| | 103.87.196.5 | 200 OK | 1.3 kB |
URL User Request GET HTTP/1.1IP103.87.196.5:80 ASN#136087 Kementerian Ketenagakerjaan RI
File typeHTML document, ASCII text Hash2dacd597e82054a0f4dbec95206aaa33 6c26800681fa620c3ee239677ae4a085c0106c46 5666aba87bcbdeb5c1f765e218c79d855da35498ce5e002b2d199c73b3def1be
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /login HTTP/1.1
Host: 103.87.196.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 10:43:46 GMT
Server: Apache/2.4.7 (Ubuntu)
Cache-Control: no-cache
Set-Cookie: laravel_session=eyJpdiI6IkdtdXdEUm5GTGVncEt1SFNsTUNKWWc9PSIsInZhbHVlIjoiOE1raWFhVlNzZWxKTzJPcGw3azRtRFZ2OUxDNGRDVThlUFRNeVU4bCtDVlZENHNrek5rRnpxVjRRNGtnaGJJK2xGaDJaVjJBUmpMNnFic1VzTmc3RHc9PSIsIm1hYyI6IjE4YmY5NWRiNGZlOGJmODA1YzQ3OWJhOGZjMzNmYmM0YzI3MmJiZDU5MDExOGEyMGVmNzFmMzFlNDMxZjdjMTgifQ%3D%3D; expires=Fri, 29-Mar-2024 12:43:46 GMT; Max-Age=7200; path=/; httponly
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1272
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| 103.87.196.5/css/app.css | 103.87.196.5 | 200 OK | 20 kB |
IP103.87.196.5:80 ASN#136087 Kementerian Ketenagakerjaan RI
Requested byhttp://103.87.196.5/login
File typeASCII text, with very long lines (65298) Hashf106d7a5140a00919421b58c54ad3f67 56ce7c5a84dbfc61eef7856987b41b8cc24661e3 3c367f3211bacb11aefd89b1cfdfdfa11bfd94f3646350db8cfce09e94d0d552
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /css/app.css HTTP/1.1
Host: 103.87.196.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://103.87.196.5/login
Cookie: laravel_session=eyJpdiI6IkdtdXdEUm5GTGVncEt1SFNsTUNKWWc9PSIsInZhbHVlIjoiOE1raWFhVlNzZWxKTzJPcGw3azRtRFZ2OUxDNGRDVThlUFRNeVU4bCtDVlZENHNrek5rRnpxVjRRNGtnaGJJK2xGaDJaVjJBUmpMNnFic1VzTmc3RHc9PSIsIm1hYyI6IjE4YmY5NWRiNGZlOGJmODA1YzQ3OWJhOGZjMzNmYmM0YzI3MmJiZDU5MDExOGEyMGVmNzFmMzFlNDMxZjdjMTgifQ%3D%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 10:43:46 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 12 Jun 2017 22:33:51 GMT
ETag: "1c5be-551cae9c8e253-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19714
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| 103.87.196.5/assets/images/logo-kemenaker-small.png | 103.87.196.5 | 200 OK | 6.9 kB |
URL GET HTTP/1.1103.87.196.5/assets/images/logo-kemenaker-small.png IP103.87.196.5:80 ASN#136087 Kementerian Ketenagakerjaan RI
Requested byhttp://103.87.196.5/login
File typePNG image data, 150 x 149, 8-bit/color RGBA, non-interlaced Hashb6aa90490e3561232d52cfe95c5ae6ae 7b4b939bfb034e158003ab3a07fa7e1192241a99 a0a8e5ee9b95f6f356410adb2fe3fdf6b13b9e0513b33bdbfa309acfa391c8aa
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/logo-kemenaker-small.png HTTP/1.1
Host: 103.87.196.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://103.87.196.5/login
Cookie: laravel_session=eyJpdiI6IkdtdXdEUm5GTGVncEt1SFNsTUNKWWc9PSIsInZhbHVlIjoiOE1raWFhVlNzZWxKTzJPcGw3azRtRFZ2OUxDNGRDVThlUFRNeVU4bCtDVlZENHNrek5rRnpxVjRRNGtnaGJJK2xGaDJaVjJBUmpMNnFic1VzTmc3RHc9PSIsIm1hYyI6IjE4YmY5NWRiNGZlOGJmODA1YzQ3OWJhOGZjMzNmYmM0YzI3MmJiZDU5MDExOGEyMGVmNzFmMzFlNDMxZjdjMTgifQ%3D%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 10:43:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 12 Jun 2017 22:33:51 GMT
ETag: "1b0c-551cae9c8d2b3"
Accept-Ranges: bytes
Content-Length: 6924
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
|
|
| 103.87.196.5/js/app.js | 103.87.196.5 | 200 OK | 98 kB |
IP103.87.196.5:80 ASN#136087 Kementerian Ketenagakerjaan RI
Requested byhttp://103.87.196.5/login
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32055) Hashd190c036aac5ce41db653e6b6979fef8 e43220ed2134931d9c2db073500453fe90ac38ed 89e0f42d07f90784b5069b9c915df8c6eca1ad94154a6ec3d848a31911c1a486
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /js/app.js HTTP/1.1
Host: 103.87.196.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://103.87.196.5/login
Cookie: laravel_session=eyJpdiI6IkdtdXdEUm5GTGVncEt1SFNsTUNKWWc9PSIsInZhbHVlIjoiOE1raWFhVlNzZWxKTzJPcGw3azRtRFZ2OUxDNGRDVThlUFRNeVU4bCtDVlZENHNrek5rRnpxVjRRNGtnaGJJK2xGaDJaVjJBUmpMNnFic1VzTmc3RHc9PSIsIm1hYyI6IjE4YmY5NWRiNGZlOGJmODA1YzQ3OWJhOGZjMzNmYmM0YzI3MmJiZDU5MDExOGEyMGVmNzFmMzFlNDMxZjdjMTgifQ%3D%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 10:43:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 12 Jun 2017 22:33:51 GMT
ETag: "47d73-551cae9c8e253-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
|
|
| fonts.googleapis.com/css?family=Raleway:300,400,600 | 142.250.74.170 | 200 OK | 1.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Raleway:300,400,600 IP142.250.74.170:443
Requested byhttp://103.87.196.5/login CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typegzip compressed data, max compression Hash3f379597aabdd7d432b159d5fa9c5218 fedd617a6e11c5f6742bcb4353a27ad880f1d7df 0bdeb6a58a4f980a7a5af25ce7cf2a61939c20a9c8a86d984bfcd96a2a8ed670
GET /css?family=Raleway:300,400,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://103.87.196.5/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 10:48:14 GMT
date: Fri, 29 Mar 2024 10:48:14 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 IP142.250.74.131:443
Requested byhttp://103.87.196.5/login CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48208, version 1.0 Hashc49b7c3643f781d71645c5a40a78b5bf e71138026b38afc443fb60da5ffc2244c4f5eb11 8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://103.87.196.5
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:41:26 GMT
expires: Fri, 28 Mar 2025 02:41:26 GMT
cache-control: public, max-age=31536000
age: 115609
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 | 142.250.74.131 | 200 OK | 48 kB |
URL GET HTTP/2fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 IP142.250.74.131:443
Requested byhttp://103.87.196.5/login CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 48208, version 1.0 Hashc49b7c3643f781d71645c5a40a78b5bf e71138026b38afc443fb60da5ffc2244c4f5eb11 8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
GET /s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://103.87.196.5
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48208
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 02:41:26 GMT
expires: Fri, 28 Mar 2025 02:41:26 GMT
cache-control: public, max-age=31536000
age: 115609
last-modified: Wed, 13 Sep 2023 23:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 103.87.196.5/assets/images/background.jpg | 103.87.196.5 | 200 OK | 269 kB |
URL GET HTTP/1.1103.87.196.5/assets/images/background.jpg IP103.87.196.5:80 ASN#136087 Kementerian Ketenagakerjaan RI
Requested byhttp://103.87.196.5/login
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=19, height=0, bps=0, compression=none, PhotometricInterpretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D200, orientation=upper-left, width=0], baseline, precision 8, 640x471, components 3 Size269 kB (268762 bytes) Hash4f6f7c370a477090f3b4b431a1b4136b e9b5e3559f5f29ef5742d50494282a5f02f735a8 9b4489e82b2c816f76d72a43e6d427fd8f8ceb147790e1067eade94cd0577d20
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /assets/images/background.jpg HTTP/1.1
Host: 103.87.196.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://103.87.196.5/login
Cookie: laravel_session=eyJpdiI6IkdtdXdEUm5GTGVncEt1SFNsTUNKWWc9PSIsInZhbHVlIjoiOE1raWFhVlNzZWxKTzJPcGw3azRtRFZ2OUxDNGRDVThlUFRNeVU4bCtDVlZENHNrek5rRnpxVjRRNGtnaGJJK2xGaDJaVjJBUmpMNnFic1VzTmc3RHc9PSIsIm1hYyI6IjE4YmY5NWRiNGZlOGJmODA1YzQ3OWJhOGZjMzNmYmM0YzI3MmJiZDU5MDExOGEyMGVmNzFmMzFlNDMxZjdjMTgifQ%3D%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 10:43:47 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 12 Jun 2017 22:33:51 GMT
ETag: "419da-551cae9c8d2b3"
Accept-Ranges: bytes
Content-Length: 268762
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-97-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-04-29-22-13-57.chain; p384ecdsa=20qVzbBr4NflfD_gH24PGjSpQF05xEFal5Z2Mn5TRYX7MWhJxJVhhPM100cE_LiAQ2KE8SJESedoYDL5NibEOepCLyDqbWJejV5YI5vEjc79BVtnJXiPe1fnUOU2LMpi
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Fri, 29 Mar 2024 10:46:42 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 110
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| 103.87.196.5/favicon.ico | 103.87.196.5 | 404 Not Found | 140 kB |
IP103.87.196.5:80 ASN#136087 Kementerian Ketenagakerjaan RI
Requested byhttp://103.87.196.5/login
Size140 kB (139781 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: 103.87.196.5
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://103.87.196.5/login
Cookie: laravel_session=eyJpdiI6IkdtdXdEUm5GTGVncEt1SFNsTUNKWWc9PSIsInZhbHVlIjoiOE1raWFhVlNzZWxKTzJPcGw3azRtRFZ2OUxDNGRDVThlUFRNeVU4bCtDVlZENHNrek5rRnpxVjRRNGtnaGJJK2xGaDJaVjJBUmpMNnFic1VzTmc3RHc9PSIsIm1hYyI6IjE4YmY5NWRiNGZlOGJmODA1YzQ3OWJhOGZjMzNmYmM0YzI3MmJiZDU5MDExOGEyMGVmNzFmMzFlNDMxZjdjMTgifQ%3D%3D
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.0 404 Not Found
Date: Fri, 29 Mar 2024 10:43:48 GMT
Server: Apache/2.4.7 (Ubuntu)
Cache-Control: no-cache, private
Connection: close
Content-Type: text/html;charset=UTF-8
|
|