Report - payylatterdanalkjh.klikcsz.web.id/

Report Overview

Visited public
2025-07-07 02:19:51
Tags
Submit Tags
openphish
URL
payylatterdanalkjh.klikcsz.web.id/
Finishing URL
payylatterdanalkjh.klikcsz.web.id/xasdxa/
IP / ASN
159.203.107.193
#14061 DIGITALOCEAN-ASN
Title
𝗗𝗔𝗡𝗔 | 𝗖𝘂𝘀𝘁𝗼𝗺𝗲𝗿 𝗖𝗮𝗿𝗲 𝗗𝗔𝗡𝗔

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2012-05-23	2025-07-02	463 B	90 kB	104.17.24.14
e-formulir.mwebs.id	unknown	2019-03-18	2023-08-26	2025-07-06	539 B	0 B	0.0.0.0
encrypted-tbn0.gstatic.com	unknown	2008-02-11	2013-05-31	2025-07-03	518 B	12 kB	142.250.74.174
payylatterdanalkjh.klikcsz.web.id	unknown	2025-07-04	2025-07-07	2025-07-07	1.5 kB	43 kB	159.203.107.193
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2025-07-02	481 B	124 kB	104.18.11.207
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-07-02	484 B	6.9 kB	142.250.178.42
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-07-02	3.0 kB	254 kB	104.16.174.226
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-07-02	591 B	20 kB	142.250.178.67
code.ionicframework.com	14473	2013-09-02	2014-02-05	2025-07-04	479 B	52 kB	172.67.69.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2025-07-06	medium	payylatterdanalkjh.klikcsz.web.id/	DANA

PhishTank

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-07-16
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-16 08:35 Times Seen124382 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	payylatterdanalkjh.klikcsz.web.id/xasdxa/	ScriptElement	236 B	2023-03-11	2025-07-16
Pretty URL payylatterdanalkjh.klikcsz.web.id/xasdxa/ IP 159.203.107.193 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-11 22:27 Last Seen2025-07-16 08:11 Times Seen1185 Hash f76c7c88562290b7001a2bbd91255f42 d8cae5fdf8ca14b223b466bb99d30aa697a8d225 1a2cf38fbcc0a3f36f1cc2c28cd43cf711f729d2dfa56cda76df0038adb3d1e1 Loading...

	payylatterdanalkjh.klikcsz.web.id/xasdxa/	ScriptElement	147 B	2025-06-25	2025-07-16
Pretty URL payylatterdanalkjh.klikcsz.web.id/xasdxa/ IP 159.203.107.193 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML true Observations First Seen2025-06-25 10:32 Last Seen2025-07-16 08:11 Times Seen22 Hash d81e473e0f0775109274a03241119d5a f546b8c4b550f894acbfb2576d65896d3eaa4147 12a331038f1dffea2bb43de631e3e13974319e13767371c1f24a8cf42e6e9101 Loading...

	cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js	ScriptElement	43 kB	2023-03-07	2025-07-16
Pretty URL cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js IP 104.16.174.226 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-07-16 08:53 Times Seen29476 Hash d5a61c749e44e47159af8a6579dda121 3b41b3bc956685015a347a2238e71db29dfa0dbb 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Loading...

HTTP Transactions (16)

URL IP Response Size

GET fonts.googleapis.com/css2?family=Open+Sans:wght@500&display=swap

142.250.178.42

200 OK

6.2 kB

URL GET
fonts.googleapis.com/css2?family=Open+Sans:wght@500&display=swap
IP
142.250.178.42:443
ASN
#15169 GOOGLE

Requested by
https://payylatterdanalkjh.klikcsz.web.id/xasdxa/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
FingerprintB7:F0:7E:3A:46:13:9F:42:76:6A:5D:6E:85:25:78:85:99:EE:67:71
ValidityTue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT

File type
ASCII text, with very long lines (1572)
Size
6.2 kB (6193 bytes)
Hash
642e7403cd454393bdae93a491de035c
76431daf04596034cd7ed4fecd5d627f79448363
f824c259b3350b8a8e8585777d8b5fdc4a27a84733e70d8a4ea22ce6f1750200

HTTP Headers

GET /css2?family=Open+Sans:wght@500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payylatterdanalkjh.klikcsz.web.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 07 Jul 2025 02:19:16 GMT
date: Mon, 07 Jul 2025 02:19:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/fonts/slick.woff

104.16.174.226

200 OK

1.4 kB

URL GET
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/fonts/slick.woff
IP
104.16.174.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://payylatterdanalkjh.klikcsz.web.id/xasdxa/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
Web Open Font Format, CFF, length 1380, version 1.0
Size
1.4 kB (1380 bytes)
Hash
b7c9e1e479de3b53f1e4e30ebac2403a
af91c12f0f406a4f801aeb3b398768fe41d8f864
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

HTTP Headers

GET /npm/slick-carousel@1.8.1/slick/fonts/slick.woff HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://payylatterdanalkjh.klikcsz.web.id
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 07 Jul 2025 02:19:16 GMT
content-type: font/woff
content-length: 1380
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"564-r5HBLw9Aak+AGus7OYdo/kHY+GQ"
x-served-by: cache-fra-etou8220033-FRA, cache-lga21937-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 155563
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pFFqGqtQkAOjy7vAOZgPDiQhDg2SufPcQv%2BtlEhrcPZFVlCHwiilYx5qvjgDJpK%2Flu3YVNZ4s%2B3cbc7nyYXe5S1XUmPXUh%2FVNyIKiGUV5vkMxwn2sLDIylH%2FSOAVvTwP8UY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 95b3db266fa8b4f4-OSL
server-timing: cfExtPri

GET fonts.gstatic.com/s/opensans/v43/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2

142.250.178.67

200 OK

19 kB

URL GET
fonts.gstatic.com/s/opensans/v43/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2
IP
142.250.178.67:443
ASN
#15169 GOOGLE

Requested by
https://payylatterdanalkjh.klikcsz.web.id/xasdxa/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint31:00:3B:00:14:9F:47:29:F3:46:E5:7C:57:30:CC:88:CC:DB:A8:07
ValidityTue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18784, version 1.0
Size
19 kB (18784 bytes)
Hash
cabffe5f179d96938ca85832618e9169
fb637f0570e2c1c71e6d34faf110521ed6f650c7
1a819f9d413ac2452f5a85aa3a23e769a0bd56ccf964e9adffbe31e957c157bc

HTTP Headers

GET /s/opensans/v43/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjr0B4gaVI.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://payylatterdanalkjh.klikcsz.web.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18784
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Jul 2025 17:46:16 GMT
expires: Fri, 03 Jul 2026 17:46:16 GMT
cache-control: public, max-age=31536000
age: 289981
last-modified: Wed, 28 May 2025 17:51:54 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

104.17.24.14

200 OK

90 kB

URL GET
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://payylatterdanalkjh.klikcsz.web.id/xasdxa/
Certificate
IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payylatterdanalkjh.klikcsz.web.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 07 Jul 2025 02:19:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
cf-ray: 95b3db227a9b0b49-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 83653
expires: Sat, 27 Jun 2026 02:19:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=61xTvFXCteVPjYTecQmLNd1YknI%2FD3U2EPbT9hqoUZZSqbTqX%2BGituW6ZX%2BZhJnUVs1ve%2B5fIXbDukRMsU%2B%2BrEE5AFPPYhSqSOrIDnXyyWCQmWYXdrEHSC52KqvmIE9ZdtwqKJKH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET e-formulir.mwebs.id/BotikaTTS%20_5_.mp3

0.0.0.0

0 B

URL GET
e-formulir.mwebs.id/BotikaTTS%20_5_.mp3
IP
0.0.0.0:0
ASN
#0

Requested by
https://payylatterdanalkjh.klikcsz.web.id/xasdxa/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /BotikaTTS%20_5_.mp3 HTTP/1.1
Host: e-formulir.mwebs.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://payylatterdanalkjh.klikcsz.web.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

GET encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQZ9dATs_nkzyO-gSoQWbtIhJV7bG51r3gOKg&usqp=CAU

142.250.74.174

200 OK

12 kB

URL GET
encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQZ9dATs_nkzyO-gSoQWbtIhJV7bG51r3gOKg&usqp=CAU
IP
142.250.74.174:443
ASN
#15169 GOOGLE

Requested by
https://payylatterdanalkjh.klikcsz.web.id/xasdxa/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint31:00:3B:00:14:9F:47:29:F3:46:E5:7C:57:30:CC:88:CC:DB:A8:07
ValidityTue, 17 Jun 2025 20:02:59 GMT - Tue, 09 Sep 2025 20:02:58 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x512, components 3
Size
12 kB (11540 bytes)
Hash
45525a4e10b53535c2f0a134aec2d0fe
8689b23fb445fab7c8f3f92f91eb8606a5a51959
0546f98f9019a3d2afbe9372ba08aba895e2aa716bd0fec8e78ff5879162f134

HTTP Headers

GET /images?q=tbn:ANd9GcQZ9dATs_nkzyO-gSoQWbtIhJV7bG51r3gOKg&usqp=CAU HTTP/1.1
Host: encrypted-tbn0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payylatterdanalkjh.klikcsz.web.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-length: 11540
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 06 Jul 2025 21:24:43 GMT
expires: Mon, 06 Jul 2026 21:24:43 GMT
cache-control: public, max-age=31536000
age: 17674
last-modified: Sun, 15 Sep 2019 17:10:09 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET payylatterdanalkjh.klikcsz.web.id/

159.203.107.193

302 Found

14 kB

URL User Request GET
payylatterdanalkjh.klikcsz.web.id/
IP
159.203.107.193:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectpayylatterdanalkjh.klikcsz.web.id
Fingerprint11:F2:07:9B:04:8D:26:08:A7:40:79:89:D6:91:4C:F4:9E:D9:98:FF
ValiditySun, 06 Jul 2025 11:42:31 GMT - Sat, 04 Oct 2025 11:42:30 GMT

File type

Size
14 kB (14113 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET / HTTP/1.1
Host: payylatterdanalkjh.klikcsz.web.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Mon, 07 Jul 2025 02:19:15 GMT
Server: Apache
Location: ../xasdxa
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css

104.16.174.226

200 OK

1.8 kB

URL GET
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.css
IP
104.16.174.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://payylatterdanalkjh.klikcsz.web.id/xasdxa/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
ASCII text
Size
1.8 kB (1776 bytes)
Hash
f38b2db10e01b1572732a3191d538707
a94a059b3178b4adec09e3281ace2819a30095a4
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

HTTP Headers

GET /npm/slick-carousel@1.8.1/slick/slick.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payylatterdanalkjh.klikcsz.web.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 07 Jul 2025 02:19:16 GMT
content-type: text/css; charset=utf-8
content-length: 484
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"6f0-qUoFmzF4tK3sCeMoGs4oGaMAlaQ"
content-encoding: br
x-served-by: cache-fra-etou8220022-FRA, cache-lga21959-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 408202
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RilA7opPXQogF8Kwk7KmUEdVi%2FwkEJLoZCzb2EvSh7kzCgTjbnF6t4mxVjwNnhRFhbwiKTI7UxdmCzalP44M0BmisGb6NQzK4gSiYC7I9lO66pRzFpd1i5RKjTrhoqq5PnU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 95b3db21b8dc56bd-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js

104.16.174.226

200 OK

43 kB

URL GET
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick.min.js
IP
104.16.174.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://payylatterdanalkjh.klikcsz.web.id/xasdxa/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (42862)
Size
43 kB (42863 bytes)
Hash
d5a61c749e44e47159af8a6579dda121
3b41b3bc956685015a347a2238e71db29dfa0dbb
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

HTTP Headers

GET /npm/slick-carousel@1.8.1/slick/slick.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payylatterdanalkjh.klikcsz.web.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 07 Jul 2025 02:19:16 GMT
content-type: application/javascript; charset=utf-8
content-length: 10910
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"a76f-O0GzvJVmhQFaNHoiOOcdsp36Dbs"
content-encoding: br
x-served-by: cache-fra-eddf8230159-FRA, cache-lga21931-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 429283
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PEAXrhI1JoxjR2F4SO6wbsxbwBNhv2%2Fnd0uwAYKWWoMeyiWoCaympXqpB4TYVlXMcE%2BqbCVG47zd0yL%2Fo%2BTu4aTpeUjlm0VirKMTPYVpxvPZ5GNlAAONtk7j2KeJQ4PpiGY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 95b3db22391056bd-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ajax-loader.gif

104.16.174.226

200 OK

4.2 kB

URL GET
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/ajax-loader.gif
IP
104.16.174.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://payylatterdanalkjh.klikcsz.web.id/xasdxa/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
GIF image data, version 89a, 32 x 32
Size
4.2 kB (4178 bytes)
Hash
c5cd7f5300576ab4c88202b42f6ded62
7a1aa43614396382bb15e5fde574d9cdcd21698f
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

HTTP Headers

GET /npm/slick-carousel@1.8.1/slick/ajax-loader.gif HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 07 Jul 2025 02:19:16 GMT
content-type: image/gif
content-length: 4178
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"1052-ehqkNhQ5Y4K7FeX95XTZzc0haY8"
x-served-by: cache-fra-etou8220104-FRA, cache-lga21946-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 243021
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EpQeX%2BoC87fItlznJ0WWQR1Yo3NSB%2F%2FMNsZnMua2%2BYPM82kwEPCuByTftOq6X3oIgTLhG4vTqEm00lIao3Zwl6I8wTJPOdGb8ENxV5n7lpqPjtEVEjVlp6%2FlZR8SXbkq0Vg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 95b3db25ff91b4f4-OSL
server-timing: cfExtPri

GET payylatterdanalkjh.klikcsz.web.id/xasdxa/

159.203.107.193

200 OK

14 kB

URL User Request GET
payylatterdanalkjh.klikcsz.web.id/xasdxa/
IP
159.203.107.193:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectpayylatterdanalkjh.klikcsz.web.id
Fingerprint11:F2:07:9B:04:8D:26:08:A7:40:79:89:D6:91:4C:F4:9E:D9:98:FF
ValiditySun, 06 Jul 2025 11:42:31 GMT - Sat, 04 Oct 2025 11:42:30 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
14 kB (14113 bytes)
Hash
f84a918d632977d604a3c674e6ca3db8
ce24f576a2fb65a604e29a87e2b96b36da645f41
a483feb794f9dc3565d23ad1bbbe9cc672f40181dbf007cda1648e833a387df8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /xasdxa/ HTTP/1.1
Host: payylatterdanalkjh.klikcsz.web.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 07 Jul 2025 02:19:15 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css

104.18.11.207

200 OK

122 kB

URL GET
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://payylatterdanalkjh.klikcsz.web.id/xasdxa/
Certificate
IssuerGoogle Trust Services
Subjectbootstrapcdn.com
Fingerprint73:3E:54:5A:E7:0A:B5:3C:11:79:4A:9F:FE:64:7B:38:B7:15:03:C0
ValidityWed, 14 May 2025 02:01:13 GMT - Tue, 12 Aug 2025 03:00:50 GMT

File type
ASCII text, with very long lines (65371)
Size
122 kB (122540 bytes)
Hash
5d5357cb3704e1f43a1f5bfed2aebf42
08df9a96752852f2cbd310c30facd934e348c2c5
31fbd99641c212a6ad3681a2397bde13c148c0ccd98385bce6a7eb7c81417d87

HTTP Headers

GET /bootstrap/3.3.5/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payylatterdanalkjh.klikcsz.web.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 07 Jul 2025 02:19:16 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: "5d5357cb3704e1f43a1f5bfed2aebf42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 02/13/2025 00:07:53
cdn-proxyver: 1.19
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 863
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 47bbe8ea26eb1f86c5fd3fd23849593c
cdn-cache: HIT
cf-cache-status: HIT
age: 261149
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 95b3db21ee39b505-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET payylatterdanalkjh.klikcsz.web.id/xasdxa

159.203.107.193

301 Moved Permanently

14 kB

URL User Request GET
payylatterdanalkjh.klikcsz.web.id/xasdxa
IP
159.203.107.193:443
ASN
#14061 DIGITALOCEAN-ASN

Certificate
IssuerLet's Encrypt
Subjectpayylatterdanalkjh.klikcsz.web.id
Fingerprint11:F2:07:9B:04:8D:26:08:A7:40:79:89:D6:91:4C:F4:9E:D9:98:FF
ValiditySun, 06 Jul 2025 11:42:31 GMT - Sat, 04 Oct 2025 11:42:30 GMT

File type

Size
14 kB (14113 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /xasdxa HTTP/1.1
Host: payylatterdanalkjh.klikcsz.web.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Mon, 07 Jul 2025 02:19:15 GMT
Server: Apache
Location: https://payylatterdanalkjh.klikcsz.web.id/xasdxa/
Content-Length: 257
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

GET cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css

104.16.174.226

200 OK

3.1 kB

URL GET
cdn.jsdelivr.net/npm/slick-carousel@1.8.1/slick/slick-theme.css
IP
104.16.174.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://payylatterdanalkjh.klikcsz.web.id/xasdxa/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
Unicode text, UTF-8 text
Size
3.1 kB (3145 bytes)
Hash
f9faba678c4d6dcfdde69e5b11b37a2e
81a434f94f2b1124f3232bb86f2944f82fb23ac0
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

HTTP Headers

GET /npm/slick-carousel@1.8.1/slick/slick-theme.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payylatterdanalkjh.klikcsz.web.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 07 Jul 2025 02:19:16 GMT
content-type: text/css; charset=utf-8
content-length: 928
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"c49-gaQ0+U8rESTzIyu4bylE+C+yOsA"
content-encoding: br
x-served-by: cache-fra-eddf8230023-FRA, cache-lga21972-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 327227
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xgXQSdj%2Fe37ISjz7Qf7%2Fr5fYuRX32gXGypOVMHfET%2FIpSqRSYs67SX7IZAkOYGOyX4JUGBQEsVTqLB97T0CAQ4MWk0IoBr%2BV4jNCd5LVb5FDysGU%2FZl6rofVan1efBhKln4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 95b3db21c8e456bd-OSL
X-Firefox-Spdy: h2

GET cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css

104.16.174.226

200 OK

194 kB

URL GET
cdn.jsdelivr.net/npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css
IP
104.16.174.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://payylatterdanalkjh.klikcsz.web.id/xasdxa/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65300)
Size
194 kB (193529 bytes)
Hash
6d9c6fda1e7087224431cc8068bb998f
6273ac1a23d79a122f022f6a87c5b75c2cfafc3a
fb1763b59f9f5764294b5af9fa5250835ae608282fe6f2f2213a5952aacf1fbf

HTTP Headers

GET /npm/bootstrap@5.2.0-beta1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://payylatterdanalkjh.klikcsz.web.id
DNT: 1
Connection: keep-alive
Referer: https://payylatterdanalkjh.klikcsz.web.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 07 Jul 2025 02:19:16 GMT
content-type: text/css; charset=utf-8
content-length: 30281
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 5.2.0-beta1
x-jsd-version-type: version
etag: W/"2f3f9-YnOsGiPXmhIvAi9qh8W3XCz6/Do"
content-encoding: br
x-served-by: cache-fra-etou8220113-FRA, cache-lga21972-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 243195
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3BlRgVd%2BnknyOueakIbriNFpDVmSUmoAn%2BlwjvLdiDwiGrdHeNbSDR89t3rAqhF67pz%2F8WNqn5QU08%2BYk3eLA6NSzc4had43N%2BGeMO%2BtxgzNFJr8auUTzh7OZ74a37nJxlU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 95b3db223ddf56af-OSL
X-Firefox-Spdy: h2

GET code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css

172.67.69.29

200 OK

51 kB

URL GET
code.ionicframework.com/ionicons/2.0.1/css/ionicons.min.css
IP
172.67.69.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://payylatterdanalkjh.klikcsz.web.id/xasdxa/
Certificate
IssuerGoogle Trust Services
Subjectionicframework.com
Fingerprint87:92:04:B7:27:0E:9F:C6:9D:85:30:20:FC:67:FD:FD:69:E8:D6:F9
ValidityWed, 02 Jul 2025 09:17:58 GMT - Tue, 30 Sep 2025 10:17:44 GMT

File type
Unicode text, UTF-8 text, with very long lines (50802)
Size
51 kB (51284 bytes)
Hash
aed7997754b0bd942995126653dfc81d
89568702c732f4c0b629e068f56bc3812cf5f5a2
95d37d2b4f6dc57aca2141a52aafe6e34fb6cac97983f8205c7befd824c62d42

HTTP Headers

GET /ionicons/2.0.1/css/ionicons.min.css HTTP/1.1
Host: code.ionicframework.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://payylatterdanalkjh.klikcsz.web.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 07 Jul 2025 02:19:16 GMT
content-type: text/css; charset=utf-8
content-length: 8313
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Thu, 13 Apr 2023 16:20:19 GMT
access-control-allow-origin: *
etag: W/"64382bc3-c854"
expires: Tue, 17 Jun 2025 03:37:28 GMT
cache-control: max-age=31536000
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3F51:181030:73D8C:88589:6850E09E
age: 85861
via: 1.1 varnish
x-served-by: cache-bma-essb1270032-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1751768895.106207,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: a7925daf0aa5381a8b6fbdbad9bad3182a077db1
cf-cache-status: HIT
accept-ranges: bytes
strict-transport-security: max-age=15552000
x-content-type-options: nosniff
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=QPNoGcfeS8bDUFF0DTZgBpYF2Oj815vqxznqQ9mNwo%2BPedlQ9sxtGhIIOnjYoPzDBcxoau91316IUlxWubtXLJA5VF5KV6JTR6EMB0jqu4EsATz5"}]}
cf-ray: 95b3db223fb25697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN