r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15939
Expires: Sun, 26 Mar 2023 02:38:02 GMT
Date: Sat, 25 Mar 2023 22:12:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17978
Expires: Sun, 26 Mar 2023 03:12:01 GMT
Date: Sat, 25 Mar 2023 22:12:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5431
Expires: Sat, 25 Mar 2023 23:42:54 GMT
Date: Sat, 25 Mar 2023 22:12:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 21:15:29 GMT
content-type: application/json
age: 3414
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: OczmN7kBEC6n3KBR+v9nui9fC68MoiiyW4DRL2SrfpBUBpYo5zMWm46hE5q/lboCstyP4Ub4M8E=
x-amz-request-id: GZVT0CT7SPYDFFYJ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 21:55:04 GMT
age: 1039
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
37.44.244.177/simakda_jeneponto/auth
200 OK 9.3 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/auth
IP
ASN #47583 Hostinger International Limited
File type HTML document text\012- exported SGML document, ASCII text
Hash ad691ccf76577b93d2202eaa8a12f917
cbed99604cbfb7a9c15afa4f841a8c4ec1840fa0
0a00037f709ae8ae98b31745628a70b49895c120bbac0458c0840433b44aa3c4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/auth HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Set-Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046; expires=Sun, 26-Mar-2023 00:12:23 GMT; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 22:12:23 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jszip/2.4.0/jszip.min.js
200 OK 24 kB URL HTTP/1.1 cdnjs.cloudflare.com/ajax/libs/jszip/2.4.0/jszip.min.js
IP
Hash 9ea0154d7831e0569181aa5e11658709
3938ee997c3dd21f6012ca7753e92c4262918aa2
cefbce0ccf75fb3b271b98a20745dc7e01c2fadff8d59e290ac53769d24a034d
GET /ajax/libs/jszip/2.4.0/jszip.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 22:12:23 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 23586
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30672000
Content-Encoding: gzip
ETag: "5eb03ecf-126e2"
Last-Modified: Mon, 04 May 2020 16:11:59 GMT
cf-cdnjs-via: cfworker/kv
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
CF-Cache-Status: MISS
Expires: Thu, 14 Mar 2024 22:12:23 GMT
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=to6HMsgk7SVow%2FlLOEw4zK%2FqVmtg0G6bCx68%2Fk%2FQ7qW7uN4sYPOYnPqBFrrrvF%2F%2BEcg0hzBj%2FlQiqeMKTTLxDeUQ%2Fi20VgJtMts0o7e%2BKWXHkkVaS0jr5p1pQjOhhStCYYmnUw5p"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7ada7ebfe8da0b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
37.44.244.177/simakda_jeneponto/assets/vendor/metisMenu/dist/metisMenu.css
200 OK 2.0 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/metisMenu/dist/metisMenu.css
IP
ASN #47583 Hostinger International Limited
Hash 14852c857486471ef4fd1dd1a39a3883
9b69d92b841b1a03d3da8945b2be27606dac438a
b1c1f49d3eb82cd8228b3e4cb7b0cde53f33c2df6ce92365635059dfcdbc304f
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/metisMenu/dist/metisMenu.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:23 GMT
Content-Type: text/css
Content-Length: 2006
Last-Modified: Wed, 24 Feb 2021 12:36:53 GMT
Connection: keep-alive
ETag: "60364865-7d6"
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 21:14:33 GMT
age: 3470
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
37.44.244.177/simakda_jeneponto/assets/vendor/ladda/dist/ladda-themeless.min.css
200 OK 7.7 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/ladda/dist/ladda-themeless.min.css
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (7593)
Hash 075f316196e374278d4dc0a47b871a57
aaadc02dde86bdddea1e97990c7fca0786876b68
006846141b179dc244a381d2694d3c57da71b7aa99257170443f9ffd26a18566
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/ladda/dist/ladda-themeless.min.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:23 GMT
Content-Type: text/css
Content-Length: 7710
Last-Modified: Wed, 24 Feb 2021 12:36:50 GMT
Connection: keep-alive
ETag: "60364862-1e1e"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/sweetalert/lib/sweet-alert.css
200 OK 17 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/sweetalert/lib/sweet-alert.css
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 419487137bbd823c34421de9822edd24
849514bda864d557f49951e2a74a35e5b444213b
ed3177b32a9a10f218a0374c47973ebbbbb9e7ad7d2214174c69c7109a39b5cb
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/sweetalert/lib/sweet-alert.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:23 GMT
Content-Type: text/css
Content-Length: 16677
Last-Modified: Wed, 24 Feb 2021 12:37:10 GMT
Connection: keep-alive
ETag: "60364876-4125"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/fontawesome/css/font-awesome.css
200 OK 33 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/fontawesome/css/font-awesome.css
IP
ASN #47583 Hostinger International Limited
File type troff or preprocessor input, ASCII text, with very long lines (372)
Hash 5343ee1a287a65ff20961476fd8a6188
b488600451227b445414796e9b8550e7c1bd6d29
082b0736a3408950e50fd65a090921003fe83d89ec6e3084549a01d5dfa9e854
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/fontawesome/css/font-awesome.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:23 GMT
Content-Type: text/css
Content-Length: 33233
Last-Modified: Wed, 24 Feb 2021 12:35:57 GMT
Connection: keep-alive
ETag: "6036482d-81d1"
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 717ebcc65cb1390c2509851bac7b5878
1e04e3058329f3809bc01022d441172dcacc1aaa
3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9367
Expires: Sun, 26 Mar 2023 00:48:31 GMT
Date: Sat, 25 Mar 2023 22:12:24 GMT
Connection: keep-alive
37.44.244.177/simakda_jeneponto/assets/select2/css/select2-bootstrap.css
200 OK 23 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/select2/css/select2-bootstrap.css
IP
ASN #47583 Hostinger International Limited
Hash dcec0cc93fbad9b73863ba25adf6fa05
3d7d4088939475b6aedfc2773f29ae15ede56381
cc59cd6ec53ebb79742be31a63dd91bc923a01d0150312b7fd0ac10291ef947f
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/select2/css/select2-bootstrap.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:23 GMT
Content-Type: text/css
Content-Length: 23192
Last-Modified: Wed, 24 Feb 2021 12:33:47 GMT
Connection: keep-alive
ETag: "603647ab-5a98"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/clockpicker/dist/bootstrap-clockpicker.min.css
200 OK 3.1 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/clockpicker/dist/bootstrap-clockpicker.min.css
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (2932)
Hash 3d3a40f07d13f5823e9837e6951bdc8e
7d88252906742c47ae5263adfa72b3d0ed2346d5
941b5fead67e4b013fb0d311ec916d0b20f8e2c9ccdc7d85ae407f5b8d347090
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/clockpicker/dist/bootstrap-clockpicker.min.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:23 GMT
Content-Type: text/css
Content-Length: 3135
Last-Modified: Wed, 24 Feb 2021 12:36:37 GMT
Connection: keep-alive
ETag: "60364855-c3f"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/eonasdan-bootstrap-datetimepicker/build/css/bootstrap-datetimepicker.min.css
200 OK 7.8 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/eonasdan-bootstrap-datetimepicker/build/css/bootstrap-datetimepicker.min.css
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (7655)
Hash 6403449954c405835d38d612e6fbab00
0215f5ce32e5a916c79ada04b2d456648b7dc741
1f294730bade6385556afe12e9cfa2f91f89b6c8fa6fc22a69a7732e122baab0
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/eonasdan-bootstrap-datetimepicker/build/css/bootstrap-datetimepicker.min.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:23 GMT
Content-Type: text/css
Content-Length: 7771
Last-Modified: Wed, 24 Feb 2021 12:43:53 GMT
Connection: keep-alive
ETag: "60364a09-1e5b"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/fonts/pe-icon-7-stroke/css/pe-icon-7-stroke.css
200 OK 8.3 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/fonts/pe-icon-7-stroke/css/pe-icon-7-stroke.css
IP
ASN #47583 Hostinger International Limited
Hash 9a12d491a2e55c4d64be3fbd655c12e8
54d8c140a19fc130a1717704f572f84e077db497
dc81a269a0dfa8e51f2aefa000e973b13c4df13cbc9000d3da994167b57931b4
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/fonts/pe-icon-7-stroke/css/pe-icon-7-stroke.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:23 GMT
Content-Type: text/css
Content-Length: 8331
Last-Modified: Wed, 24 Feb 2021 12:35:43 GMT
Connection: keep-alive
ETag: "6036481f-208b"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/datatables/datatables.min.css
200 OK 14 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/datatables/datatables.min.css
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (14189)
Hash 945c1dd0b18226b7070dbf11c39cb39c
4e9accf31af06f41fc8e6c7681d7080a7a97ac4d
649cc0d38425a5c86a1dfa2915df8f02ea3534849a9329070991d231b03e58cd
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/datatables/datatables.min.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:23 GMT
Content-Type: text/css
Content-Length: 14515
Last-Modified: Wed, 24 Feb 2021 12:32:35 GMT
Connection: keep-alive
ETag: "60364763-38b3"
Accept-Ranges: bytes
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash c4a7f0f4adae6ccfcd882679c5977337
2f1a432b52fea7fef40c15da27320fe8327c65a0
4b14b68b091c070b04dc6b1d930639c96fa114758bfbd111ea51dfac7d4c3b6d
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 25 Mar 2023 22:12:24 GMT
Etag: "641f13c7-1d7"
Last-Modified: Sat, 25 Mar 2023 21:31:44 GMT
Server: ECAcc (nya/78C0)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4urBIb2dnWpzW510qu1ebCy4RP3lTJai8yskptwH7Tf4fOil-lx8_A==
Age: 2440
ocsp.r2m01.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP
Hash c4a7f0f4adae6ccfcd882679c5977337
2f1a432b52fea7fef40c15da27320fe8327c65a0
4b14b68b091c070b04dc6b1d930639c96fa114758bfbd111ea51dfac7d4c3b6d
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153001
Date: Sat, 25 Mar 2023 22:12:24 GMT
Etag: "641f13c7-1d7"
Expires: Mon, 27 Mar 2023 16:42:25 GMT
Last-Modified: Sat, 25 Mar 2023 15:31:19 GMT
Server: ECAcc (nya/7946)
X-Cache: Miss from cloudfront
Via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ZDAA32PTszrtsc6IAyoirADWD0HhM_Vz9SuLIu2ybNs_mqiL-rcC-g==
Age: 4266
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yfFaO7rJhDiERckYIagAiQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CjD85PyEmvVEyrWpOjC89yRrjf4=
37.44.244.177/simakda_jeneponto/assets/vendor/animate.css/animate.css
200 OK 73 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/animate.css/animate.css
IP
ASN #47583 Hostinger International Limited
Hash fd626625c2ed8b5e0c92f6ec23bf151b
79a85c82b300617ec7b309b1c54596c9882d65eb
154b13d66965893a4524b60a84409826091ecbde3058bd0a8a2adcb23545e1cc
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/animate.css/animate.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:23 GMT
Content-Type: text/css
Content-Length: 73111
Last-Modified: Wed, 24 Feb 2021 12:34:14 GMT
Connection: keep-alive
ETag: "603647c6-11d97"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/fonts/pe-icon-7-stroke/css/helper.css
200 OK 3.7 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/fonts/pe-icon-7-stroke/css/helper.css
IP
ASN #47583 Hostinger International Limited
Hash b041b560d4bd6a2b307610fc17db2047
96811bbdc35ce67af9d3b5dad262d5f7bfcb742c
2b80e4c11c367db768ff06716ce027e87db54cd4132fd75891646a9407a453ea
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/fonts/pe-icon-7-stroke/css/helper.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: text/css
Content-Length: 3740
Last-Modified: Wed, 24 Feb 2021 12:35:43 GMT
Connection: keep-alive
ETag: "6036481f-e9c"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/styles/family.css
307 Temporary Redirect 0 B URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/styles/family.css
IP
ASN #47583 Hostinger International Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/styles/family.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: http://37.44.244.177/simakda_jeneponto/auth/halamanBaru
37.44.244.177/simakda_jeneponto/assets/vendor/slimScroll/jquery.slimscroll.min.js
200 OK 4.7 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/slimScroll/jquery.slimscroll.min.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (530)
Hash 9b048ad69c77b4205facf302ab0d83fe
bd5a828c662f3e04570b8c3977abee6da0243d6b
f6d91c956229c639db9742a86d72121021f2abe4a2a6ee502a4d74bab3dd2669
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/slimScroll/jquery.slimscroll.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 4679
Last-Modified: Wed, 24 Feb 2021 12:34:04 GMT
Connection: keep-alive
ETag: "603647bc-1247"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/bootstrap/dist/js/bootstrap.min.js
200 OK 37 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/bootstrap/dist/js/bootstrap.min.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (32003)
Hash c5b5b2fa19bd66ff23211d9f844e0131
791aa054a026bddc0de92bad6cf7a1c6e73713d5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/bootstrap/dist/js/bootstrap.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 36868
Last-Modified: Wed, 24 Feb 2021 12:42:19 GMT
Connection: keep-alive
ETag: "603649ab-9004"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/jquery-flot/jquery.flot.resize.js
200 OK 3.3 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/jquery-flot/jquery.flot.resize.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (1674)
Hash 826b0d2739932ac103bf420dbadd048e
2d8280fbabf9a1eabbcbc562b9763cb07952118b
8b9f5146f324ab0fb6f260eee984732a8efb82633b93d68f64cb5cc38e7082ee
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/jquery-flot/jquery.flot.resize.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 3314
Last-Modified: Wed, 24 Feb 2021 12:34:17 GMT
Connection: keep-alive
ETag: "603647c9-cf2"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/styles/style.css
200 OK 71 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/styles/style.css
IP
ASN #47583 Hostinger International Limited
Hash 76c175ce3e69011152118f067557fb65
b8580cbdc2d850367bbbce7967e477959038f5c1
075217a699b5108075d4f3abbbef5e7e232a90e304fb722178abf389a93d17cc
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/styles/style.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: text/css
Content-Length: 70592
Last-Modified: Fri, 03 Sep 2021 12:59:34 GMT
Connection: keep-alive
ETag: "61321c36-113c0"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/jquery-flot/jquery.flot.pie.js
200 OK 24 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/jquery-flot/jquery.flot.pie.js
IP
ASN #47583 Hostinger International Limited
Hash 62dbbef98865feaa20a7f936c56ab931
5f0d44a1b2db74915b5e7c2ab4b987a7250d87da
46c11661df6074b1b56c221c53c8f9f5192f7ffd4eec7b73a03d53454b36d9c5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/jquery-flot/jquery.flot.pie.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 23809
Last-Modified: Wed, 24 Feb 2021 12:34:19 GMT
Connection: keep-alive
ETag: "603647cb-5d01"
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
200 OK 726 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
IP
Hash f695a50aad9a7f635d32fb725051cdf9
0528fac2131b6367b6ffde48dd421a0ea945c504
8deb5e5efaca71e5ef829c4fa214913332aba71be8d68fa2c291789f92c9ea18
GET /css?family=Open+Sans:300,400,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 25 Mar 2023 22:12:24 GMT
Date: Sat, 25 Mar 2023 22:12:24 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
37.44.244.177/simakda_jeneponto/assets/vendor/flot.curvedlines/curvedLines.js
200 OK 11 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/flot.curvedlines/curvedLines.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 1c52728f6284d14d90569dcdb8b4ee93
c03bf4f6130f6d6af666a03a1ddea677e24425a2
28184ab9b59de2dba6a49504dccd5fd11925102d31e0dfbf8443a684ea7cb6c6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/flot.curvedlines/curvedLines.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 10717
Last-Modified: Wed, 24 Feb 2021 12:34:34 GMT
Connection: keep-alive
ETag: "603647da-29dd"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/jquery.flot.spline/index.js
200 OK 5.4 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/jquery.flot.spline/index.js
IP
ASN #47583 Hostinger International Limited
Hash 04306be37e498a64e09c4b0b97a13f4a
af806664ae4dff02873fc2fc4895f7a3880c0de7
63ac2118bff266920301abc5e032cdaf9f3589fde48881d46ac4d3c5a82bf780
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/jquery.flot.spline/index.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 5424
Last-Modified: Wed, 24 Feb 2021 12:34:09 GMT
Connection: keep-alive
ETag: "603647c1-1530"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/metisMenu/dist/metisMenu.min.js
200 OK 4.2 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/metisMenu/dist/metisMenu.min.js
IP
ASN #47583 Hostinger International Limited
File type Unicode text, UTF-8 text, with very long lines (4036)
Hash aca9dca983215fe64b8bd2bb45cf2e68
eeba903c65d4771361c222e7a859c6302d086cac
76f392acae1b16ddbbd5295cf03fed98f08cb3b7077c0c859c167d2694b663c9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/metisMenu/dist/metisMenu.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 4243
Last-Modified: Wed, 24 Feb 2021 12:36:53 GMT
Connection: keep-alive
ETag: "60364865-1093"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/iCheck/icheck.min.js
200 OK 4.9 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/iCheck/icheck.min.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (523)
Hash b49273b51dae7361e02dca0763144e54
4a1f2abaf3bc1b4aec31d199b6b236112106ad32
f0718dd44766296547e2153766bdc56d31e8aac51c7ed78b6499d59aa0ffac2f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/iCheck/icheck.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 4931
Last-Modified: Wed, 24 Feb 2021 12:34:25 GMT
Connection: keep-alive
ETag: "603647d1-1343"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/peity/jquery.peity.min.js
200 OK 3.7 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/peity/jquery.peity.min.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (513)
Hash fe9c740961e0453ba54ff067a7f18364
c1c72ae6a38e26534d7423120a8f212417e6810e
ab331a50bf1a88b63af0e7f612574cb54cf77dcaaa4ed7e894da6441ad5f686b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/peity/jquery.peity.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 3657
Last-Modified: Wed, 24 Feb 2021 12:34:13 GMT
Connection: keep-alive
ETag: "603647c5-e49"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/jquery-flot/jquery.flot.js
200 OK 123 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/jquery-flot/jquery.flot.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (3134)
Size 123 kB (122971 bytes)
Hash 89bc8ea971e99653717fa69a73d70bb4
5a830d8c757562cd3157e4dee5cc2f138487238a
b7b931f273c38b1277b9c6c1f4e05c4ec09885a487bddaf3279e2d7e49a38e12
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/jquery-flot/jquery.flot.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 122971
Last-Modified: Wed, 24 Feb 2021 12:34:19 GMT
Connection: keep-alive
ETag: "603647cb-1e05b"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/numberFormat.js
200 OK 3.1 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/numberFormat.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 99e618e4d08844d8e764de644acb3ba2
ed783a24d52e146dffdaffc235d4a680211addac
2f5bc4c40e57eedf225161681e04850506fa1c4d8816c4afca86497358696ee6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/numberFormat.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 3097
Last-Modified: Mon, 22 Mar 2021 09:49:06 GMT
Connection: keep-alive
ETag: "60586812-c19"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/autoCurrency.js
200 OK 3.1 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/autoCurrency.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 11121f53eb92cbff34daf152e513b156
00a12043528e65708afdc4a1a26c83767016e95f
8b7e0ff8bc97d52b9583e0274962e0dd41a7f8f4c95b0e87954d8fd82d9d72fb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/autoCurrency.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 3133
Last-Modified: Mon, 22 Mar 2021 09:49:10 GMT
Connection: keep-alive
ETag: "60586816-c3d"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/bootstrap-datepicker-master/dist/js/bootstrap-datepicker.min.js
200 OK 29 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/bootstrap-datepicker-master/dist/js/bootstrap-datepicker.min.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (28886)
Hash 34fc035b7a0c12d2764f639f252926d3
d6653f637e24a01701564b9c8cf76dba8a223f0c
980b7bf2a6bccdff85c84b8475e8d05fd20656471b7c2eefe5e9462aed44557c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/bootstrap-datepicker-master/dist/js/bootstrap-datepicker.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 29135
Last-Modified: Wed, 24 Feb 2021 12:42:32 GMT
Connection: keep-alive
ETag: "603649b8-71cf"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/sparkline/index.js
200 OK 123 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/sparkline/index.js
IP
ASN #47583 Hostinger International Limited
File type exported SGML document, ASCII text
Size 123 kB (123446 bytes)
Hash c7638b825bc7deb1cf58c990825d35b2
5bdadbf3f555341c5507059df20f67770df7f15a
2f2bcb0b842f3ed514ec601e5e72386ad0ed0c348a3ad505a0846ccacbc34834
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/sparkline/index.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 123446
Last-Modified: Wed, 24 Feb 2021 12:34:28 GMT
Connection: keep-alive
ETag: "603647d4-1e236"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/datatables/datatables.min.js
200 OK 87 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/datatables/datatables.min.js
IP
ASN #47583 Hostinger International Limited
File type Unicode text, UTF-8 text, with very long lines (538)
Hash f89dfcbd01c05225e9edbd7d9f4baf1a
892186d19ca38d34cd09a5b78e6b4f868911bc38
26c18e60d4bf853352f8482d77a5c5883e4d4a3f28b1a9c9adb8600aaaee793c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/datatables/datatables.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 86878
Last-Modified: Wed, 24 Feb 2021 12:32:34 GMT
Connection: keep-alive
ETag: "60364762-1535e"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/moment/moment.js
200 OK 99 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/moment/moment.js
IP
ASN #47583 Hostinger International Limited
Hash 15bc84f89593b12b043a282b88bb32db
a699249676eb4903f241fac9b029dcc0a72834f4
76ed5f26170ae03324e5b7c44266e3ee36e754e77d581a2314ceceb9768c7ddf
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/moment/moment.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:24 GMT
Content-Type: application/javascript
Content-Length: 99201
Last-Modified: Wed, 24 Feb 2021 12:34:02 GMT
Connection: keep-alive
ETag: "603647ba-18381"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/clockpicker/dist/bootstrap-clockpicker.min.js
200 OK 11 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/clockpicker/dist/bootstrap-clockpicker.min.js
IP
ASN #47583 Hostinger International Limited
File type Unicode text, UTF-8 text, with very long lines (10586)
Hash 28af1dfd23b1a43c8094fb6440d18170
fd3966bd99e3fd34a1dcaf9ef02b7965de390d18
2cf804c996de744ac9a69f26fb7b9ab195f35254a5f72118e0c30210df626a55
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/clockpicker/dist/bootstrap-clockpicker.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: application/javascript
Content-Length: 10783
Last-Modified: Wed, 24 Feb 2021 12:36:36 GMT
Connection: keep-alive
ETag: "60364854-2a1f"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min.js
200 OK 37 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min.js
IP
ASN #47583 Hostinger International Limited
File type HTML document, ASCII text, with very long lines (32061)
Hash 21e5ddd2e9eb751daa3dbddecdc90722
76077c8f2d19aa05cb55f74b733f2ef9ef0d8b5a
03b2d8b3577509fa5ca994974bf4339c945dff176271845479da6a1dd7a15483
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/eonasdan-bootstrap-datetimepicker/build/js/bootstrap-datetimepicker.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: application/javascript
Content-Length: 36824
Last-Modified: Wed, 24 Feb 2021 12:43:53 GMT
Connection: keep-alive
ETag: "60364a09-8fd8"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/ladda/dist/spin.min.js
200 OK 4.1 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/ladda/dist/spin.min.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (4123), with no line terminators
Hash 9200c33782bb46a2e36beb1393a6797d
e3cdb00f0eb9b7729b8fe44873bac8734aba3b0f
ca64e3f676b38f06ed0eba111776f2bc8ad352b672c0819ec5b9072c342bd35d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/ladda/dist/spin.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: application/javascript
Content-Length: 4123
Last-Modified: Wed, 24 Feb 2021 12:36:50 GMT
Connection: keep-alive
ETag: "60364862-101b"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/ladda/dist/ladda.min.js
200 OK 3.4 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/ladda/dist/ladda.min.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (3257)
Hash a34bcf417de7fc290ac5b034caca2371
aee8251a84910fda27efae0f1c5d22b2a443e9c0
417d8124fb0587ed55a24efe1a5de27e7515bb59c4eee9465df36a2db3a1c9d6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/ladda/dist/ladda.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: application/javascript
Content-Length: 3403
Last-Modified: Wed, 24 Feb 2021 12:36:50 GMT
Connection: keep-alive
ETag: "60364862-d4b"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/ladda/dist/ladda.jquery.min.js
200 OK 577 B URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/ladda/dist/ladda.jquery.min.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (446)
Hash dd689e6631f02b52c1f331f902826814
4b646af254edc9f3d7986b41826dab3ba9d059f6
b13e8eba2fdcbd4a0ed2734d303913f7e697fa9aa0a44b8c2aa74fa957f0cef4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/ladda/dist/ladda.jquery.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: application/javascript
Content-Length: 577
Last-Modified: Wed, 24 Feb 2021 12:36:50 GMT
Connection: keep-alive
ETag: "60364862-241"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/sweetalert/lib/sweet-alert.min.js
200 OK 10 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/sweetalert/lib/sweet-alert.min.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (10056), with no line terminators
Hash c8ab0510ce0782983de63e8f8e128b9f
be33cc1c62f5ff263a41040b4389698e21a81666
55be379be3f5d8149bc0874e27a97035b7ab0abc9f2a6b83f669a500f58625be
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/sweetalert/lib/sweet-alert.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: application/javascript
Content-Length: 10056
Last-Modified: Wed, 24 Feb 2021 12:37:11 GMT
Connection: keep-alive
ETag: "60364877-2748"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/jquery-validation/jquery.validate.min.js
200 OK 21 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/jquery-validation/jquery.validate.min.js
IP
ASN #47583 Hostinger International Limited
File type Unicode text, UTF-8 text, with very long lines (20952)
Hash 3b00d60f87e893caf2649eff0d48813a
fc82fb23ccece3522359fe88dad3569925b3379c
2e3e3b2660cbfaac5febf7a50b31d0494159989626a84102b2c3792cffe27d13
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/jquery-validation/jquery.validate.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: application/javascript
Content-Length: 21090
Last-Modified: Wed, 24 Feb 2021 12:34:38 GMT
Connection: keep-alive
ETag: "603647de-5262"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/scripts/homer.js
200 OK 6.7 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/scripts/homer.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash a3bfd6126859bee896e73f34032ed520
f71993655ca905c90934e9cd74d83a003b5e23e9
a4b773b815852ce650660e2251ee2e1122a3b33dd64d58923fb4c236e441bfb4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/scripts/homer.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: application/javascript
Content-Length: 6720
Last-Modified: Wed, 24 Feb 2021 12:32:38 GMT
Connection: keep-alive
ETag: "60364766-1a40"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/scripts/charts.js
200 OK 441 B URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/scripts/charts.js
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 2e54e044c3c8068950a34b7b29b10fd8
0ae110e1fcb0d89a6873ba08413a566e91da4a13
61705862b1abebb098440ededbd973a79ca3cb02f63d55c24ac6735e42ce5a16
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/scripts/charts.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: application/javascript
Content-Length: 441
Last-Modified: Wed, 24 Feb 2021 12:32:38 GMT
Connection: keep-alive
ETag: "60364766-1b9"
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11903
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 22:12:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11903
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 22:12:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11903
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 22:12:25 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11903
Expires: Sun, 26 Mar 2023 01:30:48 GMT
Date: Sat, 25 Mar 2023 22:12:25 GMT
Connection: keep-alive
37.44.244.177/simakda_jeneponto/assets/select2/js/select2.js
200 OK 146 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/select2/js/select2.js
IP
ASN #47583 Hostinger International Limited
Size 146 kB (146227 bytes)
Hash 2f9a54c2500929a2aade0cf2bba218c4
55d17076f6a8ce5dc72d9080f71596e10c44180a
ea0994f642be2894298fcf55a8350d3f208117058c28234fe29bb791451da9d5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/select2/js/select2.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: application/javascript
Content-Length: 146227
Last-Modified: Wed, 24 Feb 2021 12:33:49 GMT
Connection: keep-alive
ETag: "603647ad-23b33"
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb3b49ab-f78e-4860-8aae-369eacfe43e3.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb3b49ab-f78e-4860-8aae-369eacfe43e3.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6530dbbc16d84b7047fa4bc66364fbf4
a53e0919923151e009e12010c60acb5a9175d37e
e64a2699e763d75a068ee6ceafd4eb2a1922488dc2e052699fb4242f0bf20524
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb3b49ab-f78e-4860-8aae-369eacfe43e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9486
x-amzn-requestid: b0324b5e-303e-485a-ae57-c001378aa401
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW2eRHjaoAMF74w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6ac1-27f002da252bd7ee19802f3d;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:42:25 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: V-lhHgr1lyxVF9XaxHQ6abgEwVC_llAl8opmQ8qKJ7Ee76HWSP1ZoA==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 22:08:53 GMT
age: 298
etag: "a53e0919923151e009e12010c60acb5a9175d37e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9e781aa-3802-4cf5-a484-251a54be7c3b.jpeg
200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9e781aa-3802-4cf5-a484-251a54be7c3b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6ca6091f5f9efa5c7a2e171b1c1538eb
32f01282a1c9e7db058c85e92a1228d498988ac2
9befacd1e0f1f863b1290e9742979a62ece98feff88f7cc3db57f4497ea96a49
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9e781aa-3802-4cf5-a484-251a54be7c3b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7156
x-amzn-requestid: 4c7fa12f-7a53-4960-bcf2-e88ccda4ea12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uTGq2IAMFY9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f698e-381360a95cc2762d499e2839;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 9CXL22uAnmLM15tpB3yS-cgRugdZre0cgBqhnsDrdxDp-xvFzy7A4g==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:18 GMT
etag: "32f01282a1c9e7db058c85e92a1228d498988ac2"
content-type: image/jpeg
age: 2107
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75161517-cef9-4f1d-98e1-296b5088de2a.jpeg
200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75161517-cef9-4f1d-98e1-296b5088de2a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ff8bb94dc368c89ab13dfcfe312e5cd
7819408faa7e232c57bf448d78cf00e7f98469f6
2a04de377d0d4c7cd4a720420806e3f7a872290fad006ef6a172b86d7c249378
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75161517-cef9-4f1d-98e1-296b5088de2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7882
x-amzn-requestid: cdb6c312-e4b1-41e4-a13e-723f8628961d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW3M0G_3oAMFpWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6beb-37ff37b35f2de72b6faf0bf9;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:47:23 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 36IijBFVCfKpOEcor_pSyo94rbX4Ym1SD_XbGZIoY16BLfcALXcS1w==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 22:08:53 GMT
etag: "7819408faa7e232c57bf448d78cf00e7f98469f6"
content-type: image/jpeg
age: 212
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 05:56:24 GMT
age: 58561
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381b1b42-2394-4e4e-bb0a-986511a19bd1.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381b1b42-2394-4e4e-bb0a-986511a19bd1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8dc799aaa2f69ef1109501a605dbdcfd
58cefa986d580ee408fbca288e3e45ba86fb97ac
54fa967d6b96b456416c62140a4eb9b6cda29b80d5083b5d1321b1fb89b3455f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381b1b42-2394-4e4e-bb0a-986511a19bd1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9124
x-amzn-requestid: 30a39bb7-d3cc-473a-a5f9-4921367832c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kUESiIAMFVEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-6c9bb97512fc3c8a3ecedc43;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _4VxID1v_auG0Vuzp87FJoPbgJovhYYYa1fpzQZze51I6HwFKbja6w==
via: 1.1 6af36c6902a46beec743522a9bbb3ab0.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:20 GMT
age: 2105
etag: "58cefa986d580ee408fbca288e3e45ba86fb97ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
37.44.244.177/simakda_jeneponto/assets/vendor/datatables/media/css/jquery.dataTables.min.css
200 OK 14 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/datatables/media/css/jquery.dataTables.min.css
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (13614)
Hash 0e6ba998104b91868b2a8d2375d340e7
42aa16c2e9359e70be92eb57651e9680df1b84fe
36216a0843be5d085fbf0124ed93e264541b2fcb07ac84f7213e60ec771009a3
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/datatables/media/css/jquery.dataTables.min.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: text/css
Content-Length: 13615
Last-Modified: Wed, 24 Feb 2021 12:42:40 GMT
Connection: keep-alive
ETag: "603649c0-352f"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/datatables/media/js/jquery.dataTables.min.js
200 OK 82 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/datatables/media/js/jquery.dataTables.min.js
IP
ASN #47583 Hostinger International Limited
File type Unicode text, UTF-8 text, with very long lines (547)
Hash da141feb1384d7c92e3a043d8185d156
bc64b3f49e570e4dedd7e545e54368b1dd7a383d
60a6c9a3dfdc670823b9edc8e23b0529d13ea0692b4a9a99cfabe8c659a7d85a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/datatables/media/js/jquery.dataTables.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: application/javascript
Content-Length: 81702
Last-Modified: Wed, 24 Feb 2021 12:42:42 GMT
Connection: keep-alive
ETag: "603649c2-13f26"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/datatables.net-bs/js/dataTables.bootstrap.min.js
200 OK 2.3 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/datatables.net-bs/js/dataTables.bootstrap.min.js
IP
ASN #47583 Hostinger International Limited
File type Unicode text, UTF-8 text, with very long lines (512)
Hash 731afb7cf0ee5849282d7fbc6fd53104
01d25352a2a6ca0496e08da54d55e3f855f2c544
fb2b482dff0c394fbe0b553ce45040708fca5aa31f6db01d2bba3540dedbb0e7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/datatables.net-bs/js/dataTables.bootstrap.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: application/javascript
Content-Length: 2334
Last-Modified: Wed, 24 Feb 2021 12:36:56 GMT
Connection: keep-alive
ETag: "60364868-91e"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/vendor/bootstrap/dist/css/bootstrap.css
200 OK 146 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/vendor/bootstrap/dist/css/bootstrap.css
IP
ASN #47583 Hostinger International Limited
File type ASCII text, with very long lines (540)
Size 146 kB (146082 bytes)
Hash 5ba37ad9163643c32251366754f08b2a
4316dcfb54e1b0a428e1d37203a4028fd0408298
ad850187e2746ffcc60b36c6d36c0986277e9dc1f277406ca146298cb2d2a309
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/vendor/bootstrap/dist/css/bootstrap.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: text/css
Content-Length: 146082
Last-Modified: Wed, 24 Feb 2021 12:42:18 GMT
Connection: keep-alive
ETag: "603649aa-23aa2"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/assets/select2/css/select2.css
200 OK 18 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/select2/css/select2.css
IP
ASN #47583 Hostinger International Limited
Hash 4b9f7a355cd6ec374a79cc3c1c21be04
093d47d3162449644cb1b2ebde27ad1878ef4f9e
1e21640747fa1bbd132e5e042d3718fa64abe0de006545986d1ed368894aff78
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/select2/css/select2.css HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: text/css
Content-Length: 17885
Last-Modified: Wed, 24 Feb 2021 12:33:48 GMT
Connection: keep-alive
ETag: "603647ac-45dd"
Accept-Ranges: bytes
37.44.244.177/simakda_jeneponto/auth/halamanBaru
200 OK 7.2 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/auth/halamanBaru
IP
ASN #47583 Hostinger International Limited
File type HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 7aca0f76bad289509d750e7b0aa3a523
f786053393655d22890eb24f4dd37c2685a74bb3
5ecd8191b97520c41eae465414713cb784a9a3267aef0efb02e4f4303f829c1f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/auth/halamanBaru HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://37.44.244.177/simakda_jeneponto/auth
Connection: keep-alive
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
37.44.244.177/simakda_jeneponto/assets/img/logo.jpg
200 OK 178 kB URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/img/logo.jpg
IP
ASN #47583 Hostinger International Limited
File type PNG image data, 886 x 888, 8-bit/color RGBA, non-interlaced\012- data
Size 178 kB (178153 bytes)
Hash b46c4bfa9864c22ed2c366a298921f17
f3efd57af044044012b1164f7576333b124340b8
6b24072c23d95ff637f3161928b640bc6bd5b471831e58f1b89e4fc60fa0d3bd
Analyzer Verdict Alert quad9 Sinkholed
GET /simakda_jeneponto/assets/img/logo.jpg HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: image/jpeg
Content-Length: 178153
Last-Modified: Wed, 24 Feb 2021 12:32:37 GMT
Connection: keep-alive
ETag: "60364765-2b7e9"
Accept-Ranges: bytes
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://37.44.244.177
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 24 Mar 2023 10:27:08 GMT
Expires: Sat, 23 Mar 2024 10:27:08 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
Age: 128718
37.44.244.177/favicon.ico
404 Not Found 3.7 kB URL HTTP/1.1 37.44.244.177/favicon.ico
IP
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 0723e124f290ef0c356627361c46b792
073b4812a3b57c6f67cfdaa9a6e8ac68797ec492
7f8c7f918148b32820b0c39f8904de975147f2a5d34a3f676298a691ae857284
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 404 Not Found
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:26 GMT
Content-Type: text/html
Content-Length: 3650
Connection: keep-alive
ETag: "5d958342-e42"
37.44.244.177/portal/assets/img/turbin.gif
200 OK 1.4 MB URL HTTP/1.1 37.44.244.177/portal/assets/img/turbin.gif
IP
ASN #47583 Hostinger International Limited
File type GIF image data, version 89a, 1024 x 576\012- data
Size 1.4 MB (1365730 bytes)
Hash 468cb69c96b5bc43905a1945be0b330e
51dddc45b546e92f479a5b7971834e14da12ea70
28f1ad2bbfaa0ca2d1f0f7bac7bb4d6da89624a7b4085611f3469278e3e32f30
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/assets/img/turbin.gif HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:26 GMT
Content-Type: image/gif
Content-Length: 1365730
Last-Modified: Sat, 10 Apr 2021 15:15:17 GMT
Connection: keep-alive
ETag: "6071c105-14d6e2"
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe0a145a-86f7-4b1e-b358-642fa12ca205.jpeg
200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe0a145a-86f7-4b1e-b358-642fa12ca205.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10516a123390334c320d8773ea821dc9
2fc3d5240bebf7f3bd842cc6492529751340cd50
1c37df0c0a20975f417624558d414b2d983cb94e1ad3ba1f3925b4dfdb380cba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe0a145a-86f7-4b1e-b358-642fa12ca205.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 3448
x-amzn-requestid: 3e8be4b7-166b-4f0b-9d45-ec9d65900fd2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1soGkMIAMF1SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6983-7bbb03ed537b36ac30a1eb69;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: jXhFg-xyl5QYNjV6NJumkmm-IUOEqiN3_evPa2LFN4UBDuhx6OWjKg==
via: 1.1 6af36c6902a46beec743522a9bbb3ab0.cloudfront.net (CloudFront), 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
etag: "2fc3d5240bebf7f3bd842cc6492529751340cd50"
content-type: image/jpeg
age: 2125
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kendo.cdn.telerik.com/2020.3.1021/js/kendo.all.min.js
200 OK 0 B URL HTTP/2 kendo.cdn.telerik.com/2020.3.1021/js/kendo.all.min.js
IP
GET /2020.3.1021/js/kendo.all.min.js HTTP/1.1
Host: kendo.cdn.telerik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://37.44.244.177/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
server: nginx
date: Tue, 14 Jun 2022 12:35:29 GMT
last-modified: Tue, 10 May 2022 08:28:22 GMT
etag: W/"627a2226-3a9953"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MUG3V9PvIS--IinI1ryCEQnT5lvg542fMPMi3fPbnUg8ki26TA5HxA==
age: 24572214
X-Firefox-Spdy: h2
37.44.244.177/simakda_jeneponto/assets/tinymce/tinymce.min.js
200 OK 0 B URL HTTP/1.1 37.44.244.177/simakda_jeneponto/assets/tinymce/tinymce.min.js
IP
ASN #47583 Hostinger International Limited
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /simakda_jeneponto/assets/tinymce/tinymce.min.js HTTP/1.1
Host: 37.44.244.177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://37.44.244.177/simakda_jeneponto/auth
Cookie: sulsel_session=pag2r3uai8qqi1nl7blolht7k5n0t046
HTTP/1.1 200 OK
Server: nginx/1.16.1
Date: Sat, 25 Mar 2023 22:12:25 GMT
Content-Type: application/javascript
Content-Length: 384853
Last-Modified: Wed, 09 Jun 2021 06:44:00 GMT
Connection: keep-alive
ETag: "60c06330-5df55"
Accept-Ranges: bytes
kendo.cdn.telerik.com/2020.3.1021/styles/kendo.default-v2.min.css
200 OK 0 B URL HTTP/2 kendo.cdn.telerik.com/2020.3.1021/styles/kendo.default-v2.min.css
IP
GET /2020.3.1021/styles/kendo.default-v2.min.css HTTP/1.1
Host: kendo.cdn.telerik.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://37.44.244.177/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Tue, 14 Jun 2022 12:36:04 GMT
last-modified: Tue, 10 May 2022 08:28:23 GMT
etag: W/"627a2227-ce49c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qtNRniL_n5xaRC0J0Sdnnwmy81ejg_RCR-0JJfsFBNCyX2FvpXOeEw==
age: 24572202
X-Firefox-Spdy: h2
37.44.244.177
34.160.144.191
104.17.24.14
23.36.77.32