Report - offlcial--dana-id.frats.my.id/

Report Overview

Visited public
2023-12-09 13:05:58
Tags
URL
offlcial--dana-id.frats.my.id/
Finishing URL
offlcial--dana-id.frats.my.id/
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Title
DANA - Apa pun transaksinya selalu ada DANA

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-12-09 08:21:37	435 B	32 kB	151.101.194.137
offlcial--dana-id.frats.my.id	unknown	unknown	No data	No data	7.7 kB	195 kB	188.114.96.1
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-09 07:42:19	486 B	1.8 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-09 06:06:20	1.2 kB	98 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA
2023-12-08	medium	offlcial--dana-id.frats.my.id/	DANA

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

Files detected

URL
offlcial--dana-id.frats.my.id/ast/img/hero.png
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
43 kB (43109 bytes)
Hash
4126c0393b3b7dfa2800095ce6ecf338
811d0a98523b12c1fa6255aa87b4d2101dab1020
f7d0665dea209eb1d41d46f66b7c2106f9e2f129178e530dfe258965c6d885d1

Archive (1)

Modified	Filename	Size	Md5	File type
2023-06-12 16:28	Screenshot_20230612-162641-removebg-preview~2.png	43 kB	a2fe81573586ae2ff99e0096c6c79ed9	PNG image data, 335 x 298, 8-bit/color RGB, non-interlaced

JavaScript (13)

	URL	From	Size	First Seen	Last Seen
	offlcial--dana-id.frats.my.id/	ScriptElement	135 B	2023-06-29	2025-05-12
Pretty URL offlcial--dana-id.frats.my.id/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59 Last Seen2025-05-12 09:27 Times Seen1261 Hash 8135d55bdb3fdd9003e5226986c539f4 17796aff7fea44999042478f0340bdc87776acab 0c472d92c58eac469153a6fa27f2fb758ae436804afed1b0689bd9e33c15a0eb Loading...

	offlcial--dana-id.frats.my.id/	ScriptElement	66 B	2023-06-29	2025-05-12
Pretty URL offlcial--dana-id.frats.my.id/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59 Last Seen2025-05-12 09:27 Times Seen1244 Hash b7ec93a09110dfd8bb76196fe658a2ca fa0e9eecd598aa16a419e4e799c4694469ecf9f3 5ef8108dc8ed8de6d3ce2b0a190bcde518ac3f55143f767074e421359a2ee58a Loading...

	offlcial--dana-id.frats.my.id/	ScriptElement	214 B	2023-06-29	2025-02-26
Pretty URL offlcial--dana-id.frats.my.id/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59 Last Seen2025-02-26 08:59 Times Seen967 Hash d5d8d7e5364c28cf2a6bdb2d1b533425 38c68da0d60983a3f9fa085872d27ad97f5707d0 73e91b6f1b1b5cf60d3701b6e287a052b09787492ee66fd00288d6d29c5b1f75 Loading...

	offlcial--dana-id.frats.my.id/	ScriptElement	690 B	2023-06-29	2025-05-10
Pretty URL offlcial--dana-id.frats.my.id/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59 Last Seen2025-05-10 17:56 Times Seen1135 Hash 37b6cc906dee95ba31d6dc3561093274 cf09a304a41aafdb080861bc47d37f346def78d4 f2e9070c480bcec6af473420c44054580f46caddad6daed002db97fe1790daac Loading...

	code.jquery.com/jquery-3.5.1.min.js	ScriptElement	90 kB	2023-03-07	2025-05-12
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-12 21:19 Times Seen109057 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	offlcial--dana-id.frats.my.id/	ScriptElement	689 B	2023-06-29	2025-05-12
Pretty URL offlcial--dana-id.frats.my.id/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59 Last Seen2025-05-12 09:27 Times Seen1261 Hash b05c8bd1528cb5466392fb8d88178905 84590a391d262608fef98d82cc37bc399c656c6a c5ed1f676d19f816f1f227611469605003b0e57edc27aaf55f51a654aa6134e2 Loading...

	offlcial--dana-id.frats.my.id/	ScriptElement	429 B	2023-06-29	2025-02-26
Pretty URL offlcial--dana-id.frats.my.id/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59 Last Seen2025-02-26 08:59 Times Seen968 Hash 4d1528243a309f4162fe80c2cde9ae93 8f3ed458f48f58e15538686dc001fd0ae8fe2079 917bd4fc4ff0da5f10b0e353b4dc49b8cf8962d64e04c7f8095fa046360a2d40 Loading...

	offlcial--dana-id.frats.my.id/	ScriptElement	357 B	2023-06-29	2025-01-28
Pretty URL offlcial--dana-id.frats.my.id/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59 Last Seen2025-01-28 21:55 Times Seen317 Hash ae670af07ba3f41b83efee1f7aaec49b 6449c1b351f3ae8ad60dd920f6015f366a232e65 3b412056538c9ca5fbea8ce1fce2d3268214bf0c93af968bcc17b87d6eb4ba00 Loading...

	offlcial--dana-id.frats.my.id/	ScriptElement	278 B	2023-06-29	2025-01-28
Pretty URL offlcial--dana-id.frats.my.id/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59 Last Seen2025-01-28 21:55 Times Seen317 Hash 98d47023d77791c3fcb4d2d917ceab48 0db967e209ff2a11f3861e8e092548e2dd2bd81e 46ffe8601ef68e12c5909802c82967e3bbea08fc0fb5df8f1885625ead2736a8 Loading...

	offlcial--dana-id.frats.my.id/	ScriptElement	372 B	2023-06-29	2025-01-28
Pretty URL offlcial--dana-id.frats.my.id/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59 Last Seen2025-01-28 21:55 Times Seen317 Hash b2becc9784c38e2886fbc8c9d838eb76 f829beaac152b27a8f2d1c1d46495a289bc9846f e93ef7b036b54308f1c535df2f7b5d7750ebb892407a4b4aad9540dff35b454f Loading...

	offlcial--dana-id.frats.my.id/	ScriptElement	156 B	2023-06-29	2025-05-10
Pretty URL offlcial--dana-id.frats.my.id/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59 Last Seen2025-05-10 17:56 Times Seen1129 Hash 00c3ff7222ce30d0151b609ce9b1dd00 28fbd8656f7edc3e6f92e420aa6c8bba22be6049 aaaee6f16237a69ade0d0a8e1246b230292a6eead0155f688c49e8de8b5a35c2 Loading...

	offlcial--dana-id.frats.my.id/	ScriptElement	382 B	2023-06-29	2025-02-26
Pretty URL offlcial--dana-id.frats.my.id/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-29 14:59 Last Seen2025-02-26 08:59 Times Seen988 Hash 7544c9acf4737e54470eb118ba8361a5 6a4d26abaec547bb911dcd1d131505512c3d5dfc 15d88dfd919c1a4ae658e43cfb9c9bc3dc298440028e47b065e43b2218c52f21 Loading...

	offlcial--dana-id.frats.my.id/ast/jquery.mask.min.js	ScriptElement	7.9 kB	2023-06-29	2025-05-12
Pretty URL offlcial--dana-id.frats.my.id/ast/jquery.mask.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-29 14:59 Last Seen2025-05-12 09:27 Times Seen1315 Hash 2e961f240d376e0a83c885a07f00762e e9f1d4a792dc3fb06f8d65d68a607738f3b4070c 470a65fdd4c44fa96ef232acb2a308ca73a3f17d6accc399d0c7a28a21d532d9 Loading...

HTTP Transactions (20)

URL IP Response Size

code.jquery.com/jquery-3.5.1.min.js

151.101.194.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 09 Dec 2023 13:05:41 GMT
age: 3672453
x-served-by: cache-lga13628-LGA, cache-bma1671-BMA
x-cache: HIT, HIT
x-cache-hits: 20, 576835
x-timer: S1702127141.186180,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2

offlcial--dana-id.frats.my.id/ast/img/dana_text.png

188.114.96.1

200 OK

11 kB

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/img/dana_text.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
PNG image data, 480 x 118, 8-bit/color RGBA, non-interlaced
Size
11 kB (10588 bytes)
Hash
3dc459976e4f7086419105435a80fc25
4a79a70ae98be7b6386ddde8609d83eee4777373
8af7f1691e018bfc400432dfc61455f26f63226ab369e675c80cef5a93334e87

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/dana_text.png HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:41 GMT
content-type: image/png
content-length: 10588
last-modified: Mon, 12 Jun 2023 16:22:16 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkxKtPTNCfKUxfMoma%2FoktPrbsR7ZxEbKoGyq315%2FRv1slK0%2Fw8TlFEZ4mGEQjj3m9faS0jza6sDuNeutOD0g9nOWG%2B88EsArSzl2wU1WWumzIXxvNSEqzQho9Vzxy87%2FFq%2BZJ9oouC7a8Gmp3yE%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d76080891b521-OSL
alt-svc: h3=":443"; ma=86400

offlcial--dana-id.frats.my.id/ast/img/bi.png

188.114.96.1

200 OK

16 kB

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/img/bi.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
PNG image data, 360 x 200, 8-bit/color RGBA, non-interlaced
Size
16 kB (16542 bytes)
Hash
6e77df79b301b9fb95fdf50d66e3ceb7
1c93476fccf582d5ea0fa88ec8b1becc00d9edb5
4262dc8d42209d7e2a597f7f1098880e75ad0f6a53a66da1a7bd094a5f778199

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/bi.png HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:41 GMT
content-type: image/png
content-length: 16542
last-modified: Mon, 12 Jun 2023 16:22:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKcGTllT3nPnvbvH0Rkp8GDt%2Fn2%2FwbgKq9S5Yj34H4U%2BZLxYG3eiPXuOnG2uLARGJE9mdICiyS1349Kk%2FRNwuap6iSrzq5WQ2h3WuYpLdR4ENnS9Y67viglZT7wH8bdo0hlewXiniYsPqbPFXKb68w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d76080892b521-OSL
alt-svc: h3=":443"; ma=86400

offlcial--dana-id.frats.my.id/ast/img/indo.png

188.114.96.1

200 OK

741 B

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/img/indo.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
PNG image data, 80 x 45, 8-bit colormap, non-interlaced
Size
741 B (741 bytes)
Hash
c15c95b8db17f44e5826bb7839278578
5be0ab5aba6201a0a3a3423f9db8008ed2385430
af52bfb0ab7606d185db1457ddc3edceb61c7fe9675e099cae3e3be1eccf152c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/indo.png HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:41 GMT
content-type: image/png
content-length: 741
last-modified: Mon, 12 Jun 2023 16:23:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EU9wBrGLp8q6eBTrZf7HDBK2NUSeByahAmw%2BElIYcwOFw9qwUp2AH4AFQ5Qdw2Aubg6kqeyYaCc9UmauFLawrv6je07FUsTjkr%2B0Cc9%2Fk4%2FfuBx9wHB%2FGcxDekTPyWJNYnhJBkMqAYJ5Dm0MsdJ6Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d760818a6b521-OSL
alt-svc: h3=":443"; ma=86400

offlcial--dana-id.frats.my.id/

188.114.96.1

200 OK

16 kB

URL User Request GET HTTP/2
offlcial--dana-id.frats.my.id/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
HTML document, ASCII text, with very long lines (9439)
Size
16 kB (15508 bytes)
Hash
3ad5b8437dada3906b7e1e2aa68d7506
259c26ce42ee4bbcbb9e571b44c52978d68000aa
aac660e4aefe7177e7e3b20c37ae6949ec6ff426f68e7a677423337d68ab7a0f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET / HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 09 Dec 2023 13:05:40 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gstWdFr5AsZQqiGZ4398rX4b8qfDmEiUpENdG7IG5IKnqcRWTe3gvrIXZo2%2F62%2Fay%2B9w3R4v7Rx4FV5aJ%2BCi0V5CKPg0kIcobhTx8YX%2BNeoWQulkMIFqdArQCN6eJaGQMpJH0%2B%2FQrT3pQ%2B5SW2lbnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 832d7601ab75b4f9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

offlcial--dana-id.frats.my.id/ast/img/load_bg.png

188.114.96.1

200 OK

7.9 kB

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/img/load_bg.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
PNG image data, 300 x 300, 8-bit gray+alpha, non-interlaced
Size
7.9 kB (7863 bytes)
Hash
bf1d4a90de7e29b2be55237982cb30b4
ef942049631b598767fda52d54458b9f9680ee87
46518758f002d85cff9220609163f23b7e9f8f2721561d1e0ba79c4f17425c58

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/load_bg.png HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:41 GMT
content-type: image/png
content-length: 7863
last-modified: Mon, 12 Jun 2023 16:23:04 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTlMZ3UI0Td71X911ype7VkyPkPu3cUVSx38xDXhYU%2BIn9rlNVbo9f%2BoHovWTQKKfCir4v7GZML4Q6YLYpwAEGvku3jkyMvnkMtYMvP8vE8nQGSaeTulmuyQ%2FK9rjUu9VJBg0E54meA0O2FzkxAwHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d76080896b521-OSL
alt-svc: h3=":443"; ma=86400

offlcial--dana-id.frats.my.id/ast/img/load_spin.png

188.114.96.1

200 OK

5.1 kB

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/img/load_spin.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
PNG image data, 200 x 200, 8-bit gray+alpha, non-interlaced
Size
5.1 kB (5078 bytes)
Hash
e8e4e4432355a07040a7327673850223
b07f6cfaacb6a2093778b08dd8d9b8f7d718c119
50b4bad00572d07c6158459a5cb93b1b3f9bdea95d393aa56970afded2f58913

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/load_spin.png HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:41 GMT
content-type: image/png
content-length: 5078
last-modified: Mon, 12 Jun 2023 16:22:56 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9%2FrfYi%2FhVDeYHYK61%2FjGAs2Q00xPKwFa5Enpyid1uEfsKCzTOPoGWrmkKE%2BjaUBwBxrrHuShTKymq8TPNw7rmHhWsCIUZqSa4ZWecndLn7sqYMkjdmsEJKKkqCBGTBW1Bps4T0D70fgCiD%2F7ZCwew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d760808a0b521-OSL
alt-svc: h3=":443"; ma=86400

offlcial--dana-id.frats.my.id/ast/img/kom.png

188.114.96.1

200 OK

8.5 kB

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/img/kom.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced
Size
8.5 kB (8484 bytes)
Hash
74adb66e545a68df7e5a0442a02fa8e7
a1692d3bfbde3c0cb3a8bc9b9b1fb2de4d570e85
4285db40c51cc53230cab0490df40566e285b48fb2b2e4729b42ff2a26c74480

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/kom.png HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:41 GMT
content-type: image/png
content-length: 8484
last-modified: Mon, 12 Jun 2023 16:23:08 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KvjapS3VGKpWlmYRN%2FoQJ9Btrm90ieskYfF7kP0VfSodmJTk%2FibZ%2FPTjJ4lEEyweT0qjdT1pF9rTXb5oJAlS0vArFP7s%2FKPbT8caw5ZVy5wAgSVqNcDnh1lCqNq%2BJlsPQkRxY5t%2FFYejN37gWRsQJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d76080894b521-OSL
alt-svc: h3=":443"; ma=86400

offlcial--dana-id.frats.my.id/ast/img/hero.png

188.114.96.1

200 OK

43 kB

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/img/hero.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
Zip archive data, at least v2.0 to extract, compression method=deflate
Size
43 kB (43109 bytes)
Hash
4126c0393b3b7dfa2800095ce6ecf338
811d0a98523b12c1fa6255aa87b4d2101dab1020
f7d0665dea209eb1d41d46f66b7c2106f9e2f129178e530dfe258965c6d885d1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/hero.png HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:41 GMT
content-type: image/png
content-length: 43109
last-modified: Mon, 12 Jun 2023 16:29:58 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9UQw4U9jKoTbJmhgIVtIepMjUNEBEab237dTrqFNZw%2Fe1ElVsZkIVycT1lXCQ53pdrYX8sCIhabPip3mvn0A9g7OTyJyfgEP6iM9AByPTTbwDlqwJopCsg9Kl7Za9FgrCOPxPSQ3AtSJ8xn5gqcj%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d7608088fb521-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap

142.250.74.106

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint10:D0:ED:9A:F4:53:C8:99:DE:B6:5E:5C:04:E6:20:0B:68:7D:46:EC
ValidityMon, 20 Nov 2023 08:08:50 GMT - Mon, 12 Feb 2024 08:08:49 GMT

File type
gzip compressed data, max compression
Size
1.2 kB (1205 bytes)
Hash
57dbfdbe923b2b17a52882e4d82084ac
bf5e2a8f14c9e02ea48d01765da8ecd1b2e122c3
264b26c0787a23556c87034950d1eb24aed2296671cd8129b5ca93e86eca7464

HTTP Headers

GET /css2?family=Open+Sans:wght@400;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 09 Dec 2023 13:05:41 GMT
date: Sat, 09 Dec 2023 13:05:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

offlcial--dana-id.frats.my.id/ast/6990a7033bbaeadc2040ac863ff124fd.css

188.114.96.1

200 OK

49 kB

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/6990a7033bbaeadc2040ac863ff124fd.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
ASCII text, with very long lines (1255), with no line terminators
Size
49 kB (48862 bytes)
Hash
7420333c4f6ef8b075a0f757b2af4f20
0e6836ef790baabf62aa0df5f33c8b3e8450295a
55c79193a97d40e41d31c65be9722e008c40ee3b3404d7c59dd75114b5986202

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/6990a7033bbaeadc2040ac863ff124fd.css HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:42 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 16:21:02 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNfSHujoD%2B%2Bxx3WwLuk7X3BMPbFAKKYdevFObd5jEzfCEl34rYKpOehPsu%2F5q12LRl6%2BlZeLFlHTy0BoxRuRTbheguTjognuCWyJcON4MzBOYavTkT048hxGWP5%2BE8cd9Xi0avkohvb9QAxEJgaLAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d7608088bb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://offlcial--dana-id.frats.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:40:55 GMT
expires: Fri, 06 Dec 2024 15:40:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 163490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

48 kB

URL GET HTTP/2
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 48432, version 1.0
Size
48 kB (48432 bytes)
Hash
e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5

HTTP Headers

GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://offlcial--dana-id.frats.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 07 Dec 2023 15:40:55 GMT
expires: Fri, 06 Dec 2024 15:40:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
age: 163490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

offlcial--dana-id.frats.my.id/ast/47e4c58f6b9789b8a33f2525cf084599.css

188.114.96.1

200 OK

790 B

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/47e4c58f6b9789b8a33f2525cf084599.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
ASCII text, with very long lines (790), with no line terminators
Size
790 B (790 bytes)
Hash
8308d2ea1d6ea02c0cb00f298799633e
6deedbf3eea7d45bd140179d681c8f78613073d6
fe9df1a47b206f90c0f6a9bd88239d8eb22313978376f04d9e3fab4a35317380

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/47e4c58f6b9789b8a33f2525cf084599.css HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:41 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 16:20:22 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NSOEosc6G2M2Ty1zWVVAgjFQDWzb8B844XupLnpeUAbWX9FYU22i87K29moN2epw0oh1UhSzEgWAP%2FNPn9BUI72oRm2wE%2BaRyb60byLLJ6WolSsGX1WsDMbEloIAP9iKP4ycjN7uFru4ArOSKudPbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d7608088db521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

offlcial--dana-id.frats.my.id/ast/img/dana_logo.png

188.114.96.1

200 OK

13 kB

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/img/dana_logo.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
PNG image data, 382 x 112, 8-bit/color RGBA, interlaced
Size
13 kB (12786 bytes)
Hash
6fd5a7d18a8f7c04bc5effcdc5235987
c4852c577f44fcdf78fb439a30ea2c6c6983b140
c67e5431f9c00bb690ea8b8add63d5ca9250bf2925f2c2a691eeee498ac75853

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/img/dana_logo.png HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:41 GMT
content-type: image/png
content-length: 12786
last-modified: Mon, 12 Jun 2023 16:22:12 GMT
cache-control: max-age=14400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDhuwWQgmJ7GQ8Y1E29J%2FTO6NTmJyzAV0r0UFGSTPxwGUNZuAT%2BKT6RNyl66BhDTrZtRwP1BoN5m2uUMDbP1YSwopaK9OZEfyBliNuW8vrlTnADhlGVQdVjVNQatrDr6CEehi0n9VXG5YQ32fnn2pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d7608088eb521-OSL
alt-svc: h3=":443"; ma=86400

offlcial--dana-id.frats.my.id/favicon.ico

188.114.96.1

404 Not Found

315 B

URL GET HTTP/3
offlcial--dana-id.frats.my.id/favicon.ico
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
HTML document, ASCII text, with very long lines (326), with no line terminators
Size
315 B (315 bytes)
Hash
97ef40509b73c101d6815511c3adf98d
a4242322497ea630ea72e26ba297a95a2bbe5ccd
322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 09 Dec 2023 13:05:42 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BXSYgxmO%2FadBlXPNaHbNHSCt2ZeJKKrKMHPfNp0WsFbWX4FUk4Lrv2jUQGKooQ7FZI6OqkaDx8DIyhchjBZxXFl3FqW7Nv%2BUUxrh8vRJOqAl2WQW42ZoSeMpf9sIOmnzTFTKn21UzF%2Ft6NnSLLxtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d760ecf6db521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

offlcial--dana-id.frats.my.id/ast/8d62ea654fcf0e4cae001e344ee2592c.css

188.114.96.1

200 OK

3.9 kB

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/8d62ea654fcf0e4cae001e344ee2592c.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
ASCII text, with very long lines (3850), with no line terminators
Size
3.9 kB (3850 bytes)
Hash
6a47026eae042cc9152e2ba28cae1688
11f91794ddadcd088a8e78720abd5cce59700198
a2a6e6317012a338c0dc67124f68f969166edc9f7c3f75d54ff48942d785e709

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/8d62ea654fcf0e4cae001e344ee2592c.css HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:41 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 16:19:40 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PPVjG8ofrAROCvl7KIYDcSYUAb2wuR3ATc1id8L%2F70NJPnYzh6y5RB5SUxRsl4x4rsF5egrdnSAZck5WvComwt2ZtGG6Hsly0Ck9z8%2BRpaZmYmrw27DDObG7%2BxN32AwFW0a%2BxfNZ9q%2FV0bkjLB2qdg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d7607d852b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

offlcial--dana-id.frats.my.id/ast/jquery.mask.min.js

188.114.96.1

200 OK

7.9 kB

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/jquery.mask.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
ASCII text, with very long lines (8132), with no line terminators
Size
7.9 kB (7920 bytes)
Hash
c71ebcdd10a5dd93f081dc61e87d6b63
88623481cb90c64c31185ae9325d420aeffdd1e6
d07deaceaefefc6bab3b5d703b361beac52560eb3418a71ae7312e2d873094ba

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/jquery.mask.min.js HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:41 GMT
content-type: text/javascript
last-modified: Mon, 12 Jun 2023 16:21:48 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPaIrhcy2wTWMGa50yXNg9Wl6Zbl1aUdgSwuImDkMiopdfMlY0pLjYMUvat9icAQTUrHNZnOJq8aMkryVH3DzBdPEgpOWyNTeDiKMwcmBXHOd8PB7YOyU%2FF0iKOeHEQsb5kr4v3wRlzJmcS05BbAxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d760828b7b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

offlcial--dana-id.frats.my.id/ast/3fadc676582b9542004b502ee03df3a3.css

188.114.96.1

200 OK

1.6 kB

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/3fadc676582b9542004b502ee03df3a3.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
ASCII text, with very long lines (1561), with no line terminators
Size
1.6 kB (1561 bytes)
Hash
553a4feacebe4a339e3f83b082684ff8
7334803536f6429c43ad344da92e22414e5882c2
94e570a73c7171a271962b2c59739196b2101bba6ce3257e1e60743013cdaf32

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/3fadc676582b9542004b502ee03df3a3.css HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:41 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 16:18:54 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lndn7UdqpljFvCHIdcRtyGG%2FqeGhfqiqVPfcVeY6w%2FfX5FZgoh7GOPb5tOhJttN523tbC4AtZbF4oKHwZk98wXS89YcEHnuMyhk5KJ3iXtR3NAi8pygwGaD6WGlI2zqBV7ZsTEMU9%2FcyJ9Wu%2FezJxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d7608088cb521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

offlcial--dana-id.frats.my.id/ast/00b9d2e9f52e505c013c16bb638a42a4.css

188.114.96.1

200 OK

666 B

URL GET HTTP/3
offlcial--dana-id.frats.my.id/ast/00b9d2e9f52e505c013c16bb638a42a4.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://offlcial--dana-id.frats.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectfrats.my.id
Fingerprint6F:76:E9:09:E6:28:22:01:20:BC:E7:64:FF:A7:DD:F7:14:F2:2D:11
ValidityWed, 18 Oct 2023 00:25:23 GMT - Tue, 16 Jan 2024 00:25:22 GMT

File type
ASCII text, with very long lines (666), with no line terminators
Size
666 B (666 bytes)
Hash
f04c34e455649c317cbfe449a7c5b10e
07c192cd6c0d6b6a96ddd3fe56ffc5762c2f6eb7
963ee000ea25a124a63e7dd4ded8a9adc4d3501de7d0bf47f78f6fa4bc4ee472

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	DANA

HTTP Headers

GET /ast/00b9d2e9f52e505c013c16bb638a42a4.css HTTP/1.1
Host: offlcial--dana-id.frats.my.id
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://offlcial--dana-id.frats.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 09 Dec 2023 13:05:41 GMT
content-type: text/css
last-modified: Mon, 12 Jun 2023 16:18:20 GMT
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v9BpG7XOQKFQ843gay55T1U7XWV5gVlh11k0N3UB7TXVEkdRdPmT0TniGFNB%2FCz8ZeX8SHDlrQ3v5gZj9XF0DWPxJjw5tlxJNsUZghGrmVf%2BGRjUcKPyl%2BhEjZQOrlf5B8nqOfq2n8FRvYKra30elA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 832d7607e865b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

Files detected

URL

IP

ASN

File type

Size

Hash

Archive (1)

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN