mail.grop-wavgxkwhy.zxz1.my.id/download/
104.21.48.196200 OK 2.0 kB URL User Request GET HTTP/1.1 mail.grop-wavgxkwhy.zxz1.my.id/download/
IP 104.21.48.196:80
File type HTML document text
- HTML document text
- HTML document text
- HTML document text
- HTML document text
- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 224a60d99bbe1a28ad8456fa5f13cefa
3a72a4d30912e1095c7860beb79b744437f61f45
10ed65845465b1c0607230828c454f13532f3e35e537617f7a182ac632d17cf4
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /download/ HTTP/1.1
Host: mail.grop-wavgxkwhy.zxz1.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 11 Dec 2023 13:24:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBOxfQ9guVjXa8P0xbJ3Ijr6COIiGprFcdbAK8W0vPlp9HPU7bL1d1gNbhugJ6aLVph2pp4J%2BkUi0U6DeSFPjYyMl%2BZxS2%2FdVxEPHADbKegIRa0zG%2BtlNNC8hCcrpbfwZfQzlLTcgRW0sDg86UKAr4g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 833e0d092e80568f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mail.grop-wavgxkwhy.zxz1.my.id/download/css/style.css
104.21.48.196200 OK 1.2 kB URL GET HTTP/1.1 mail.grop-wavgxkwhy.zxz1.my.id/download/css/style.css
IP 104.21.48.196:80
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
File type ASCII text, with CRLF line terminators
Hash 2193f0b5f2870e88da0b9d2f2467fe67
aea43a03d6dc18ec5f4552212bdc9555e5910ecf
b85470870a6274d4f592714e91368b1011c009a911ddea472ca27a12b3b73ce1
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /download/css/style.css HTTP/1.1
Host: mail.grop-wavgxkwhy.zxz1.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 11 Dec 2023 13:24:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 09 Feb 2022 22:04:48 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 499
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FdU5Ywm6232liqWsWVNFK%2BbiWwGkHqPotVKba5RYW84p4IJVIYguKGiIBQ8Tdp0a9pCYWc7EgvWkApCPgLbvt5RKPDNG2snRKcKVlukGhpWJH29QXKaIE5RIOEqGOND%2FiWSCkJLkm25HQPjdwRmNCX4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 833e0d0e2cdb568f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mail.grop-wavgxkwhy.zxz1.my.id/download/bagas/bagas.css
104.21.48.196 1.0 kB URL mail.grop-wavgxkwhy.zxz1.my.id/download/bagas/bagas.css
IP 104.21.48.196:0
File type ASCII text, with CRLF line terminators
Hash ae8f5eac80c514b6ccffce75de1d2d70
eff4b0347b7c8ea58833f35c07e177f80fd28ad2
a9510c5b947eedfa3d84fef078a623ebb72cd26a8acf9855a15521dffc430d62
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /download/bagas/bagas.css HTTP/1.1
Host: mail.grop-wavgxkwhy.zxz1.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 11 Dec 2023 13:24:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 13 Oct 2022 10:52:10 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 499
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpgdIlGVf9nQIy1nvU%2BrJU7ZTi8MtP9d8MN9FjXAeY5r%2FD2tTimXG9eCMBVL4E%2BSNc43E6JzLx8uChkxP4jmc4AAKd9QF4NW5UmS3UfXBXw9rMMnF8qjuP%2FnuXbnDDOwo%2FlqqIh8vO72NLYiRfgEUO4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 833e0d0e2dee56bd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mail.grop-wavgxkwhy.zxz1.my.id/download/css/dimas.css
104.21.48.196200 OK 916 B URL GET HTTP/1.1 mail.grop-wavgxkwhy.zxz1.my.id/download/css/dimas.css
IP 104.21.48.196:80
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
File type ASCII text, with CRLF line terminators
Hash bb8478c3d36c299ae22a855eb31ccea0
5f267f1d6a4d55d4822f2b0507313c1ccb429b9e
2ee4050eef1b13e43af867b7da2e24d2b5449042d93179c2c75c76fddec616e1
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /download/css/dimas.css HTTP/1.1
Host: mail.grop-wavgxkwhy.zxz1.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 11 Dec 2023 13:24:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 17 Oct 2021 15:52:34 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 499
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQCecW9xLIePmRyL9dnJv%2BS4uYCJ3ZDTCRIQ8vGiIfFyxf%2BYflhgMqgZpl0dMLOXqZkYv%2Bjc%2BS3zCImnLnqUXIsCuQIB3Zeo%2FjhgdwXnX9QVFuxK1tnXAIAZah5XMQpxEKOxAva9Vdxee6mG2wJSVH4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 833e0d0e2827b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mail.grop-wavgxkwhy.zxz1.my.id/download/img/0_ptDX0HfJCYpo9Pcs.gif
104.21.48.196200 OK 90 kB URL GET HTTP/1.1 mail.grop-wavgxkwhy.zxz1.my.id/download/img/0_ptDX0HfJCYpo9Pcs.gif
IP 104.21.48.196:80
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
File type GIF image data, version 89a, 800 x 600
- data
Hash 4cbcfda30cb77ef22e12ba9109fc4948
359e38d8dfc3fd5d1fa4286e8cf81a2861653948
c2f413ec031122040ebc7dd93353b86cf8b29569f922838d04283425eb0c4fca
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /download/img/0_ptDX0HfJCYpo9Pcs.gif HTTP/1.1
Host: mail.grop-wavgxkwhy.zxz1.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 11 Dec 2023 13:24:59 GMT
Content-Type: image/gif
Content-Length: 90430
Connection: keep-alive
Last-Modified: Sun, 17 Oct 2021 15:23:18 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrjIzc7lJSF0HrpS2UdjT8Z2ECBuucomcq9yh1xlGmCGa2xcEXutZzX4f%2Fm0Wurtr2ct%2Bv1MGAaO3AAVQXU1cCdPkK8a%2FgN%2B2FUIfZmEzxc8hYxvqmv7HuNnxwNr98yup7yrtYAlVb4U5i4g5U%2FWr0E%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 833e0d0e5d04568f-OSL
alt-svc: h2=":443"; ma=60
mail.grop-wavgxkwhy.zxz1.my.id/download/img/karakter-anime-cantik-13-a715e.jpg.webp
104.21.48.196200 OK 18 kB URL GET HTTP/1.1 mail.grop-wavgxkwhy.zxz1.my.id/download/img/karakter-anime-cantik-13-a715e.jpg.webp
IP 104.21.48.196:80
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 560x315, Scaling: [none]x[none], YUV color, decoders should clamp
- data
Hash 3039e28d25e4962618953916acfc3f86
a428a23bdc96789dd14401416b8db3f89516f7c7
c0c3dafdb631b6055cb1e9cf25a807c3663a42c258d5ebeb1f8f38cc767a397a
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /download/img/karakter-anime-cantik-13-a715e.jpg.webp HTTP/1.1
Host: mail.grop-wavgxkwhy.zxz1.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 11 Dec 2023 13:24:59 GMT
Content-Type: image/webp
Content-Length: 17674
Connection: keep-alive
Last-Modified: Sun, 17 Oct 2021 15:23:28 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gatLQal3G37pbFW5oQuh4HGpzWNoqZQwlmKzx0J043cTFL4rGdGPp44KXdft%2BOyuiL11hx1%2BLdXI2y0Z%2F9%2B6pAE3%2BsYqxyhDoN8TwaG6P8ei%2FR%2F2o3qncZTLZj%2B%2FwdkEj%2Fy5CKGbi%2By3n1hU263P5EQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 833e0d0e5e3956bd-OSL
alt-svc: h2=":443"; ma=60
code.jquery.com/jquery-3.5.1.min.js
151.101.194.137200 OK 31 kB URL GET HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 151.101.194.137:443
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 11 Dec 2023 13:24:59 GMT
age: 3846411
x-served-by: cache-lga13628-LGA, cache-bma1640-BMA
x-cache: HIT, HIT
x-cache-hits: 20, 214665
x-timer: S1702301099.326908,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2
bagasarya.xyz/img/info/navbar.png
104.21.81.99200 OK 8.5 kB URL GET HTTP/2 bagasarya.xyz/img/info/navbar.png
IP 104.21.81.99:443
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Certificate IssuerGoogle Trust Services LLC
Subjectbagasarya.xyz
FingerprintEC:7D:C4:3A:2E:5C:12:D0:F5:A0:C5:48:82:D9:23:43:F3:FB:59:6D
ValidityWed, 29 Nov 2023 21:01:39 GMT - Tue, 27 Feb 2024 21:01:38 GMT
File type PNG image data, 904 x 339, 8-bit colormap, non-interlaced
- data
Hash f29c416a7c6f18ba0c0deb4980763c9d
56c7bfbf2c9a7a2be2e2214b0586c11af8e852bf
7f37cb926c06378327ad2a753c7119291b2ead796a6f588a8374de651ec72a8c
GET /img/info/navbar.png HTTP/1.1
Host: bagasarya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 13:24:59 GMT
content-type: image/png
content-length: 8459
cache-control: public, max-age=604800
expires: Thu, 14 Dec 2023 15:05:41 GMT
last-modified: Mon, 06 Mar 2023 02:41:35 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 339558
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rTS4RJpNAyixR8Hz6WXTDDB1gCY6hZ1D%2FCC%2BdtdeX3mmugAsZGfmcwBkl1mX4JeRhekJzdry6urBjfknPaH01oupFAfDJ30GHlaOcWLvKj9XWTUgAwUXTRfze6%2FMTRC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833e0d0ef904b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
bagasarya.xyz/img/info/modelFb.png
104.21.81.99200 OK 32 kB URL GET HTTP/2 bagasarya.xyz/img/info/modelFb.png
IP 104.21.81.99:443
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Certificate IssuerGoogle Trust Services LLC
Subjectbagasarya.xyz
FingerprintEC:7D:C4:3A:2E:5C:12:D0:F5:A0:C5:48:82:D9:23:43:F3:FB:59:6D
ValidityWed, 29 Nov 2023 21:01:39 GMT - Tue, 27 Feb 2024 21:01:38 GMT
File type PNG image data, 1024 x 1024, 8-bit/color RGBA, non-interlaced
- data
Hash 571fc0253c6f01c953d4274981fc9d66
5331c3ae96ea4d421f8bde0d3e5565024c8c3abb
d3a1d3bb7a7c79edc9a08de2369f4f7f201a0852bfaf5526716382fc7ad902a1
GET /img/info/modelFb.png HTTP/1.1
Host: bagasarya.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 11 Dec 2023 13:24:59 GMT
content-type: image/png
content-length: 31990
cache-control: public, max-age=604800
expires: Sun, 17 Dec 2023 16:31:39 GMT
last-modified: Mon, 06 Mar 2023 02:41:27 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 75200
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxGdgQqp22DzWU3hreS8t4BjiHVO5WVt1YHLpJXSi17quBXF5je78uv13S739o9F2FmiYitIFhdAIiEf8nAYaSqGyPABEfDcw3saUfOEupBDbs6%2BCqKtR3w1U4CJ9lmt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 833e0d0f2989b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
i.postimg.cc/sgzZRpSX/1651518758036.jpg
162.19.88.69200 OK 122 kB URL GET HTTP/2 i.postimg.cc/sgzZRpSX/1651518758036.jpg
IP 162.19.88.69:443
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, progressive, precision 8, 790x800, components 3
- data
Size 122 kB (121860 bytes)
Hash 44dbd8ffdbff9d3bbafd55d7f9a82e07
e6bd1392360ff825a1dafdc5e93f97567d6e076a
395c925a285c20b203217317f45d967b6543a311b06e85aeacf1b035a6f51e79
GET /sgzZRpSX/1651518758036.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 13:24:59 GMT
content-type: image/jpeg
content-length: 121860
last-modified: Wed, 13 Jul 2022 20:02:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/qMyCYmNS/1651515380746.jpg
162.19.88.69200 OK 118 kB URL GET HTTP/2 i.postimg.cc/qMyCYmNS/1651515380746.jpg
IP 162.19.88.69:443
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, progressive, precision 8, 785x800, components 3
- data
Size 118 kB (117937 bytes)
Hash 5f19ecf45178eeccd29e694512b36aef
14ef40e26216f3629adefdbca3b939ef112c519c
f18664d92e4868f62afb1dada59e0a1b0d21944b996bb8d837252dc2347865c7
GET /qMyCYmNS/1651515380746.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 13:24:59 GMT
content-type: image/jpeg
content-length: 117937
last-modified: Wed, 13 Jul 2022 20:02:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/Y2JWdcCQ/IMG-20220516-010200.jpg
162.19.88.69200 OK 131 kB URL GET HTTP/2 i.postimg.cc/Y2JWdcCQ/IMG-20220516-010200.jpg
IP 162.19.88.69:443
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type JPEG image data, progressive, precision 8, 653x800, components 3
- data
Size 131 kB (131323 bytes)
Hash 317542e25701be23ba9ff867fd1e0317
1570818a7671bbf805a18d39e928eeed40824b58
3f7819d5206e699cbf569c16d8bd08d9a5c02c3b7add57345103aea370d0f9b4
GET /Y2JWdcCQ/IMG-20220516-010200.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 13:24:59 GMT
content-type: image/jpeg
content-length: 131323
last-modified: Wed, 13 Jul 2022 20:02:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
mail.grop-wavgxkwhy.zxz1.my.id/download/css/bege.jpeg
104.21.48.196200 OK 284 kB URL GET HTTP/1.1 mail.grop-wavgxkwhy.zxz1.my.id/download/css/bege.jpeg
IP 104.21.48.196:80
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x2340, components 3
- data
Size 284 kB (283875 bytes)
Hash e3730ac7286fdfcf04e87fa8b67bb415
fafdc2e2b8e9b584519ef0e9692d3f02a4ec8dcc
3b944ba1cd72c9c66cf5042f590d5bed6e2bca80256ddae80dc375faddefecb1
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /download/css/bege.jpeg HTTP/1.1
Host: mail.grop-wavgxkwhy.zxz1.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/download/css/style.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 11 Dec 2023 13:25:00 GMT
Content-Type: image/jpeg
Content-Length: 283875
Connection: keep-alive
Last-Modified: Wed, 09 Feb 2022 15:22:32 GMT
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gEIJEOvC3H5%2F1oiIGiz6r7uf%2BYdRhIYXWoBHVehc14ijnFII%2FZLpWigvDsjo8%2B0WLsUyGuMruv2CFcmqEjzSOc72SXjbWrxENhyFWpJPxRfxdzJHNZt3cjx52iRVg%2BDGbbC%2BhmsicBZ%2Fh18e7fh8akk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 833e0d1618ee56bd-OSL
alt-svc: h2=":443"; ma=60
i.postimg.cc/pTB8gnD0/ezgif-com-gif-maker-1.gif
162.19.88.69200 OK 6.9 MB URL GET HTTP/2 i.postimg.cc/pTB8gnD0/ezgif-com-gif-maker-1.gif
IP 162.19.88.69:443
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 469 x 800
- data
Size 6.9 MB (6878442 bytes)
Hash ef3774b44dc8e6f749fb9bde48ec72af
793e3ecf45f39b5facfda915ef30988e25d4adc1
7c496dd0853bd153922c618dde761d475e423dfb8bf2e818c9d7ee916975dbc2
GET /pTB8gnD0/ezgif-com-gif-maker-1.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 13:24:59 GMT
content-type: image/gif
content-length: 6878442
last-modified: Thu, 19 May 2022 21:24:09 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
mail.grop-wavgxkwhy.zxz1.my.id/download/css/thin.ttf
104.21.48.196404 Not Found 238 B URL GET HTTP/1.1 mail.grop-wavgxkwhy.zxz1.my.id/download/css/thin.ttf
IP 104.21.48.196:80
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
File type HTML document text
- HTML document text
- HTML document text
- HTML document text
- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /download/css/thin.ttf HTTP/1.1
Host: mail.grop-wavgxkwhy.zxz1.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/download/css/style.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 11 Dec 2023 13:25:01 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U79mFSOIsJ0xWGKfRt%2BkszFj3B5uhTBAklS5mQJvUk2RY6tGZolxF3%2Fpe8pdf5vKgPfrj4U5t5nEsd869oBK0GOyNo6ydeFLv81CsXR3sL1ggAfVzYs7CIR5asF7477JQ3X3Rh%2BdWcRMs2b5RvL6x9M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 833e0d161ab9b4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
i.postimg.cc/NfbdCGXZ/tiktokk.gif
162.19.88.69200 OK 12 MB URL GET HTTP/2 i.postimg.cc/NfbdCGXZ/tiktokk.gif
IP 162.19.88.69:443
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 451 x 800
- data
Size 12 MB (12121329 bytes)
Hash 7f53004d650205b69a87b0845d881236
03912df4e150c239f3808e4e51f49be10cdd34c2
a1a71bdacc1a441119d6dfdb45b22c05361d0bfbd619f494f2561d1c8ab4b1c3
GET /NfbdCGXZ/tiktokk.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 13:24:59 GMT
content-type: image/gif
content-length: 12121329
last-modified: Fri, 03 Jun 2022 11:11:09 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
mail.grop-wavgxkwhy.zxz1.my.id/favicon.ico
104.21.48.196404 Not Found 238 B URL GET HTTP/1.1 mail.grop-wavgxkwhy.zxz1.my.id/favicon.ico
IP 104.21.48.196:80
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
File type HTML document text
- HTML document text
- HTML document text
- HTML document text
- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /favicon.ico HTTP/1.1
Host: mail.grop-wavgxkwhy.zxz1.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 11 Dec 2023 13:25:01 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eZd3fgi6B0FsGo3iZcLo7dAr793JlMo6OotkDgtvbQQYJJYmYOH%2B%2B0a33APxHRiWjtVjBDHT0dQRu%2FfAiVMun6WM%2Bhn%2Boe%2F79%2FMUB1BGbXUYGzXglTbcevBbgy2jbd84Au0UTRLlz9umyT0hSHh6%2BDI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 833e0d1a3ef756bd-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
j.top4top.io/p_2231z0iyt0.jpg
135.181.63.70200 OK 84 kB URL GET HTTP/2 j.top4top.io/p_2231z0iyt0.jpg
IP 135.181.63.70:443
ASN #24940 Hetzner Online GmbH
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Certificate IssuerLet's Encrypt
Subject*.top4top.co
Fingerprint98:C6:A8:2C:16:D5:04:38:85:B0:AF:12:09:89:3E:5D:88:01:7D:F5
ValidityWed, 01 Nov 2023 00:07:36 GMT - Tue, 30 Jan 2024 00:07:35 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 720x821, components 3
- data
Hash 77b1e1dd9fffebf445a00a11d3f5286a
bba6ec93e820fc85205c0331d025d8eee2560a51
d1b36630b032c310e9c8d20d355683b447e51dd97974b4132840abdfaacfb235
GET /p_2231z0iyt0.jpg HTTP/1.1
Host: j.top4top.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 13:25:03 GMT
content-type: image/jpeg
content-length: 84335
set-cookie: klj_40d147_downloads=qf5b9; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Tue, 12 Dec 2023 13:01:43 GMT
last-modified: Wed, 09 Feb 2022 15:04:28 GMT
content-disposition: inline; filename="IMG-20220209-WA0016.jpg"
etag: "6203d7fc-1496f"
expires: Mon, 11 Dec 2023 15:25:03 GMT
cache-control: max-age=7200
x-file-id: x44376741x
accept-ranges: bytes
X-Firefox-Spdy: h2
i.postimg.cc/fbsjM6YY/ezgif-com-gif-maker-2.gif
162.19.88.69 44 MB URL GET i.postimg.cc/fbsjM6YY/ezgif-com-gif-maker-2.gif
IP 162.19.88.69:0
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Certificate IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT
File type GIF image data, version 89a, 497 x 800
- data
Size 44 MB (44280683 bytes)
Hash 7e40d7a8aaf5c26379167aaabaaa58a3
f428919c582c309f59a5154b3101290001fd2b27
b220e11e5856cfe225c154e918657f0e86d3e0e1ed0ec9d4b176c2dcb168c9c8
GET /fbsjM6YY/ezgif-com-gif-maker-2.gif HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 11 Dec 2023 13:24:59 GMT
content-type: image/gif
content-length: 44280683
last-modified: Fri, 03 Jun 2022 11:16:39 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
mail.grop-wavgxkwhy.zxz1.my.id/download/css/font.ttf
104.21.48.196 238 B URL GET mail.grop-wavgxkwhy.zxz1.my.id/download/css/font.ttf
IP 104.21.48.196:0
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
File type HTML document text
- HTML document text
- HTML document text
- HTML document text
- exported SGML document, ASCII text
Hash a34ac19f4afae63adc5d2f7bc970c07f
a82190fc530c265aa40a045c21770d967f4767b8
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
Analyzer Verdict Alert OpenPhish phishing WhatsApp
GET /download/css/font.ttf HTTP/1.1
Host: mail.grop-wavgxkwhy.zxz1.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/download/css/style.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Date: Mon, 11 Dec 2023 13:25:04 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TMQJ4h2Ej3WMOnT%2BKJM9VreFppbgDMWPGOXv1gXdqUgfZMCznun%2BkVpLjCqJ7HjcX%2F2snm6K%2F5jDZzbMB7FQENXNISRQzDY6%2BqDiPOCEQHW0jKsz4r1lQ1Z8Ns8oluoXoHxA3%2F5JNRc%2BVZrB%2FE%2FmHSY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 833e0d27480bb4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Camazondotcom%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org&lang=en-US
54.230.111.63 82 B URL services.addons.mozilla.org/api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Camazondotcom%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org&lang=en-US
IP 54.230.111.63:0
File type JSON data
- , ASCII text, with no line terminators
Hash 4f822d39c269d2c47e3174b6c6bad3b7
d56bd07959c766e9c18faa9cf1070548f9236b65
cda00e555c758b1c13b6cbd17049ca8471057d16c60f08f551dbc331308eecf3
GET /api/v4/addons/search/?guid=default-theme%40mozilla.org%2Caddons-search-detection%40mozilla.com%2Cgoogle%40search.mozilla.org%2Camazondotcom%40search.mozilla.org%2Cwikipedia%40search.mozilla.org%2Cbing%40search.mozilla.org%2Cddg%40search.mozilla.org%2Cfirefox-compact-light%40mozilla.org%2Cfirefox-compact-dark%40mozilla.org%2Cfirefox-alpenglow%40mozilla.org&lang=en-US HTTP/1.1
Host: services.addons.mozilla.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 82
allow: GET, HEAD, OPTIONS
content-security-policy: img-src 'self' blob: data: https://addons.mozilla.org/static-server/ https://addons.mozilla.org/user-media/; frame-src https://www.recaptcha.net/recaptcha/; default-src 'none'; script-src https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/js https://www.recaptcha.net/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.gstatic.cn/recaptcha/ https://addons.mozilla.org/static-server/; object-src 'none'; media-src https://videos.cdn.mozilla.net; connect-src 'self' https://*.google-analytics.com; style-src 'unsafe-inline' https://addons.mozilla.org/static-server/; form-action 'self'; child-src https://www.recaptcha.net/recaptcha/; font-src 'self' https://addons.mozilla.org/static-server/; report-uri /__cspreport__
cross-origin-opener-policy: same-origin
public-key-pins: max-age=5184000; includeSubDomains; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="
referrer-policy: same-origin
server: nginx
strict-transport-security: max-age=31536000
x-amo-request-id: b0761b8c2a5c467dbcb961a142fdf22e
x-content-type-options: nosniff
x-frame-options: DENY
date: Mon, 11 Dec 2023 13:24:04 GMT
cache-control: max-age=180
etag: "4f822d39c269d2c47e3174b6c6bad3b7"
vary: origin,X-Country-Code,Accept-Language
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0h7bslKNF_XBkPOjVJ4ptse0FLR8VXbtgP3b59ABiNS26OOtFmi75w==
age: 84
X-Firefox-Spdy: h2
aus5.mozilla.org/update/3/SystemAddons/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
35.244.181.201 42 B URL aus5.mozilla.org/update/3/SystemAddons/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml
IP 35.244.181.201:0
File type XML 1.0 document text
- XML document, ASCII text
Hash f8f24fa0c857d8f2ee493e131b85ab62
cb6049f830a54d14a19d4104fc0bb5ab5fdedbe6
e0dadbc9cd1f1bd8ce3118cc3383e0d0f6d147f055265d498d99deea956ba00f
GET /update/3/SystemAddons/111.0a1/20230218104546/Linux_x86_64-gcc3/null/default/Linux%205.15.0-76-generic%20(GTK%203.24.34%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 42
rule-id: unknown
rule-data-version: unknown
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: MISS
via: 1.1 google
date: Mon, 11 Dec 2023 13:25:11 GMT
content-type: text/xml; charset=utf-8
age: 17
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Yantramanav&display=swap
142.250.74.106200 OK 1.2 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Yantramanav&display=swap
IP 142.250.74.106:443
Requested by http://mail.grop-wavgxkwhy.zxz1.my.id/download/
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT
File type ASCII text, with very long lines (1177), with no line terminators
Hash 0c73a4511b6734be8645e54e8f8631ed
01a7a9eed096fded4951b5fb9caf79efdeb7167e
fcefe2994aee1e782431bf4eb0a68bd4a9751011894c07980fd904176b8e8c83
GET /css2?family=Yantramanav&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://mail.grop-wavgxkwhy.zxz1.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 11 Dec 2023 13:25:00 GMT
date: Mon, 11 Dec 2023 13:25:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2