Report - dpaylater2024aa.dana1.biz.id/

Report Overview

Submitted URL
dpaylater2024aa.dana1.biz.id/
IP
104.21.23.203
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-18 05:48:00
Access
public
Website Title
DANA - Apa pun transaksinya selalu ada DANA
Final URL
dpaylater2024aa.dana1.biz.id/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dpaylater2024aa.dana1.biz.id	unknown	unknown	No data	No data	7.9 kB	9.5 MB	104.21.23.203
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-17	422 B	32 kB	151.101.66.137
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-18	1.1 kB	98 kB	216.58.207.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-18	475 B	18 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA
2024-04-17	medium	dpaylater2024aa.dana1.biz.id/	DANA

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-05-01
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-01 00:12:53 Times Seen140501 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	dpaylater2024aa.dana1.biz.id/ast/jquery.mask.min.js	15 kB	2024-01-06	2024-04-18
Pretty URL dpaylater2024aa.dana1.biz.id/ast/jquery.mask.min.js IP 104.21.23.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-06 17:48:28 Last Seen2024-04-18 07:48:06 Times Seen22 Hash 493c6aaa3f3b0f8b0531f250ce2c082f 23c55623e028f2b9968e3919cf8129efd8ba164e ddfec55f6a6a9a2e49cd337393e718dfa6a1a5ada9d7953771ffd54107e9cc3e Loading...

	dpaylater2024aa.dana1.biz.id/	382 B	2023-06-29	2024-04-29
Pretty URL dpaylater2024aa.dana1.biz.id/ IP 104.21.23.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59:08 Last Seen2024-04-29 07:20:47 Times Seen699 Hash 7544c9acf4737e54470eb118ba8361a5 6a4d26abaec547bb911dcd1d131505512c3d5dfc 15d88dfd919c1a4ae658e43cfb9c9bc3dc298440028e47b065e43b2218c52f21 Loading...

	dpaylater2024aa.dana1.biz.id/	0 B	2023-03-07	2024-05-01
Pretty URL dpaylater2024aa.dana1.biz.id/ IP 104.21.23.203 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-01 00:22:40 Times Seen37232708 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (21)

URL IP Response Size

dpaylater2024aa.dana1.biz.id/ast/img/bi.png

104.21.23.203

200 OK

16 kB

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/img/bi.png
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
PNG image data, 360 x 200, 8-bit/color RGBA, non-interlaced
Size
16 kB (16542 bytes)
Hash
6e77df79b301b9fb95fdf50d66e3ceb7
1c93476fccf582d5ea0fa88ec8b1becc00d9edb5
4262dc8d42209d7e2a597f7f1098880e75ad0f6a53a66da1a7bd094a5f778199

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/bi.png HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:34 GMT
content-type: image/png
content-length: 16542
last-modified: Tue, 12 Dec 2023 01:18:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6612UbdTFFzHyh6SSpbfdgiOL6E6JmZs9BPgHeCWfShJsQmgao3NPe8JJIvLH9i3xkmjB6BLSko9CHqQsY9o4RVrhOJV7qaNRgRgw%2FDL68xGnKskWzrSvCxvu4vpHi9hfFlI3FiIBBHySGBytgHY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c623d04b4ee-OSL
alt-svc: h3=":443"; ma=86400

dpaylater2024aa.dana1.biz.id/ast/img/logoDana.png

104.21.23.203

200 OK

5.7 kB

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/img/logoDana.png
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
PNG image data, 250 x 250, 8-bit/color RGBA, non-interlaced
Size
5.7 kB (5709 bytes)
Hash
41b59dba0771ed2bfe06525558771f77
2e902c24b1c977aafb80ea3186b71c6a9bec88c3
1abf8bee500aebdd717aa47a38fe82bed5841ba514f522bdb552a7f7619d3088

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/logoDana.png HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:34 GMT
content-type: image/png
content-length: 5709
last-modified: Tue, 12 Dec 2023 01:18:59 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f1o06gm%2FYQv8xqopreSamC5qDGxEV7tD%2BWKoiY6u9b7xUHfx8kPog0Ch27dwzQmnv%2Bo0ovSJcOyJwRktdeKMR%2BfoapeS%2B%2B2rtLPci7EErp0KEFz%2BWxYH4VqAJyDWeBC1cZzw41XtS8vkkQ0qBZjm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c623d03b4ee-OSL
alt-svc: h3=":443"; ma=86400

dpaylater2024aa.dana1.biz.id/ast/img/dana_logo.png

104.21.23.203

200 OK

13 kB

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/img/dana_logo.png
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
PNG image data, 382 x 112, 8-bit/color RGBA, interlaced
Size
13 kB (12786 bytes)
Hash
6fd5a7d18a8f7c04bc5effcdc5235987
c4852c577f44fcdf78fb439a30ea2c6c6983b140
c67e5431f9c00bb690ea8b8add63d5ca9250bf2925f2c2a691eeee498ac75853

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/dana_logo.png HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:34 GMT
content-type: image/png
content-length: 12786
last-modified: Tue, 12 Dec 2023 01:18:34 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LNxRYKhwldP4d%2BKLjuquwylZORgo80655023ey879chYEhJlHt5RbNMYszovmKFj3ynn7WEwBXuOV28IMRSzcT2pM2rIWeblYwpqW2HmNEIx%2FiIgU2kaohRIzxDx7VEfs6byz2P%2B1EbECntVy5y2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c623cfcb4ee-OSL
alt-svc: h3=":443"; ma=86400

code.jquery.com/jquery-3.5.1.min.js

151.101.66.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 05:47:34 GMT
age: 3376094
x-served-by: cache-lga21981-LGA, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 36, 444037
x-timer: S1713419254.217645,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2

dpaylater2024aa.dana1.biz.id/ast/img/1.gif

104.21.23.203

200 OK

3.2 MB

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/img/1.gif
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
GIF image data, version 89a, 600 x 684
Size
3.2 MB (3189545 bytes)
Hash
5ea67946de83e30ace414dacd6b5627e
a4a8896bcb9735f989859ba10b505f93b4970a34
fe0950a0538d20201d7849bf5084880255609ed606fca1d3b84d6ea68797e06a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/1.gif HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:34 GMT
content-type: image/gif
content-length: 3189545
last-modified: Tue, 12 Dec 2023 01:17:46 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B3STLiFbjkkr5bVJnP5YO%2B7To2Kck%2Bvsze1PO9wXSTb7ynsQ7q8Fekucd9IdciB1gGzOlCchSO1TniZikBA%2B2QzY0%2Fm2LFrHU24Jh%2BVAl7lNZRwZ4Yl1CmKwlL%2BKf5QraybotCkU2I1AnbO%2FakK%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c624d09b4ee-OSL
alt-svc: h3=":443"; ma=86400

dpaylater2024aa.dana1.biz.id/ast/img/2.gif

104.21.23.203

200 OK

4.6 MB

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/img/2.gif
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
GIF image data, version 89a, 600 x 684
Size
4.6 MB (4600275 bytes)
Hash
7916326388059289a97942e56ed561d1
0f0d121c7eb474364def31919fb52a3dffdcb0ac
8c9188ca83dc3c1842c094d72c694c2d56453d1ac0137a3e6ce95b2e69e3398f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/2.gif HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:34 GMT
content-type: image/gif
content-length: 4600275
last-modified: Tue, 12 Dec 2023 01:18:36 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GyrQHe58z5zyHw5UvjubS4iLvw6uffc6HS%2FGs%2B%2F%2FJSZdelmBKNqxZ7g9hgCiDom8hhpwCo2NoFhsfKG8pV6XPgz22fo9SVGF7YBV9%2BYHJTVLOudU7JIQqVQaoKlac2Q8L3PNfRVWiRZKfMtEpS2u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c624d0ab4ee-OSL
alt-svc: h3=":443"; ma=86400

dpaylater2024aa.dana1.biz.id/ast/img/3.gif

104.21.23.203

200 OK

1.6 MB

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/img/3.gif
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
GIF image data, version 89a, 600 x 684
Size
1.6 MB (1578109 bytes)
Hash
1a4bcca893535f86ab7676624762679a
6cbcefc9f75dd72fbc8c8f1212f55e631ad5f95f
053ec0bd407251a6fd88d670e5b462dca054fd08744f34388ffae5251d0f30ba

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/3.gif HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:34 GMT
content-type: image/gif
content-length: 1578109
last-modified: Tue, 12 Dec 2023 01:18:31 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tlgicWcfF%2BAYSWt0XYQ9eiS0oPS%2BTB2A%2F2yCCd4rF%2Bs4eIWvngu%2FP6GR05g8X6qMCB5CLmdnU6Pere2PgWMc4mlr6n80VGnB%2FDzolKI8xrZnVW%2BCgdQBcZ8tHJvl4QzAW%2B5CQfi2649C35cKSWs9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c624d0cb4ee-OSL
alt-svc: h3=":443"; ma=86400

dpaylater2024aa.dana1.biz.id/ast/img/indo.png

104.21.23.203

200 OK

741 B

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/img/indo.png
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
PNG image data, 80 x 45, 8-bit colormap, non-interlaced
Size
741 B (741 bytes)
Hash
c15c95b8db17f44e5826bb7839278578
5be0ab5aba6201a0a3a3423f9db8008ed2385430
af52bfb0ab7606d185db1457ddc3edceb61c7fe9675e099cae3e3be1eccf152c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/indo.png HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:34 GMT
content-type: image/png
content-length: 741
last-modified: Tue, 12 Dec 2023 01:18:46 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KwUZKeXB45fFDRUN%2B3Id6H6Jj8GVLwbHTE0IIEkr2ah2YOIAMGWidM1fhqRJmeJSNYM0wQHShMifzlTUMGmI3rya9SxZrkkh5KzUPS6q969D2G1k4dD%2FwnYqhF%2FN4YtR%2F3mKtA2ZKRBdz4KvLXci"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c624d0eb4ee-OSL
alt-svc: h3=":443"; ma=86400

dpaylater2024aa.dana1.biz.id/ast/img/kom.png

104.21.23.203

200 OK

8.5 kB

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/img/kom.png
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
Size
8.5 kB (8484 bytes)
Hash
74adb66e545a68df7e5a0442a02fa8e7
a1692d3bfbde3c0cb3a8bc9b9b1fb2de4d570e85
4285db40c51cc53230cab0490df40566e285b48fb2b2e4729b42ff2a26c74480

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/kom.png HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:36 GMT
content-type: image/png
content-length: 8484
last-modified: Tue, 12 Dec 2023 01:18:53 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tPImkU5UJB5PRzcqZWSngtbOdpCZ3E7t84y0dy9rKFSK8s7extPEJWH4huqvxBA%2FLRL1mG6EpAPcgEaQHONqXw2JVdyHtIOJ%2Bs36QZafvSc4HxsXAEEgas6M2ogtMz8nIX%2Ff6zrKHPaqf1ivci4Z"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c623d07b4ee-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dpaylater2024aa.dana1.biz.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 11556
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9
ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48236, version 1.0
Size
48 kB (48236 bytes)
Hash
015c126a3520c9a8f6a27979d0266e96
2acf956561d44434a6d84204670cf849d3215d5f
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

HTTP Headers

GET /s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://dpaylater2024aa.dana1.biz.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:35:00 GMT
expires: Fri, 18 Apr 2025 02:35:00 GMT
cache-control: public, max-age=31536000
age: 11560
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

142.250.74.106

200 OK

18 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT

File type
ASCII text, with very long lines (1572)
Size
18 kB (17451 bytes)
Hash
71b2730c1cecf7a0768725bd944422c5
8dfa323cb988538bce8556a99bb5bd556e3593d1
851699a18b631a7bd68efc99598701293a6065b463fced7b68d8d6d9227bd8e7

HTTP Headers

GET /css2?family=Open+Sans:wght@400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 18 Apr 2024 05:47:36 GMT
date: Thu, 18 Apr 2024 05:47:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dpaylater2024aa.dana1.biz.id/ast/img/hero.svg

104.21.23.203

200 OK

32 kB

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/img/hero.svg
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
SVG Scalable Vector Graphics image
Size
32 kB (31697 bytes)
Hash
bc0ceea50591f74883dd9b92b19b852c
5617f0be48b9a0973c24ff0e1d200201549a4a50
a3d7991adee411105f2ddd533c34d0f0afd141187bc13503fd035de014f954d8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/hero.svg HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:36 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Dec 2023 01:18:40 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lZ5XRIYXiJeRISGUj6GBfD4ykb%2FwGqUxpgwYgjvNW9g2zfYGJXglu85wKdPqXcnexIpH2ZTuMnVvvlPgGh%2FZRG%2FtOVXxy5xOS%2Bq7MdjGPzHTNtBRXbR957PwnmaWPBvzp%2BQ%2FkNE5Bgd2AqCDU1XW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c623cffb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dpaylater2024aa.dana1.biz.id/

104.21.23.203

200 OK

6.1 kB

URL User Request GET HTTP/2
dpaylater2024aa.dana1.biz.id/
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
HTML document, ASCII text, with very long lines (6483), with no line terminators
Size
6.1 kB (6098 bytes)
Hash
48efb41e0ed6bcadcba61f124abc1875
fd5f5dc455442c3da9d7a629d0b8c10c86c6e90a
ee80c98c9f5ccd8269d020e403a88daf99939ed79aae4851b3e4f208ce840c71

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET / HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 18 Apr 2024 05:47:33 GMT
content-type: text/html
last-modified: Mon, 11 Dec 2023 17:24:59 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMCB%2BR%2BGSy40lgHnlhULF5RycfFebbax0Su7pbojYUlbu09UWMHf5goNDNmzHVFJfN11FNWQbwTZW3TP%2B%2Btvu%2BtK22mbtAn0MIJgvbKHRYes7uQJrTF8g%2B%2BPg8hemLe%2FjP59lxSyo3fZ6vlq9Sdw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87625c60bfbbb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

dpaylater2024aa.dana1.biz.id/ast/00b9d2e9f52e505c013c16bb638a42a4.css

104.21.23.203

200 OK

880 B

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/00b9d2e9f52e505c013c16bb638a42a4.css
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
ASCII text, with very long lines (930), with no line terminators
Size
880 B (880 bytes)
Hash
ad64c394caa5746e09cf1bd7a1b30e93
a5a5602e925a98fd8e6f403b025491857acc64ad
b9302f424f00f5272e903c99dfbbbf5689d1b6b2f8f02cc2a0765ac23cb70ea7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/00b9d2e9f52e505c013c16bb638a42a4.css HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:34 GMT
content-type: text/css
last-modified: Tue, 12 Dec 2023 01:21:46 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jLdEEK0FLa%2FW5PORqM988e8OVgWkh4D%2F9unFnJ0JOGNaiMNDpwjTNY7E3r%2BKJ3eZVR%2B5W66Ce%2BpolP0iQXsGV10s6wZoRlfOeGuT0V6cKVAOOQynWzQgqD4UjplUMZ3pXpZ9ThHR2p7Cx%2BDFW7rR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c623cf6b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dpaylater2024aa.dana1.biz.id/ast/6990a7033bbaeadc2040ac863ff124fd.css

104.21.23.203

200 OK

1.7 kB

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/6990a7033bbaeadc2040ac863ff124fd.css
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
ASCII text, with very long lines (1815), with no line terminators
Size
1.7 kB (1708 bytes)
Hash
afe5cd0c171cbce48ba584d400231402
e95a37a0db14d922e697391ee5d2b74b1ae6e385
4fa9ff520bc6a37d1717159cc8baa749dee7aaf9f1b35258750335f6cf015629

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/6990a7033bbaeadc2040ac863ff124fd.css HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:34 GMT
content-type: text/css
last-modified: Tue, 12 Dec 2023 01:24:22 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5gnxGpZ7CUShVulH4Nf2pOREYfAgb5n8vt7woyyi%2F%2BMCUlUO7AfgvP%2B%2BGtk2%2Beq%2Fv3sVrUeLP3ZrcZfkrimMWgDZIfKHQfYuds8730xEAmxJwTJ6expEmLpAsp3pqj4cwcMuWbqwpx%2Bm5gii2SDU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c623cf7b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dpaylater2024aa.dana1.biz.id/ast/47e4c58f6b9789b8a33f2525cf084599.css

104.21.23.203

200 OK

1.0 kB

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/47e4c58f6b9789b8a33f2525cf084599.css
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
ASCII text, with very long lines (1089), with no line terminators
Size
1.0 kB (1032 bytes)
Hash
9079a9654f472e7494ea43c31f90d5af
0179bf463bf5be0a35a1bb53917ba6707e7bd47a
e7a2c1bf3bedd877d9dcbbb16175bac8cd710d4dc47df08ed1bd9767a63e5f75

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/47e4c58f6b9789b8a33f2525cf084599.css HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:36 GMT
content-type: text/css
last-modified: Tue, 12 Dec 2023 01:23:30 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0CmIOh4euPGBB56K50KYO0t6d3WrA6JBadah96Y4aXCQv77%2BWd2zfLh1HTWB5AJTabWlLhrOOvKhnV%2FP9vX2CrZtRUymZ8nSmpI2bPDhqbTENIcIjCkaMKh9IE0RQkPxGpIJI8FSQAsP7K8zg2iv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c623cfbb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dpaylater2024aa.dana1.biz.id/ast/index.css

104.21.23.203

200 OK

8.0 kB

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/index.css
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
ASCII text, with very long lines (8480), with no line terminators
Size
8.0 kB (8002 bytes)
Hash
2099a4178be6aace33c98c8ac5f91560
9234b31e8fc8296e51d7cf71123cea4230bdb4b4
99d86e40d6e64520b2476ae60e01f358ee8df0a1e83eb61bfc6ad342722a0689

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/index.css HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:34 GMT
content-type: text/css
last-modified: Tue, 12 Dec 2023 01:25:15 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EdiBU8f4ZeghdETrHzboU0i8N0XSgCWRRyx%2FrhWOVmCVqywGteIsO9e7ATCdDHhfI%2BulMn0acfVRMNHrJ6FkLl5xd%2FQoSzoMOJMlXmDAnL28sIcLR1P9oKEQqp%2BJgTtM0axyKEWLNpwmqtd5pLZA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c623cefb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dpaylater2024aa.dana1.biz.id/ast/3fadc676582b9542004b502ee03df3a3.css

104.21.23.203

200 OK

2.0 kB

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/3fadc676582b9542004b502ee03df3a3.css
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
ASCII text, with very long lines (2107), with no line terminators
Size
2.0 kB (1991 bytes)
Hash
69fcb805c066f95dafe0af3b989eebb5
df0082145d5df2722e3756d13960c046f75b665a
6e8781d3f021ae6b483cf9f688883093dc8bd4791ffbc1a2e5406cd4d2ce8584

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/3fadc676582b9542004b502ee03df3a3.css HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:34 GMT
content-type: text/css
last-modified: Tue, 12 Dec 2023 01:22:44 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gYb6DpHQ3mCJ%2FG8zBMn0PUOr%2FyNxMhQleAoKXGgMnwOWWjfXL4apNB%2F2DP3gh4X6DSEREUUl28NJDYTQmRxKovQ4OMNWRDp9vOruXUUOKjT0lX2CSn9VHxGPtE7EQ8yGPFcCjMk7UkPfv7zs26ED"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c623cf9b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dpaylater2024aa.dana1.biz.id/ast/jquery.mask.min.js

104.21.23.203

200 OK

15 kB

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/ast/jquery.mask.min.js
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
JavaScript source, ASCII text
Size
15 kB (14571 bytes)
Hash
493c6aaa3f3b0f8b0531f250ce2c082f
23c55623e028f2b9968e3919cf8129efd8ba164e
ddfec55f6a6a9a2e49cd337393e718dfa6a1a5ada9d7953771ffd54107e9cc3e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/jquery.mask.min.js HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 18 Apr 2024 05:47:35 GMT
content-type: text/javascript
last-modified: Tue, 12 Dec 2023 01:20:25 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CxnuFSoOO%2FkmX6TYzQO3KqnJvPyFmYZIPEOXS0ClQQsKgnpZDdZIKQ474ogp3sAiTnGPFIrdE512mYr7sFK7iANwR3q%2Bv0IC%2FyQihzH8POoLFeqRlWNsoozx9gkjbNQoMFM80HwUk7rC5sH5eGID"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c624d12b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

dpaylater2024aa.dana1.biz.id/favicon.ico

104.21.23.203

404 Not Found

315 B

URL GET HTTP/3
dpaylater2024aa.dana1.biz.id/favicon.ico
IP
104.21.23.203:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dpaylater2024aa.dana1.biz.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectdana1.biz.id
FingerprintCE:78:E9:2F:3F:75:DD:D1:CB:AB:90:1F:A7:B2:9A:3D:5E:FD:2D:00
ValidityMon, 11 Mar 2024 18:12:24 GMT - Sun, 09 Jun 2024 18:12:23 GMT

File type
HTML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dpaylater2024aa.dana1.biz.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dpaylater2024aa.dana1.biz.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 05:47:38 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MoDHSS4lJqYXq4e5NyjCGNXToqDaWuwUjGJi2fFyQKDzCRL6BTP77BUzMIyAX7DDXSfftmCkMyfA%2BE9lVDcGB8xn4e2UY91JGO4oDFB3Aq8oAodo2%2BMKQ4bJ3pWpIyxBNRkyDZO1r4EfYkNt38EB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87625c724d32b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate