Report - renovasi99.com/online1/update/web/login.php?web/auth/signon=

Report Overview

Submitted URL
renovasi99.com/online1/update/web/login.php?web/auth/signon=
IP
139.162.6.196
ASN
#63949 Linode, LLC
Submitted
2022-10-05 15:47:07
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
50

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	4.4 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	54.230.111.64
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
renovasi99.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	14 kB	2.6 MB	139.162.6.196
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	51 kB	34.120.237.76
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	807 B	560 B	216.239.32.36
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.65
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	737 B	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.189.157.130
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	993 B	2.1 kB	142.250.74.3
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	740 B	119 kB	142.250.74.168
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	358 B	21 kB	142.250.74.174

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	renovasi99.com/online1/update/web/login.php?web/auth/signon=	Phishing
2022-10-05	medium	renovasi99.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2	Phishing
2022-10-05	medium	renovasi99.com/online1/update/web/1_files/a_002.htm	Phishing
2022-10-05	medium	renovasi99.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.2	Phishing
2022-10-05	medium	renovasi99.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3	Phishing
2022-10-05	medium	renovasi99.com/wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css?ver=6.0.2	Phishing
2022-10-05	medium	renovasi99.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12.2	Phishing
2022-10-05	medium	renovasi99.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.5	Phishing
2022-10-05	medium	renovasi99.com/online1/update/web/assets/css/css/wellsfargosans-sbd.woff2	Phishing
2022-10-05	medium	renovasi99.com/wp-content/themes/gillion/css/plugins/bootstrap.min.css?ver=3.3.4	Phishing
2022-10-05	medium	renovasi99.com/online1/update/web/assets/css/css/wellsfargosans-rg.woff2	Phishing
2022-10-05	medium	renovasi99.com/online1/update/web/assets/css/css/wellsfargoserif-rg.woff2	Phishing
2022-10-05	medium	renovasi99.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-10-05	medium	renovasi99.com/wp-content/themes/gillion/js/plugins.js?ver=6.0.2	Phishing
2022-10-05	medium	renovasi99.com/wp-content/themes/gillion/js/scripts.js?ver=6.0.2	Phishing
2022-10-05	medium	renovasi99.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3	Phishing
2022-10-05	medium	renovasi99.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3	Phishing
2022-10-05	medium	renovasi99.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5	Phishing
2022-10-05	medium	renovasi99.com/wp-content/plugins/super-progressive-web-apps/public/js/register-sw.js	Phishing
2022-10-05	medium	renovasi99.com/online1/update/web/assets/css/css/wellsfargosans-sbd.woff	Phishing
2022-10-05	medium	renovasi99.com/online1/update/web/assets/css/css/wellsfargoserif-rg.woff	Phishing
2022-10-05	medium	renovasi99.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10	Phishing
2022-10-05	medium	renovasi99.com/superpwa-manifest.json	Phishing
2022-10-05	medium	renovasi99.com/online1/update/web/assets/css/css/wellsfargosans-rg.woff	Phishing
2022-10-05	medium	renovasi99.com/wp-content/uploads/gillion-dynamic-styles.css?ver=226670583	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (41)

	URL	Size	First Seen	Last Seen
	renovasi99.com/online1/update/web/1_files/a_002.htm	2.2 kB	2023-03-08	2023-03-08
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-03-08 07:01:19 Times Seen1 Hash 1f35c0a16ff562a1fa06d6b40c39cbba 0272c88fff91bd28f49a036540864c34c16b3814 0caf80e558c39f82eb5c398ee078e57f4f59bf5be37a6816b5a976c34b0dc87c Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	695 B	2023-03-08	2023-03-08
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-03-08 07:01:19 Times Seen1 Hash 7954e0174875db1b78c9b9f60bfaf503 aed0b67fd7b33720d3fccc91d9d76f969765ef60 a0752c29f0eeb666977852c75e7c3b68530f3d7c7c890ca7238ce97c71bb69bb Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	141 B	2023-03-08	2023-03-08
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-03-08 07:01:19 Times Seen1 Hash d8a48d895f82a879eb318c8ac2db156f 1a13bdb3609a21228a48bff9359c669472a424fa 6a69e0271fd5c5c5c57c683a184acb74e4f00d1c24031e7b443454fd228305c4 Loading...

	renovasi99.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3	12 kB	2023-03-07	2024-04-18
Pretty URL renovasi99.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:48 Last Seen2024-04-18 13:36:03 Times Seen2049 Hash 3f3fc23f477a3849aa5677c585b2a2b4 ccf0865ebd37f76c450c7a377a86ff2448288db3 985fdd42398281348ca133a44750a56fe4909a806b9c075c9443a5d0bd6d2e51 Loading...

	renovasi99.com/wp-content/plugins/super-progressive-web-apps/public/js/register-sw.js	5.0 kB	2023-03-07	2023-09-23
Pretty URL renovasi99.com/wp-content/plugins/super-progressive-web-apps/public/js/register-sw.js IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:55 Last Seen2023-09-23 21:13:05 Times Seen14 Hash 6dde24e89c4a0caf158284083dc92ab2 5eab1ab5d45e8f3ffcaef87afc75bb621750879a e7575cbf2e7c3b4989ec2ef7db0a6d7298113aea10f264adc4af161c936635c1 Loading...

	renovasi99.com/online1/update/web/login.php?web/auth/signon=	3.8 kB	2023-03-07	2023-03-17
Pretty URL renovasi99.com/online1/update/web/login.php?web/auth/signon= IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:16:40 Last Seen2023-03-17 12:35:39 Times Seen1 Hash 9277e73d1115a424516fb8be486fb4c1 64af4ff733d6499fe913f37abd5990ed4bfa6449 dab35cfc1ea67bb1face31bea7d41e490d431c3c3d34546d80d25f3261e514f0 Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	215 B	2023-03-07	2024-04-19
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-19 01:58:19 Times Seen2227 Hash 1bb7b821b587959d4c0cc406c49077ff 2cb4827d5cd5a05729418b369019b9c1eb0798ed 1f93a5f6091369b8b6cdb7be01a6c7044ec8c3af0eeac05a5f0dfb3aea2a3e31 Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	57 B	2023-03-07	2024-01-21
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:40:32 Last Seen2024-01-21 23:29:55 Times Seen16 Hash 15c8ae60ef6bfabc24cdfbfac733ca42 ae31c72f52a6848302a5be0df003e3adbbba5f12 0e33fb4b9d3de6d2a530d9cbfe68208a9c51c7a868c4893f48ed4244c4eb5169 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-20
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-20 17:36:09 Times Seen1522 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	renovasi99.com/online1/update/web/login.php?web/auth/signon=	135 B	2023-03-07	2023-03-17
Pretty URL renovasi99.com/online1/update/web/login.php?web/auth/signon= IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:16:40 Last Seen2023-03-17 12:35:39 Times Seen1 Hash 748c6e3aa23a7cb8ef64f6cf5a2ac24c 183b2f8ad9b9cd3518fd5f1c74f0d7df4b041ff7 9094dc3a13cbc43cf3f6d3900587adf4820cddb31cb004bd68e5d22c7b950fe8 Loading...

	renovasi99.com/online1/update/web/login.php?web/auth/signon=	182 B	2023-03-07	2024-04-16
Pretty URL renovasi99.com/online1/update/web/login.php?web/auth/signon= IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:37 Last Seen2024-04-16 18:37:41 Times Seen311 Hash db732671932acf5ad6cc7ba786cac3bf f71039d0c37c953dfdaefdf4dad71fa22f5b368a 9bb6a6105d39f23f3d2104c024b268d766da5d41b0d785607b48a6e49120ec9b Loading...

	renovasi99.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12.2	6.0 kB	2023-03-07	2024-01-19
Pretty URL renovasi99.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12.2 IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:14:52 Last Seen2024-01-19 22:38:32 Times Seen53 Hash f0e02d544fa357e252f4d540618e7883 49efe8720be45685368287d6340611ec5c4f19ee 17f79ec17f9831fb729101c6df2d4bc41aba6d671cb05d3dd8dd53fdabd7a8bf Loading...

	renovasi99.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-19
Pretty URL renovasi99.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 22:30:21 Times Seen68500 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	renovasi99.com/wp-content/themes/gillion/js/scripts.js?ver=6.0.2	58 kB	2023-03-08	2023-07-11
Pretty URL renovasi99.com/wp-content/themes/gillion/js/scripts.js?ver=6.0.2 IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-07-11 22:27:24 Times Seen4 Hash 3ad4b6646089e96a0d034bf98486b6df 76fa4697250819fe9c64c0b76b61e727947d2a16 fee2db465f0790658c71eea0121359802815e944773874a4a8d86aac04c37500 Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	3.0 kB	2023-03-08	2024-04-09
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2024-04-09 13:49:49 Times Seen14 Hash 36a6aaba75e76fda5f7bf1cd4ab00045 0808f48751d937ac7877943dfb0ac6b80da72b34 35d32e226914a7d88ed1ae1984c4a25871139ca79ee8aaabee8e4ce079064914 Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	155 B	2023-03-08	2023-03-08
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-03-08 07:01:19 Times Seen1 Hash 7b8a493c9ffbfb7643137655680fa898 1e3a8082030312f4389559b6a992851993c3bb54 3d73e02432a6b8ff860734aba0b2e9a0b6e8e20b0c7af95af2ed4eb5418ae59e Loading...

	www.googletagmanager.com/gtag/js?id=UA-215293659-1	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-215293659-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-03-08 06:15:54 Times Seen1 Hash 119a1bf4f3499e25db8c8161734fcd3d 5072fef13519f88e055228b7e1c1b6fd89ea1c86 64374f0cf38c6c6ade37fde3c949b28a7f744698541856bf3dce9b86e2197d5e Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	440 B	2023-03-08	2023-03-08
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-03-08 07:01:19 Times Seen1 Hash 51b3b49a52d0de718b1d1868ed0a8902 2ea0dcf9a49720a6eb405bc77f859cc1bb796b02 69e80e41e27630227751d1658c544fd7b72d7532ae3765e4a1c3e59427de1899 Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	2.3 kB	2023-03-07	2024-04-19
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2024-04-19 15:34:18 Times Seen1828 Hash be435481837b62187ea43999d905c91a 403a7bb5b4764bf8951e239b7ad591cd0eb62d7e fc772d0508e695b6dc294b8734e7693bbdc64bbeae89239a03bf32e8b56aea2b Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	332 B	2023-03-07	2024-04-20
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-20 12:04:42 Times Seen9127 Hash 7d495bb1d6c246a2d57df3ab9332a3cc 6367d4f8addf48f2af1023b8176a2263bb424d01 df09a4f39d495e901a5479fce56c8ddec4f8a6acda1b3ceab7adc704fa439e32 Loading...

	renovasi99.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1	17 kB	2023-03-07	2024-04-15
Pretty URL renovasi99.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:41 Last Seen2024-04-15 06:53:32 Times Seen595 Hash aa5fef7b171510a2a430328d4a0f3b03 cf6377f9bd83d9ce5f18c3de8ac7e57c047168d4 5f030eda75a32de3b4f63e28a38e83642b8a723c84ae73bf3726b85cd411bfee Loading...

	renovasi99.com/online1/update/web/login.php?web/auth/signon=	642 B	2023-03-07	2023-03-17
Pretty URL renovasi99.com/online1/update/web/login.php?web/auth/signon= IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:16:40 Last Seen2023-03-17 12:35:39 Times Seen1 Hash f480cd3f1bdb3b7d82fcb95cd2bd746d e5bfbfdd0e3f1fb20674a4fd4b991fccf86ff8d6 9f1099bef400c5996c0447b53d3e25c6730f1a47aec7d57393543e841e2bcc68 Loading...

	renovasi99.com/wp-content/themes/gillion/js/plugins.js?ver=6.0.2	292 kB	2023-03-08	2023-03-12
Pretty URL renovasi99.com/wp-content/themes/gillion/js/plugins.js?ver=6.0.2 IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-03-12 18:30:26 Times Seen1 Hash 56f3389dca99fee722bb44a17e879ff9 d16946647d2c10cb177b0d6f1b0737faafdd3bf5 8bca515ba642c6c9c88eacc51f46a408534acd5fd6592970929503bd59d779bf Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	186 B	2023-03-08	2023-03-08
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-03-08 07:01:19 Times Seen1 Hash 40e9244b01e23ee22a194ee65c167b01 c128220002df871aa53b28e361e372b301a11ea4 e30972c0c79f0124de00bfce2147e5512faee2c4081044d41cb63a6189e42037 Loading...

	renovasi99.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3	9.7 kB	2023-03-07	2024-04-18
Pretty URL renovasi99.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:47 Last Seen2024-04-18 13:36:03 Times Seen1717 Hash 490c29d6776fc430c23403fd845b34b0 817129906b7fef1011895a76f047c7693a852e21 29e8de26576208c07ba0845f604e65c9273b93f9f4d1d66214eb4c586f9938c4 Loading...

	renovasi99.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5	376 kB	2023-03-07	2024-04-16
Pretty URL renovasi99.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5 IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:13 Last Seen2024-04-16 09:18:02 Times Seen410 Hash 1a73ac13c556f58db6b42f4264862266 936dec84980758c6f1fabadd3d3f9cdb53a44701 e4efcd6ec7d1fc476d9d3f43480ec9fb2b37ebcca255edefd2cfad8d2a96c27a Loading...

	renovasi99.com/wp-content/themes/gillion/js/plugins/bootstrap.min.js?ver=3.3.4	37 kB	2023-03-07	2024-04-18
Pretty URL renovasi99.com/wp-content/themes/gillion/js/plugins/bootstrap.min.js?ver=3.3.4 IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:32 Last Seen2024-04-18 21:51:20 Times Seen2826 Hash 04c84852e9937b142ac73c285b895b85 8fb8a9319055253d085edfc3bb72d20f614ec709 36460e494e4c628443afded40b2743b5ede9a4a76fb4f7b9ef2345cc7e59fd64 Loading...

	renovasi99.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-19
Pretty URL renovasi99.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 22:30:25 Times Seen31748 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	602 B	2023-03-08	2023-03-08
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-03-08 07:01:19 Times Seen1 Hash a62ffa888860118a706d19c66a6647f8 1bddf33c7b258b322f6ed10125208d3729ce5a83 540cf893b0e02c4935afc6016f9da3ae4de067ed06476a68ef723f5eac91c07e Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	63 B	2023-03-08	2023-03-08
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-03-08 07:01:19 Times Seen1 Hash c2ecad63991a24be5221d03d0c682957 3f76c9ff48a57f92851d423d47c1e34813c93cb5 6b46d712a09d9f739e762cb4ff911cd22519ca3c9fa032068c6d3b7406224899 Loading...

	www.googletagmanager.com/gtag/js?id=G-RWLV354VGW	214 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-RWLV354VGW IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-03-08 06:15:54 Times Seen1 Hash aaf1e472a9c604d1f61bd6f7b613c7f7 6c1b1530df801c09202380ed680ef46b8e62bc62 d504404e15517757a0aa3af9e8adbc3cd711fc3be07bdb942bad844cc03c9ff7 Loading...

	renovasi99.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5	124 kB	2023-03-07	2024-04-16
Pretty URL renovasi99.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5 IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19:13 Last Seen2024-04-16 09:18:01 Times Seen774 Hash 45158046da12a8625b17fabca990d080 366f30392bde37bf0eec5c7de4ec8be5498d35e2 87664d848161d3a5bf83a511f4f483dc05e8472d06aedd5111488d267af298bb Loading...

	renovasi99.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10	6.2 kB	2023-03-07	2024-04-18
Pretty URL renovasi99.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10 IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-18 15:46:17 Times Seen824 Hash b739d72c47c93702aef206eb58857289 fdc2a712672c64f317df41073aec28d7b01a5e6e dcbe862273a5d7cb61ffaa1eda7e0a1ecb466ca5e08a592fae3e6d1824960293 Loading...

	renovasi99.com/online1/update/web/login.php?web/auth/signon=	390 B	2023-03-07	2023-03-17
Pretty URL renovasi99.com/online1/update/web/login.php?web/auth/signon= IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:16:40 Last Seen2023-03-17 12:35:39 Times Seen1 Hash dddbb86195ef0908aa758f9d640ad457 aedcc1b3ef62049c88b817e205b9fb355b3d7d44 b876cb42a6d1b0f6a5ee560f87e4b5c62563253c4db508968379042d61d9a466 Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	369 B	2023-03-07	2024-04-18
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:56 Last Seen2024-04-18 15:46:15 Times Seen695 Hash 199d3f2d880a45cb76f4d355f5edf5ed e7a478ac7c81b36e22894fd2be69085c6dba81d8 38db327084e1b800d3f263fe22995a999545eb07b01fa350bc2453f940fa8795 Loading...

	www.googletagmanager.com/gtag/js?id=G-RWLV354VGW&l=dataLayer&cx=c	214 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-RWLV354VGW&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-03-08 06:15:54 Times Seen1 Hash 8e2f5ea08a8bfccfc74f6e117c923367 f8e22d73e43917a1915c8606ee2a691b1d790e90 1769685a63f09f2d25e52593daab17eb80fe2380afb4810496fac3db8d907e77 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KCJ4VPV	93 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KCJ4VPV IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:15:54 Last Seen2023-03-08 06:15:54 Times Seen1 Hash 4d29ef4b3aeb6dc93f034300f5897702 39dce363fb3bcc823992d72cb71e21830ccc8edc adef1ea22bff1213fd9f32f769a92e496a59e34df90ab1980ae31d088ab83b4b Loading...

	renovasi99.com/online1/update/web/1_files/a_002.htm	118 B	2023-03-07	2024-01-28
Pretty URL renovasi99.com/online1/update/web/1_files/a_002.htm IP 139.162.6.196 ASN #63949 Linode, LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:40:51 Last Seen2024-01-28 15:30:53 Times Seen89 Hash 4803cddc56d61c846e65c4c237ca5ef7 3107e5029e5bda3984e7c7fa8e49be4e4b5503ad 9b06371029abc85b59d24248d78acc8378afebc42a3ce656bfae64087cefc58e Loading...

		Size	First Seen	Last Seen
	#1 Write - 2bf9f8719f16e737293569b35c9d0656	221 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:23:37 Last Seen2024-04-19 09:17:15 Times Seen713 Hash 2bf9f8719f16e737293569b35c9d0656 fae39a6c0395a64f118e3fff97b2e19b5502a43a e546be894f1b90a3eb05e824dd39a6422ea46b4731f2cc3c082b820afe1484df Loading...

	#2 Write - 403cc5db2953cfa2e0253613fea46ce8	1.1 kB	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 13:16:40 Last Seen2023-03-17 12:35:39 Times Seen1 Hash 403cc5db2953cfa2e0253613fea46ce8 a826351395d813f2f707f034c82ecc1608b9e236 8f43545a9997a530eb434f9b15ce61bada055c908439d7b326db82daa2235888 Loading...

	#3 Write - 9961447a6a929f627fba0cede0539f03	21 B	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 22:49:59 Last Seen2023-03-17 12:35:39 Times Seen1 Hash 9961447a6a929f627fba0cede0539f03 76596ab069141ae76b6d2b485fb674e391f7c262 ed6d42cb0660a124aa3aec615d45a7138f7880969dc789b5dcd7f8729b50b4e1 Loading...

HTTP Transactions (63)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

54.230.111.65

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 14:47:16 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: mjaazc5PkaRdua-drjmy9INRkq-87lxtVjM2O-Lec5gYU85_-3JWdg==
Age: 3579

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5279
Expires: Wed, 05 Oct 2022 17:14:54 GMT
Date: Wed, 05 Oct 2022 15:46:55 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

54.230.111.64

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
54.230.111.64:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aDX4dFgzoFAEDXWwH3DlT88ORWCTEAQXdP7O5fSx8HI1Z2X9I3SxNA==
age: 42263
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 15:46:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

renovasi99.com/online1/update/web/login.php?web/auth/signon=

139.162.6.196

200 OK

7.7 kB

URL HTTP/1.1
renovasi99.com/online1/update/web/login.php?web/auth/signon=
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3101), with CRLF line terminators
Size
7.7 kB (7681 bytes)
Hash
809e92096c5c4f891e00f0094bb124f6
ce31c6c04c36e9c08c162ad2b7ddf504388c9a62
b072dcc43d4bcc4de979e5e8676e290e3cf9b9f3e03d2b61a83ef3413950b407

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /online1/update/web/login.php?web/auth/signon= HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:46:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Server: DomaiNesia
DN-Request-Id: fcebc5c33502ef961aeeb209fd7c0f8d
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload always
Dynamic-Cache-Status: BYPASS
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.65

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Wed, 05 Oct 2022 15:30:28 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 05 Oct 2022 15:46:42 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PcVTtcvD29tuQmOvdTuSEhs4FVoQ2fZOztqphERUjCIOCLszEyfclg==
Age: 1043

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6077
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:46:56 GMT
Last-Modified: Wed, 05 Oct 2022 14:05:39 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

renovasi99.com/online1/update/web/assets/css/one.css

139.162.6.196

200 OK

21 kB

URL HTTP/1.1
renovasi99.com/online1/update/web/assets/css/one.css
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with CRLF line terminators
Size
21 kB (21223 bytes)
Hash
dab515cdf11c571903c73c917a7f305e
1d7cc4778f69699d00b9c81bc94aef8b3393f5df
a9c43d16507078690a92e9faca71dbd079fb1bd33338dcd91ec09185a78e8407

HTTP Headers

GET /online1/update/web/assets/css/one.css HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/login.php?web/auth/signon=
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:46:56 GMT
Content-Type: text/css
Last-Modified: Mon, 13 Jun 2022 03:05:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62a6a984-2bd0b"
Server: DomaiNesia
DN-Request-Id: bcc48d758e956b78ceacfce0befe7ffb
Content-Encoding: gzip
Cache-Control: s-maxage=10

push.services.mozilla.com/

54.189.157.130

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.189.157.130:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Nuk5cQH8/jPpPAEnhxuNVQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: RqlSja/+lQUEXb9teL4tJU3Ei9Y=

renovasi99.com/online1/update/web/assets/favicon.ico

139.162.6.196

200 OK

512 B

URL HTTP/1.1
renovasi99.com/online1/update/web/assets/favicon.ico
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size
512 B (512 bytes)
Hash
4d70e78f66f5d331ee836936fb0bc80e
555113641f93b76732fd95f951e1eeb26d04cb37
051f2b8d90adea5e391589d119ac85db7079084e032cd1941cf627429a48a55b

HTTP Headers

GET /online1/update/web/assets/favicon.ico HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/login.php?web/auth/signon=
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:46:57 GMT
Content-Type: image/x-icon
Last-Modified: Sat, 13 Nov 2021 11:17:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"618f9ed2-47e"
Server: DomaiNesia
DN-Request-Id: da6fe3216d342629b9f176cf5ebe4548
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/online1/update/web/assets/img/1.jpg

139.162.6.196

200 OK

625 kB

URL HTTP/1.1
renovasi99.com/online1/update/web/assets/img/1.jpg
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 2400x1600, components 3\012- data
Size
625 kB (625433 bytes)
Hash
a7beec55acf059f8f2e69b35fd93a671
e3c3d2cc20962e77be670f7f7e9f08d855f9feba
b8325d272c72a041414d9fb349e9d4bca5e7fc8ad66f47a719e491960afa5683

HTTP Headers

GET /online1/update/web/assets/img/1.jpg HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/login.php?web/auth/signon=
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:46:56 GMT
Content-Type: image/jpeg
Content-Length: 625433
Last-Modified: Sat, 14 May 2022 14:56:44 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "627fc32c-98b19"
Server: DomaiNesia
DN-Request-Id: 1b2c47f9234df90dc7ab9395da2f640d
Cache-Control: s-maxage=10
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4257
Expires: Wed, 05 Oct 2022 16:57:55 GMT
Date: Wed, 05 Oct 2022 15:46:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4257
Expires: Wed, 05 Oct 2022 16:57:55 GMT
Date: Wed, 05 Oct 2022 15:46:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4257
Expires: Wed, 05 Oct 2022 16:57:55 GMT
Date: Wed, 05 Oct 2022 15:46:58 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3585 bytes)
Hash
5d7d7df8d4c440f9db445c3d99e818d6
612b6dbd4ba895c167964ff7e6d9263013b52b0a
bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: 43c510d4-d87c-4665-a132-d798b836d415
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaJbLHEOoAMFfxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a55e0-614faff31425ff183b7ca4dd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:24:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d1LCc44Gj_0Je8adu7Iv3I9MwkaDPgWqlNHI96UAtZub22l210J65A==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:53:07 GMT
age: 39231
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.8 kB (5832 bytes)
Hash
3257b782efae9b64e6e18a547866ec50
4daf0c001e86af8477fb097e8ca932edb8e5f981
899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iR82CJ6A06dpqy_nm6JrmjeUJT-uhI5rr0dr6ZnhrQQo9Jqxh10qRQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:43 GMT
age: 64995
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10158 bytes)
Hash
4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 42049
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8816 bytes)
Hash
100559d746bedd7c3802661c875c35ee
5261a6c2ee6d6cc87e91ee82e32d8be234db393e
ff06f31267ddcc9a0d84ddc68932872bfed29d072783c3a1dd3790d41c280aec

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8816
x-amzn-requestid: b9f3ec8a-f478-4405-b275-e21f2d7d89d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKK7gFPJIAMF-7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f1e3-250348e6140f3c74762263ea;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8f83Wv7OrO7NOd1y1LXjfphRmJjdwrkcAxrxUN4A4qSgsEzIQMq81g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:38:40 GMT
age: 61698
etag: "5261a6c2ee6d6cc87e91ee82e32d8be234db393e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8926 bytes)
Hash
1de7c17a0ba9295135e7f8b490b6a8d3
70e8d1589f3daf71378965dd197934e220fb6aa4
ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:43:25 GMT
age: 65013
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.0 kB (7021 bytes)
Hash
229c99cfb655a8c9f1a22de69fdff73c
6b5db8fbfb56f083d54b13e7660d0e4bc866aa00
f4099e9153c3dc481add95b0f24dbb8f6d65cc74ad5631d9cb6c6f2a0351843d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7021
x-amzn-requestid: 2e30bdac-360e-4d0a-8bb7-c3144e074abe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8ucHb1oAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7f5-18ba6bc50cb32b1e14c882bd;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: UPEhTwAYEIRy-Cnb0ITefEotLyg3rFe_NaGy92xwWe_7hrdo6UQLwQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:56:53 GMT
age: 64205
etag: "6b5db8fbfb56f083d54b13e7660d0e4bc866aa00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-215293659-1

142.250.74.168

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-215293659-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2039)
Size
42 kB (42373 bytes)
Hash
db632fb6813502008f42190b713e777f
8a59f8a1a8efa9c6f6d73c8af5ff3fe5bdf53ad7
e2ef2e8cb481dbc189f47bad5c78e1f307fd3d0b1d805c209ea98f00b772d587

HTTP Headers

GET /gtag/js?id=UA-215293659-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://renovasi99.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 05 Oct 2022 15:46:59 GMT
expires: Wed, 05 Oct 2022 15:46:59 GMT
cache-control: private, max-age=900
last-modified: Wed, 05 Oct 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42373
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-RWLV354VGW

142.250.74.168

200 OK

75 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-RWLV354VGW
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18991)
Size
75 kB (75008 bytes)
Hash
97b851bd86567e2938856fd57a7be9bf
d102c993b577afc70353db1eeb537356fc896a4e
cc089de29558f503f121c92a607394199c683fdd49adb2384443a48675e504df

HTTP Headers

GET /gtag/js?id=G-RWLV354VGW HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://renovasi99.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 05 Oct 2022 15:46:59 GMT
expires: Wed, 05 Oct 2022 15:46:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75008
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f763a685d14b05b6ced9792151da30b8
b25be5359245be857ffa1bddcb197cb771a36a45
505ad6dc6417d58207f0d68862c4423f4611660ccc6afe165fd3ec2ccb1c893d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 15:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

renovasi99.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2

139.162.6.196

200 OK

12 kB

URL HTTP/1.1
renovasi99.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (43771)
Size
12 kB (11574 bytes)
Hash
7ef2470d5341507cfc2adcf0a6fafe30
b26bf6bd306bf9746432fcd529ec000b7feac34a
e48a40b05c22a2f0ed4b7ab9231bc43a6f3d549d32ea07fbac905998cee99d22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/css
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 08:46:23 GMT
Vary: Accept-Encoding
ETag: "633409df-15b64"
Server: DomaiNesia
DN-Request-Id: 5b1b32dcccf80e7e6270aad704a36290
Accept-Ranges: bytes
X-Original-Content-Length: 88932
Content-Encoding: gzip
Content-Length: 11574
Date: Wed, 05 Oct 2022 15:46:59 GMT
Expires: Wed, 05 Oct 2022 15:51:59 GMT
Cache-Control: max-age=300, s-maxage=10

renovasi99.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2

139.162.6.196

200 OK

5.0 kB

URL HTTP/1.1
renovasi99.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (15660)
Size
5.0 kB (5021 bytes)
Hash
848f9aadf194f3d024a2a90dbd11e3b5
aecd4b03b5a7829c6ca015d926798dc95e4fa912
36ff79b2f6827e46be1df95ff739e536718c0ee4fc09462678b32d7abd60fc6c

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:46:59 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 28 Sep 2022 08:46:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633409df-48b9"
Server: DomaiNesia
DN-Request-Id: cd08384f5d8f77771c80b6426ca857b6
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/online1/update/web/1_files/a_002.htm

139.162.6.196

404 Not Found

20 kB

URL HTTP/1.1
renovasi99.com/online1/update/web/1_files/a_002.htm
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8645), with CRLF, LF line terminators
Size
20 kB (19982 bytes)
Hash
da3f5cba963868f48d8b3ef27f224db2
09a6f52baf5d4ecf607a86a0e00c437e8d7ff635
17b1ef5c74b60a0a7f3c13516db8e2854aade83c08b7f685f7110b7b43a27d5a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /online1/update/web/1_files/a_002.htm HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/login.php?web/auth/signon=
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <https://renovasi99.com/wp-json/>; rel="https://api.w.org/", </wp-includes/js/wp-emoji-release.min.js?ver=6.0.2>; rel=preload; as=script, </wp-includes/css/dist/block-library/style.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins/bootstrap.min.css?ver=3.3.4>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/style.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/responsive.css?ver=6.0.2>; rel=preload; as=style, </wp-includes/js/jquery/jquery.min.js?ver=3.6.0>; rel=preload; as=script, </wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2>; rel=preload; as=script, </wp-content/themes/gillion/js/plugins.js?ver=6.0.2>; rel=preload; as=script, </wp-content/themes/gillion/js/scripts.js?ver=6.0.2>; rel=preload; as=script
Server: DomaiNesia
DN-Request-Id: 424d10efc49b98d1ca233479b5a03f19
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload always
Static-Cache-Status: MISS
Date: Wed, 05 Oct 2022 15:46:59 GMT
X-Page-Speed: DomaiNesia
Cache-Control: max-age=0, no-cache
Content-Encoding: gzip

renovasi99.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.2

139.162.6.196

200 OK

6.8 kB

URL HTTP/1.1
renovasi99.com/wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (30449)
Size
6.8 kB (6846 bytes)
Hash
267360f786ce49458cfcac0886e92a8d
418b50e00bcf4e9651aece9a12b5335c0023cc60
59b7f31efe0e32c86820674638f71020ced2cb616eaaa03823508d0313bfb752

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/css
Connection: keep-alive
Last-Modified: Tue, 16 Nov 2021 09:55:50 GMT
Vary: Accept-Encoding
ETag: "61938026-7793"
Server: DomaiNesia
DN-Request-Id: c3b2ac72f848df4965f697e7fd5f162b
Accept-Ranges: bytes
X-Original-Content-Length: 30611
Content-Encoding: gzip
Content-Length: 6846
Date: Wed, 05 Oct 2022 15:46:59 GMT
Expires: Wed, 05 Oct 2022 15:51:59 GMT
Cache-Control: max-age=300, s-maxage=10

renovasi99.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3

139.162.6.196

200 OK

968 B

URL HTTP/1.1
renovasi99.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text
Size
968 B (968 bytes)
Hash
449df335acdba2569792f10b08f377ce
7bdfe28e574129b44f6f001cb8818e8905be9f60
16157f832ff40641a3682fe14286783e2754a18a8199eea811e98621b84f1742

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/css
Connection: keep-alive
Last-Modified: Thu, 01 Sep 2022 11:27:24 GMT
Vary: Accept-Encoding
ETag: "6310971c-aab"
Server: DomaiNesia
DN-Request-Id: ea6965720b34d4a19af94af92cea8e2f
Accept-Ranges: bytes
Date: Wed, 05 Oct 2022 15:46:59 GMT
Expires: Wed, 05 Oct 2022 15:51:59 GMT
X-Original-Content-Length: 2731
Content-Encoding: gzip
Content-Length: 968
Cache-Control: max-age=300, s-maxage=10

renovasi99.com/wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css?ver=6.0.2

139.162.6.196

200 OK

543 B

URL HTTP/1.1
renovasi99.com/wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css?ver=6.0.2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (1823)
Size
543 B (543 bytes)
Hash
b654e67184fabe792fa805e8669b6e5a
8c3a93eded4867e602218535cec79c1e44a70fb4
ce957666c9ba0b594da74bf39088c4f33e25f51f5566139a5d3be4cadcb1870d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css?ver=6.0.2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:00 GMT
Content-Type: text/css
Last-Modified: Tue, 16 Nov 2021 09:55:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61938026-7d1"
Server: DomaiNesia
DN-Request-Id: f395bb4f28b692d9782e506eb1284ff9
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12.2

139.162.6.196

200 OK

2.0 kB

URL HTTP/1.1
renovasi99.com/wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12.2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (6020), with no line terminators
Size
2.0 kB (2015 bytes)
Hash
a0f6a5eb0cb91d0daad74b8328222380
6c695dc5449c5bd5db56e6e5c57af90cb2b072b8
32c212e90d76ac2533099cfe43e95a3c75c9af2bd6726f2817cc9647a6e4be6e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/click-to-chat-for-whatsapp/new/inc/assets/js/app.js?ver=3.12.2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:00 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 14 Sep 2022 05:27:10 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6321662e-1784"
Server: DomaiNesia
DN-Request-Id: 60f6683fb32305a8350949441291df34
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.5

139.162.6.196

200 OK

12 kB

URL HTTP/1.1
renovasi99.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.5
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
Unicode text, UTF-8 text, with very long lines (12602), with CRLF line terminators
Size
12 kB (12324 bytes)
Hash
3fe5371898ed117dae4bdd37632939c8
3784bc7b37d06f8df476d8d337d6a91a58a44a58
9260143db7e880989c118da6a6eb46a273b1be80c4be8cf8201caeb778e06bf5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.5 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/css
Connection: keep-alive
Last-Modified: Tue, 16 Nov 2021 10:01:07 GMT
Vary: Accept-Encoding
ETag: "61938163-e6df"
Server: DomaiNesia
DN-Request-Id: 3ef784c0e69f89c03099e80d28a2d49c
Accept-Ranges: bytes
X-Original-Content-Length: 59103
Content-Encoding: gzip
Content-Length: 12324
Date: Wed, 05 Oct 2022 15:46:59 GMT
Expires: Wed, 05 Oct 2022 15:51:59 GMT
Cache-Control: max-age=300, s-maxage=10

renovasi99.com/online1/update/web/assets/css/css/wellsfargosans-sbd.woff2

139.162.6.196

404 Not Found

70 kB

URL HTTP/1.1
renovasi99.com/online1/update/web/assets/css/css/wellsfargosans-sbd.woff2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8667), with CRLF, LF line terminators
Size
70 kB (70493 bytes)
Hash
ef0d89dda1e6a73a9781cf86c689eaf3
0174cb557976effec2f8f76081bcdc3f3340d316
b94f028e0e8a2c2dfea4ee899d711ba862fffa9769088d7a41fed9c6aa658f5a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /online1/update/web/assets/css/css/wellsfargosans-sbd.woff2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://renovasi99.com/online1/update/web/assets/css/one.css

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <https://renovasi99.com/wp-json/>; rel="https://api.w.org/", </wp-includes/js/wp-emoji-release.min.js?ver=6.0.2>; rel=preload; as=script, </wp-includes/css/dist/block-library/style.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins/bootstrap.min.css?ver=3.3.4>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/style.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/responsive.css?ver=6.0.2>; rel=preload; as=style, </wp-includes/js/jquery/jquery.min.js?ver=3.6.0>; rel=preload; as=script, </wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2>; rel=preload; as=script, </wp-content/themes/gillion/js/plugins.js?ver=6.0.2>; rel=preload; as=script, </wp-content/themes/gillion/js/scripts.js?ver=6.0.2>; rel=preload; as=script
Server: DomaiNesia
DN-Request-Id: aa5c58c548380df90e2a8fbadf0ad429
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload always
Static-Cache-Status: MISS
Date: Wed, 05 Oct 2022 15:46:59 GMT
X-Page-Speed: DomaiNesia
Cache-Control: max-age=0, no-cache

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d69d7d7defed2f6ee3fcbd4e488000b3
01b7054ea9162b020487023abc9e66e92052abee
969922f003954a541c67d2ee9b8f93f255c63dc60dc31d6b3e9e460adbd020cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "969922F003954A541C67D2EE9B8F93F255C63DC60DC31D6B3E9E460ADBD020CB"
Last-Modified: Wed, 05 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 05 Oct 2022 21:47:00 GMT
Date: Wed, 05 Oct 2022 15:47:00 GMT
Connection: keep-alive

renovasi99.com/wp-content/themes/gillion/css/plugins/bootstrap.min.css?ver=3.3.4

139.162.6.196

200 OK

20 kB

URL HTTP/1.1
renovasi99.com/wp-content/themes/gillion/css/plugins/bootstrap.min.css?ver=3.3.4
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (65367), with CRLF line terminators
Size
20 kB (19586 bytes)
Hash
c4663fbb2b4563caa191069564c2a0a4
571784ad0f24bab05db270444a40aa9d96c520f3
fdee22aa72f93d104bb3033125518c71f2029de49821b86d26bbacd7c2ae18e7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/gillion/css/plugins/bootstrap.min.css?ver=3.3.4 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/css
Connection: keep-alive
Last-Modified: Tue, 14 May 2019 08:00:18 GMT
Vary: Accept-Encoding
ETag: "5cda7592-1d975"
Server: DomaiNesia
DN-Request-Id: 2fbb3b8d17fb2af39cf015d19bf1885f
Accept-Ranges: bytes
X-Original-Content-Length: 121205
Content-Encoding: gzip
Content-Length: 19586
Date: Wed, 05 Oct 2022 15:46:59 GMT
Expires: Wed, 05 Oct 2022 15:51:59 GMT
Cache-Control: max-age=300, s-maxage=10

renovasi99.com/wp-content/themes/gillion/css/plugins.css?ver=6.0.2

139.162.6.196

200 OK

13 kB

URL HTTP/1.1
renovasi99.com/wp-content/themes/gillion/css/plugins.css?ver=6.0.2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (16772), with CRLF line terminators
Size
13 kB (13443 bytes)
Hash
613fc3eee7e4841f45356c3de83d1d7c
26932320cbb7e1c5f92852769a6aafc3023ccfe8
587a27e0fb6710b19998ba521382cf34ad61a19f579104091db1bf02da77163f

HTTP Headers

GET /wp-content/themes/gillion/css/plugins.css?ver=6.0.2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/css
Connection: keep-alive
Last-Modified: Tue, 14 May 2019 08:00:18 GMT
Vary: Accept-Encoding
ETag: "5cda7592-1302b"
Server: DomaiNesia
DN-Request-Id: 82f41f84805f7270b52aa8b00d314517
Accept-Ranges: bytes
X-Original-Content-Length: 77867
Content-Encoding: gzip
Content-Length: 13443
Date: Wed, 05 Oct 2022 15:46:59 GMT
Expires: Wed, 05 Oct 2022 15:51:59 GMT
Cache-Control: max-age=300, s-maxage=10

renovasi99.com/wp-content/themes/gillion/style.css?ver=6.0.2

139.162.6.196

200 OK

46 kB

URL HTTP/1.1
renovasi99.com/wp-content/themes/gillion/style.css?ver=6.0.2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF, CR line terminators
Size
46 kB (45475 bytes)
Hash
ae4c88752550f70cac8775cb71028e61
afdfe7d5c1c5ce851fa94bd1a73c144c4f688aae
7cfd92c52271587e106256ab457884bb6dd098ef9cf80aa792a5283a47adbbe2

HTTP Headers

GET /wp-content/themes/gillion/style.css?ver=6.0.2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/css
Connection: keep-alive
Last-Modified: Thu, 06 Jun 2019 09:01:14 GMT
Vary: Accept-Encoding
ETag: "5cf8d65a-472aa"
Server: DomaiNesia
DN-Request-Id: 9d6deacd425867e4aa5e05d24fcbae00
Accept-Ranges: bytes
X-Original-Content-Length: 291498
Content-Encoding: gzip
Content-Length: 45475
Date: Wed, 05 Oct 2022 15:46:59 GMT
Expires: Wed, 05 Oct 2022 15:51:59 GMT
Cache-Control: max-age=300, s-maxage=10

renovasi99.com/wp-content/themes/gillion/css/responsive.css?ver=6.0.2

139.162.6.196

200 OK

1.0 kB

URL HTTP/1.1
renovasi99.com/wp-content/themes/gillion/css/responsive.css?ver=6.0.2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with CRLF line terminators
Size
1.0 kB (1045 bytes)
Hash
396ad0f9b71a8e4968e8cfa485e843c9
ababd0ee8620f7e0385b4da4bec717489195add8
ba78257f6bdec1a2138fe3cc761259721bb1219ba4dad1265cca09016f7343ee

HTTP Headers

GET /wp-content/themes/gillion/css/responsive.css?ver=6.0.2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/css
Connection: keep-alive
Last-Modified: Tue, 14 May 2019 08:00:18 GMT
Vary: Accept-Encoding
ETag: "5cda7592-f85"
Server: DomaiNesia
DN-Request-Id: 3e9930089630e38e61a89a2b51d21898
Accept-Ranges: bytes
Date: Wed, 05 Oct 2022 15:46:59 GMT
Expires: Wed, 05 Oct 2022 15:51:59 GMT
X-Original-Content-Length: 3973
Content-Encoding: gzip
Content-Length: 1045
Cache-Control: max-age=300, s-maxage=10

renovasi99.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

139.162.6.196

200 OK

31 kB

URL HTTP/1.1
renovasi99.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (65447)
Size
31 kB (30969 bytes)
Hash
554969c8ed0e4b5eece1261c4e1e9cd0
3b514b21c2e26b2caa15054e43ed00184a8ebc38
4a10709ca76c5112fbaf69e065b4ef93dd37bcffd4ae39b351e56d40c9322123

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:00 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 28 Sep 2022 08:46:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633409df-15db1"
Server: DomaiNesia
DN-Request-Id: 5f69dd0325da8824f70600164b1528f5
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5

139.162.6.196

200 OK

98 kB

URL HTTP/1.1
renovasi99.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (64288)
Size
98 kB (98405 bytes)
Hash
ae018bb5d4c24667507736ff63fd08d5
b5d43aa755cd1588c0160031e8e453ae83a4ab15
b5b88eb327ec1e620a43beae8019edfce988885a1226d3ad5dc7c6fc01696a83

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.5 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:00 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 16 Nov 2021 10:01:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61938163-5bc43"
Server: DomaiNesia
DN-Request-Id: 27597ca03209073242d67ec125cfc4ea
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/online1/update/web/assets/css/css/wellsfargosans-rg.woff2

139.162.6.196

404 Not Found

278 kB

URL HTTP/1.1
renovasi99.com/online1/update/web/assets/css/css/wellsfargosans-rg.woff2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8666), with CRLF, LF line terminators
Size
278 kB (277830 bytes)
Hash
f4892a3264986ada3336e457d8ef0c82
2e7130f707cfff77f9f63943d3e28d079c000198
36ebffd3844b66f7adda8947c589b634ec1f1db129ba9914ff902b0650c2b57c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /online1/update/web/assets/css/css/wellsfargosans-rg.woff2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://renovasi99.com/online1/update/web/assets/css/one.css

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <https://renovasi99.com/wp-json/>; rel="https://api.w.org/", </wp-includes/js/wp-emoji-release.min.js?ver=6.0.2>; rel=preload; as=script, </wp-includes/css/dist/block-library/style.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins/bootstrap.min.css?ver=3.3.4>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/style.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/responsive.css?ver=6.0.2>; rel=preload; as=style, </wp-includes/js/jquery/jquery.min.js?ver=3.6.0>; rel=preload; as=script, </wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2>; rel=preload; as=script, </wp-content/themes/gillion/js/plugins.js?ver=6.0.2>; rel=preload; as=script, </wp-content/themes/gillion/js/scripts.js?ver=6.0.2>; rel=preload; as=script
Server: DomaiNesia
DN-Request-Id: 6f6e490c82b1b573d087a5b0d73e53d9
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload always
Static-Cache-Status: MISS
Date: Wed, 05 Oct 2022 15:46:59 GMT
X-Page-Speed: DomaiNesia
Cache-Control: max-age=0, no-cache

renovasi99.com/online1/update/web/assets/css/css/wellsfargoserif-rg.woff2

139.162.6.196

404 Not Found

278 kB

URL HTTP/1.1
renovasi99.com/online1/update/web/assets/css/css/wellsfargoserif-rg.woff2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8667), with CRLF, LF line terminators
Size
278 kB (277833 bytes)
Hash
9fba8969fd86a46a1b56cf3ea5549c69
a613cd86c3037b66e012250c3201ad9b582d68cd
53fe7fc8015ed363f82036c18a069ab3404b5ed63c24c44834fdc788f64ac3b0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /online1/update/web/assets/css/css/wellsfargoserif-rg.woff2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://renovasi99.com/online1/update/web/assets/css/one.css

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <https://renovasi99.com/wp-json/>; rel="https://api.w.org/", </wp-includes/js/wp-emoji-release.min.js?ver=6.0.2>; rel=preload; as=script, </wp-includes/css/dist/block-library/style.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins/bootstrap.min.css?ver=3.3.4>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/style.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/responsive.css?ver=6.0.2>; rel=preload; as=style, </wp-includes/js/jquery/jquery.min.js?ver=3.6.0>; rel=preload; as=script, </wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2>; rel=preload; as=script, </wp-content/themes/gillion/js/plugins.js?ver=6.0.2>; rel=preload; as=script, </wp-content/themes/gillion/js/scripts.js?ver=6.0.2>; rel=preload; as=script
Server: DomaiNesia
DN-Request-Id: 70335ae7c86db6bfa878c9073528a937
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload always
Static-Cache-Status: MISS
Date: Wed, 05 Oct 2022 15:46:59 GMT
X-Page-Speed: DomaiNesia
Cache-Control: max-age=0, no-cache

renovasi99.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

139.162.6.196

200 OK

4.2 kB

URL HTTP/1.1
renovasi99.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (11126)
Size
4.2 kB (4168 bytes)
Hash
c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:00 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 28 Sep 2022 08:46:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633409df-2bd8"
Server: DomaiNesia
DN-Request-Id: 44392ffd423f53ad553f9724a6a28d8f
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/wp-content/themes/gillion/js/plugins.js?ver=6.0.2

139.162.6.196

200 OK

74 kB

URL HTTP/1.1
renovasi99.com/wp-content/themes/gillion/js/plugins.js?ver=6.0.2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (40655), with CRLF, LF line terminators
Size
74 kB (74192 bytes)
Hash
bc0e4a8298e079cdf9e0974b773a8c16
a0ee96103233a23d1c955848784e2173a1e94854
a2a29cbef99fbf988e519db259dc4f58c5891e4d772b812e19d94a70abd00f04

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/gillion/js/plugins.js?ver=6.0.2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:00 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 14 May 2019 08:00:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cda7594-474fd"
Server: DomaiNesia
DN-Request-Id: 0660f12f2a97847bfbb5772332e82b6f
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/wp-content/themes/gillion/js/scripts.js?ver=6.0.2

139.162.6.196

200 OK

11 kB

URL HTTP/1.1
renovasi99.com/wp-content/themes/gillion/js/scripts.js?ver=6.0.2
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
HTML document, ASCII text, with very long lines (333), with CRLF line terminators
Size
11 kB (10846 bytes)
Hash
cea425edfdfe9e57a8b325ac42ea5099
d0095a868a04d2de0c7652b5e413c13bd3011c9c
7b94950e33d79c0c2b1953520f150ec52fe4bc1de0a0c63fb79e201faa0ec962

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/gillion/js/scripts.js?ver=6.0.2 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:01 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 14 May 2019 08:00:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cda7594-e310"
Server: DomaiNesia
DN-Request-Id: 918cec0843306f8ddc9869118b2b8bfc
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/wp-content/uploads/sass/a3_lazy_load.min.css?ver=1661354187

139.162.6.196

200 OK

112 B

URL HTTP/1.1
renovasi99.com/wp-content/uploads/sass/a3_lazy_load.min.css?ver=1661354187
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
c6f5d6962e2e1e536e1eb378647ce271
570956fd7abe9d7fbd87b35da4830ce199a77310
4776c737a0d1715f075dd3a7c738da32fb0510abc7d5b05efbeedc8e2409e7f2

HTTP Headers

GET /wp-content/uploads/sass/a3_lazy_load.min.css?ver=1661354187 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Content-Type: text/css
Connection: keep-alive
Last-Modified: Wed, 24 Aug 2022 15:16:27 GMT
Vary: Accept-Encoding
ETag: "630640cb-7f"
Server: DomaiNesia
DN-Request-Id: 8a4861519e33bc4d33014204be49d86e
Accept-Ranges: bytes
Date: Wed, 05 Oct 2022 15:46:59 GMT
Expires: Wed, 05 Oct 2022 15:51:59 GMT
X-Original-Content-Length: 127
Content-Encoding: gzip
Content-Length: 112
Cache-Control: max-age=300, s-maxage=10

renovasi99.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3

139.162.6.196

200 OK

2.9 kB

URL HTTP/1.1
renovasi99.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (9680), with no line terminators
Size
2.9 kB (2929 bytes)
Hash
be8270d30953f83f3137e2c7121e3656
1bbc1d1a19f27b4dd66c838214bf196862307078
9506efdf97a3132894069273b42fff14928e25579be11b57b3ab03aa426e1e23

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.3 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:01 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 01 Sep 2022 11:27:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6310971c-25d0"
Server: DomaiNesia
DN-Request-Id: 7127b3dc5e5fd456cb73eafe5a8582f5
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3

139.162.6.196

200 OK

3.9 kB

URL HTTP/1.1
renovasi99.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
HTML document, ASCII text, with very long lines (12211), with no line terminators
Size
3.9 kB (3925 bytes)
Hash
a71f31ad8ab59495c235f70e11af94d5
dd92f0033787042cdc33b4f7a738cc1a8f1aaea2
02de035caef83e16f5631660c82c3c61e69e4a919f32552131136b5762dbe846

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.3 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:01 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 01 Sep 2022 11:27:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6310971c-2fb3"
Server: DomaiNesia
DN-Request-Id: ae81891e8fa761fd9e443a6f64dac0b9
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5

139.162.6.196

200 OK

47 kB

URL HTTP/1.1
renovasi99.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (42889), with CRLF line terminators
Size
47 kB (47189 bytes)
Hash
095d789ae9a7f50f218858fa8e37007c
dcbaed314da92376f076b19924756a515d13955c
76611aa34b0c1edc490795ebbcd8c73d9ff8e7ab63a817308308c1789bb62a6f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.5 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:01 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 16 Nov 2021 10:01:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61938163-1e570"
Server: DomaiNesia
DN-Request-Id: 2932a65111b0ec61a098e9d3158d1c26
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/wp-content/plugins/super-progressive-web-apps/public/js/register-sw.js

139.162.6.196

200 OK

2.3 kB

URL HTTP/1.1
renovasi99.com/wp-content/plugins/super-progressive-web-apps/public/js/register-sw.js
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (2043), with CRLF line terminators
Size
2.3 kB (2341 bytes)
Hash
f46883a8aa282b61795fc1041f5463f8
fb32a825a761c671269e4c47801e89602d237206
cc3d3131390c179f6cd2b9855d341bbec77b5b3573d07ed5927f5eb4c9cc5c58

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/super-progressive-web-apps/public/js/register-sw.js HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:01 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Fri, 22 Jul 2022 09:37:04 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"62da6fc0-139d"
Server: DomaiNesia
DN-Request-Id: debd822b973b0c00b65815f221529789
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/online1/update/web/assets/css/css/wellsfargosans-sbd.woff

139.162.6.196

404 Not Found

278 kB

URL HTTP/1.1
renovasi99.com/online1/update/web/assets/css/css/wellsfargosans-sbd.woff
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8666), with CRLF, LF line terminators
Size
278 kB (277830 bytes)
Hash
779620c5397fbd97aed8aea801a97c77
664444b810bb1e7fd2836aa3f6cb18a9ec5191b6
189df0559e91662ee68746e939c59534597c7fdf7834605f46e37f1b467b700c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /online1/update/web/assets/css/css/wellsfargosans-sbd.woff HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://renovasi99.com/online1/update/web/assets/css/one.css

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <https://renovasi99.com/wp-json/>; rel="https://api.w.org/", </wp-includes/js/wp-emoji-release.min.js?ver=6.0.2>; rel=preload; as=script, </wp-includes/css/dist/block-library/style.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins/bootstrap.min.css?ver=3.3.4>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/style.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/responsive.css?ver=6.0.2>; rel=preload; as=style, </wp-includes/js/jquery/jquery.min.js?ver=3.6.0>; rel=preload; as=script, </wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2>; rel=preload; as=script, </wp-content/themes/gillion/js/plugins.js?ver=6.0.2>; rel=preload; as=script, </wp-content/themes/gillion/js/scripts.js?ver=6.0.2>; rel=preload; as=script
Server: DomaiNesia
DN-Request-Id: 28c04d48d1d924d4236bec9320f41ce4
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload always
Static-Cache-Status: MISS
Date: Wed, 05 Oct 2022 15:47:00 GMT
X-Page-Speed: DomaiNesia
Cache-Control: max-age=0, no-cache

renovasi99.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1

139.162.6.196

200 OK

6.5 kB

URL HTTP/1.1
renovasi99.com/wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (15439)
Size
6.5 kB (6518 bytes)
Hash
02bbe1afbabda1f9fa6832c8ab7e500f
e2db6712347e6611a8cb0b4bfca80e6aeae3b372
3aa1b0ea23c076c802de5db3bc25f79410dc7ca1f119f9fda82ff9b83fddc4a5

HTTP Headers

GET /wp-includes/js/jquery/ui/effect.min.js?ver=1.13.1 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:01 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Wed, 28 Sep 2022 08:46:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"633409df-43b3"
Server: DomaiNesia
DN-Request-Id: 6e5fe5c5a92a047b9138bd8907faac08
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/wp-content/themes/gillion/js/plugins/bootstrap.min.js?ver=3.3.4

139.162.6.196

200 OK

9.9 kB

URL HTTP/1.1
renovasi99.com/wp-content/themes/gillion/js/plugins/bootstrap.min.js?ver=3.3.4
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (32033), with CRLF line terminators
Size
9.9 kB (9865 bytes)
Hash
e42c0f4352dd49c793f2af0257a81a01
135b88571e4d4c7ce64ca1dcd0448e658dc66954
378b8aa9c30834557f5398c44126a1314056c1f1b78117d9e28470bca4272a94

HTTP Headers

GET /wp-content/themes/gillion/js/plugins/bootstrap.min.js?ver=3.3.4 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:01 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 14 May 2019 08:00:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cda7594-90bb"
Server: DomaiNesia
DN-Request-Id: 02fe00abc3116b006f8a64f38d5d7e91
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/online1/update/web/assets/css/css/wellsfargoserif-rg.woff

139.162.6.196

404 Not Found

278 kB

URL HTTP/1.1
renovasi99.com/online1/update/web/assets/css/css/wellsfargoserif-rg.woff
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8666), with CRLF, LF line terminators
Size
278 kB (277830 bytes)
Hash
18369a2b3587e35a444597aab3d1de66
3cdeb03a57a15c1e5a6e1aff416a1cfc11e17557
9d7a8ec45bae2c2d355ecf3328cd3baf628f67a4a3b5b588395bc217f1039322

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /online1/update/web/assets/css/css/wellsfargoserif-rg.woff HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://renovasi99.com/online1/update/web/assets/css/one.css

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <https://renovasi99.com/wp-json/>; rel="https://api.w.org/", </wp-includes/js/wp-emoji-release.min.js?ver=6.0.2>; rel=preload; as=script, </wp-includes/css/dist/block-library/style.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins/bootstrap.min.css?ver=3.3.4>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/style.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/responsive.css?ver=6.0.2>; rel=preload; as=style, </wp-includes/js/jquery/jquery.min.js?ver=3.6.0>; rel=preload; as=script, </wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2>; rel=preload; as=script, </wp-content/themes/gillion/js/plugins.js?ver=6.0.2>; rel=preload; as=script, </wp-content/themes/gillion/js/scripts.js?ver=6.0.2>; rel=preload; as=script
Server: DomaiNesia
DN-Request-Id: f80d32502ab988d1ea515be951d5f3cf
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload always
Static-Cache-Status: MISS
Date: Wed, 05 Oct 2022 15:47:01 GMT
X-Page-Speed: DomaiNesia
Cache-Control: max-age=0, no-cache

renovasi99.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10

139.162.6.196

200 OK

2.5 kB

URL HTTP/1.1
renovasi99.com/wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
ASCII text, with very long lines (6210), with no line terminators
Size
2.5 kB (2540 bytes)
Hash
1f5e86516d633808727b14aa23a2ccb9
3c1009b87e109a76cec6aa9290d1045ab8b39557
15948d6228b98c36ea6d5290df20bb0c7cefbf1a5914f874e0770bd3662502aa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/mailchimp-for-wp/assets/js/forms.js?ver=4.8.10 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:01 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Thu, 22 Sep 2022 05:26:34 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632bf20a-1842"
Server: DomaiNesia
DN-Request-Id: e0f582c8ec1721a038ccc7a9d4932e1e
Content-Encoding: gzip
Cache-Control: s-maxage=10

renovasi99.com/wp-content/uploads/2021/11/1.png

139.162.6.196

200 OK

34 kB

URL HTTP/1.1
renovasi99.com/wp-content/uploads/2021/11/1.png
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
PNG image data, 1200 x 628, 8-bit/color RGBA, non-interlaced\012- data
Size
34 kB (33508 bytes)
Hash
6c02a2070a691f13d98c5ecc98059e0d
461a078fc3081baaf4432cc76dd31e40ba914b84
43e48d9b3414b68ccd42993665c5abca66eaef7ece0c9255c98963b26ad6f7f7

HTTP Headers

GET /wp-content/uploads/2021/11/1.png HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
Connection: keep-alive

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:01 GMT
Content-Type: image/png
Content-Length: 33508
Last-Modified: Wed, 17 Nov 2021 10:06:35 GMT
Connection: keep-alive
Vary: Accept-Encoding
ETag: "6194d42b-82e4"
Server: DomaiNesia
DN-Request-Id: e02d265f0115724c7b7612236b6bdaf8
Cache-Control: s-maxage=10
Accept-Ranges: bytes

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://renovasi99.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 05 Oct 2022 14:41:09 GMT
expires: Wed, 05 Oct 2022 16:41:09 GMT
cache-control: public, max-age=7200
age: 3953
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-RWLV354VGW&gtm=2oea30&_p=1447824130&gdid=dZTNiMT&cid=2113189714.1664984822&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664984821&sct=1&seg=0&dl=http%3A%2F%2Frenovasi99.com%2Fonline1%2Fupdate%2Fweb%2F1_files%2Fa_002.htm&dr=http%3A%2F%2Frenovasi99.com%2Fonline1%2Fupdate%2Fweb%2Flogin.php%3Fweb%2Fauth%2Fsignon%3D&dt=Page%20not%20found%20-%20Renovasi99&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-RWLV354VGW&gtm=2oea30&_p=1447824130&gdid=dZTNiMT&cid=2113189714.1664984822&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664984821&sct=1&seg=0&dl=http%3A%2F%2Frenovasi99.com%2Fonline1%2Fupdate%2Fweb%2F1_files%2Fa_002.htm&dr=http%3A%2F%2Frenovasi99.com%2Fonline1%2Fupdate%2Fweb%2Flogin.php%3Fweb%2Fauth%2Fsignon%3D&dt=Page%20not%20found%20-%20Renovasi99&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-RWLV354VGW&gtm=2oea30&_p=1447824130&gdid=dZTNiMT&cid=2113189714.1664984822&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664984821&sct=1&seg=0&dl=http%3A%2F%2Frenovasi99.com%2Fonline1%2Fupdate%2Fweb%2F1_files%2Fa_002.htm&dr=http%3A%2F%2Frenovasi99.com%2Fonline1%2Fupdate%2Fweb%2Flogin.php%3Fweb%2Fauth%2Fsignon%3D&dt=Page%20not%20found%20-%20Renovasi99&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://renovasi99.com/
Origin: http://renovasi99.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: http://renovasi99.com
date: Wed, 05 Oct 2022 15:47:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

renovasi99.com/superpwa-manifest.json

139.162.6.196

200 OK

789 B

URL HTTP/1.1
renovasi99.com/superpwa-manifest.json
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
JSON data\012- , ASCII text, with very long lines (789), with no line terminators
Size
789 B (789 bytes)
Hash
cf5ee796b0fd3d2a970a737a018a2f13
29b4df6450edf1bcd0273ed65ab17078925ce70f
c7f6ea43b1921a0ba57464286845f4c17ee6dde2b8f4105496a75df3e67e5d82

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /superpwa-manifest.json HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/1_files/a_002.htm
X-Moz: prefetch
Connection: keep-alive
Cookie: _ga_RWLV354VGW=GS1.1.1664984821.1.0.1664984821.0.0.0; _ga=GA1.2.2113189714.1664984822; _gid=GA1.2.2072996925.1664984822; _gat_gtag_UA_215293659_1=1

HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 15:47:02 GMT
Content-Type: application/json
Content-Length: 789
Connection: keep-alive
Last-Modified: Wed, 24 Aug 2022 04:05:44 GMT
Server: DomaiNesia
DN-Request-Id: 280dd29cb3cbd11358db98e80824ec89
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload always
Dynamic-Cache-Status: MISS
Cache-Control: s-maxage=10
Accept-Ranges: bytes

renovasi99.com/online1/update/web/assets/css/css/wellsfargosans-rg.woff

139.162.6.196

404 Not Found

278 kB

URL HTTP/1.1
renovasi99.com/online1/update/web/assets/css/css/wellsfargosans-rg.woff
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8665), with CRLF, LF line terminators
Size
278 kB (277827 bytes)
Hash
b1979f2149c0803307cbf759f1390b51
174f6db12c8d05497e4f251500046c7fd9125563
bd270ad790197a44f004e0b38a43d86273a23f6bf199d569d0bbeb72ad5086da

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /online1/update/web/assets/css/css/wellsfargosans-rg.woff HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://renovasi99.com/online1/update/web/assets/css/one.css

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <https://renovasi99.com/wp-json/>; rel="https://api.w.org/", </wp-includes/js/wp-emoji-release.min.js?ver=6.0.2>; rel=preload; as=script, </wp-includes/css/dist/block-library/style.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins/bootstrap.min.css?ver=3.3.4>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/style.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/responsive.css?ver=6.0.2>; rel=preload; as=style, </wp-includes/js/jquery/jquery.min.js?ver=3.6.0>; rel=preload; as=script, </wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2>; rel=preload; as=script, </wp-content/themes/gillion/js/plugins.js?ver=6.0.2>; rel=preload; as=script, </wp-content/themes/gillion/js/scripts.js?ver=6.0.2>; rel=preload; as=script
Server: DomaiNesia
DN-Request-Id: 52d25301d2cc953459dd5290270c8266
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload always
Static-Cache-Status: MISS
Date: Wed, 05 Oct 2022 15:47:01 GMT
X-Page-Speed: DomaiNesia
Cache-Control: max-age=0, no-cache

renovasi99.com/wp-content/uploads/gillion-dynamic-styles.css?ver=226670583

139.162.6.196

200 OK

0 B

URL HTTP/2
renovasi99.com/wp-content/uploads/gillion-dynamic-styles.css?ver=226670583
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/gillion-dynamic-styles.css?ver=226670583 HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://renovasi99.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 05 Oct 2022 15:47:00 GMT
content-type: text/css
last-modified: Mon, 25 Jul 2022 06:25:31 GMT
vary: Accept-Encoding
etag: W/"62de375b-2b6b"
server: DomaiNesia
dn-request-id: e0a423286bf3a2ca27b1ae7478d668ba
content-encoding: br
cache-control: s-maxage=10
X-Firefox-Spdy: h2

renovasi99.com/online1/update/web/img/3.jpg

139.162.6.196

404 Not Found

0 B

URL HTTP/1.1
renovasi99.com/online1/update/web/img/3.jpg
IP
139.162.6.196:0
ASN
#63949 Linode, LLC

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /online1/update/web/img/3.jpg HTTP/1.1
Host: renovasi99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://renovasi99.com/online1/update/web/login.php?web/auth/signon=
Connection: keep-alive

HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Link: <https://renovasi99.com/wp-json/>; rel="https://api.w.org/", </wp-includes/js/wp-emoji-release.min.js?ver=6.0.2>; rel=preload; as=script, </wp-includes/css/dist/block-library/style.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.3>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/lib/bower/font-awesome/css/font-awesome.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/plugins/js_composer/assets/css/vc_lte_ie9.min.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins/bootstrap.min.css?ver=3.3.4>; rel=preload; as=style, </wp-content/themes/gillion/css/plugins.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/style.css?ver=6.0.2>; rel=preload; as=style, </wp-content/themes/gillion/css/responsive.css?ver=6.0.2>; rel=preload; as=style, </wp-includes/js/jquery/jquery.min.js?ver=3.6.0>; rel=preload; as=script, </wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2>; rel=preload; as=script, </wp-content/themes/gillion/js/plugins.js?ver=6.0.2>; rel=preload; as=script, </wp-content/themes/gillion/js/scripts.js?ver=6.0.2>; rel=preload; as=script
Server: DomaiNesia
DN-Request-Id: 20db62003b09d52548dd1bb895189fef
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Referrer-Policy: strict-origin-when-cross-origin
Content-Security-Policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload always
Static-Cache-Status: MISS
Date: Wed, 05 Oct 2022 15:46:59 GMT
X-Page-Speed: DomaiNesia
Cache-Control: max-age=0, no-cache
Content-Encoding: gzip

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (41)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations