cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
104.17.24.14200 OK 19 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
IP 104.17.24.14:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (52276)
Hash 5222e06b77a1692fa2520a219840e6be
8b4236206a8b86af3761a244277663046d7ff7ee
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
GET /ajax/libs/font-awesome/6.4.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:18:41 GMT
content-type: text/css; charset=utf-8
content-length: 18778
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64cac444-495a"
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 176684
expires: Tue, 08 Apr 2025 19:18:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fKf9WRlrWQNcHc9YgGv%2FL6BU0rMe31CqNFM0%2BzTBGABDtirnjuefq6z1cSU5l7fWTGpLi1SOT%2F%2FriKJWxotvS1KpwX3d8%2F%2FrnEMXbVy2UNOZxaI5beWTeEPweeTc6XiZyTLCfixz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8767008c8e4256a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
104.17.24.14200 OK 5.8 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP 104.17.24.14:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash e9365fe85b7e4db79a87015e52c3db6c
2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:18:41 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 649074
expires: Tue, 08 Apr 2025 19:18:41 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3KEbcS37JPWLNqXKzoKcTAm3NTDW0vTMMXBQkQOeiPCaeYR78NUB8%2BUXnnjKXE4PAMPHzFwbwq9EWEf15CUwJrQrtMBPj9MCwILUetT258pRfyBqeVFNVcrbIGfsDtlyy3dvklqh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8767008c9e5756a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-1.10.2.min.js
151.101.2.137200 OK 33 kB URL GET HTTP/2 code.jquery.com/jquery-1.10.2.min.js
IP 151.101.2.137:443
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (32072)
Hash 628072e7212db1e8cdacb22b21752cda
0511abe9863c2ea7084efa7e24d1d86c5b3974f1
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 19:18:41 GMT
age: 18667315
x-served-by: cache-lga13622-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 1, 5339
x-timer: S1713467922.502944,VS0,VE0
vary: Accept-Encoding
content-length: 32788
X-Firefox-Spdy: h2
i.ibb.co/PYpHF6b/Twitter-Show-Password.png
162.19.58.157200 OK 28 kB URL GET HTTP/2 i.ibb.co/PYpHF6b/Twitter-Show-Password.png
IP 162.19.58.157:443
Certificate IssuerLet's Encrypt
Subjectibb.co
Fingerprint47:33:B4:39:55:FC:BC:18:08:79:9C:6C:9D:F3:CF:3A:89:C4:99:62
ValidityWed, 07 Feb 2024 12:41:56 GMT - Tue, 07 May 2024 12:41:55 GMT
File type PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced
Hash 2fd203703821d5ce5d18bee2a51b779a
a78d7b1369ce8bc34de57909af142043cae446f0
6b82611fa96f118128b0db9692dd982ca0fe79b1b4d8048946880600cc4f97c8
GET /PYpHF6b/Twitter-Show-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 19:18:41 GMT
content-type: image/png
content-length: 28355
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.5.1.min.js
151.101.2.137200 OK 31 kB URL GET HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 151.101.2.137:443
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 18 Apr 2024 19:18:41 GMT
age: 3424762
x-served-by: cache-lga21981-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 36, 32872
x-timer: S1713467922.505021,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.10.207200 OK 7.4 kB URL GET HTTP/2 stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.10.207:443
Certificate IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:18:41 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 12842096
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8767008c9ea10b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
142.250.74.138200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP 142.250.74.138:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File type JavaScript source, ASCII text, with very long lines (32180)
Hash 32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:21:57 GMT
expires: Fri, 18 Apr 2025 17:21:57 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 7004
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
142.250.74.138200 OK 30 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP 142.250.74.138:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E
ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File type JavaScript source, ASCII text, with very long lines (32061)
Hash e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:38:23 GMT
expires: Fri, 18 Apr 2025 17:38:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 6018
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kentut13.my.id/img/icon-facebook.png
188.114.97.1200 OK 5.5 kB URL GET HTTP/3 kentut13.my.id/img/icon-facebook.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 1024 x 1024, 8-bit colormap, non-interlaced
Hash 2d797a69acc678581d3a4ea0fb0636ed
3c13f1b3e8fa01cc284ed3492dcb2efd447d06bc
44a4d8218d1a959cd0ff8d764fcf5306aeb21e1689725b63825bd7ee79186baa
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/icon-facebook.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:41 GMT
content-type: image/png
content-length: 5468
last-modified: Sun, 24 Dec 2023 18:13:24 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qfWIEQIiWIOAJIU2185tRsAoGhWyjKYxIWRdYgbOJIWAwArcrJypN2IEo9YJTs%2B3UWgjDARnHQc%2FQVMZaF1UWlGzaTP9h0RM%2FLXgZwhToY4GE3a4eGfXMKSfZsU44r%2Fcyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c8c7e56c4-OSL
alt-svc: h3=":443"; ma=86400
www.pubgmobile.com/act/a20180515iggamepc/logo.png
95.101.11.144200 OK 6.1 kB URL GET HTTP/2 www.pubgmobile.com/act/a20180515iggamepc/logo.png
IP 95.101.11.144:443
ASN #20940 Akamai International B.V.
Certificate IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
Hash a74329a2054a9e096a43ba8742dd9523
4ccac3041bf854721b91dcb45286b8488dd9f072
cde9945e91f0e51058869d687cd24c8f58804f25623999f1291c71b3697093b6
GET /act/a20180515iggamepc/logo.png HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
etag: "5ff6baa2-3bf2"
last-modified: Mon, 08 May 2023 08:25:46 GMT
server: Akamai Image Manager
x-serial: 910
x-check-cacheable: YES
content-length: 6055
content-type: image/avif
cache-control: private, no-transform, max-age=43200
expires: Fri, 19 Apr 2024 07:18:41 GMT
date: Thu, 18 Apr 2024 19:18:41 GMT
X-Firefox-Spdy: h2
kentut13.my.id/img/reward/2.png
188.114.97.1200 OK 40 kB URL GET HTTP/3 kentut13.my.id/img/reward/2.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced
Hash 057f18b046a332f67e66a20bd8f67112
b226de8014a6f1aa084acf1ae8017ccf45e4d715
17b0974224988fe4a4ebb3560414da4fa5623e1f63ac9c6d4f6851b44d3fea68
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/2.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:41 GMT
content-type: image/png
content-length: 39664
last-modified: Sat, 19 Feb 2022 21:40:32 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bqVlYyZHDTNN7OCvTkKgA2hDGf%2BYYn11rQjL7NhIJ2JQHD9AHun%2BZWXDov3L4Gae9wklr00XjmwPIx3HU9ot6pO0YXwvK%2Fc45zwU8mf1ocYz%2BSz2FHZncymR2tdAjQtTRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c6c6056c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/img/reward/14.png
188.114.97.1200 OK 49 kB URL GET HTTP/3 kentut13.my.id/img/reward/14.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced
Hash a4e216fe20cb1b41ddc53fddf41f5304
ca0151ff24ccb1203ac33512e5026f9a4bb86f1e
3501701aea125e17368f3588b64822e9a5e5fbd62cfe32c800ee6ffbe2ec42b7
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/14.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:42 GMT
content-type: image/png
content-length: 48601
last-modified: Thu, 25 Jan 2024 03:28:36 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2ZHrfiQv1HLSNJ8zAiUUeul6hsdtEFlCaSHmF8HucNynTOOsjZ0sOVkGaVf4d4CsvFjSqwIJPjTiBHaVwh9817ixv7HPBedjGV1NyfOiHImf40L4TCOMNr%2BPItU2diG1sQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c8c7856c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/img/reward/1.png
188.114.97.1200 OK 47 kB URL GET HTTP/3 kentut13.my.id/img/reward/1.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced
Hash fe6e1ece7488cc7f4c6850cd066f65c8
78f18e9c72ad0678d7c6f05d6405e28047306209
2bfb951b0e3d20a530e92cf60b1853d3c1164831e129777f3969c3d9811f5dfd
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/1.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:42 GMT
content-type: image/png
content-length: 47368
last-modified: Sat, 19 Feb 2022 21:40:32 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDi%2BiXu1K2LbxyyoCPDSHJy08l%2BwgeXrED5EgIE%2FlQcauOBwlSGni%2B2j1mw%2FGk3%2BTdceTxcmFR5Mz81KkYSP2bzr2tYkBCD9QBbD0U%2FwpqFcbnfrp7CbnuvVzTn%2BijcoHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c6c5e56c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/img/reward/6.png
188.114.97.1200 OK 44 kB URL GET HTTP/3 kentut13.my.id/img/reward/6.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced
Hash 0655c01fda2de926ce3f7e14d66918e7
3c064ef50d19ac14d40f4cd29b78fa21a404dab9
a11e9a03ca0eadab552ae16d846cda89c6603e7717aeca33c1dffa29e8293cc1
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/6.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:42 GMT
content-type: image/png
content-length: 43475
last-modified: Wed, 24 Jan 2024 00:54:16 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mA6LXRTQQAerqkUrxM8dDwILedG309ySJ0bQOld5KbPQ%2FSCMCdl9u7UKA5kJSQEpYh%2B7DVEcgNksY%2F7bkdYbNCnabVTtZqv0UtYjp1JMA5CPgApmkIzmdX%2BEfd4jib1BEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c7c6b56c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/img/reward/7.png
188.114.97.1200 OK 74 kB URL GET HTTP/3 kentut13.my.id/img/reward/7.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced
Hash 42f1b10ee619f4e5e6ec1c06dce3a1cf
189519876ead0b134f2a8b8e756ca1e06705a66d
4db35241048e3bfb928e6fdc1ae06a8af1ee8960fed770fe5734347b5aa0a403
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/7.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:42 GMT
content-type: image/png
content-length: 73547
last-modified: Thu, 25 Jan 2024 03:28:36 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d1yJUd4VECkP2k%2BHL%2FOxjWdbWN%2Fc6feBgCf8%2FCmCEZfw4LWTX2rrI0H1QU%2BVDanIDROux6N3rbm3RAEetTzz%2FQtX7E6Rlav44GHpYK76kfYwax%2BRgpkXTjhKci9W9hQw%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c7c6c56c4-OSL
alt-svc: h3=":443"; ma=86400
www.pubgmobile.com/en/event/pubgmxmetro/images/loading1.gif
95.101.11.144200 OK 26 kB URL GET HTTP/2 www.pubgmobile.com/en/event/pubgmxmetro/images/loading1.gif
IP 95.101.11.144:443
ASN #20940 Akamai International B.V.
Certificate IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File type GIF image data, version 89a, 526 x 600
Hash e377fa1c12d169f6ed4b46d6be06b432
7a02bedbd130bdce8c96c9e099b2705a78283017
b71275cb8140eb119a3f77c3c9f452b833790049b3b14944132c826db7260f9a
GET /en/event/pubgmxmetro/images/loading1.gif HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: image/gif
content-length: 26541
last-modified: Thu, 12 Nov 2020 03:03:53 GMT
etag: "5faca619-67ad"
accept-ranges: bytes
cache-control: max-age=286
expires: Thu, 18 Apr 2024 19:23:28 GMT
date: Thu, 18 Apr 2024 19:18:42 GMT
X-Firefox-Spdy: h2
kentut13.my.id/img/reward/3.png
188.114.97.1200 OK 175 kB URL GET HTTP/3 kentut13.my.id/img/reward/3.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 1267 x 1266, 8-bit colormap, non-interlaced
Size 175 kB (175129 bytes)
Hash d2aac9fb39a615da8d386a47a8c94a69
a76259c9b0eaf3367df4807373f94177a9fda860
51c5ba5fc6d6a4313b24f68331f705f85cbbfb0601bbbd46d79a8f1084ad1e26
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/3.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:42 GMT
content-type: image/png
content-length: 175129
last-modified: Thu, 25 Jan 2024 03:28:36 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oBaMZ5EUflz45V9SUgBYuNLachig2lsVR6QSSQiD2RqHr9eIKcqul5A4BJuDNEv83UveCC3%2FqMl48i7t0tGkLQTjPsSawObGYnwvJUgjznQ3TtARQeiBpE4tntbnPeNjIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c6c6156c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/img/reward/5.png
188.114.97.1200 OK 135 kB URL GET HTTP/3 kentut13.my.id/img/reward/5.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced
Size 135 kB (134632 bytes)
Hash a5ffb95b78a54e5c5d9ab2174e61b29f
d73740f0846123fb9027277792878a7b53984712
d76539d97d64c8b1d16c8b3b5a3d793b350e2b0953ccd8b8a42de00f0571ac10
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/5.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:42 GMT
content-type: image/png
content-length: 134632
last-modified: Fri, 04 Mar 2022 00:09:32 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VkfFW8P4RKk6Y9sMnQhvt6ZnalxMBRC4feBzYFglZxD4OUCMEw8%2B%2BTKlqEt2fgLRJ0WVunLjfngZnYrr7agqrXCM6BAf140QpQg732qz%2FCUXi5EbSDuJLZ9uvxZ02c%2FDjA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c6c6456c4-OSL
alt-svc: h3=":443"; ma=86400
i.postimg.cc/9XrpfK2B/footer-ppua.png
162.19.88.69200 OK 88 kB URL GET HTTP/2 i.postimg.cc/9XrpfK2B/footer-ppua.png
IP 162.19.88.69:443
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13
ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT
File type PNG image data, 1280 x 54, 8-bit/color RGBA, non-interlaced
Hash 6774f33254c7f07a7763bd503b7c918c
9e212fcefaece30889f0aad36e0ead3a41ceb4fe
e072b60dd0fb713c703bf0496b6bc130c8c9653a44746cffb2cf854c090334b4
GET /9XrpfK2B/footer-ppua.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 19:18:41 GMT
content-type: image/png
content-length: 88464
last-modified: Fri, 21 Oct 2022 13:16:13 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
kentut13.my.id/img/reward/8.png
188.114.97.1200 OK 66 kB URL GET HTTP/3 kentut13.my.id/img/reward/8.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced
Hash 2544f79bd64d65bbb64fd28652694a6b
ac5c6cef1310e994876d566831a9d928002deb8e
1c7cc83b531acfdc6f6b41b09edd118f257e8e0c03197a9c1e041ae015803427
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/8.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:42 GMT
content-type: image/png
content-length: 65811
last-modified: Thu, 25 Jan 2024 10:32:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5ZOZfRtO4jU%2Fcu%2B1sO4OoyUG32D4kqzB%2BBQM%2FgtgeuRW5QIKwwf5VtHXopvXeL4%2B%2BlSwMe9fHJ%2FcwPcpGv7e9u4DDN1DbZjZD%2Fgw70Ezn2a7ExU8v58rCKBSVTx4V4gMTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c8c6f56c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/img/reward/11.png
188.114.97.1200 OK 63 kB URL GET HTTP/3 kentut13.my.id/img/reward/11.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced
Hash 81a7c28dc1f8afaa7e7e2c99a1577a68
523e21262204d058b0e8ed77259672bfbb3924c8
1ca95887e310effe838aa6dd79494a2a49aac66cbe9926b7c769333250b0ab20
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/11.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:42 GMT
content-type: image/png
content-length: 62841
last-modified: Thu, 25 Jan 2024 03:28:36 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zrwEsAIxLNXwW1lrWGZAWposdKhcDxAWqmS%2F4QsXA%2FTYPwvHCuC0%2FWba6AEYEIyKnICJfwT4Rz7iEB4vXSote4z6Gx3pzYyBG2KT8uAAy%2FCERNERpRMKV5Sf5oVl4LuVQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c8c7456c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/img/reward/13.png
188.114.97.1200 OK 80 kB URL GET HTTP/3 kentut13.my.id/img/reward/13.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced
Hash f2ae56d19759cb77ae2b07922b31eb72
75483d69d57ca3a08f6f34e4b51e6bef12774337
edd2a6864e9ef769266e42deec3701a670be4ee4a58509a03ebe2c308e39ef02
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/13.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:42 GMT
content-type: image/png
content-length: 79754
last-modified: Thu, 25 Jan 2024 03:28:36 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XndlJz9VYJ5UHFiuTZbxeJavUr4GRC0nwfF%2BDJkAtVFxtt447556eXa%2B646VsHKpt389ACEj94r52Zotj44US1FFZuznoDbFM2fHX3uT0PeUbrWliAUqQiHUvUi4NSQ%2FJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c8c7756c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/img/reward/4.png
188.114.97.1200 OK 271 kB URL GET HTTP/3 kentut13.my.id/img/reward/4.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 600 x 600, 8-bit/color RGBA, non-interlaced
Size 271 kB (271323 bytes)
Hash 1329598aec8626669bf18637ec367c8d
5c0729fac9e7cab0ebb9662e6e04072cc608b853
6b8b9406510eb871925eca587d473eeba54f2449b2d7aa35a95d85732c5bc9e1
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/4.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:42 GMT
content-type: image/png
content-length: 271323
last-modified: Fri, 04 Mar 2022 00:11:58 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I%2FxBPcmejs7blM3ffPPXCXIosIT%2B9LiVKdqa1VVKn1N5DJLFrowOTQnstDP1%2F6hVTvtF6KolharwBt7uqcjO73myri91AT994QzGlzFHdRi9T2IaSUuT98nBD01tutCjLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c6c6356c4-OSL
alt-svc: h3=":443"; ma=86400
i.ibb.co/pZDr8sd/Twitter-Hide-Password.png
162.19.58.157200 OK 28 kB URL GET HTTP/2 i.ibb.co/pZDr8sd/Twitter-Hide-Password.png
IP 162.19.58.157:443
Certificate IssuerLet's Encrypt
Subjectibb.co
Fingerprint47:33:B4:39:55:FC:BC:18:08:79:9C:6C:9D:F3:CF:3A:89:C4:99:62
ValidityWed, 07 Feb 2024 12:41:56 GMT - Tue, 07 May 2024 12:41:55 GMT
File type PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced
Hash 8d1f08b46884df302bf7300fc234832c
5735d57b6fa211c400d439095d5ff2f5bb57e691
e4cff1f68b85c3343554090b3479273a54e5eed2dbb3e56ceb9f86c4ebe8b0e7
GET /pZDr8sd/Twitter-Hide-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 19:18:41 GMT
content-type: image/png
content-length: 28029
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
kentut13.my.id/img/reward/9.png
188.114.97.1200 OK 44 kB URL GET HTTP/3 kentut13.my.id/img/reward/9.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced
Hash 62edd9e1a346cbedd37c15d06796b51c
3aa7bd98d0821e3dabb1658ef8e984877edb454a
c8eb16e0fa5d1a77dc069f6ef60b537588eea7dd98e742e1a6aba0fb59fa34e7
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/9.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:43 GMT
content-type: image/png
content-length: 43758
last-modified: Sat, 19 Feb 2022 21:40:32 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yLQ%2BZv7Fo5set2Abm9vD1O1YbVkZxfXaJ54NWtQF4LTZLXcL7hDDawJzGmy3V8Mh%2F%2BQ5u6lza1MAqLcC69if58gOBkdKfskKzgGsFGeIOA4Kb1kojAI3ek6E6IyveEiwOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c8c7056c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/img/icon-twitter.png
188.114.97.1200 OK 6.0 kB URL GET HTTP/3 kentut13.my.id/img/icon-twitter.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 86 x 86, 8-bit/color RGBA, non-interlaced
Hash 3102bd5ece1855fd21122d8f0e2f6b43
79e8a83aa0eaa45dd07914726ad40736fd0bcbcf
4b3a0f6de375b108b3fd927b85f45660478919a1dcc7051ff227e4bf8d49d9de
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/icon-twitter.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:43 GMT
content-type: image/png
content-length: 5997
last-modified: Sun, 24 Dec 2023 18:13:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dznzf0ILKsAzBp%2B9P8UYGi2EICfe6xefc34nM1CdYXh7wS2MQH%2FBOh01syunQO8GUKBEVFVDNYQQ8uf3omjpigcMK5RgLbmFNF9s%2F2%2Fs%2FRm40pGUdit4CtbiB8ge1Ij4yA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c8c8156c4-OSL
alt-svc: h3=":443"; ma=86400
site-assets.fontawesome.com/releases/v6.1.1/webfonts/fa-solid-900.woff2
172.64.147.188200 OK 329 kB URL GET HTTP/2 site-assets.fontawesome.com/releases/v6.1.1/webfonts/fa-solid-900.woff2
IP 172.64.147.188:443
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 329204, version 769.768
Size 329 kB (329204 bytes)
Hash 6ebcf9f18ded9c54f71ec1198c32aa52
06695b645047b29c333edac0c78a97922a135ad9
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62
GET /releases/v6.1.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://kentut13.my.id
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:18:44 GMT
content-type: font/woff2
content-length: 329204
x-amz-id-2: wvYlce6fg5BmwMSLV0+jclYyW1p8x0eBdpdtU5T8+sluoLyqXXabh+LC0qMeLZpHqp8PDNQzlr0=
x-amz-request-id: DSR2WP062Y1T2Q0P
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 22 Mar 2022 15:42:55 GMT
etag: "6ebcf9f18ded9c54f71ec1198c32aa52"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8767009a5b4456bd-OSL
X-Firefox-Spdy: h2
kentut13.my.id/img/reward/12.png
188.114.97.1200 OK 49 kB URL GET HTTP/3 kentut13.my.id/img/reward/12.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 600 x 600, 8-bit colormap, non-interlaced
Hash e86417506dfe31251bf4535b619e9f34
781d47cc3f544f7b927623d6bed96d711a8e162f
7c34dcc392db74de38f083964ed625fb24d96cde4fb3d21abfa492227f58ee49
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/12.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:44 GMT
content-type: image/png
content-length: 48821
last-modified: Thu, 25 Jan 2024 03:28:36 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZaczzIEawMjQcEk7n10Npl9S6PlT7OrnwemyjvRhd4mnFpfEGmFFOJgG0MeLTN3xvUDd8aa2WMlj5Xienr2GoV5tQRYAOQUGihUVK1UtHsFj%2FrBJdn04Hil%2BpagKq71ymA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c8c7656c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/img/icon_2.jpg
188.114.97.1200 OK 42 kB URL GET HTTP/3 kentut13.my.id/img/icon_2.jpg
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 554x554, components 3
Hash a3f64c4dbc59578bde87272fab800586
3d458492b06598b93382b3675e5b59aad8aac436
0fa244d4efd45a45b32d1319ec495e307381445f62dceb071892f47e431daa81
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/icon_2.jpg HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:44 GMT
content-type: image/jpeg
content-length: 41672
last-modified: Sun, 24 Dec 2023 18:15:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bTw5ELubYL1MjOCZ%2FM7NV4IWsQBx9WD2nopIUa0lR040FDVOi3wnC%2Bi2G3v%2FrSiIrnXi5aWPt3TrUVeXvy6%2BaCmOSFvwxMlR5k0bIMpwPUEOqsFHPcLjjKnoQNxj5Xzg9w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c8c8056c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/img/reward/10.png
188.114.97.1200 OK 184 kB URL GET HTTP/3 kentut13.my.id/img/reward/10.png
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type PNG image data, 1267 x 1266, 8-bit colormap, non-interlaced
Size 184 kB (183484 bytes)
Hash af318e26b9cdfb584b818e188602e36f
104b6a446cd91837306e64c07a9ea2a600890455
823ef7a53924100b0414ac29dc57a044aae73d8ff3d55280524d1bb7cd09d78b
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/reward/10.png HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:44 GMT
content-type: image/png
content-length: 183484
last-modified: Thu, 25 Jan 2024 10:34:12 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sSQ1a%2Bg2Z3HBW24rUPi4VIkriyZb6a1K%2BXVcjjdpWtZIsxr%2FMq%2FsFFykTwsvm52YKleYz%2BUYVKlQJah9rAG67U%2FPVBitED2kfV7rBhG1mjTs9ajvswCPlZnuD9y37a6Wjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c8c7156c4-OSL
alt-svc: h3=":443"; ma=86400
i.ibb.co/Ct7Mt5p/icon.jpg
162.19.58.157200 OK 49 kB URL GET HTTP/2 i.ibb.co/Ct7Mt5p/icon.jpg
IP 162.19.58.157:443
Certificate IssuerLet's Encrypt
Subjectibb.co
Fingerprint47:33:B4:39:55:FC:BC:18:08:79:9C:6C:9D:F3:CF:3A:89:C4:99:62
ValidityWed, 07 Feb 2024 12:41:56 GMT - Tue, 07 May 2024 12:41:55 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Picasa], baseline, precision 8, 180x180, components 3
Hash 1ef0f44925e4efe2a592ff674481e1aa
7a4579372ef4300096fc39b5d90d9043b24bdb0b
039b80abc935d2896d0692e31b7aa5ba02aa73866c8e66f9a00339673069a49f
GET /Ct7Mt5p/icon.jpg HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 18 Apr 2024 19:18:45 GMT
content-type: image/jpeg
content-length: 49020
last-modified: Thu, 03 Mar 2022 17:57:19 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
kentut13.my.id/media/pubg.mp4
188.114.97.1 82 kB URL GET kentut13.my.id/media/pubg.mp4
IP 188.114.97.1:0
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
Hash d08011c588060c4171dfeb4f42a32a92
9c6b582fe3ecfd9f471cc9c56530f370b5f47f6c
8e7515eacdcc70a49c28d12e7c1d9780e341177ae3417009c8acccb62c622ce7
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /media/pubg.mp4 HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=5210112-
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Thu, 18 Apr 2024 19:18:46 GMT
content-type: video/mp4
content-length: 82267
last-modified: Wed, 09 Mar 2022 21:08:56 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
content-range: bytes 5210112-5292378/5292379
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d3vzSCGB1uFIbFXcZ7pch5dKjnoEBXMss%2F%2B%2BzZe65KXpIMsZ3L2HcSH5bMg5LTYlP59eYcTSEHT5WpItWQE6aMSlZm6eYw5%2Fan%2FM3%2FSh6I1JkaMpogYqb%2BktlCBM%2BLHslQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876700a43bfd56c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/media/pubg.mp4
188.114.97.1 5.3 MB URL GET kentut13.my.id/media/pubg.mp4
IP 188.114.97.1:0
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
Size 5.3 MB (5259611 bytes)
Hash 20e9be775cf612bc9d6a81c68cca91df
af54aa022994badaf63bc77705aa44531f9e1004
4d7faac06bbc7e16b5d5ffb8ad4b2170a6d4168683ce6220ea8a419448e724a3
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /media/pubg.mp4 HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=32768-
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Thu, 18 Apr 2024 19:18:46 GMT
content-type: video/mp4
content-length: 5259611
last-modified: Wed, 09 Mar 2022 21:08:56 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 2
content-range: bytes 32768-5292378/5292379
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b2VqZbcUiaNYd3t6X1m2djwu0E6Tfq%2Fbgaq1FAkLCVBG9OTRDGBJw0EPhRg1XBtFpOnzBHR%2BySH5rnzxDBGNKl1hZFNoRPGvQpzwo6PFBaWBq96DqF7dGGACfCryO%2FPTkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876700aaa9c856c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/img/container.jpg
188.114.97.1200 OK 84 kB URL GET HTTP/3 kentut13.my.id/img/container.jpg
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 950x1689, components 3
Hash b81296ab644b4afae4fe3b57d47626c9
b544ff6cdbf589f44e0c2f0ccd92ead3d10072f6
82d2698494bff4f0c9a02a4e166cb992a407449036cffee9fd5c69f6589aab69
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/container.jpg HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:46 GMT
content-type: image/jpeg
content-length: 84200
last-modified: Wed, 09 Mar 2022 20:22:24 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EkOZQxUVSIhbhfassHig2HKJ0bg7Wm0T3kBktY%2Fgup2NHIyOJNKVR8Sj6TNjtGWcvTpR4hNM5E6wF5Xze%2FyRBEaJ8EoBsnsHyWQZUCVW9qVswPgjvYwmo1yJ0sva%2BESCzA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767009a0a3856c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/img/background.jpg
188.114.97.1200 OK 92 kB URL GET HTTP/3 kentut13.my.id/img/background.jpg
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1200, components 3
Hash 434a1f395362762af5be8fae08634946
de2098e5baa93104b1ad7e5144f06011df671b40
3592f0125fc711723054509549999879ae1347fb2a4d06c775bba30a05917ac1
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /img/background.jpg HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:46 GMT
content-type: image/jpeg
content-length: 92009
last-modified: Wed, 09 Mar 2022 20:25:22 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RK5ARjRU2JzDX1Exf%2BOz884nEDKIin3IUtyUr%2BW%2Bk%2FpThze2MsCJgim%2F1NZkWZ8FrHUC0hBLBbSxaS2EMhsZLMLLFlmZbJk2D%2BeIoxxS7KjZz44E7iVO4oCxRO9VkGIYrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767009a0a3656c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/media/spin.mp3
188.114.97.1206 Partial Content 175 kB URL GET HTTP/3 kentut13.my.id/media/spin.mp3
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
Size 175 kB (174844 bytes)
Hash 3f4a6a79307c6faba016defbd03b2660
3320c397506e5526a347e515e2a9749afb751e15
cb3db63855b84d7dbafd70e54bc09b2487d0e020348cc22379571ada73f64a62
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /media/spin.mp3 HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Thu, 18 Apr 2024 19:18:47 GMT
content-type: audio/mpeg
content-length: 174844
last-modified: Sun, 15 Nov 2020 14:03:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-174843/174844
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=av9a%2FshvuCZOSt03b1ojNXzYZhsyRTfVbs3jVF89mKY7v7%2Bg09e6XB1BAOmOn77B8LqsfewEqV97KEs7NxcUXERrV84H8HCVHIgMUmHjo%2Fcb%2FO%2BObq7zgKTy9%2BFz4rGUqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767009c4c3e56c4-OSL
alt-svc: h3=":443"; ma=86400
kentut13.my.id/fonts/pubg.ttf
188.114.97.1200 OK 44 kB URL GET HTTP/3 kentut13.my.id/fonts/pubg.ttf
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 45 names, Macintosh, Copyright (c) 1995, The Font Bureau, Inc. 1995, 1997, 1998. All rights reserved.Agency FBRegula
Hash 70777e6bd210190350f7c92395c1860f
a91fce5cdd94d1f308c1d447ee612aded030eea0
d672eb87a3787bdaf8f75df50f9ade864e2d5c9cdec5b07ce6de9d7d39433ea2
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /fonts/pubg.ttf HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:43 GMT
content-type: font/ttf
last-modified: Sun, 15 Nov 2020 10:07:24 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rczku7uzvKvB5TbioZM7BHSySgbIizY8Q%2F4n7lI0xE8FkLRVGiQQTjzHGoeY%2FqxClb2qmRd77%2FaaljVgMbTvIzfXI2VeOcEy1maVTKqZzpfZGRid1Hb8Av4ISTgG4KewOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767009a4a6f56c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
35.244.181.201 444 B URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP 35.244.181.201:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type XML 1.0 document, ASCII text, with very long lines (332)
Hash 3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=2OC5v9IU-Ra132agVOWt4oMskKIU7l9W64HUWj6yz_AlUfwQFxrdmXcAVLe3VNdBkMPp4Y-Gkbykth7o4B7jOTQxcEp8fiAWTN3kuBA3EIxV8RlzWIv7jHdy9e-E96Sr
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Thu, 18 Apr 2024 19:17:46 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 72
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
kentut13.my.id/css/facebook.css
188.114.97.1200 OK 4.9 kB URL GET HTTP/3 kentut13.my.id/css/facebook.css
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type ASCII text, with very long lines (5217), with no line terminators
Hash 1bf81ca0b0ed6bea238804690db2d0a6
8fdfa0f47fd952931efe6b37a4b7eea099ffd787
4b356bb87112487fdbdaefd46eb85f490092707e747dc44f1d61b6a38ed39f3b
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /css/facebook.css HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:41 GMT
content-type: text/css
last-modified: Sun, 24 Dec 2023 18:12:00 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MipsJRw7ufxcYZvjJLn3UI82pRFUnsxQEGvixUdFZ6kwwhY03bHBld6glB%2BLIknyiK7WC0QDVrspmOvtqCpW3RWqWYESsPZKQflXDwczV11YGw7oz5N5TvLdbleYMp2M3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c5c4756c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
kentut13.my.id/js/style.js
188.114.97.1200 OK 4.2 kB URL GET HTTP/3 kentut13.my.id/js/style.js
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type ASCII text, with very long lines (4424), with no line terminators
Hash ea5655b0a7df4198adb5eb14d0326468
22279dd9ffe9f1afc45311cc8a5b59f118900818
82759e6bb9ec715c09b569ba2f172919feb55d481ec5b1c4671db5718611b0fd
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /js/style.js HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:43 GMT
content-type: application/javascript
last-modified: Thu, 25 Jan 2024 09:46:14 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OzN8jkp%2BOhJGCfWsUcXn4aubi2IB1yDTYV9tQJU0KYx2DECrVJVshIH9SgY2DobityuXFKYwrvA3lfgV7wwCZ0rlr51feysZBIQnQ%2Fc1sNM97TEM34uzH%2B5XLUTzTBFzGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008cac9056c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
188.114.97.1200 OK 12 kB URL User Request GET HTTP/2 IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:18:41 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oX35Rz21Ux%2FcKyDQng%2BUCnrHND7BWfsC2uy9h4AkkE5lOH1u7CgdAC%2F4V8mSVGliNJJKFfxJ4b8UnQrcxQ6LaBP%2FR3T8MoArZQUPLEBKVdKT2CO9LmPBZBrAynBoOLWimA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876700806f34b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
kentut13.my.id/css/style.css
188.114.97.1200 OK 11 kB URL GET HTTP/3 kentut13.my.id/css/style.css
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type ASCII text, with CRLF line terminators
Hash 56f7a395bc66cfe095dc3a19f5336f7f
f9819cb8dfe609a2edd8833aaee99e9a0cc76131
ac8639a76c99c3a6ad3c330c867139de37243efe10e6cb0f60acf3861262e6f4
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /css/style.css HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:43 GMT
content-type: text/css
last-modified: Fri, 26 Jan 2024 02:23:38 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iwW1oBMc0VFE4vET%2BWNZ8lZGdIvmcq0ygTFvdVOlqBA4VGJUWYlDSyxrIOxE15uWO%2BvaNGFs4Dqb38HFXjTCoxjzR1TrU3ExUBzC15EDB0zQ24Y3bzZ9F8nKkzQZS2R%2BLg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c5c4456c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
kentut13.my.id/css/twitter.css
188.114.97.1200 OK 5.7 kB URL GET HTTP/3 kentut13.my.id/css/twitter.css
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type ASCII text, with very long lines (6202), with no line terminators
Hash 69063009b8ba97e75ff0c9cba92f2fe1
1c0e23781582324d34942c4f4c9ea5ebc397338e
862a226248ded824d012ba50502e44c9d20639d7bf8ce29e7b1bb921e4d2d7f0
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /css/twitter.css HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:41 GMT
content-type: text/css
last-modified: Thu, 25 Jan 2024 08:04:30 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dTQAGtZJHY7Wou8scO6dBm9CB1GbPci3%2FK6TNDNsaid%2FGwyRcYZwGTsg1m68XYwSNXLyNV60xJMzyC59wfEi7EtKOa9IdFvDl7%2F31ssBt7vGqC689O%2FyOgNUQahIIyAWbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008c5c4956c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
kentut13.my.id/fonts/Headliner.ttf
188.114.97.1200 OK 527 kB URL GET HTTP/3 kentut13.my.id/fonts/Headliner.ttf
IP 188.114.97.1:443
Certificate IssuerGoogle Trust Services LLC
Subjectkentut13.my.id
FingerprintAE:EB:A0:25:3D:33:18:87:DD:AE:A6:FE:5D:1D:B4:A2:8E:03:15:19
ValidityWed, 17 Apr 2024 08:12:52 GMT - Tue, 16 Jul 2024 08:12:51 GMT
File type TrueType Font data, 16 tables, 1st "LTSH", 27 names, Macintosh, Copyright (c) 2012 by Kevin Christopher. All rights reserved.Headliner No. 45RegularKevinChristo
Size 527 kB (526824 bytes)
Hash 03a61498fdceb889a05322cc7142e4dd
71ce8500ab686bafb223f46837d6d174ec0710db
3b183ecf4d15326c564a74503ce295fca3f67bf2e4cf18c727440f3b3cce6741
Analyzer Verdict Alert OpenPhish phishing Tencent
Quad9 DNS malicious Sinkholed
GET /fonts/Headliner.ttf HTTP/1.1
Host: kentut13.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 19:18:47 GMT
content-type: font/ttf
last-modified: Fri, 31 Dec 2021 04:48:02 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PpjfyvbJuhT8gW33jkGFud8gNQwxzb07AmzdR1jzXXwm%2Fs5zx8OrmBtrD5T4CmMTEsvKlDXDPJJRjQCwPkMzB7jD8PqKdmfBWDLeL7QgIBV%2FLn4g00MLlY%2FHkMxxF9WyDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767009a1a4756c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
site-assets.fontawesome.com/releases/v6.1.1/css/all.css
172.64.147.188200 OK 498 kB URL GET HTTP/2 site-assets.fontawesome.com/releases/v6.1.1/css/all.css
IP 172.64.147.188:443
Certificate IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D
ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File type ASCII text, with very long lines (65360)
Size 498 kB (498160 bytes)
Hash 325672b036bab9b57f6873aed5eccc43
264f5db348311950380ad1bca79754ff593d87e2
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
GET /releases/v6.1.1/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://kentut13.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 19:18:41 GMT
content-type: text/css
x-amz-id-2: Y1TmNuBPJ2aktX68kJThHqHYS+UBzLzvigLuxqSKGropAjQHJXqctJ8cMj8EZaj3hWZqBw7vjseo/ptPWK0rIs/nC5bnGezhyLprTTXGcJA=
x-amz-request-id: 9ZNBHYHZ9G1WY9FS
last-modified: Tue, 22 Mar 2022 15:39:41 GMT
etag: W/"325672b036bab9b57f6873aed5eccc43"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 12762203
vary: Accept-Encoding
server: cloudflare
cf-ray: 8767008d09ceb4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2