| cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css | 151.101.129.229 | 200 OK | 30 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css IP151.101.129.229:443
Requested byhttps://danaofficelogin.ok2l.my.id/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeUnicode text, UTF-8 text, with very long lines (65300) Hash6d9c6fda1e7087224431cc8068bb998f 6273ac1a23d79a122f022f6a87c5b75c2cfafc3a fb1763b59f9f5764294b5af9fa5250835ae608282fe6f2f2213a5952aacf1fbf
GET /npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://danaofficelogin.ok2l.my.id
DNT: 1
Connection: keep-alive
Referer: https://danaofficelogin.ok2l.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.2.0-beta1
x-jsd-version-type: version
etag: W/"2f3f9-YnOsGiPXmhIvAi9qh8W3XCz6/Do"
content-encoding: br
accept-ranges: bytes
date: Fri, 29 Mar 2024 05:55:45 GMT
age: 17813188
x-served-by: cache-fra-etou8220113-FRA, cache-hel1410022-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30281
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js | 104.17.25.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP104.17.25.14:443
Requested byhttps://danaofficelogin.ok2l.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danaofficelogin.ok2l.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 05:55:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1935141
expires: Wed, 19 Mar 2025 05:55:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BY7D1937cnKLSEK%2FUFEbYYJ4xb1%2BJBEBh4Nkv1Q0JAyqf1C96QM1XmnkMUbd2WEom030gaR36j0ZWHdk0D0H0f8OAgcpAkWEFQoUAUerOLCCy6e1oGorRCjP2mmwwgKRA4aMgvY3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86bd9ce07e31b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| danaofficelogin.ok2l.my.id/logo.png | 172.67.139.117 | 200 OK | 3.4 kB |
URL GET HTTP/3danaofficelogin.ok2l.my.id/logo.png IP172.67.139.117:443
Requested byhttps://danaofficelogin.ok2l.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectok2l.my.id FingerprintF3:84:9C:3D:3D:D9:93:85:66:F9:26:4D:F8:95:2B:F7:1D:99:C6:9A ValidityMon, 18 Mar 2024 02:53:28 GMT - Sun, 16 Jun 2024 02:53:27 GMT
File typePNG image data, 421 x 120, 8-bit colormap, non-interlaced Hashcb69c4f551683f940ad363394e10f8dd 745c915991aa8771ee81e4c1831eee5e5a8a16ce f67654bff5f36f5fca51a27767879b5e463cc39ee29ea2e46dba036f60195ba0
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /logo.png HTTP/1.1
Host: danaofficelogin.ok2l.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danaofficelogin.ok2l.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:55:45 GMT
content-type: image/png
content-length: 3377
last-modified: Sun, 29 Oct 2023 08:39:36 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KmQHShFwW3kpizUt562jQrswoX1LkqTBidmD2uM0TpF2HIAplFJpowW8KKRu6o1aZV%2BfvZcPnwp3JI7GFe8AKxCrNmqCyCw87i7p6DJ4R%2BuoL90BzFrrCqEVJn5qzIaQCrp88uk6biG%2BtbcfNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd9ce04eda569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| danaofficelogin.ok2l.my.id/assets/img/logo-ojk.png | 172.67.139.117 | 200 OK | 46 kB |
URL GET HTTP/3danaofficelogin.ok2l.my.id/assets/img/logo-ojk.png IP172.67.139.117:443
Requested byhttps://danaofficelogin.ok2l.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectok2l.my.id FingerprintF3:84:9C:3D:3D:D9:93:85:66:F9:26:4D:F8:95:2B:F7:1D:99:C6:9A ValidityMon, 18 Mar 2024 02:53:28 GMT - Sun, 16 Jun 2024 02:53:27 GMT
File typePNG image data, 600 x 315, 8-bit/color RGBA, non-interlaced Hash883c16c692fa7ff6c3d58c14d1447c93 2043d443b2f2f4398f0e3b86c1d769637bdcf2bb cb425bf8c81af69b5850278eca430aa7e6edd0f27f7653c072c3437faeb8319b
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /assets/img/logo-ojk.png HTTP/1.1
Host: danaofficelogin.ok2l.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danaofficelogin.ok2l.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:55:45 GMT
content-type: image/png
content-length: 45960
last-modified: Sun, 10 Sep 2023 07:39:34 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lZMPeomXdeLocw%2BasikpmOaR14tfgJBaBS8zLmB2E5iaqAJsShvUStu7yTlYYp60CpK6YtNOTKaupyXZ1gJSZqPt6PGeDCRVFoZSOZ6%2B1%2FCfxR%2Bu428P07Bs%2BepDTB%2F32FE4t0Zl8tjMmzEVpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd9ce05ee1569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| danaofficelogin.ok2l.my.id/assets/img/2.jpeg | 172.67.139.117 | 200 OK | 35 kB |
URL GET HTTP/3danaofficelogin.ok2l.my.id/assets/img/2.jpeg IP172.67.139.117:443
Requested byhttps://danaofficelogin.ok2l.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectok2l.my.id FingerprintF3:84:9C:3D:3D:D9:93:85:66:F9:26:4D:F8:95:2B:F7:1D:99:C6:9A ValidityMon, 18 Mar 2024 02:53:28 GMT - Sun, 16 Jun 2024 02:53:27 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 711x399, components 3 Hashc2dcb5fc7e4b9e6a4b7cb7ccc57e4f20 3f461135c6f515416d945f925ca478ffcd53cb35 88e406ce838f01ee87cf0deb9e4ed62ba29bb0a01f30f63695a694e83d889aed
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /assets/img/2.jpeg HTTP/1.1
Host: danaofficelogin.ok2l.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danaofficelogin.ok2l.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:55:45 GMT
content-type: image/jpeg
content-length: 35250
last-modified: Sun, 10 Sep 2023 07:39:26 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WoDVfcmth9kc3PaxQDdB99x5pHG%2Bx7tmklcB6FxHPzxJ5V9Wk97ihd9vspdIeP5%2F1d8LAXlIQryavCehMXNgRUK5BXbCffjmqelLFsbQSTxA5ELsWd5%2BLnGW3ssMGMUJEEYzNoVFV5Z7XU4how%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd9ce04ee0569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| danaofficelogin.ok2l.my.id/assets/img/logo-lps.png | 172.67.139.117 | 200 OK | 62 kB |
URL GET HTTP/3danaofficelogin.ok2l.my.id/assets/img/logo-lps.png IP172.67.139.117:443
Requested byhttps://danaofficelogin.ok2l.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectok2l.my.id FingerprintF3:84:9C:3D:3D:D9:93:85:66:F9:26:4D:F8:95:2B:F7:1D:99:C6:9A ValidityMon, 18 Mar 2024 02:53:28 GMT - Sun, 16 Jun 2024 02:53:27 GMT
File typePNG image data, 649 x 385, 8-bit/color RGBA, non-interlaced Hashbdd1cbb57f20a521d6ce7f04bb20de16 bbc920ef5e08333eef090ad905feb15b11982407 22142a31e3860b012ee8caf688f713383fa538a429e20bcafc7d7a3fd9c2d62f
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /assets/img/logo-lps.png HTTP/1.1
Host: danaofficelogin.ok2l.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danaofficelogin.ok2l.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:55:45 GMT
content-type: image/png
content-length: 61593
last-modified: Sun, 10 Sep 2023 07:39:32 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SyJBo0vkyqgZTF8tTeAizXOd43C9KMDok1imDJs90%2BEri6AVkdQkvdWyR2%2FQWHcvp6dlHYhSs%2ByxUA6EFDFX12qjqvBFhrGKIw4PLxwBBrMrbtgRKxFtmgfAHtnpWSjQPOp69Qx%2BdyGgY9KM6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd9ce05ee2569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| danaofficelogin.ok2l.my.id/assets/img/1.jpeg | 172.67.139.117 | 200 OK | 42 kB |
URL GET HTTP/3danaofficelogin.ok2l.my.id/assets/img/1.jpeg IP172.67.139.117:443
Requested byhttps://danaofficelogin.ok2l.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectok2l.my.id FingerprintF3:84:9C:3D:3D:D9:93:85:66:F9:26:4D:F8:95:2B:F7:1D:99:C6:9A ValidityMon, 18 Mar 2024 02:53:28 GMT - Sun, 16 Jun 2024 02:53:27 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 751x408, components 3 Hashec4908018ecf25fc8fcf0b0bdb82fc2c 5b1c33344442fe5ff52ea21e3e0e3d65cc52238a 5c5c6517e0686a24766fd3f31112a6145bca324fde0eb70bc208ae8b6d38099b
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /assets/img/1.jpeg HTTP/1.1
Host: danaofficelogin.ok2l.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danaofficelogin.ok2l.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:55:45 GMT
content-type: image/jpeg
content-length: 41958
last-modified: Sun, 10 Sep 2023 07:39:24 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGtRu51dsvx72F13C5z%2Fmkrv5BUbNfwfn1flQusJlrElZdisP8w0E8oeIOtXdkyEDxNQEIlTeHOUZsIeQmQqL65J0%2FdlfNczp4e6HId6CDwoztFfX3R2xocamX%2F76N6N0jAHi4p8%2F9NrMBC2uA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd9ce04edc569b-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2 | 216.58.207.227 | 200 OK | 19 kB |
URL GET HTTP/2fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2 IP216.58.207.227:443
Requested byhttps://danaofficelogin.ok2l.my.id/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF3:56:10:42:A8:3C:BF:F5:89:9C:4C:C0:F8:E3:DC:C4:1C:E9:34:9E ValidityMon, 26 Feb 2024 08:18:21 GMT - Mon, 20 May 2024 08:18:20 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 18720, version 1.0 Hashd26a2372aa87ea24df867be03821fc5f 5dea98349dcf3e2da8a4c4c209bbcf412d572805 1f6e5ae697330d08acadf0299418b94a102dcc63f483b3f3ec821cc7e36ef8dc
GET /s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://danaofficelogin.ok2l.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18720
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 28 Mar 2024 17:24:41 GMT
expires: Fri, 28 Mar 2025 17:24:41 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Dec 2023 02:00:41 GMT
content-type: font/woff2
age: 45064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i.postimg.cc/0N7C1cZK/download.jpg | 162.19.88.68 | 200 OK | 4.8 kB |
URL GET HTTP/2i.postimg.cc/0N7C1cZK/download.jpg IP162.19.88.68:443
Requested byhttps://danaofficelogin.ok2l.my.id/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13 ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 225x225, components 3 Hash91f28220fffce6e7b1da41b674119ba4 8a00403ae45dc33b6c5f99977cbd4af36afa2e4a f0f105d2478ad5f2c64df6cb8f9579f468972cccbd9f4a160fe1bf0d1c559733
GET /0N7C1cZK/download.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danaofficelogin.ok2l.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 29 Mar 2024 05:55:46 GMT
content-type: image/jpeg
content-length: 4806
last-modified: Fri, 15 Sep 2023 12:14:34 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| danaofficelogin.ok2l.my.id/ajax-loader.gif | 172.67.139.117 | 404 Not Found | 0 B |
URL GET HTTP/3danaofficelogin.ok2l.my.id/ajax-loader.gif IP172.67.139.117:443
Requested byhttps://danaofficelogin.ok2l.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectok2l.my.id FingerprintF3:84:9C:3D:3D:D9:93:85:66:F9:26:4D:F8:95:2B:F7:1D:99:C6:9A ValidityMon, 18 Mar 2024 02:53:28 GMT - Sun, 16 Jun 2024 02:53:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /ajax-loader.gif HTTP/1.1
Host: danaofficelogin.ok2l.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 29 Mar 2024 05:55:46 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a67bOyA8wK8ytL8X2jKCwsaBNJa9Xo8VXDKytIMZSRTY4UH5V%2FoPPCG1WB2RLgFicOMEIdbbEc1blPgnYIJAk33ciWckN64RzxF8o2mG%2FlHqPvJRfya1X38em5z0%2Fme8rhbZcnAECJw1qurH3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd9ce3887e569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| surprisee-dana-kaget.uidclown.com/fonts/slick.ttf | 0.0.0.0 | | 0 B |
URL GET surprisee-dana-kaget.uidclown.com/fonts/slick.ttf IP0.0.0.0:0
Requested byhttps://danaofficelogin.ok2l.my.id/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/slick.ttf HTTP/1.1
Host: surprisee-dana-kaget.uidclown.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://danaofficelogin.ok2l.my.id
DNT: 1
Connection: keep-alive
Referer: https://danaofficelogin.ok2l.my.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| danaofficelogin.ok2l.my.id/lib/style/bootstrap.min.css | 172.67.139.117 | 200 OK | 123 kB |
URL GET HTTP/3danaofficelogin.ok2l.my.id/lib/style/bootstrap.min.css IP172.67.139.117:443
Requested byhttps://danaofficelogin.ok2l.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectok2l.my.id FingerprintF3:84:9C:3D:3D:D9:93:85:66:F9:26:4D:F8:95:2B:F7:1D:99:C6:9A ValidityMon, 18 Mar 2024 02:53:28 GMT - Sun, 16 Jun 2024 02:53:27 GMT
File typeASCII text, with very long lines (65371) Size123 kB (122764 bytes) Hash9dd6e9d45643704517a207f4856d3707 21551a2c3ddf549cbbd095c5c5dc151a9723de89 837e659dae2df7a91411d5a5b65ab127e76aed70344b7a9558c99fbe286105fe
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /lib/style/bootstrap.min.css HTTP/1.1
Host: danaofficelogin.ok2l.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danaofficelogin.ok2l.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:55:45 GMT
content-type: text/css
last-modified: Sat, 09 Mar 2024 08:29:32 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gpDHZ4r1WSCHXH2iVXNdhPf9oKzfRlNKVYb6EGkSPiO3HNNmzwRT1dNv7j6OFFy%2Bn1Xqt0KdlVcO8cKmmJX3NLFDfuwwqSArgB1cw0W9%2FRZ4G5kptkICELNgdQLH9b1%2FpxCvtTJb%2BIxmeNBhBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd9cdfeea9569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| danaofficelogin.ok2l.my.id/ | 172.67.139.117 | 200 OK | 59 kB |
URL User Request GET HTTP/2danaofficelogin.ok2l.my.id/ IP172.67.139.117:443
CertificateIssuerGoogle Trust Services LLC Subjectok2l.my.id FingerprintF3:84:9C:3D:3D:D9:93:85:66:F9:26:4D:F8:95:2B:F7:1D:99:C6:9A ValidityMon, 18 Mar 2024 02:53:28 GMT - Sun, 16 Jun 2024 02:53:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET / HTTP/1.1
Host: danaofficelogin.ok2l.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 05:55:45 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YFe0hSxBu9YdjdZJQ4ztp%2FteI7SdswBs0OpldvYTI0Z1xc5wDN9O8R3uzxk%2Bh15T1IIoIK0ZKEL4CB0XBErq6EgMBm3O4QmOBGpvrR2Vq%2B6w0NI2EbCWXyGP1wu2Rudj3LiFEQyqS194OL8dBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86bd9cdc7f5f5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Open+Sans:wght@500&display=swap | 142.250.74.170 | 200 OK | 6.0 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Open+Sans:wght@500&display=swap IP142.250.74.170:443
Requested byhttps://danaofficelogin.ok2l.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint04:B9:D9:E0:01:DB:5E:AB:5A:FF:F0:D9:ED:39:0F:C1:63:18:51:0B ValidityMon, 26 Feb 2024 08:18:27 GMT - Mon, 20 May 2024 08:18:26 GMT
File typeASCII text, with very long lines (6096), with no line terminators Hashe253ffbd6a45a51c4878b78dab98c7d0 622c5ef8ab9db17f3ce483e7b7bd88bb3068c850 049eea3f3280bca0d40456fc26afbcc53d1a9ec2b70b75ecea7c0196d0bff0ab
GET /css2?family=Open+Sans:wght@500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danaofficelogin.ok2l.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 29 Mar 2024 05:55:45 GMT
date: Fri, 29 Mar 2024 05:55:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| surprisee-dana-kaget.uidclown.com/fonts/slick.woff | 0.0.0.0 | | 0 B |
URL GET surprisee-dana-kaget.uidclown.com/fonts/slick.woff IP0.0.0.0:0
Requested byhttps://danaofficelogin.ok2l.my.id/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /fonts/slick.woff HTTP/1.1
Host: surprisee-dana-kaget.uidclown.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://danaofficelogin.ok2l.my.id
DNT: 1
Connection: keep-alive
Referer: https://danaofficelogin.ok2l.my.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| danaofficelogin.ok2l.my.id/lib/style/ionicons.min.css | 172.67.139.117 | 200 OK | 52 kB |
URL GET HTTP/3danaofficelogin.ok2l.my.id/lib/style/ionicons.min.css IP172.67.139.117:443
Requested byhttps://danaofficelogin.ok2l.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectok2l.my.id FingerprintF3:84:9C:3D:3D:D9:93:85:66:F9:26:4D:F8:95:2B:F7:1D:99:C6:9A ValidityMon, 18 Mar 2024 02:53:28 GMT - Sun, 16 Jun 2024 02:53:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | DANA |
GET /lib/style/ionicons.min.css HTTP/1.1
Host: danaofficelogin.ok2l.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://danaofficelogin.ok2l.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 05:55:45 GMT
content-type: text/css
last-modified: Sat, 09 Mar 2024 08:29:32 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=czFhmJUMoeVAGVw4EAdHqY0nuHRwDNt6AoaXcnGtuiCPuyzbBmjk7Rz3b1unkkMy6A23RukoUFBaZG%2FCY1RZqDoouC1lbsUMBbKe5HUM4XQyEK931i9tRJW9eLiaWLbkoVd1JlRWft4x0FLE7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bd9cdfeea8569b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|