{"report_id":"e208c174-f549-4dee-a5c5-71ca198449cc","version":6,"status":"done","tags":[],"date":"2026-04-17T06:56:36Z","url":{"schema":"http","addr":"klaim-dana-kaget23.gwew.top/?bagi-saldo=23","fqdn":"klaim-dana-kaget23.gwew.top","domain":"gwew.top","tld":"top"},"ip":{"addr":"104.21.49.100","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"klaim-dana-kaget23.gwew.top/?bagi-saldo=23","fqdn":"klaim-dana-kaget23.gwew.top","domain":"gwew.top","tld":"top"},"title":"Hajatan Ulang Tahun DANA: Bagi-Bagi Saldo Rp500.000 untuk Semua Pengguna","dom":{"size":27630,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (333)","md5":"83dc98df2995956e3b93746b2d85330a","sha1":"a1833b725a8537f6af74bb48b5cd43fb4e535492","sha256":"33b3e2707742aece22757e1b9915db852c84b24ca56d1ae3a096d86db32ac64e","sha512":"a7f0c64433dfa62fc025e120c4933571ed9da7619bb351dc998e5627643be86161c41450a42e5bd9218abf92837e126535fe5e9cd8fe00073950b7eef39fadcb","ssdeep":"768:rCFxFZFwFdqh3H+j6xVkaRI5FJeM9FNPzEIvBcoe9da/Bn4Xp:rCbnujI3Hu6oa25TrPzEIvBcoe9da/Bi","tlshash":"3cc2a75372f20026517390d62ebb6b0a2a719217e747cd683d9c46d4cf8dc93a2b7b6c","dom_hash":"domhashca7c7c3bbdcde2c9dd63f6a5a6f63789","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"klaim-dana-kaget23.gwew.top/?bagi-saldo=23","fqdn":"klaim-dana-kaget23.gwew.top","domain":"gwew.top","tld":"top"},"ip":{"addr":"104.21.49.100","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-05-22T06:56:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":1}},"detection":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-17","alert":"Sinkholed","trigger":"tj.16gift.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null},"summary":[{"fqdn":"code.jquery.com","ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2005-12-10","domain_rank":4915,"first_seen":"2012-05-21T17:28:02Z","last_seen":"2026-04-12T23:11:18.280453Z","alert_count":0,"request_count":1,"received_data":96374,"sent_data":436,"comment":"","tags":null,"fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdn.jsdelivr.net","ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"domain_registered":"2012-05-16","domain_rank":1678,"first_seen":"2012-09-30T00:15:09Z","last_seen":"2026-04-12T22:35:46.689898Z","alert_count":0,"request_count":1,"received_data":8159,"sent_data":471,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"599cdn.com","ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2025-07-04","domain_rank":1852756,"first_seen":"2025-07-08T18:42:19.129448Z","last_seen":"2026-04-13T08:14:22.658019Z","alert_count":0,"request_count":9,"received_data":239601,"sent_data":4057,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"tj.16gift.com","ip":{"addr":"172.67.144.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-12-30","domain_rank":6031043,"first_seen":"2024-08-21T12:09:18Z","last_seen":"2026-04-12T03:46:19.577829Z","alert_count":2,"request_count":2,"received_data":2966,"sent_data":937,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"klaim-dana-kaget23.gwew.top","ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":0,"request_count":3,"received_data":31742,"sent_data":3358,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"klaim-dana-kaget23.gwew.top/?bagi-saldo=23","fqdn":"klaim-dana-kaget23.gwew.top","domain":"gwew.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"domTimer","is_inline":false,"md5":"8effcc37b77edb6362647e887dbf26b1","sha1":"91543a56ff83a113d2d03f32e239914db2c27e18","sha256":"5b76e2725e262ddb94d35a4a85aaa6054c280aef9ff01f458b3fe6d0edf65048","sha512":"1eb683b5601c13ce9c2f81867d7d09d9907cb1d89ac68cb661ca5e848de5965848b862602a2b56433bc2197a4175233268ad085e686929cdaedf57268d710cc5","ssdeep":"","tlshash":"e870000cc000000300000030f000c00000003c0cc000000000330000c0000300030cf0","size":18,"data":"","first_seen":"2025-06-27T18:49:00.111184Z","last_seen":"2026-04-19T04:59:27.299941Z","times_seen":287,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/canvas-confetti@1.3.2/dist/confetti.browser.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"19321373ea141f3fe019391b00e1b9cf","sha1":"bb9de280fc674aa40fe1646d0966ce111a7909aa","sha256":"a25e123d8fa3d9dbc39a54f47047df65ae99f1fc8a0d91b63e5782d008d64b8f","sha512":"c81c001bf748b74d53a26fd7328629cf43d5ede14c8ebb9efe4f56e774e528756a01157ae0cecc11101f841ec31f9815138a89ed3dd4022b60de8d239f82237a","ssdeep":"192:7oT0Nirnm+PtGadrWm9xK6gZdWyhr6Tw81cEBJcRYc:8wAnmsGS92ZdWyhr6TPuScRYc","tlshash":"d2e1a59df7513d1b1a13237aa85f910ea238752b160f4484a279d5a82dbc42c333ff79","size":7370,"data":"","first_seen":"2025-07-19T09:51:10.01292Z","last_seen":"2026-04-19T04:59:27.294932Z","times_seen":259,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"klaim-dana-kaget23.gwew.top/?bagi-saldo=23","fqdn":"klaim-dana-kaget23.gwew.top","domain":"gwew.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"d6ee1369239f578705174a192316bb07","sha1":"30022834e65e40107eec5ffb354e5e27ca7c629e","sha256":"aad236419105c7613205f9ececfc2627ea64df698332245846787ce353c76acd","sha512":"3b18c1086c463cb144779ca6e5ed8b9528fdd0dc4c2e96f7843605c7611e41d77624c67ded6040a21adf1977a5e3ce3cd8e5f6ac4f76226b5226e5abd3aebc95","ssdeep":"","tlshash":"9b61cd9b71b224709ab7a43b577b57082837a2433118dcacbd5ecb844f4d40583abedd","size":3333,"data":"","first_seen":"2026-04-17T02:12:23.43457Z","last_seen":"2026-04-19T04:59:27.298242Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"klaim-dana-kaget23.gwew.top/?bagi-saldo=23","fqdn":"klaim-dana-kaget23.gwew.top","domain":"gwew.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"4ab199b3c695933d062a97f4b63ee931","sha1":"b5d12d6624d08292c121b558e5db227935a4488d","sha256":"888780074e9f4ae52d0805afc49085dd1fc774043a85f220d2fa36f9b1696fd6","sha512":"37b266ed0d5ca607495662286a96291f82900a3698cfb1388880eeaf36dc9f2345335ac932872b6610b0adbb8762bfb0ff5abd6511f6c615f2fa30816afa8807","ssdeep":"","tlshash":"6c418c09f7975a4a003770110faf91416eb5212b6507ce14399c0cc08fadedad1bdfb9","size":2074,"data":"","first_seen":"2026-04-17T02:12:23.435791Z","last_seen":"2026-04-19T04:59:27.298804Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"klaim-dana-kaget23.gwew.top/?bagi-saldo=23","fqdn":"klaim-dana-kaget23.gwew.top","domain":"gwew.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"eb38f891ba2625866b8aac06d9775caa","sha1":"aebee70a498cfcac45c4041e9593d0a1ccaa1b83","sha256":"551f7040f71b7adcd3fcba17ff99fa485279be186dd37719ea520c736a0288e6","sha512":"fee55a30f99265f1f292ce8cf24b59590301db588ced93311548a7730ae579fa0ef53595761ed462bf382f6619f8061ce15bcb169d6aac054c57ff341d52fc6d","ssdeep":"","tlshash":"0c41185a60f2133d066638a52e6f610c697ac26b134fde063c0da9c46fc857712b8fd4","size":2166,"data":"","first_seen":"2026-04-17T02:12:23.437831Z","last_seen":"2026-04-19T04:59:27.29935Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"klaim-dana-kaget23.gwew.top/?bagi-saldo=23","fqdn":"klaim-dana-kaget23.gwew.top","domain":"gwew.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"a6d7bd93b377d6579834c28f96a7ab18","sha1":"dc6c872daf51a2757f491fd480806882d8d948d9","sha256":"321d9f6be88814aef43cdd2a90df6dee9b6b0711da47b8a54a43a95febe3971f","sha512":"a734d93886667e00452ac6b788062afd190c96c0ee66a9cc37c28768c403424849111a47f7993a298b3ef40026a34c82ea23fb138fcb8452eb723110a27bae43","ssdeep":"","tlshash":"13e026cbb1011c27c963b03a9e6fb00810b786af620528507a008c9a8f3339d038ffcc","size":361,"data":"","first_seen":"2026-04-17T02:12:23.439173Z","last_seen":"2026-04-19T04:59:27.300457Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"klaim-dana-kaget23.gwew.top/?bagi-saldo=23","fqdn":"klaim-dana-kaget23.gwew.top","domain":"gwew.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":true,"md5":"63387b6663cc68f5fa4f5a1fcb318d48","sha1":"6613540e81d8cca6f14c824d1152512c2876d4e2","sha256":"beb6e835ef5678218c121ea6774e018e5f88789a916d4da24e2fd1b0712a7f54","sha512":"2fe5fa8b2e1871ef99ee59b2a9cf90d4942cb72ac2840cb4f92216fdad65ddf00d2ddef9bc6e19df99b580d5d4bb7b270e010ed64d5377257e3088b7967a8f14","ssdeep":"","tlshash":"e0e0c20e778300425d9e252b0b1f22847656612b1903c80b3d9e0c58cfa9a699084eab","size":329,"data":"","first_seen":"2026-04-17T02:12:23.440488Z","last_seen":"2026-04-19T04:59:27.300956Z","times_seen":30,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-latest.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"8101d596b2b8fa35fe3a634ea342d7c3","sha1":"d6c1f41972de07b09bfa63d2e50f9ab41ec372bd","sha256":"540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441","sha512":"9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb","ssdeep":"1536:/PEkjP+iADIOr/NEe876nmBu3HvF38sEeLHFoqqhJ7SerN5wVI+xcBmPv7E+nzm6:ENMyqhJvN32cBC7M6Whca98HrB","tlshash":"b293c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","size":95786,"data":"","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-21T08:47:30.183532Z","times_seen":47151,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tj.16gift.com/js/script.js","fqdn":"tj.16gift.com","domain":"16gift.com","tld":"com"},"ip":{"addr":"172.67.144.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad54ef311bf716c1df2941d454d8de96","sha1":"0db1fcc66060a969aa82fb9fae457b6e66d9933a","sha256":"965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c","sha512":"bd12169fdf87e0ac39a4b3a87f947f2fafb9f524843e7c97fcffe91b756f2a49ca38778ac99d6f14a5f5989d0a33f502658c55b95c1fbd2a0a7025a605138abd","ssdeep":"","tlshash":"38215faba80276758c70e1a7a63f371235272669640894235000d6632824a8fc379ecd","size":1386,"data":"","first_seen":"2024-05-23T20:15:09Z","last_seen":"2026-04-19T04:59:27.290052Z","times_seen":1356,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"klaim-dana-kaget23.gwew.top/single.php","fqdn":"klaim-dana-kaget23.gwew.top","domain":"gwew.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"0e5becf35f3ca47f5d9b412f9f458748","sha1":"98fa3e84897120884846dc3b63db120897bc9274","sha256":"184044d676ce02e7aacec2f93f79386a2562b92f6912c719875d99f8cb1fc86d","sha512":"85533f485e3fc9b4e5cf88eacb1d90104a51bb218c75d3662a1ed849002438dce43ee676c584433e0460dea9c3b864cc9565f8fddc89dc47cd4c054b3c889458","ssdeep":"","tlshash":"ad11f3a87c760058e9ba943a5f3f70643071203a9329c950bc6df9845ff1e959097ddd","size":1097,"data":"","first_seen":"2026-04-17T06:57:10.462207Z","last_seen":"2026-04-17T06:57:10.462207Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null},"http":[{"url":{"schema":"https","addr":"cdn.jsdelivr.net/npm/canvas-confetti@1.3.2/dist/confetti.browser.min.js","fqdn":"cdn.jsdelivr.net","domain":"jsdelivr.net","tld":"net"},"ip":{"addr":"151.101.65.229","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:14.359Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"jsdelivr.net","organization":""},"issuer":{"commonName":"GlobalSign Atlas R3 DV TLS CA 2025 Q2","organization":"GlobalSign nv-sa"},"validity":{"start":"Mon, 02 Jun 2025 15:43:52 GMT","end":"Sat, 04 Jul 2026 15:43:51 GMT"},"fingerprint":{"sha1":"21:17:81:78:41:C6:8F:86:D6:CF:8D:98:CC:74:A8:F1:03:F8:C9:D4","sha256":"D0:E6:8D:08:11:05:7E:0C:2A:0D:C7:E0:ED:AE:9E:18:C8:74:32:12:3D:56:43:98:62:CD:A2:08:6F:64:5B:B0"}}},"request":{"raw":"GET /npm/canvas-confetti@1.3.2/dist/confetti.browser.min.js HTTP/1.1\r\nHost: cdn.jsdelivr.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: *\r\ntiming-allow-origin: *\r\ncache-control: public, max-age=31536000, s-maxage=31536000, immutable\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncontent-type: application/javascript; charset=utf-8\r\nx-jsd-version: 1.3.2\r\nx-jsd-version-type: version\r\netag: W/\"1cca-u53igPxnSqQP4WRtCWbOERp5Cao\"\r\ncontent-encoding: br\r\naccept-ranges: bytes\r\nage: 448361\r\ndate: Fri, 17 Apr 2026 06:56:14 GMT\r\nx-served-by: cache-fra-eddf8230134-FRA, cache-hel1410031-HEL\r\nx-cache: HIT, HIT\r\nvary: Accept-Encoding\r\nalt-svc: h3=\":443\";ma=86400,h3-29=\":443\";ma=86400,h3-27=\":443\";ma=86400\r\ncontent-length: 3156\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":7370,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (7022)","md5":"19321373ea141f3fe019391b00e1b9cf","sha1":"bb9de280fc674aa40fe1646d0966ce111a7909aa","sha256":"a25e123d8fa3d9dbc39a54f47047df65ae99f1fc8a0d91b63e5782d008d64b8f","sha512":"c81c001bf748b74d53a26fd7328629cf43d5ede14c8ebb9efe4f56e774e528756a01157ae0cecc11101f841ec31f9815138a89ed3dd4022b60de8d239f82237a","ssdeep":"192:7oT0Nirnm+PtGadrWm9xK6gZdWyhr6Tw81cEBJcRYc:8wAnmsGS92ZdWyhr6TPuScRYc","tlshash":"d2e1a59df7513d1b1a13237aa85f910ea238752b160f4484a279d5a82dbc42c333ff79","first_seen":"2025-07-19T09:51:10.01292Z","last_seen":"2026-04-19T04:59:27.294932Z","times_seen":259,"resource_available":true,"data":null}},"time_used":225,"timings":{"blocked":99,"dns":19,"connect":15,"send":0,"wait":15,"receive":1,"ssl":60},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/Indonesia/tx03.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:14.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 17:40:31 GMT","end":"Tue, 26 May 2026 18:40:24 GMT"},"fingerprint":{"sha1":"73:49:60:CA:71:A9:3D:54:8A:DB:4C:BA:5D:A0:D4:EA:37:18:9A:B3","sha256":"89:41:B6:98:C2:9E:34:63:8B:ED:3E:6C:78:08:13:52:9D:38:C9:B4:A0:6E:F3:09:3F:60:8C:DD:23:AA:1F:E4"}}},"request":{"raw":"GET /Indonesia/tx03.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 17 Apr 2026 06:56:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1551\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=96lq9Z7AALPPZoRV0Fc1OY4qFDokvDoeROU4lXTN5Qk51jm2nIoejjTuWk43PEcl3ixp3l33MjrmeymhzZyLJDDfFmDIGripXQPtmgKAD7VZPRNSpT2OJfLHGwGH\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"e0fd074e2705964c751484a6f8567814\"\r\nlast-modified: Mon, 08 Dec 2025 06:12:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 4947\r\ncache-control: max-age=14400\r\ncf-ray: 9ed9875a4a070b02-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1551,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 64x64, components 3","md5":"e0fd074e2705964c751484a6f8567814","sha1":"c52b7deea085e0c2871db904fd40252a1e3e1807","sha256":"0ade21c552f3d19c9e984d77d0aaba0d95a5087d0c9c816cdea0cac4ce71c738","sha512":"621fbaf516175c2d80c5f65b7990f1c6658a22df4559542d45815819088cfc1cef022f5b081b0588709d202cd034cf3a672f6579f491dfe8e3596f09a3a7bc98","ssdeep":"","tlshash":"e231b5e4d9a2e927fe1523b1283c23aefb7adf118450876fad516bb604b80d90488724","first_seen":"2025-12-31T11:22:19.915841Z","last_seen":"2026-04-19T04:59:27.293328Z","times_seen":217,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":78,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tj.16gift.com/js/script.js","fqdn":"tj.16gift.com","domain":"16gift.com","tld":"com"},"ip":{"addr":"172.67.144.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:15.290Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16gift.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Apr 2026 23:28:44 GMT","end":"Sat, 04 Jul 2026 00:27:29 GMT"},"fingerprint":{"sha1":"DB:D1:2A:CB:5C:3B:B4:51:78:6A:DB:0A:F5:A4:5B:1F:37:80:37:68","sha256":"E3:F7:E8:E5:8D:76:13:96:50:03:75:B0:8A:D4:C0:FA:B3:83:6E:C0:9D:08:B7:5A:4F:A5:06:64:FC:08:2C:37"}}},"request":{"raw":"GET /js/script.js HTTP/1.1\r\nHost: tj.16gift.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 17 Apr 2026 06:56:15 GMT\r\ncontent-type: application/javascript\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\naccess-control-allow-origin: *\r\ncache-control: public, max-age=86400, must-revalidate\r\ncross-origin-resource-policy: cross-origin\r\nx-content-type-options: nosniff\r\ncontent-encoding: gzip\r\nlast-modified: Fri, 17 Apr 2026 05:19:29 GMT\r\nage: 5805\r\ncf-cache-status: HIT\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=edZWcOyxsVtzhfT49bJEXbjXehAd4qRkfbY%2FCKNkTtAmc8QIWbmB9Ht6ODTmzqEGbXHKXrA3Jkp581BIblcPt1F0iN39CLaSPlVVP0de1Dgmvm9boQQadC04SBzR5pL6\"}]}\r\ncf-ray: 9ed9875fe9b35a0f-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1386,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1386), with no line terminators","md5":"ad54ef311bf716c1df2941d454d8de96","sha1":"0db1fcc66060a969aa82fb9fae457b6e66d9933a","sha256":"965387ce9489d0167cf33444ab52d064bb3fab35e94b12082ff5eb00a34c070c","sha512":"bd12169fdf87e0ac39a4b3a87f947f2fafb9f524843e7c97fcffe91b756f2a49ca38778ac99d6f14a5f5989d0a33f502658c55b95c1fbd2a0a7025a605138abd","ssdeep":"","tlshash":"38215faba80276758c70e1a7a63f371235272669640894235000d6632824a8fc379ecd","first_seen":"2024-05-23T20:15:09Z","last_seen":"2026-04-19T04:59:27.290052Z","times_seen":1356,"resource_available":true,"data":null}},"time_used":120,"timings":{"blocked":55,"dns":29,"connect":1,"send":0,"wait":10,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-17","alert":"Sinkholed","trigger":"tj.16gift.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tj.16gift.com/api/event","fqdn":"tj.16gift.com","domain":"16gift.com","tld":"com"},"ip":{"addr":"172.67.144.182","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:15.491Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"16gift.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sat, 04 Apr 2026 23:28:44 GMT","end":"Sat, 04 Jul 2026 00:27:29 GMT"},"fingerprint":{"sha1":"DB:D1:2A:CB:5C:3B:B4:51:78:6A:DB:0A:F5:A4:5B:1F:37:80:37:68","sha256":"E3:F7:E8:E5:8D:76:13:96:50:03:75:B0:8A:D4:C0:FA:B3:83:6E:C0:9D:08:B7:5A:4F:A5:06:64:FC:08:2C:37"}}},"request":{"raw":"POST /api/event HTTP/1.1\r\nHost: tj.16gift.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain\r\nContent-Length: 99\r\nOrigin: https://klaim-dana-kaget23.gwew.top\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":99,"data":"{\"n\":\"pageview\",\"u\":\"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23\",\"d\":\"id-gopay03\",\"r\":null}"}},"response":{"raw":"HTTP/3 202 Accepted\r\nserver: cloudflare\r\ndate: Fri, 17 Apr 2026 06:56:16 GMT\r\ncontent-type: text/plain; charset=utf-8\r\ncontent-length: 2\r\npriority: u=3,i=?0\r\naccess-control-allow-credentials: true\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: \r\ncache-control: max-age=0, private, must-revalidate\r\nx-request-id: GKcSjUCVMOw6_RMDZxgB\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pCEPliYhiYjzp%2FDTP4VMr2WFLJncStG6IBFgwRUChmcwhQhGQoaKRBsKiM7M2bBDEi%2FZ4HwV8pDue3v0ANxC%2BxP2KeQtPcwM%2B6By2R5851vPkCo4njSg8O5g7JWi0vV5\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ed98760f8ec56af-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"202","status_text":"Accepted","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":2,"size_decoded":0,"mime_type":"text/plain; charset=utf-8","magic":"ASCII text, with no line terminators","md5":"444bcb3a3fcf8389296c49467f27e1d6","sha1":"7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb","sha256":"2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df","sha512":"9fbbbb5a0f329f9782e2356fa41d89cf9b3694327c1a934d6af2a9df2d7f936ce83717fb513196a4ce5548471708cd7134c2ae99b3c357bcabb2eafc7b9b7570","ssdeep":"","tlshash":"c710000000000000300000000000000000000000000000000000000000000c0000c000","first_seen":"2023-03-08T02:32:37Z","last_seen":"2026-04-21T09:33:08.997196Z","times_seen":398721,"resource_available":true,"data":null}},"time_used":590,"timings":{"blocked":23,"dns":2,"connect":0,"send":0,"wait":562,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-04-17","alert":"Sinkholed","trigger":"tj.16gift.com","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"klaim-dana-kaget23.gwew.top/?bagi-saldo=23","fqdn":"klaim-dana-kaget23.gwew.top","domain":"gwew.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-04-17T06:56:13.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gwew.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 09:14:35 GMT","end":"Thu, 02 Jul 2026 10:12:19 GMT"},"fingerprint":{"sha1":"DB:FA:4F:5E:0A:E8:E4:41:C3:2E:F6:64:8A:FB:FC:12:D7:95:3F:E9","sha256":"DB:AC:4F:94:81:E7:E7:5E:E9:69:74:30:8F:B2:A8:73:D5:8A:FA:25:E8:5B:94:66:F2:30:AB:6B:C1:E2:8E:64"}}},"request":{"raw":"GET /?bagi-saldo=23 HTTP/1.1\r\nHost: klaim-dana-kaget23.gwew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 17 Apr 2026 06:56:14 GMT\r\ncontent-type: text/html; charset=UTF-8\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nset-cookie: pics=%5B%22https%3A%5C%2F%5C%2F599cdn.com%5C%2FIndonesia%5C%2Ftx03.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2FIndonesia%5C%2Ftx02.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2FIndonesia%5C%2Ftx04.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2FIndonesia%5C%2Ftx01.jpg%22%5D; expires=Fri, 17-Apr-2026 07:56:13 GMT; Max-Age=3600\ncomments=%5B%22Mantap%20banget%21%20Terima%20kasih%20%5Cud83d%5Cudc9a%22%2C%22Sudah%20masuk%21%20Aku%20langsung%20share%20ke%20teman-teman%20%5Cud83d%5Cudc4d%22%2C%22Awalnya%20saya%20kira%20ini%20tidak%20benar%2C%20tapi%20ternyata%20berhasil.%20Saldo%20DANA%20langsung%20masuk%21%22%2C%22Gila%2C%20saldo%20Rp500.000%20beneran%20masuk%20%5Cud83d%5Cude2d%20Terima%20kasih%20DANA%21%22%5D; expires=Fri, 17-Apr-2026 07:56:13 GMT; Max-Age=3600\nnames=%5B%22Maya%20Sari%22%2C%22Agus%20Setiawan%22%2C%22Hendra%20Gunawan%22%2C%22Rudi%20Hartono%22%2C%22Dedi%20Kurniawan%22%2C%22Putri%20Maharani%22%2C%22Sari%20Wulandari%22%2C%22Fajar%20Hidayat%22%2C%22Nur%20Aisyah%22%2C%22Budi%20Santoso%22%2C%22Lina%20Oktaviani%22%5D; expires=Fri, 17-Apr-2026 07:56:13 GMT; Max-Age=3600\nloclang=en; expires=Mon, 20-Apr-2026 06:56:13 GMT; Max-Age=259200; path=/\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=LHbLI2u0VQFNLfP4379I4JUZv%2B3ZF1MbzYIP5TvzP3LH6uwXvGsdmZ%2FTjFRgnmiCO9HiuuY6ryaCkkoBa3zRCj3DDvSGpYweZT9RL%2FsbNfGTY5jHvkyx0x2zplzylJv70GRYjEbZkKCJ9fSfJPE%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9ed987555a704e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"jsDelivr","description":"JSDelivr is a free public CDN for open-source projects. It can serve web files directly from the npm registry and GitHub repositories without any configuration.","website":"https://www.jsdelivr.com/","common_platform_enumeration":"","icon":"jsdelivr-icon.svg","categories":["CDN"]},{"name":"jQuery CDN","description":"jQuery CDN is a way to include jQuery in your website without actually downloading and keeping it your website's folder.","website":"https://code.jquery.com/","common_platform_enumeration":"","icon":"jQuery.svg","categories":["CDN"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":27445,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (333)","md5":"08f7902716f6d0789ad9e0afed3e67e8","sha1":"b1621bc9922814694a75a5101444bdbaa097eddc","sha256":"83bacc77d91df95fe5b96811443e824dd8ba88aea1c7c6102c0fcae40c9ae78d","sha512":"7c8ffbc424ed2c304b338efdd31528eaecace3973d8a2a20ec542404c806e80ac4172d128d302a4725c89d348fa97852f8f95e91a8bc1d076d70f8565094c6ab","ssdeep":"768:SCFxFZFwFdqh3H+j6xVkaRw5O3/8UuPzFIvBcoe9da/Bn4XY:SCbnujI3Hu6oa+5OEPzFIvBcoe9da/B/","tlshash":"4ac2b95372f20026517390e26ebb5b0a3a719207e743cd783d9c46d4cf8dd96a2b7b68","first_seen":"2026-04-17T02:12:23.432273Z","last_seen":"2026-04-19T04:59:27.288774Z","times_seen":30,"resource_available":true,"data":null}},"time_used":522,"timings":{"blocked":56,"dns":34,"connect":1,"send":0,"wait":410,"receive":0,"ssl":17},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/Indonesia/dana4172.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:14.363Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 17:40:31 GMT","end":"Tue, 26 May 2026 18:40:24 GMT"},"fingerprint":{"sha1":"73:49:60:CA:71:A9:3D:54:8A:DB:4C:BA:5D:A0:D4:EA:37:18:9A:B3","sha256":"89:41:B6:98:C2:9E:34:63:8B:ED:3E:6C:78:08:13:52:9D:38:C9:B4:A0:6E:F3:09:3F:60:8C:DD:23:AA:1F:E4"}}},"request":{"raw":"GET /Indonesia/dana4172.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 17 Apr 2026 06:56:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 137043\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=pOWtmpgxrjEcbAmO%2BARUtKJE9JzmKAQ2vY03x7GxYxQdikQRlyUksz31HvM05WdUe92CitrK2%2BuSxE%2BcW1o%2FIqH63079SLhAOHMOHbVBamSDt23xwprsl5Wk8azr\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"914e632fec1865eeb45bbbfb4e3e791b\"\r\nlast-modified: Thu, 16 Apr 2026 08:08:39 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-ray: 9ed9875a4a0e0b02-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":137043,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2500x1250, components 3","md5":"914e632fec1865eeb45bbbfb4e3e791b","sha1":"63ac59f7ba87093a199ea3b8f8879b8b83817faa","sha256":"aaf52e4db2149b81c774d978cbcb7db8a6780cf4f644a2f15d994f1ec4de202e","sha512":"be014f94ee566358613a50f075cc30ff119a40643f69f71c2262f5a3963f41bea1a438c60bafafb9bd0837b59482b84f4a1bcd0320206f753d47cb6ee3b8b0d4","ssdeep":"3072:/Ja4JEFLxlg1k5o0QINC/mte2nel/C+wmC5/Qn8S+Qx0:/JarXldPQz+te2n66+wmuSm","tlshash":"20d302b7c748c24ad15c2bb189f70a97c5954f43de2f1bc214652ef030e8b7cb59861a","first_seen":"2026-04-17T02:12:23.424294Z","last_seen":"2026-04-19T04:59:27.295455Z","times_seen":30,"resource_available":false,"data":null}},"time_used":289,"timings":{"blocked":87,"dns":0,"connect":0,"send":0,"wait":194,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/Indonesia/tx06.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:14.367Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 17:40:31 GMT","end":"Tue, 26 May 2026 18:40:24 GMT"},"fingerprint":{"sha1":"73:49:60:CA:71:A9:3D:54:8A:DB:4C:BA:5D:A0:D4:EA:37:18:9A:B3","sha256":"89:41:B6:98:C2:9E:34:63:8B:ED:3E:6C:78:08:13:52:9D:38:C9:B4:A0:6E:F3:09:3F:60:8C:DD:23:AA:1F:E4"}}},"request":{"raw":"GET /Indonesia/tx06.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 17 Apr 2026 06:56:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1422\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=DBY7OvbfxTinq%2FZd7sB4ccFtcTscow59KyVCHeFPGj0rvy%2FYKL381Vc4C2CQxu%2FX5hUyOtx7Lvn7MdzpI%2BpIDnL1uv796C9YlCQLmNasCUqap8FtCm2no9GcLtm9\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"8769be1fa14b26bf9132d2512a4c37b8\"\r\nlast-modified: Mon, 08 Dec 2025 06:12:34 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-ray: 9ed9875a5a110b02-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1422,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 64x64, components 3","md5":"8769be1fa14b26bf9132d2512a4c37b8","sha1":"342a78063a7bfcc1667f5eb89580675be9f5b0b8","sha256":"51c25201b2a1002d962ecbab1bfc542607189b622a99489be6a600b225afa923","sha512":"f6ddfefdcf97a48cbcee2b610cb2c5c4e08049f6e7640363f65f9b0d15b2799802a98f1f59fa30cadd855d0d1f22e88ecab748d69b7b8da2b1dcd9946d902e41","ssdeep":"","tlshash":"eb210bd6c626d882ec1c4db304a8d353737d77424600821527f0d8f2276e6144ddf9be","first_seen":"2025-12-31T11:22:19.91433Z","last_seen":"2026-04-19T04:59:27.296536Z","times_seen":218,"resource_available":false,"data":null}},"time_used":271,"timings":{"blocked":83,"dns":0,"connect":0,"send":0,"wait":187,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/Indonesia/tx01.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:14.370Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 17:40:31 GMT","end":"Tue, 26 May 2026 18:40:24 GMT"},"fingerprint":{"sha1":"73:49:60:CA:71:A9:3D:54:8A:DB:4C:BA:5D:A0:D4:EA:37:18:9A:B3","sha256":"89:41:B6:98:C2:9E:34:63:8B:ED:3E:6C:78:08:13:52:9D:38:C9:B4:A0:6E:F3:09:3F:60:8C:DD:23:AA:1F:E4"}}},"request":{"raw":"GET /Indonesia/tx01.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 17 Apr 2026 06:56:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 992\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=fihVoIQfso5VB%2F7sRFzKLCI0IYl4SuduShJ0nD1OFCdde15yUANvhq75%2FD0occQZyh5a%2BVV%2FxQxrHNwR0jNSrgvhsEimGg8rgAHYemxmYtSqHJ4%2FYnRVmy7mwJUd\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"6255a9023700d396c7fd7642b7995821\"\r\nlast-modified: Mon, 08 Dec 2025 06:12:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 6108\r\ncache-control: max-age=14400\r\ncf-ray: 9ed9875a4a040b02-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":992,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 64x64, components 3","md5":"6255a9023700d396c7fd7642b7995821","sha1":"c44d05e04864def4b080a72df571b9b5487c6ebb","sha256":"2094bd9b0098663a619ef9ffe1347e3950afcebb0f6042379235862371761857","sha512":"d53b7f773c17fc26ca33a67a369b4051808d0fd30f44379271531038daa81d099a45f56d21ae475725464c341067744316072adbcbd12b25bbdf48890775f522","ssdeep":"","tlshash":"511150d9cfa1f60bfc121b3615751f9f1b148a47e8a097489bc29a6636b6642108d23a","first_seen":"2026-01-03T05:15:34.052048Z","last_seen":"2026-04-19T04:59:27.292817Z","times_seen":217,"resource_available":false,"data":null}},"time_used":92,"timings":{"blocked":80,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/Indonesia/tx04.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:14.373Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 17:40:31 GMT","end":"Tue, 26 May 2026 18:40:24 GMT"},"fingerprint":{"sha1":"73:49:60:CA:71:A9:3D:54:8A:DB:4C:BA:5D:A0:D4:EA:37:18:9A:B3","sha256":"89:41:B6:98:C2:9E:34:63:8B:ED:3E:6C:78:08:13:52:9D:38:C9:B4:A0:6E:F3:09:3F:60:8C:DD:23:AA:1F:E4"}}},"request":{"raw":"GET /Indonesia/tx04.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 17 Apr 2026 06:56:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1455\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=vj%2BdlU5KxhAn8BuaG2W3N%2BbSIeIDvM5umYtbrzTJJi6Xr0Bw2kFKBuUbDL8skX8hy7Mt9a4ET8rBiE5TUHELnlhFJvrT124I0gnhhhiJCkFPJ4OIW5PWCMbjic5i\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"7d3187aba10045436a51295c54dcfb8f\"\r\nlast-modified: Mon, 08 Dec 2025 06:12:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 6430\r\ncache-control: max-age=14400\r\ncf-ray: 9ed9875a4a0a0b02-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1455,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 64x64, components 3","md5":"7d3187aba10045436a51295c54dcfb8f","sha1":"4857e40fb652ced09fb030ffaa3afee1f1166935","sha256":"d0e7389b8cee45019c89ff9775b74b13a013e6d83f4bc58f6b409205471e45a4","sha512":"0ae27abc355439994eb8c42ac1b449442adac0bc6c6f002573247bd1169ad52dc5d8a1e1a42ec312e27088c01a16b062219234ab988c373edd4e7657c95d3183","ssdeep":"","tlshash":"5131b9ece785244bfc9c153e422d8f75431e1015b9c282da178b55b023e5cdc11a87d2","first_seen":"2025-12-31T11:22:19.919496Z","last_seen":"2026-04-19T04:59:27.289464Z","times_seen":218,"resource_available":false,"data":null}},"time_used":89,"timings":{"blocked":76,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/Indonesia/tx05.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:14.365Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 17:40:31 GMT","end":"Tue, 26 May 2026 18:40:24 GMT"},"fingerprint":{"sha1":"73:49:60:CA:71:A9:3D:54:8A:DB:4C:BA:5D:A0:D4:EA:37:18:9A:B3","sha256":"89:41:B6:98:C2:9E:34:63:8B:ED:3E:6C:78:08:13:52:9D:38:C9:B4:A0:6E:F3:09:3F:60:8C:DD:23:AA:1F:E4"}}},"request":{"raw":"GET /Indonesia/tx05.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 17 Apr 2026 06:56:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1561\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=swDkc3dzW5tczOU1v0wfdreXvFK9kP4JkREGy2itaM5qhTRN2CAKNZt0NdAHHDHL5LClOQRbV%2BQ2%2FowjPON34f277FFDu27a7UUHjeFDsn7FdLmzchoxSVt9vQdB\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"634f120276d0ce93e43d6ec3da1a370e\"\r\nlast-modified: Mon, 08 Dec 2025 06:12:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 6104\r\ncache-control: max-age=14400\r\ncf-ray: 9ed9875a4a0f0b02-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1561,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 64x64, components 3","md5":"634f120276d0ce93e43d6ec3da1a370e","sha1":"9e6b33797683d4a86af594ab1d9743afbc217fad","sha256":"1f6750987cf9f6324ac93f69655d6de3bfa72df01b4243cc3fe801fa4c169635","sha512":"a7fb21ff65d5ddd7adda8647e1feb4b40bf9051631972aec1c6135cbfb823f43b64f1dff8ac8f866e8294f9df40f0ab6d64ccab49720330ec7f0bfd9348e2ca3","ssdeep":"","tlshash":"fd31b7addecec413f47114b2477d0b17c765ef42c6c9a79f6ac00235e9281903d493a2","first_seen":"2024-11-19T03:40:04.294556Z","last_seen":"2026-04-19T04:59:27.296006Z","times_seen":236,"resource_available":false,"data":null}},"time_used":98,"timings":{"blocked":85,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/Indonesia/tx07.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:14.368Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 17:40:31 GMT","end":"Tue, 26 May 2026 18:40:24 GMT"},"fingerprint":{"sha1":"73:49:60:CA:71:A9:3D:54:8A:DB:4C:BA:5D:A0:D4:EA:37:18:9A:B3","sha256":"89:41:B6:98:C2:9E:34:63:8B:ED:3E:6C:78:08:13:52:9D:38:C9:B4:A0:6E:F3:09:3F:60:8C:DD:23:AA:1F:E4"}}},"request":{"raw":"GET /Indonesia/tx07.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 17 Apr 2026 06:56:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1095\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=hMRGhN4T43yHVLAAZC5g4xBPcsjjiUhK6zejBQbsqvI%2F9AjNwRI%2FL23uF5jG005NoaWpc%2B1J%2BjCoh2ZW4vXoiTHlu764dXGpz0aGE3l3kKRqGwRBZmAtCGdKsoIZ\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"c5eb35d757fa781a85c75df73db0ebf8\"\r\nlast-modified: Mon, 08 Dec 2025 06:12:35 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\nage: 2559\r\ncache-control: max-age=14400\r\ncf-ray: 9ed9875a4a010b02-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1095,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 64x64, components 3","md5":"c5eb35d757fa781a85c75df73db0ebf8","sha1":"17d7ebde71674c8842c609ea3f5ba9d37a72f0f3","sha256":"abf6de5823efe236f4f1271aed8a4ab49d6c1b6c93e490799eb262017031bb82","sha512":"55a4961dcf7f09235d6056d8d26e9818cc044dc8b20215d939f8b4be7fc4ace5477f2f0b6814bf442f6e954aeee209dc3b7c060904886d2155a56f393f448d57","ssdeep":"","tlshash":"711175f6dbe26913fbd0277b52384faf47149b01eac0870665c26fb2646d9d24ac4318","first_seen":"2026-01-15T12:57:44.131203Z","last_seen":"2026-04-19T04:59:27.292276Z","times_seen":216,"resource_available":false,"data":null}},"time_used":193,"timings":{"blocked":81,"dns":21,"connect":1,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/Indonesia/tx02.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:14.371Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 17:40:31 GMT","end":"Tue, 26 May 2026 18:40:24 GMT"},"fingerprint":{"sha1":"73:49:60:CA:71:A9:3D:54:8A:DB:4C:BA:5D:A0:D4:EA:37:18:9A:B3","sha256":"89:41:B6:98:C2:9E:34:63:8B:ED:3E:6C:78:08:13:52:9D:38:C9:B4:A0:6E:F3:09:3F:60:8C:DD:23:AA:1F:E4"}}},"request":{"raw":"GET /Indonesia/tx02.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 17 Apr 2026 06:56:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 1345\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=st0G6kFn05EIwfnSSt84%2BXUFvmc2SWlzc%2FT6rtXDQRa5znCI5S2SePkOj2xYi7csbe1rLZFcDQWeNDOKXiSRvN3L9tjfPJsCKmJyVzK7mjxEPgFj76E%2BNNPXI0RW\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"56c7cc738ff57fc4686e93c99e74ec32\"\r\nlast-modified: Mon, 08 Dec 2025 06:12:33 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-ray: 9ed9875a4a060b02-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1345,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 64x64, components 3","md5":"56c7cc738ff57fc4686e93c99e74ec32","sha1":"c79b6f838fa2f94b238e113888703dd2db6e2c37","sha256":"ad09d8cdf3f2fe9fa0ca7ce185965e7445e6d7d619bbe0f5ca18366318d03691","sha512":"9dbe375f74c72d844947feebb07509e3b513ef8d605833f66e27884e1fdac99db95d21aa9b77adf6f5c39ff4152fe6f451abdd520586e58201f882b403f3bbd4","ssdeep":"","tlshash":"0321c88f83635917f0752afb053d2b82cf341605a95ed3d4508a4ad2ccbb49c0348371","first_seen":"2026-01-03T05:15:34.048589Z","last_seen":"2026-04-19T04:59:27.29768Z","times_seen":217,"resource_available":false,"data":null}},"time_used":269,"timings":{"blocked":79,"dns":0,"connect":0,"send":0,"wait":190,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"code.jquery.com/jquery-latest.min.js","fqdn":"code.jquery.com","domain":"jquery.com","tld":"com"},"ip":{"addr":"151.101.130.137","port":443,"asn":54113,"as":"FASTLY","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:14.376Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.jquery.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV E36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 12 Jun 2025 00:00:00 GMT","end":"Fri, 26 Jun 2026 23:59:59 GMT"},"fingerprint":{"sha1":"56:36:FB:D3:E0:9E:71:88:98:A4:C9:34:94:9B:43:3A:C4:C5:1E:BE","sha256":"9A:64:20:6F:F5:DC:F1:8A:D6:B2:D0:93:C2:7E:62:86:0B:1A:D5:24:CF:CE:4A:9F:4C:0D:F1:FB:F2:A0:A8:1E"}}},"request":{"raw":"GET /jquery-latest.min.js HTTP/1.1\r\nHost: code.jquery.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 18 Oct 1991 12:00:00 GMT\r\netag: W/\"28feccc0-1762a\"\r\ncache-control: public, max-age=31536000, stale-while-revalidate=604800\r\naccess-control-allow-origin: *\r\ncontent-encoding: gzip\r\nvia: 1.1 varnish, 1.1 varnish\r\naccept-ranges: bytes\r\ndate: Fri, 17 Apr 2026 06:56:14 GMT\r\nage: 498867\r\nx-served-by: cache-lga21983-LGA, cache-hel1410024-HEL\r\nx-cache: HIT, HIT\r\nx-cache-hits: 55, 821\r\nx-timer: S1776408974.477761,VS0,VE0\r\nvary: Accept-Encoding\r\ncontent-length: 33202\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Varnish","description":"Varnish is a reverse caching proxy.","website":"https://www.varnish-cache.org","common_platform_enumeration":"cpe:2.3:a:varnish-software:varnish_cache:*:*:*:*:*:*:*:*","icon":"Varnish.svg","categories":["Caching"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":95786,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (32086)","md5":"8101d596b2b8fa35fe3a634ea342d7c3","sha1":"d6c1f41972de07b09bfa63d2e50f9ab41ec372bd","sha256":"540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441","sha512":"9e1634eb02ab6acdfd95bf6544eefa278dfdec21f55e94522df2c949fb537a8dfeab6bcfecf69e6c82c7f53a87f864699ce85f0068ee60c56655339927eebcdb","ssdeep":"1536:/PEkjP+iADIOr/NEe876nmBu3HvF38sEeLHFoqqhJ7SerN5wVI+xcBmPv7E+nzm6:ENMyqhJvN32cBC7M6Whca98HrB","tlshash":"b293c8d9b6d27162977730b850bf510bb13a98eab80c4c60f1a4d8e47d78e89507bf2d","first_seen":"2023-03-07T01:02:02Z","last_seen":"2026-04-21T08:47:30.183532Z","times_seen":47151,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":-1,"dns":39,"connect":20,"send":0,"wait":14,"receive":8,"ssl":36},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"klaim-dana-kaget23.gwew.top/single.php","fqdn":"klaim-dana-kaget23.gwew.top","domain":"gwew.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:14.377Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gwew.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 09:14:35 GMT","end":"Thu, 02 Jul 2026 10:12:19 GMT"},"fingerprint":{"sha1":"DB:FA:4F:5E:0A:E8:E4:41:C3:2E:F6:64:8A:FB:FC:12:D7:95:3F:E9","sha256":"DB:AC:4F:94:81:E7:E7:5E:E9:69:74:30:8F:B2:A8:73:D5:8A:FA:25:E8:5B:94:66:F2:30:AB:6B:C1:E2:8E:64"}}},"request":{"raw":"GET /single.php HTTP/1.1\r\nHost: klaim-dana-kaget23.gwew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23\r\nCookie: pics=%5B%22https%3A%5C%2F%5C%2F599cdn.com%5C%2FIndonesia%5C%2Ftx03.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2FIndonesia%5C%2Ftx02.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2FIndonesia%5C%2Ftx04.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2FIndonesia%5C%2Ftx01.jpg%22%5D; comments=%5B%22Mantap%20banget%21%20Terima%20kasih%20%5Cud83d%5Cudc9a%22%2C%22Sudah%20masuk%21%20Aku%20langsung%20share%20ke%20teman-teman%20%5Cud83d%5Cudc4d%22%2C%22Awalnya%20saya%20kira%20ini%20tidak%20benar%2C%20tapi%20ternyata%20berhasil.%20Saldo%20DANA%20langsung%20masuk%21%22%2C%22Gila%2C%20saldo%20Rp500.000%20beneran%20masuk%20%5Cud83d%5Cude2d%20Terima%20kasih%20DANA%21%22%5D; names=%5B%22Maya%20Sari%22%2C%22Agus%20Setiawan%22%2C%22Hendra%20Gunawan%22%2C%22Rudi%20Hartono%22%2C%22Dedi%20Kurniawan%22%2C%22Putri%20Maharani%22%2C%22Sari%20Wulandari%22%2C%22Fajar%20Hidayat%22%2C%22Nur%20Aisyah%22%2C%22Budi%20Santoso%22%2C%22Lina%20Oktaviani%22%5D; loclang=en\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ndate: Fri, 17 Apr 2026 06:56:14 GMT\r\ncontent-type: text/javascript;charset=utf-8\r\nserver: cloudflare\r\npriority: u=3,i=?0\r\nvary: Accept-Encoding\r\ncontent-encoding: gzip\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=g8j9J5sYsLB5xkcsEGS3BSStgOcH4aYjyTXwrtGXWsrt0iI2Y25AVc6NZcXQ48WxpyS4eoIpDQms4%2FzpAR7zCJeGw3jWjoOhCiXOevPokUDiBYB3cVYdzXjuQ1qljkC3I0zyiVyTCxeRKzrx%2BKo%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9ed98759bfc2dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":1097,"size_decoded":0,"mime_type":"text/javascript; charset=utf-8","magic":"JavaScript source, Unicode text, UTF-8 text","md5":"0e5becf35f3ca47f5d9b412f9f458748","sha1":"98fa3e84897120884846dc3b63db120897bc9274","sha256":"184044d676ce02e7aacec2f93f79386a2562b92f6912c719875d99f8cb1fc86d","sha512":"85533f485e3fc9b4e5cf88eacb1d90104a51bb218c75d3662a1ed849002438dce43ee676c584433e0460dea9c3b864cc9565f8fddc89dc47cd4c054b3c889458","ssdeep":"","tlshash":"ad11f3a87c760058e9ba943a5f3f70643071203a9329c950bc6df9845ff1e959097ddd","first_seen":"2026-04-17T06:57:10.462207Z","last_seen":"2026-04-17T06:57:10.462207Z","times_seen":1,"resource_available":true,"data":null}},"time_used":196,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":195,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"klaim-dana-kaget23.gwew.top/favicon.ico","fqdn":"klaim-dana-kaget23.gwew.top","domain":"gwew.top","tld":"top"},"ip":{"addr":"188.114.96.1","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:14.863Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"gwew.top","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Fri, 03 Apr 2026 09:14:35 GMT","end":"Thu, 02 Jul 2026 10:12:19 GMT"},"fingerprint":{"sha1":"DB:FA:4F:5E:0A:E8:E4:41:C3:2E:F6:64:8A:FB:FC:12:D7:95:3F:E9","sha256":"DB:AC:4F:94:81:E7:E7:5E:E9:69:74:30:8F:B2:A8:73:D5:8A:FA:25:E8:5B:94:66:F2:30:AB:6B:C1:E2:8E:64"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: klaim-dana-kaget23.gwew.top\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23\r\nCookie: pics=%5B%22https%3A%5C%2F%5C%2F599cdn.com%5C%2FIndonesia%5C%2Ftx03.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2FIndonesia%5C%2Ftx02.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2FIndonesia%5C%2Ftx04.jpg%22%2C%22https%3A%5C%2F%5C%2F599cdn.com%5C%2FIndonesia%5C%2Ftx01.jpg%22%5D; comments=%5B%22Mantap%20banget%21%20Terima%20kasih%20%5Cud83d%5Cudc9a%22%2C%22Sudah%20masuk%21%20Aku%20langsung%20share%20ke%20teman-teman%20%5Cud83d%5Cudc4d%22%2C%22Awalnya%20saya%20kira%20ini%20tidak%20benar%2C%20tapi%20ternyata%20berhasil.%20Saldo%20DANA%20langsung%20masuk%21%22%2C%22Gila%2C%20saldo%20Rp500.000%20beneran%20masuk%20%5Cud83d%5Cude2d%20Terima%20kasih%20DANA%21%22%5D; names=%5B%22Maya%20Sari%22%2C%22Agus%20Setiawan%22%2C%22Hendra%20Gunawan%22%2C%22Rudi%20Hartono%22%2C%22Dedi%20Kurniawan%22%2C%22Putri%20Maharani%22%2C%22Sari%20Wulandari%22%2C%22Fajar%20Hidayat%22%2C%22Nur%20Aisyah%22%2C%22Budi%20Santoso%22%2C%22Lina%20Oktaviani%22%5D; loclang=en\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\ndate: Fri, 17 Apr 2026 06:56:15 GMT\r\ncontent-type: text/html\r\nserver: cloudflare\r\npriority: u=6,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=K3%2FcR0NDP%2F4H9PjTqGvbFaIAutFEzKv3NEdBcMj2VxqmMYS2n7%2Fl0iB1jsjAebhi7qweHzbp8SBkVCK0qWFI1gGSxX3dknBVclHllg2DiijtqIC3ionMfbrRv%2BoLukia%2FUIkP%2B0uK5htjZEl%2FN4%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-ray: 9ed9875ce934dfec-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":146,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"8eec510e57f5f732fd2cce73df7b73ef","sha1":"3c0af39ecb3753c5fee3b53d063c7286019eac3b","sha256":"55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0","sha512":"73bbf698482132b5fd60a0b58926fddec9055f8095a53bc52714e211e9340c3419736ceafd6b279667810114d306bfccdcfcddf51c0b67fe9e3c73c54583e574","ssdeep":"","tlshash":"b7c02b2d35133c4cc563313423c37140c0d6833b687a41110400c00371cf2998ec3397","first_seen":"2023-03-07T12:05:15Z","last_seen":"2026-04-21T09:22:24.468456Z","times_seen":492977,"resource_available":true,"data":null}},"time_used":382,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":381,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"599cdn.com/Indonesia/dana417.jpg","fqdn":"599cdn.com","domain":"599cdn.com","tld":"com"},"ip":{"addr":"172.67.184.128","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://klaim-dana-kaget23.gwew.top/?bagi-saldo=23","date":"2026-04-17T06:56:14.361Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"53116b70.sni.cloudflaressl.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 25 Feb 2026 17:40:31 GMT","end":"Tue, 26 May 2026 18:40:24 GMT"},"fingerprint":{"sha1":"73:49:60:CA:71:A9:3D:54:8A:DB:4C:BA:5D:A0:D4:EA:37:18:9A:B3","sha256":"89:41:B6:98:C2:9E:34:63:8B:ED:3E:6C:78:08:13:52:9D:38:C9:B4:A0:6E:F3:09:3F:60:8C:DD:23:AA:1F:E4"}}},"request":{"raw":"GET /Indonesia/dana417.jpg HTTP/1.1\r\nHost: 599cdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://klaim-dana-kaget23.gwew.top/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Fri, 17 Apr 2026 06:56:14 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 87048\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=%2B33ieNETiHaUqZWuYbQuADlqgQcnXMuBnjly2PNlm4aeRGchXuiCjEuZKpNGQ%2B6DDu%2FoFNw3MhfuF5ZjPYGvhgawLPvNBb9Kp0cRfEMAhLch1oF8w1%2FyYhu7KONc\"}]}\r\ncf-cache-status: HIT\r\nserver: cloudflare\r\naccept-ranges: bytes\r\netag: \"6b9ad42cc0190b09aecf459f98dd6a03\"\r\nlast-modified: Thu, 16 Apr 2026 08:08:38 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: Accept-Encoding\r\ncache-control: max-age=14400\r\ncf-ray: 9ed9875a4a0c0b02-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":87048,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1306x816, components 3","md5":"6b9ad42cc0190b09aecf459f98dd6a03","sha1":"039e36036b192d6742c0b082d2fadf521521de54","sha256":"76bc95e59c156ac8cf0e3948791ab9ea2742c98c2fcace715852790d6a268596","sha512":"2acb861dd7963f3886d52dcbf4b57b63a355eb7af1ece14334ecf302cd558a606ac812ad4cf7dc4b84a782c029905cb3829f86b33aee225786bb703e85f84f60","ssdeep":"1536:v8hwla7LlI+UfuBWo1ud5w06lao8ee56vUY7qRaxt2r7cXKJ0RNkq:vOwlilI+UL1dC0No8ecBhiCcr9","tlshash":"e18312a3c3568e5ff1ca2efd853e936eb093657798248092712901e1e1c3e154d49fbd","first_seen":"2026-04-17T02:12:23.415509Z","last_seen":"2026-04-19T04:59:27.29713Z","times_seen":30,"resource_available":false,"data":null}},"time_used":295,"timings":{"blocked":88,"dns":0,"connect":0,"send":0,"wait":203,"receive":4,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}