58:55 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
191 B (191 bytes)
Hash
071fd8ecafea25912fcd3ac36da047f8
1df9fbcde3170de426d4ca7fa23870e69ac7f5a7
6a0441175769a66b712c9e317a0c46df05120400370b4f9fc9828d30e9338b08

HTTP Headers

GET /AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3 HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Wed, 06 Dec 2023 15:57:58 GMT
content-type: text/html
content-length: 191
location: https://raw.githubusercontent.com/AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3
expires: Thu, 07 Dec 2023 06:04:46 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLaSR8ozqzSWZapW0qQlaYW6UnwFfEczltuIJqoWa5vnJfFiyJSQd97zNQE88GzvBlXnNkUR6lohuNsAIa%2F5oVIBp9jf2kIHnnuBJzszVjBnvRY6dZqXOlIJ4CRwAPwO%2FnceJ5k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba48dd680afe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ladt.ovo3s.my.id/css/login/facebook.css

172.67.167.172

200 OK

772 B

URL GET HTTP/3
ladt.ovo3s.my.id/css/login/facebook.css
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
ASCII text
Size
772 B (772 bytes)
Hash
7963984a8f422cb6cdabcb6597f3f252
8932b3a35c501044ccf88aab675703b972868182
a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /css/login/facebook.css HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:54 GMT
content-type: text/css
last-modified: Mon, 20 Jun 2022 15:07:26 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1h3C%2FG8aMq0zCvZQZap%2BfRbfLuFXbCDgIZkYSaNqjbyk2xIsO5kHodIVRH%2B4jy8DaQPWRyn%2F%2FUjRZ8IgZpQeO4jrqxzmTOe7Equuyfe3gGw2rNXNL7z9UJEwvSlfWaY0BupF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba303f73b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/static/img/reward/8.png

172.67.167.172

200 OK

44 kB

URL GET HTTP/3
ladt.ovo3s.my.id/static/img/reward/8.png
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 255x414, components 3\012- data
Size
44 kB (43460 bytes)
Hash
2090ddca3307f34fb4d8fe0b9a06cfb3
19790bb3265039752aedd4b22d4ec919e5609ec8
8243165262b2d60e7a3545f6e928c2a8ec007739ea7880934b94e1a8e8b2e67c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /static/img/reward/8.png HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:58 GMT
content-type: image/png
content-length: 43460
last-modified: Mon, 26 Dec 2022 18:51:38 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bf6WKX31rWM4MktIkboNK6YJaCHi7Sks9X%2FMLrDCWikPma5C3l%2FhOmvOfmLOpqeUJYcE7aqxIOi5etmNlTWEkWiC5VLTu6UUR%2Bi2mrthX7XXHF%2Fdewdb0jSNUs7EtKLjbnHB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba307ff5b521-OSL
alt-svc: h3=":443"; ma=86400

raw.githubusercontent.com/AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3

185.199.109.133

404 Not Found

14 B

URL GET HTTP/2
raw.githubusercontent.com/AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3
IP
185.199.109.133:443
ASN
#54113 FASTLY

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerDigiCert Inc
Subject*.github.io
FingerprintA1:46:14:C7:2A:1D:52:79:F6:AA:2B:B2:C5:0A:3B:D3:F5:02:06:75
ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 20 Mar 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
14 B (14 bytes)
Hash
3be7b8b182ccd96e48989b4e57311193
78fb38f212fa49029aff24c669a39648d9b4e68b
d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed

HTTP Headers

GET /AlexHostX/all.asset/6635455e463c4b55d9c4dac99f2c44f9091b612c/unclick.mp3 HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, identity
Range: bytes=0-
Referer: https://ladt.ovo3s.my.id/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
content-type: text/plain; charset=utf-8
x-github-request-id: DDA6:A026:24D8AD:25EC1E:65709A06
accept-ranges: bytes
date: Wed, 06 Dec 2023 15:57:58 GMT
via: 1.1 varnish
x-served-by: cache-bma1659-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701878279.654254,VS0,VE196
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 44b823370589936136088bef9ed0986332c66337
expires: Wed, 06 Dec 2023 16:02:58 GMT
source-age: 0
content-length: 14
X-Firefox-Spdy: h2

ladt.ovo3s.my.id/js/ryucodex.js

172.67.167.172

200 OK

22 kB

URL GET HTTP/3
ladt.ovo3s.my.id/js/ryucodex.js
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
ASCII text, with very long lines (4284), with no line terminators
Size
22 kB (22016 bytes)
Hash
3c6b357da9a9c2229aa9db0d95f09fa6
7b15d8f866df1f83d3cebc72f8b29df8335b5bb4
d65b12be8cd3346554199d0d81fed9e1bf66ee7aa0da40a7f1b715e046f065e3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /js/ryucodex.js HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:58 GMT
content-type: text/javascript
last-modified: Wed, 26 Oct 2022 17:44:40 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgtURqEwGBa1H7Em4b02zhheE3yw4gMhJezx04EE7B9alqPJKSLuz3bYTbEa%2FuGKfZZqIKklQETe7RRCZL37Gw2bz2%2BmNVxqIBRXqBXY95GPG3MvRGxQDwhvS%2B%2FTfSo4ny8E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba30c855b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/img/background22.jpg

172.67.167.172

200 OK

313 kB

URL GET HTTP/3
ladt.ovo3s.my.id/img/background22.jpg
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 736x1364, components 3\012- data
Size
313 kB (312573 bytes)
Hash
fb804d7e46fcb5746709d65bb69fec02
52eda8882d972487c3ac214d0cb475b09c5792f9
b60cfa72170efcd1e1f9eb6b6effef94864daffc7611676ec59830ab27e2f136

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/background22.jpg HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:58 GMT
content-type: image/jpeg
content-length: 312573
last-modified: Wed, 22 Nov 2023 08:54:23 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zfQjxZRTJl7NDfhMLiQfM0uy9%2BSt2Em8Dk8mqwcmiIiIOpRcGElinWEGCbXDraYH2Z1UK1ml%2B02%2BjjIjgWFauSoFfgTfoHlYbpVibOuNlBucQP9XKxS4SjUUpwl4szIJZ6i"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba36f8c9b521-OSL
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/

172.67.167.172

200 OK

277 kB

URL User Request GET HTTP/2
ladt.ovo3s.my.id/
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text
Size
277 kB (276647 bytes)
Hash
2500ec9c9cde4ef176973f3cf646cb00
306776090e4c03a6dd89c336254847df1c75a425
63646284e49c388bf656f472b28ea514598b82f209d169be393baab22868a788

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET / HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 15:57:54 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrGknwyR2tvQzUvJsvL07eByC%2BHGq8%2FrQfrSZCRZWmWsYNFItJxokj8Y%2B9WXxEo3byjcJGQHg5B%2FSvHtliOSGhv%2FdBxcOgWOSo3%2BZ1Pfg%2B8pYmfIN9%2BTWSOu6cwtwCsP8GVr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8315ba2aba24b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

play-lh.googleusercontent.com/jWN9pjF7atbqHYXAAfwvIjtzpGwTIVwX9etT0-9HiWjRjE1hInoEgJiWjwsiemu2rEb8

142.250.74.86

200 OK

73 kB

URL GET HTTP/2
play-lh.googleusercontent.com/jWN9pjF7atbqHYXAAfwvIjtzpGwTIVwX9etT0-9HiWjRjE1hInoEgJiWjwsiemu2rEb8
IP
142.250.74.86:443
ASN
#15169 GOOGLE

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectedgestatic.com
FingerprintC8:30:4C:1A:A8:FF:83:E1:A2:7F:DB:02:8C:D9:05:46:C4:D6:CA:95
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
73 kB (73303 bytes)
Hash
2bafc2fba248405e93058e3c26dfa614
8361bf3eec4ea108953492ad3a332d48d6f7671f
828588fb737f1eb815949ff596fe72a7ba7a1fdb9ad6816d95aa97e88f150506

HTTP Headers

GET /jWN9pjF7atbqHYXAAfwvIjtzpGwTIVwX9etT0-9HiWjRjE1hInoEgJiWjwsiemu2rEb8 HTTP/1.1
Host: play-lh.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Thu, 07 Dec 2023 15:57:59 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
x-content-type-options: nosniff
date: Wed, 06 Dec 2023 15:57:59 GMT
server: fife
content-length: 73303
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

m.mobilelegends.com/static/images/favicon.ico

95.101.11.25

200 OK

3.7 kB

URL GET HTTP/1.1
m.mobilelegends.com/static/images/favicon.ico
IP
95.101.11.25:443
ASN
#20940 Akamai International B.V.

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerDigiCert, Inc.
Subject*.mobilelegends.com
Fingerprint80:6B:D3:96:DF:2A:21:B4:F0:5E:FF:6E:6A:23:76:0E:BF:C5:71:19
ValidityMon, 27 Nov 2023 00:00:00 GMT - Fri, 27 Dec 2024 23:59:59 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
3.7 kB (3702 bytes)
Hash
af5f4d61f91c3ece97cc1da8aa22c6fd
e9330e790dbf0ab47324c5b58299e1c0e8ae7800
9ad6444561bc88ce81ddd8488e24106fa36682d37fb98a32c52baf8456d0352e

HTTP Headers

GET /static/images/favicon.ico HTTP/1.1
Host: m.mobilelegends.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Last-Modified: Thu, 14 Sep 2023 09:54:13 GMT
ETag: "6502d845-e76"
Strict-Transport-Security: max-age=15724800; includeSubDomains
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET,HEAD,OPTIONS,POST,PUT,DELETE
Access-Control-Allow-Headers: DNT,X-CustomHeader,X-LANG,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Api-Key,X-Device-Id,Access-Control-Allow-Origin,x-token,x-project-id,sign,roleId,escaped,zoneId,deviceId,token,language,clientparam
Access-Control-Max-Age: 1728000
Content-Type: image/x-icon
Content-Length: 3702
Accept-Ranges: bytes
X-Origin-Response-Time: 419,184.31.15.76
Cache-Control: max-age=2934
Expires: Wed, 06 Dec 2023 16:46:53 GMT
Date: Wed, 06 Dec 2023 15:57:59 GMT
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1099597
X-Parent-Response-Time: 30,95.101.11.133, 34,95.101.11.21

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

31 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 06 Dec 2023 15:57:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 1252449
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8315ba308c75712b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

raw.githubusercontent.com/AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3

185.199.109.133

404 Not Found

0 B

URL GET HTTP/2
raw.githubusercontent.com/AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3
IP
185.199.109.133:443
ASN
#54113 FASTLY

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerDigiCert Inc
Subject*.github.io
FingerprintA1:46:14:C7:2A:1D:52:79:F6:AA:2B:B2:C5:0A:3B:D3:F5:02:06:75
ValidityTue, 21 Feb 2023 00:00:00 GMT - Wed, 20 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /AlexHostX/all.asset/d1a42a80f01064a559cb0ce4e5ec0474091c651f/click.mp3 HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br, identity
Range: bytes=0-
Referer: https://ladt.ovo3s.my.id/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
content-type: text/plain; charset=utf-8
x-github-request-id: D7BC:388C:258915:26A390:65709A05
accept-ranges: bytes
date: Wed, 06 Dec 2023 15:57:58 GMT
via: 1.1 varnish
x-served-by: cache-bma1659-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1701878279.631326,VS0,VE134
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 691cce0270510c6a0aa83f92e505236cf7ad52fc
expires: Wed, 06 Dec 2023 16:02:58 GMT
source-age: 0
content-length: 14
X-Firefox-Spdy: h2

unpkg.com/package-ion@2.4.3-icons/ionicons.map.js

104.16.125.175

404 Not Found

0 B

URL GET HTTP/2
unpkg.com/package-ion@2.4.3-icons/ionicons.map.js
IP
104.16.125.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /package-ion@2.4.3-icons/ionicons.map.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Wed, 06 Dec 2023 15:57:55 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
etag: W/"2b-fYuHHVpRh3xetcRZpF4tsszS3/0"
via: 1.1 fly.io
fly-request-id: 01HGZXK6NQ0BA2V2JV3GQTG2SC-arn
cf-cache-status: EXPIRED
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8315ba310c8756b7-OSL
content-encoding: br
X-Firefox-Spdy: h2

ladt.ovo3s.my.id/css/style.css

172.67.167.172

200 OK

22 kB

URL GET HTTP/3
ladt.ovo3s.my.id/css/style.css
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
22 kB (22033 bytes)
Hash
fbea87a03da32f663d08058ff2ff78b0
3894787ff78495f96b0795d462319f39cbf37a38
91592823e8a6d85735b4b4cf3828f6b8dd37f5bc65e4144f0cc21ed73ab2cf0a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /css/style.css HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:55 GMT
content-type: text/css
last-modified: Thu, 27 Oct 2022 23:30:40 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cUKeentD1L17f30P5B5Cyu%2B90GWgEe0ah0%2BtdJhDmvgrClem%2BPFOOuIjgUbNJD%2FiMHF397gfdoWUHsPl5WgnbJ6W1yi3ZvlFL%2Fq5GfO3ju5Mkmlg6tp381wyQsP4a0NJ7dsb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba302f6db521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text
Size
12 kB (11603 bytes)
Hash
28abeed290ed65409b9fdac0b8ada4dc
e1b078d816c00c38edcda8f6da63773e43b6bb9b
a54cbba9c5d519add8cafd17df2d5a97757f7f7327667718bb19e1340c5c5b25

HTTP Headers

GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 06 Dec 2023 15:57:55 GMT
date: Wed, 06 Dec 2023 15:57:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ladt.ovo3s.my.id/css/login/twitter.css

172.67.167.172

200 OK

2.2 kB

URL GET HTTP/3
ladt.ovo3s.my.id/css/login/twitter.css
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
ASCII text, with very long lines (2432), with no line terminators
Size
2.2 kB (2177 bytes)
Hash
7d5267c9b34aa43887197a665912df33
3a527c4c1711d636a2b59c2efa4335c1f63b04b4
348779db86aad5d0930000f53c1763b20a7613db3aaebaccd12b5d0789bbb3a3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /css/login/twitter.css HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:55 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 15:02:08 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGsnAthb%2FA3jcCzfKodB6dNGW%2FdJQyck%2FOTZQvZ7anvvR7B2PkEfB9g88kWt9Qk%2FlcYQl2L24Rqlq0PqxMNaVBDhzV5c2Tzaay7fRGROjUuDk%2FfNLr9ResqFp8v7RpQ57L36"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba303f75b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/static/img/btnWheel.png

172.67.167.172

200 OK

271 kB

URL GET HTTP/3
ladt.ovo3s.my.id/static/img/btnWheel.png
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
PNG image data, 1280 x 1280, 8-bit colormap, non-interlaced\012- data
Size
271 kB (271251 bytes)
Hash
e140fc0955058f65643ccd507bcd844d
44da123d43a262c14daef1c4875622a84ab84fec
918a188bb7aebf868d450f9746990095eb725576ed6a9b765ee3b4efd07edbe3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /static/img/btnWheel.png HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:58 GMT
content-type: image/png
content-length: 271251
last-modified: Tue, 29 Nov 2022 23:15:34 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ih1XTHtpyenF3O0kJvjLcu9y0nccW1DVx150SvywRZZvrJ6aNw8ZQkgN0QOhujyOaMAqOqdkJpx%2BdT6yrvMy4UUwURWO%2BlIZMgGIoHp81UHKmWat%2FvJ6XQ2APlsdBasuHyuY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba305fc3b521-OSL
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/static/wheelsong.mp3

172.67.167.172

206 Partial Content

146 kB

URL GET HTTP/3
ladt.ovo3s.my.id/static/wheelsong.mp3
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 256 kbps, 44.1 kHz, JntStereo\012- data
Size
146 kB (145599 bytes)
Hash
00fd391bc94b81b60b007c8d03c286ed
cbb4ba500de793c1c154aae6320ea25780c721ac
ff1612bc22d061c982c3724ce33b6aea90464f596a27968d92c435dfefe2d786

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /static/wheelsong.mp3 HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 206 Partial Content
date: Wed, 06 Dec 2023 15:57:59 GMT
content-type: audio/mpeg
content-length: 315326
last-modified: Tue, 04 Oct 2022 12:34:34 GMT
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-315325/315326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5UFKaFmFppmXy1rW7%2B3cJ0YUeLSBDq2%2Btq%2FapndQxiXxXYFb70TVj8Q65TqydxjAGk%2BePUhWdLChZ8d8GZVQHmVuNyM4tLTXBlqb8v%2Ft32vXHKdYvh8JpEiABtXQDYftphL2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba4878a2b521-OSL
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/css/animate.css

172.67.167.172

200 OK

78 kB

URL GET HTTP/3
ladt.ovo3s.my.id/css/animate.css
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
ASCII text
Size
78 kB (77906 bytes)
Hash
8eae1a9cfafdc593321d4d59ec4905ea
232f5f3f4c3a0a56823e0e933f9c7fec3aa9cbcc
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 06 Dec 2023 15:57:55 GMT
content-type: text/css
last-modified: Mon, 20 Jun 2022 15:07:26 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpCUA9XeqAdmrd9JmIgsFafMYUDf7xL4KPtC%2Bwa4n10jUrkJrgCVLYTw4H%2FaQclEbywBs47GshqBQKWPVI%2Fiz8C4MY1s9YAc7q9wy377RTfCJ03ssLh8okH%2FOr56PVaV7I7N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba303f71b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ladt.ovo3s.my.id/static/wheelStop.mp3

172.67.167.172

206 Partial Content

21 kB

URL GET HTTP/3
ladt.ovo3s.my.id/static/wheelStop.mp3
IP
172.67.167.172:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ladt.ovo3s.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectovo3s.my.id
Fingerprint50:2F:95:4E:0E:6F:41:1F:E4:69:4C:C9:EC:F0:6C:E0:4D:11:C1:03
ValiditySun, 03 Dec 2023 08:09:35 GMT - Sat, 02 Mar 2024 08:09:34 GMT

File type
Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 48 kHz, JntStereo\012- data
Size
21 kB (20994 bytes)
Hash
da5c02d0af9c7f9db0fb0e213858ccfa
9f7c649258009c2c853b74349c060d9de12109b1
2998755f4b37c49010974e07f9aa0643b0a9c5be592d42988c733d0e3acc9ae3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /static/wheelStop.mp3 HTTP/1.1
Host: ladt.ovo3s.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://ladt.ovo3s.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 206 Partial Content
date: Wed, 06 Dec 2023 15:57:59 GMT
content-type: audio/mpeg
content-length: 20994
last-modified: Tue, 04 Oct 2022 12:34:34 GMT
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-20993/20994
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gqaa4ha2hZqkcT%2BQVhjsJWnyz9zfAt%2BgxN4wg09RZe4FIQvxPQ%2BjnD8bPT0h6%2FAGjrKfBduDarBBkAt4IBiFxLCwMRHv8Nw%2Bq0zm1ajf7EP3eH5IlMX77QJB5p02wwP9kreU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8315ba4878a8b521-OSL
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (42)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by