zerossl.ocsp.sectigo.com/
728 B URL zerossl.ocsp.sectigo.com/
IP
Hash edc04c8a72f7d7f5ee8a73517c7e70bc
1c218b23567e090fa76fa838aa5bac056e26bd27
47b39aa29e3880cb1289d04716e921e59abf71d3e85532ea77dfdaf9ff946ff7
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 01 Nov 2023 06:39:18 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Sun, 29 Oct 2023 23:48:11 GMT
Expires: Sun, 05 Nov 2023 23:48:10 GMT
Etag: "1c218b23567e090fa76fa838aa5bac056e26bd27"
Cache-Control: max-age=406732,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 81f223c83d5d56c1-OSL
146.190.74.26/m/index.php
200 OK 7.7 kB URL User Request GET HTTP/1.1 146.190.74.26/m/index.php
IP
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5081), with CRLF line terminators
Hash 16aa82e6c0555086af058c68126c1200
1d9a8964809c9b928e298ab7b8042f75045746fa
b3cdd7daa166900c06e100a993ddfacfa0e2316f6d4a20613eb081ae3513bc4c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/index.php HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.6
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U252xe4Vr0u4Aw0Q5wsRkP3CKFhIXDjWDLfr1K6ml6%2BSSxXuK%2FJKe3TDft8X6tulW8bPZf%2FTS6r6%2BtNptxJVNcmY68jhu2cCq6JEDaK%2F1tIpSlrs%2BIeakrL8YRff0y0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223cbbef6c3eb-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/moment.min.js
200 OK 17 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/moment.js/2.27.0/moment.min.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (58823)
Hash 7b3adc3f29d48879dfab4a8161e5186f
cd4548d9aac482d47d4e165530adea4dc9ea35c9
66c58fd2f4fe6a45a6bc4324358819acf1ca53d29ef276013c2ddda8e369d666
GET /ajax/libs/moment.js/2.27.0/moment.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 16963
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eebeaf9-e5ee"
last-modified: Thu, 18 Jun 2020 22:30:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 452138
expires: Mon, 21 Oct 2024 06:39:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmyuNFXApMuNfuM2wSmaIxkVL4NcdlkEEZcMY%2BYFEtZd9M8fnzJ1NFd5RvDgD57TcbB9jtIqPa08eOm1Wh%2BY%2Fi1hS23r4Ivy7LSw9It1xEF28UVxlU%2FQMxdsz6LCfLDIQ%2FM86K3T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81f223d35dcb56a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.min.js
200 OK 31 kB URL GET HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 01 Nov 2023 06:39:19 GMT
age: 3582659
x-served-by: cache-lga21931-LGA, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 30, 552756
x-timer: S1698820760.679022,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 8f3dead87317ffa593beda4662d355db
e764c31672a1958b7801556cfd864b4a5253f1a3
4dde35ac9bff1db0056e4020d2b7e55c9b8377954c97bbac0c2fbbebb33a90a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Nov 2023 06:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
res.cloudinary.com/dkoegfuwi/raw/upload/v1664194873/messege_ix2oyk.js
200 OK 5.7 kB URL GET HTTP/2 res.cloudinary.com/dkoegfuwi/raw/upload/v1664194873/messege_ix2oyk.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerGoDaddy.com, Inc.
Subject*.cloudinary.com
FingerprintF1:6F:E1:8B:94:B4:F3:04:72:04:32:66:F6:4F:AA:BB:E6:BE:A0:BC
ValidityWed, 21 Jun 2023 09:59:03 GMT - Sat, 22 Jun 2024 11:52:01 GMT
File type ASCII text, with very long lines (19826), with no line terminators
Hash ff3646acb703a4755521a96df6dc0ac5
c108d8874d713c0fe3ded57a30d63a8cad360a17
247bba5eb9a69da13de4b022026d61f77bf633a80269af84279cf2c369504653
GET /dkoegfuwi/raw/upload/v1664194873/messege_ix2oyk.js HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:19 GMT
content-type: text/javascript
content-length: 5694
cf-ray: 81f223d46cdc56b9-OSL
accept-ranges: bytes
access-control-allow-origin: *
cache-control: public, no-transform, immutable, max-age=2592000
content-encoding: gzip
etag: W/"ff3646acb703a4755521a96df6dc0ac5"
last-modified: Mon, 26 Sep 2022 12:21:14 GMT
strict-transport-security: max-age=604800
vary: Accept-Encoding
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary
server-timing: cld-cloudflare;dur=14;start=2023-11-01T06:39:19.746Z;desc=hit,rtt;dur=1
timing-allow-origin: *
server: cloudflare
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-E0LWP4D1R1
200 OK 94 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-E0LWP4D1R1
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint97:15:34:CA:DF:1A:DF:2E:7B:EF:E9:6E:44:21:30:2B:ED:13:54:AE
ValidityMon, 09 Oct 2023 08:03:58 GMT - Mon, 01 Jan 2024 08:03:57 GMT
File type ASCII text, with very long lines (5955)
Hash 95493e99877f4b56ccade3f392b0e8bf
30f990532e8ec03fee35ede9efed6e4e08972669
6c13a9b72065e5e5df522aa071b8369d8d4015edab5fea7c99dce0b9e237d256
GET /gtag/js?id=G-E0LWP4D1R1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Nov 2023 06:39:19 GMT
expires: Wed, 01 Nov 2023 06:39:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93616
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash a4afed570449fef4e34c5c994cd7506a
69c29c4d69ffdffaf06f712817825e962a746d9d
0365828a5aa0519f386757034db008647dce8a4780a7d9b3db0e49070efa3040
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Nov 2023 06:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
146.190.74.26/m/assets/css/owl.theme.css
200 OK 1.6 kB URL GET HTTP/1.1 146.190.74.26/m/assets/css/owl.theme.css
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 506c8b74d998f428cf14af9cdbae02bd
9fcfb318df4e30de326e33dfc96cb8a520c00e2f
30e36a0a65a97398505ce89cf57b658ad3ef362c5210a3fbe9c6e6c8b57bd3fe
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/css/owl.theme.css HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 28 Aug 2023 03:12:45 GMT
ETag: W/"4fc4d5835dd9d91:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpT9AnEZI4mbxuwzUVB5QtjyowFBzkXuMGpWMnHlAGr%2FeS4Uym8ot2ZKrNn7wPVtTFWYzMDQPfmKIg5i2u7zKzFesc9vPEARHu6%2Bktfge5IRWNnXOPCb8KZoHcroxIc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d4baff5e6e-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/css/cih/framework.css
200 OK 6.3 kB URL GET HTTP/1.1 146.190.74.26/m/assets/css/cih/framework.css
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type assembler source, ASCII text, with CRLF line terminators
Hash 4ea5477b987e658f2a3e804860db9494
d873c95efaaebbb04fe10b25c3b1c9f51aceec60
37ab7b70fe31cdf30dd626df4e361434806bbd60ce4dfc6b95c0319b66c2dfe7
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/css/cih/framework.css HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Tue, 05 Sep 2023 08:36:15 GMT
ETag: W/"13a28a8d4dfd91:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3liLRRBRCB5gynpYzESi0AtWUCd3hA60dOojCVKAN658rKOKUJNqLJNQz1eZPrhFogqSmMem72ZZ3JjedP8AsHrJiABogCvAOP6%2FrOw%2FaDO1RGx6xL6R3oKNpCQfkcg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d4bfb743c9-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
200 OK 25 kB URL GET HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint87:BD:C2:71:54:40:3F:F2:18:79:1A:89:F5:E9:BC:63:E5:EC:57:64
ValidityMon, 09 Oct 2023 08:10:33 GMT - Mon, 01 Jan 2024 08:10:32 GMT
File type ASCII text, with very long lines (820)
Hash 10092eee563dec2dca82b77d2cf5a1ae
65cbff4e9d95d47a6f31d96ab4ea361c1f538a7b
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
GET /ajax/libs/jquery/1.4.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 24715
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Oct 2023 05:50:17 GMT
expires: Sat, 26 Oct 2024 05:50:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 434942
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash 8f3dead87317ffa593beda4662d355db
e764c31672a1958b7801556cfd864b4a5253f1a3
4dde35ac9bff1db0056e4020d2b7e55c9b8377954c97bbac0c2fbbebb33a90a1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Nov 2023 06:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
471 B IP
Hash a4afed570449fef4e34c5c994cd7506a
69c29c4d69ffdffaf06f712817825e962a746d9d
0365828a5aa0519f386757034db008647dce8a4780a7d9b3db0e49070efa3040
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Nov 2023 06:39:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
146.190.74.26/m/assets/css/colorbox.css
200 OK 1.1 kB URL GET HTTP/1.1 146.190.74.26/m/assets/css/colorbox.css
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 0f14134f42d4ba2709609bfc2806f7c2
4cd9f1edc0e7005a0371c29e7113df057442f1bd
c0623675c74e81a31636b128e37cfd352e0b1c75ae8c07d829e35ec91db14cdf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/css/colorbox.css HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:19 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 28 Aug 2023 03:12:31 GMT
ETag: W/"1b9cb97b5dd9d91:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY7fq73Cq6YSu3eG459Te3kiPt6qIbQNil3aaLRUZfRWb2N6c%2BE9QedIQTuJVn0FmKzvChMEMM0s6nCJgg0KsWKnhzkZ6nGN%2BiDalOPQYXrBS%2BtORWHpeFb5bk%2BEujQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d56ab043b9-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/css/owl.carousel.css
200 OK 1.1 kB URL GET HTTP/1.1 146.190.74.26/m/assets/css/owl.carousel.css
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash aec2950747bbb2c4f7e5a2e377e76f68
5a612d03ea681a88e18b59b83f8b1c4ac1884724
e6e53cf8c6afbf19a2f244cc0989e44b34cd119bc7b655b010f899b02ad8c24c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/css/owl.carousel.css HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 28 Aug 2023 03:12:45 GMT
ETag: W/"8034c4835dd9d91:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOw0ZgxLhnZjS176xfW6%2Bo64UKsDAB9Zje5youQSuQIWFLZQFzEn0T5PQaVE01Us1otJlulUkqOPSb6dTQ3dFvgkE4%2Frj8u27gVKslt0McJovCwAOVuCOpYoDFTHzZo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d4bad9424b-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/css/cih/style.css
200 OK 5.8 kB URL GET HTTP/1.1 146.190.74.26/m/assets/css/cih/style.css
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (457), with CRLF line terminators
Hash 7c66b255e327d0e0efa8b6bda8092c26
e70bfbc2d1466f414ac1e233a7c5d478732ec7c9
6328f8fffef9b2ada0b483ea49c5702bc0bacac38d1883261516afb7797cfe37
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/css/cih/style.css HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 05 Sep 2023 08:36:15 GMT
ETag: W/"8029558d4dfd91:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2BCzqXVngF4%2F4GFh0%2F%2BPf1cFxi0aunTCl%2FrAusv7kQIJGx8R9bYkROfIRw4nujBpFeo7EY%2BL64f27ji1cJoLGuOxr0sGxviPHjMLQ4j%2FKs0HMSL1aRRsN%2B7o44DTvbw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d4b9e40f65-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/css/style.css
200 OK 6.2 kB URL GET HTTP/1.1 146.190.74.26/m/assets/css/style.css
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (457), with CRLF line terminators
Hash c1cd805039b1ac2d9634c57ffbfca0ec
cf129be586772f79e974b5a46f13dd661cfa2c4c
8ab493fcc793e18067dc5fb74dd106c2ef5ff411f01a3d0d2e2488352fec1f65
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/css/style.css HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 28 Aug 2023 03:12:45 GMT
ETag: W/"8034c4835dd9d91:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4FMPzjkjNzvGClPXuXhhqVNUtK6pj739PnX%2FGEo7ecEloLsysvZnTtXjPKTxQbfeJmVspqTjzWV2gxpIbmnpRqE4ScousI3X9pOxFANhbV1%2BK9Pac2lkROgbZPEMAIk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d32b15424a-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/css/li-scroller.css
200 OK 774 B URL GET HTTP/1.1 146.190.74.26/m/assets/css/li-scroller.css
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 971cd512f424759a4ebe6f7ce5a628e9
3fc5746c6bb230294ed19f235f48d79a10305d5c
60c8c5ec1df77c037e53d1d348b6495157b435f3c00e9dc405fb4728a68be142
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/css/li-scroller.css HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: text/css
Content-Length: 774
Connection: keep-alive
Last-Modified: Mon, 28 Aug 2023 03:12:44 GMT
ETag: "8f9e90835dd9d91:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggkqH8XxU6wu1uqKJ%2BVmw%2Bn3RhPESzbxVWqhgBH%2BoANdg5KlpLViySk1u%2F1NC%2BI9%2FMYQ5Eq2mPIV%2FBwFRjVcw%2BTyW%2BkEFWL4Oc691thR7PRYAroB9O3VY7MNSOz1qas%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d57ba10cc2-EWR
alt-svc: h3=":443"; ma=86400
stylesheet.site/assets/img/banjar4d.gif
200 OK 53 kB URL GET HTTP/2 stylesheet.site/assets/img/banjar4d.gif
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type GIF image data, version 89a, 300 x 300\012- data
Hash 44ad25e33044587f11f019937ff0ed14
927b222bb93b8f06f4e620b785d9f05768fa7032
aa40fbc41ecf869b0a017780f8a616e28468e11f373d52b09bffdd9829a289b4
GET /assets/img/banjar4d.gif HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:20 GMT
content-type: image/gif
content-length: 53319
last-modified: Sat, 28 Oct 2023 07:58:55 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksq%2BSRA6negQTaOGotjZjLsGJTgwLzk3DNxutAV2IUozQOKUUAt5oJ4mp2%2BuWhb38ewlGuRnYpuz0Bsw2Hm%2Fxp152o7ZK0KLpZUGcw%2F0g6%2Ba5BKceyK6zTnvZxjcUrJq21k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f223d41e98b4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
146.190.74.26/m/assets/css/swipebox.css
200 OK 1.3 kB URL GET HTTP/1.1 146.190.74.26/m/assets/css/swipebox.css
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 774ee4de9f5ab4d09071371f0d6749c7
16a6a0da24540a160f5f403aa7d8ebf8c5244263
d96a08126a04a7375f2efe0a896c661e359dcf6f30de3f5b23ea02d8b82c835f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/css/swipebox.css HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 28 Aug 2023 03:12:45 GMT
ETag: W/"8034c4835dd9d91:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wH4xpMHcA%2BXpTDPKxzGzKVTwarncnHRBEzA%2FuDehZbjM%2BzD76rpPKC1pzYNFVp%2FiJx0SNAHI9lralXgpN%2FQXneYujUkbtf0fUb%2Bav1dYfKxG2kAfCmivcpcMDir7Tec%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d4bec342a1-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
stylesheet.site/assets/img/rtp-banjar4d.gif
200 OK 166 kB URL GET HTTP/2 stylesheet.site/assets/img/rtp-banjar4d.gif
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type GIF image data, version 89a, 300 x 300\012- data
Size 166 kB (166205 bytes)
Hash 2411c985f5f8e16fbee7d92783d16123
9becb03b46d3c27f8b6be98ad285583f1a84a6c2
2040fb5f97d0b43732d67120bcb429cf54c37612e211bfebed5efe17c243792d
GET /assets/img/rtp-banjar4d.gif HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:20 GMT
content-type: image/gif
content-length: 166205
last-modified: Sat, 28 Oct 2023 07:58:55 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkSoMSuUSlH8D1lhlXNLHM1gXyemdCj55nYrqKoBvP5kFSxG82KFli0euJOW0eUSmsPZtfrP%2B8GL2jB1j%2F%2BokUC1VNlPJwNr5DfXSNtSgl28QO2JhWrertLFSVs8ijLahgo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f223d41e99b4ff-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
146.190.74.26/m/assets/js/socket.io.min.js
404 Not Found 675 B URL GET HTTP/1.1 146.190.74.26/m/assets/js/socket.io.min.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 5343c1a8b203c162a3bf3870d9f50fd4
04b5b886c20d88b57eea6d8ff882624a4ac1e51d
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/socket.io.min.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9RTDPo0U4yPYlJjvJ1K1mrFw0%2BBpzX4497NS1joCu1Uc%2BN4%2BNT9Caj%2F0roYLaSiKUfuBsztI0RteBn814eEh8Z9eJc1UpKF3TwHiM99cRhoxvDBoPQiZla5h%2FICnbE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d6192718f2-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/js/jquery.swipebox.js
200 OK 2.7 kB URL GET HTTP/1.1 146.190.74.26/m/assets/js/jquery.swipebox.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 3565f4fce0113ca5fb436939607f8135
0c5f742c9618d2a8d7911265a55b458329e548fe
61d59ae17309a1e0e1f1f0e5933a02c35613a4a963f1125531010097acd95eb4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/jquery.swipebox.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: W/"802c6794e83d81:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaDyJ4daYvB9PyC5Gk76M97XSfDIENOg5329ZA%2Bn4tEq5i4V6TfPauxIaaAPjo1LuJnxPFUwIAvy4H7lrStrib7PClsh1TkXz6n4BMn%2BrjJLhFzCnU32CHQQh6jsDz0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d7bfa30cba-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/js/snap.js
200 OK 4.5 kB URL GET HTTP/1.1 146.190.74.26/m/assets/js/snap.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash dea2907dfc2d5a29f54d8cb8d1c7a517
2e22b6ff80c6e8c273d2c7885d7d93e2ec1b696f
853d8b3bd86781246bed0cea8829e2b35424f7e9c1a4383b86f16e1a721dedd4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/snap.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: W/"b28fcd94e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 5
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n0aRL0Z2tdzLiAfMbZAFHVW7A0qBztF15sAExqoPgJM4kHTUxVbcJVMI8wIi%2FRgJvIjZtfJymps1l%2FBY6Eehc7d57JEdaP2TGdS%2B%2FZIEyO8gtrM6PGCEiG5whYhU27w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d9e98541a9-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/js/jqueryui.js
200 OK 5.1 kB URL GET HTTP/1.1 146.190.74.26/m/assets/js/jqueryui.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (12805), with CRLF line terminators
Hash 95d11418ed0afa8bea707b494a99a736
63277291c2198d35aa3f61eddcd3cadb72ec969a
8365f4f8555d1e6054ef3c374c68b5133fc97179109158642417879094faa348
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/jqueryui.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: W/"802c6794e83d81:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LyxbUiA%2Bqrp8bQE6bBS4VSdgxop4U4%2BHfza%2BtpNZuIMkJNt2FsvUoHQs213LMs4Ha0SsmwCOo7xSt42Davr6qptVQOUlMkffImrU0Y3p2DM5Isl%2BH1nGxN1Sa4sIPsA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d70ddf4269-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/js/jquery.colorbox.js
200 OK 8.9 kB URL GET HTTP/1.1 146.190.74.26/m/assets/js/jquery.colorbox.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 49291d6de9311bbeb6872c7380beb14d
15eac6919b0104bd528794feece48d2d59dd2033
a4b2a7498918b8eedc7df483a90df4409faf1095defd51a70b2f629cfd54ab3c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/jquery.colorbox.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: W/"802c6794e83d81:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ReUL1KJv09thebHDXxQFkCrCsEY4czqmqGJGZIWjwWkxj0defqDB%2FyLKI1519ODREUBqlqnkapt49TTEHpSB4funHgv9DJOO4RErT3Isbd%2BIPZtebslVGdBsUTtFpcg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d89d3a0f89-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/js/owl.carousel.min.js
200 OK 6.4 kB URL GET HTTP/1.1 146.190.74.26/m/assets/js/owl.carousel.min.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (14176), with CRLF line terminators
Hash d29048fcdb0dc28a7333cddb730667db
63f9894d016e14f1a6d46c79d55dcb84eececdfd
03b8e86fbf37b188c01c05fdbf25e0269fd6effbc38a7f8f00e7ca9f1edee110
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/owl.carousel.min.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: W/"802c6794e83d81:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xtCSU4jwx1aHgLUHt1tpdTiHz%2FaXyqDvSmXYqOVTKRykV5TU47VFf4LjuLpqjxKpKObI2NM%2FqetYZHDH0uLLAC1KAyixx2UeV%2FSXFD4HQ929THAwcVUlLaE8v89w%2FGo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d71dfe0f3b-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/js/framework.launcher.js
200 OK 1.7 kB URL GET HTTP/1.1 146.190.74.26/m/assets/js/framework.launcher.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (306), with CRLF line terminators
Hash ae069e6b42ba9c4adc9cf4aea9756039
980eb82aa2cc5f97adb141f89050c58c05572e4f
25c7a5c3930ca3446ab465863a4ee896bafa7c35040eddc737ed298ea85c18ad
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/framework.launcher.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: W/"e5c9c894e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=daVqD%2BHUTjH1ftg544kLSIvPnDTpKDkv6iic5R3SU6jeUXlALrnUuyn7jlcKule0URovnn0TmZuiXWZ2DaJ3rwtpsTrpbItZ6m02tmzid0kS%2BXNY8mPdsGHZ9mleR7k%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223dafa4719b2-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/assets/js/jquery-cycle-all-pack.js
200 OK 6.4 kB URL GET HTTP/1.1 146.190.74.26/assets/js/jquery-cycle-all-pack.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with very long lines (12056), with CRLF line terminators
Hash 8ba8759ab2df6d223f0496c187b52aff
b6140532972d2aaf10651a31743f77a361b332d4
dc4ab4ecc49d43f7b9dfe2cd5640f5ca361e97127d1e9adbce9aa2e59d3a73da
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/js/jquery-cycle-all-pack.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 18 Jun 2022 12:25:55 GMT
ETag: W/"22c7ac8ee83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 4
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=769iT3v3DlgjyaDS6QslGNld9mUwfOGodP6AuqfxXT6vO6d82gXSeFDMXJHcpq3xcfYjaSVRN84bmW5Bp7vJW1KJVoi4MOTTh6ZEWJFNwEQooe%2Bz9qJvVpkV2phXwGs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223db09cf5e6a-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/js/custom.js
200 OK 522 B URL GET HTTP/1.1 146.190.74.26/m/assets/js/custom.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash f354e0e4d1865d35a9b8e8cc0b6f6178
dd56c188081ebbfa2f6852c3d7ad15a2a12e320d
6bfd56a797265c1caced2989a499807d72992e2f9be9bf603ef9e1cf33e5bc60
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/custom.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: W/"e5c9c894e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FxACgdOxHck0Q6ueSllCdj4z2eN51U%2Bl8otuM1PEU81FlVGecB6sq5wr%2BcVM6A9Qv3ddeiKSXvTuM1Ju0fVaukNJIlL%2Bv73SNQfDUGLo%2FkLDX74WtienexzEBKCUcM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223daaba643ac-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/js/jquery.js
200 OK 33 kB URL GET HTTP/1.1 146.190.74.26/m/assets/js/jquery.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65479), with CRLF line terminators
Hash cfa9051cc0b05eb519f1e16b2a6645d7
149b5180cb9de3f646fc26802440a6ac6e758d40
f23d4b309b72743aa8afe1f8c98a25b3ee31246fa572c66d9d8cb1982cae4fbc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/jquery.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: W/"802c6794e83d81:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSk84m1hJHgsVTVYPskVTRVA3pp3s7erHBwzzXVgtZk5E%2Fol3mKBLjY0k%2BqHJhypkfn%2FoXWfr4Gfl3rHAe0FKDTKFv5d1b39iy89iyskaNikguA%2Ba4UFlKUv3rSNM7g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223d6f9151906-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/js/contact.js
200 OK 878 B URL GET HTTP/1.1 146.190.74.26/m/assets/js/contact.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 073e7ac7f9ab5b189be18ce5fa6d6a21
27699d75808c0da243816a3534032ebb583b3257
3d5e383fae23351686cc56e4488de7893120ac4a08a62a9e3f6522bff0a82ecf
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/contact.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: W/"802c6794e83d81:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iw6XxztiP2HLB0k0z6oiarMe3woUYP36SOIbaTnylagIEE5jhSGqnJLgeCOwaK5K5%2BpsEtFp%2FCrd%2F81IcBb8%2B9rNY9BIX0amRTuCqw6mitPormQsMGWXpF3piUwzsSc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223da2a1041e0-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/js/clipboard.js
200 OK 5.4 kB URL GET HTTP/1.1 146.190.74.26/m/assets/js/clipboard.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (849), with CRLF line terminators
Hash 76a6ed4183a016aa6e31cefd6eb2378c
b181d16c5f099095cddc39014dc80d72390bc1fd
92d8844f681f7518041f096a361f2d439c7085bef09dc732862de97c8f8a5a8f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/clipboard.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: W/"802c6794e83d81:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzwF1TnOdemFTd5I%2ByR%2BQmt1jCvJOVCF2F%2BTlF6OYTqDV4O8Zrlj4MO0v7%2BW5QhAjAoDfXTTAxqid5gYxdVS6MSdRPxWiz1Eei9jUWtqLqeqcw6f%2B2P87Nzqb3KxMB8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223dbbee78c7e-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/js/framework.js
200 OK 907 B URL GET HTTP/1.1 146.190.74.26/m/assets/js/framework.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash cdb561882f376e2b64b0bcb997d1fb76
3b388a7b0535c2ac66e338fe8cebffc5923b37cc
00e37a39c042278d784638464db58cfd6abe38628ad3f5d9c7832625b571e4c0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/framework.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: W/"802c6794e83d81:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31N5%2BhFzKuxoct8%2BfwyrqPbhqzR2JqZINVSlNp%2Brs5tKhFixKYYfBd0Y%2BmiFxijxrZSuvGFmlqw3y12nRqzvnlVhSqyENqol7EKAP%2BJXYAXOt5iRPPqwRG7CJ16FXt0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223dae9ee4204-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/sw.js
200 OK 631 B IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash ef3c2a52686b38c5c0c70e70a4f98dbd
c8050a390b9d29904935a4898009df6b77cd5bbc
ed9fcb61c4e6a245000f0f2a3416c85b0aa40b00da1eec868e0cb73d5e4205eb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/sw.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 18 Jun 2022 12:26:06 GMT
ETag: W/"8e618095e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4JxXHrzwqP3prVS8RXRockE8GAXw0p0cxD7AEcZwCOZXmkqpiIzH9EMK%2FdmmZon0xM8VP%2FoPWvTatf%2F1fJUEU8soAZWgz9NJxeX3rQS2GSkcY3a0lYplmi5do2ocYY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223dd0be50fa8-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/js/clipboard.min.js
200 OK 3.3 kB URL GET HTTP/1.1 146.190.74.26/m/assets/js/clipboard.min.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (10003), with CRLF line terminators
Hash 40012657533c73e27e1085ef4e82aa72
f9e87715b645367caf1360f774ef50de2f732d82
235f2e7ba1c012bdeb996b1f52bc31a0a08aa2d89740723007b3dd088c0c6f99
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/clipboard.min.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: W/"802c6794e83d81:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQjnsuX8RrJKythoHip6nOZZJNl%2BDCa7DUd7Tnic3orj0Hi4sPXOeFDvw0S0dUVrRt2kuQarfScCUmqWBNUsuEthKMkS3TBp22uMlfPI55j%2BfvWhBgtaHc%2BIepSv%2FBA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223dbab0b429b-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/tgsecure/vbulletin_md5.js
200 OK 2.0 kB URL GET HTTP/1.1 146.190.74.26/m/tgsecure/vbulletin_md5.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 8e61b5c19153b08e912add01d3d18c14
4bea4c6804c108745872488f2ca87d92953e6e4e
7bcf85b086e5cc60992a4a036c6b7f831c0fd042fa5b46a118e941627e79b71a
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/tgsecure/vbulletin_md5.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:06 GMT
ETag: W/"0c3ff94e83d81:0"
Vary: Accept-Encoding, Accept-Encoding
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JI7fFEi58adhQU9Xv7Qr4pxbfcmfrqedYfdLRhbrAMdyyQvWCDOotlQ5HV5%2FnM9QTpArnX74qO6zy5eAMlrjeS1GrJm7LGd6B8KJEhWH3IUE0NfdxCq0qf%2B%2Bkv%2FZcgM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223dd4f0043d4-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=G-E0LWP4D1R1
200 OK 94 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-E0LWP4D1R1
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint97:15:34:CA:DF:1A:DF:2E:7B:EF:E9:6E:44:21:30:2B:ED:13:54:AE
ValidityMon, 09 Oct 2023 08:03:58 GMT - Mon, 01 Jan 2024 08:03:57 GMT
File type ASCII text, with very long lines (5955)
Hash 4ec32350d3ca1405d7146870d7fc5fd6
ad9c0bc41b2ccab22b1be7d2784ebee05266fb82
c88b0c99302594465275fe8a62e97c7ed2587784bb0ffea9d6bd25f39b8b7e3f
GET /gtag/js?id=G-E0LWP4D1R1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 01 Nov 2023 06:39:21 GMT
expires: Wed, 01 Nov 2023 06:39:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93667
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
146.190.74.26/m/assets/js/_footer.js
200 OK 683 B URL GET HTTP/1.1 146.190.74.26/m/assets/js/_footer.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 2b7922b83dcd7d6979b4323b1ba63b5a
7045c0e66af32e2f37bc3fc4451e377a423f1aa2
9276f5b595967c95a0b1ee2ae128ec5c98183c8e1551e37d9303f3bd680419bc
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/js/_footer.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:21 GMT
Content-Type: application/javascript
Content-Length: 683
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "3a5c494e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cRNb2IOclh%2Bl5BubHXQo8jFgAvMA5HxDlU1XeE%2BE%2BA3rheroUMquJ%2BS3TMdwLlEqe3P5p1D3H2gBkKX1a1ZHvZ4Ba%2BPQUy3JrRi4DFWShHk0%2FtaGzbwO0dvXqAEiHNE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223de0ecc41b2-EWR
alt-svc: h3=":443"; ma=86400
code.jquery.com/jquery-3.6.0.min.js
200 OK 31 kB URL GET HTTP/2 code.jquery.com/jquery-3.6.0.min.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65447)
Hash 8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 01 Nov 2023 06:39:21 GMT
age: 3582661
x-served-by: cache-lga21931-LGA, cache-bma1667-BMA
x-cache: HIT, HIT
x-cache-hits: 30, 552757
x-timer: S1698820762.632551,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
146.190.74.26/m/assets/css/_footer.css
200 OK 759 B URL GET HTTP/1.1 146.190.74.26/m/assets/css/_footer.css
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 6fd9a93a4689e71c156ebfcc1022ab91
16cd29a2541c881a23816881010c8c656ec467c1
8880ad2e53e1c8c28b79895901fadbbd222b66f2e88135c352419beb3384cbc8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/css/_footer.css HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:21 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 28 Aug 2023 03:12:22 GMT
ETag: W/"e99c7e765dd9d91:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5VpGxB8ZEKyRnJ8cLTAzIPtvot6c8p3Ee5hy8ZkQ%2F2Bes2YY4T5gAGr7zgYkj9CIcb%2FG7A3tCWFKQEUSz0FY2aCdOlzAb9OEHSTo2wwTbuj5zoqk%2FExhqOzEMiIN0s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223dedebb8c5f-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/css/login.css
200 OK 395 B URL GET HTTP/1.1 146.190.74.26/m/assets/css/login.css
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 1370e34b7598c68bf7c767921cf14cd7
4a7f119abeb36e14cc9aab715723f63b88f55208
195b498bebd8db3b0ee79a1bfa82ed25b62fc6e280b98e39961a8363f3bce2a4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/css/login.css HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:21 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Mon, 28 Aug 2023 03:12:44 GMT
ETag: W/"4289a835dd9d91:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQ9L0arRE0KeibfTY861Jod0F0pJkrJmNN3JeQuztS7yl%2F037%2BDoyzjbBEvj7y9MMGEecq43T90HsFzUNZNbNR0eQsvtQ3y3c%2FdLMkaJjXl4h3359DAmb4xQOYk55Zw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223de0f350ccd-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/assets/img/cih/logo.png
200 OK 5.6 kB URL GET HTTP/1.1 146.190.74.26/assets/img/cih/logo.png
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type PNG image data, 210 x 63, 8-bit colormap, non-interlaced\012- data
Hash f5721bc25e841df4907f9e274eca9a5f
30b717795e3bbac52c7bd4e9782f3e3a5e3e9590
15d4763d63e52ae467f886acd23b1846e95b0b31752e147fda382e0ad2046f96
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/img/cih/logo.png HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:22 GMT
Content-Type: image/png
Content-Length: 5588
Connection: keep-alive
Last-Modified: Tue, 05 Sep 2023 08:36:11 GMT
ETag: "d4706d4dfd91:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 14
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBXsnJSg1orfYuGAISvRZmvmNWd%2FnOi5PPcPNNs5u50l4DZh%2FOyKXjuD69F0lTaiu%2FWIVx%2F8Q6oTpbLAvUEaDQ8by2U75vQXFyp1eo93NkhhDgMlLEZfbCm7qUYIPso%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e1ec131784-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/nomor/dice/dice5.png
200 OK 484 B URL GET HTTP/1.1 146.190.74.26/m/assets/img/nomor/dice/dice5.png
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type PNG image data, 20 x 20, 8-bit colormap, non-interlaced\012- data
Hash 5306a42c612d9b5f1a2108d4b1350fde
b7bdc70a3a527b16e73a196ec731cbb11b483cf9
dc36d409bb49368884eda778bf174063e6bbf24de8a0b5cc73ab04e950b3bfa6
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/nomor/dice/dice5.png HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:22 GMT
Content-Type: image/png
Content-Length: 484
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "aae29d94e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z5vWDzeD%2ByrFCupiI38WzV5jsRQjFvrqptnjyoDCOvj%2Byd8RpbK1XPV1EgU%2FBAijak93X4IymRnNyJv46glEd0ZZ4aT3lEloA3lIcyge43TvF2ylEend3tOLKMCTdNg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e1ea5e436d-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/sw.js
200 OK 631 B IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash ef3c2a52686b38c5c0c70e70a4f98dbd
c8050a390b9d29904935a4898009df6b77cd5bbc
ed9fcb61c4e6a245000f0f2a3416c85b0aa40b00da1eec868e0cb73d5e4205eb
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/sw.js HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Cookie: _ga_E0LWP4D1R1=GS1.1.1698820762.1.0.1698820762.0.0.0; _ga=GA1.1.2145570447.1698820762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 18 Jun 2022 12:26:06 GMT
ETag: W/"8e618095e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 6
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2Bo0%2FxdBfhCB1g9PuxxTRQpzsx6jAbHlYTU9Rl43vHtPet2G0nCHSrUekoKmDBCbq7%2BNSBtMl1KRLwuCl8ji4t2MTtboNzOXg988dayyrDlNRiKeStCP5ZYJTyEB39U%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e3a96e42ef-EWR
alt-svc: h3=":443"; ma=86400
Content-Encoding: gzip
146.190.74.26/m/assets/img/eye.png
200 OK 322 B URL GET HTTP/1.1 146.190.74.26/m/assets/img/eye.png
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 57bae42697a0e8317a6b13d94be486d6
6453ca8ad6164e29259f48d4cb45fe76330ffdc7
c0c66386c1ca939fe279ac5033ae61aac5df8523448c9405d664b995f2dbc61c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/eye.png HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:22 GMT
Content-Type: image/png
Content-Length: 322
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "2ef69194e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItDagei1Zhe2j8LWSG7w7d7tRXYUqqAck%2B2LhAbzYg3Y4%2BKiv%2BK%2BPbppjbJdZ52f9TK4ppJExnTpmC4Uc11X67tGJLsUdVjW0%2FO68pcLl7jVyPKePYfKny%2F3xQZ5vVI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e1e8bc6a5b-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/nomor/24d/12.png
200 OK 364 B URL GET HTTP/1.1 146.190.74.26/m/assets/img/nomor/24d/12.png
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type PNG image data, 20 x 20, 8-bit colormap, non-interlaced\012- data
Hash 598bc621763d58abdfb16eac5a52934a
bff960f9befab5fb78edbfa51671c36f77d48ecd
fe10a90db1cf3676bef7a3f2b8ba8987bd9c9e50b74519c197952a96ac185422
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/nomor/24d/12.png HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:22 GMT
Content-Type: image/png
Content-Length: 364
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "5e1f9994e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlXj9TganRWf9WsGI1hRC2CTZEnhn7laooNf7sAeE9SBJaPSvax5E4mSF7XENjAmGsbM4KVv7%2F0zyMrCTl7K5hlOYfPgXOtGHrYRBXAYU5SsX9aZKIFOq9Cts0Kpg98%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e1ee9b8c5d-EWR
alt-svc: h3=":443"; ma=86400
kodesakti.com/website/banjar4d/img/user-icon.png
200 OK 2.2 kB URL GET HTTP/2 kodesakti.com/website/banjar4d/img/user-icon.png
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerGoogle Trust Services LLC
Subject*.kodesakti.com
FingerprintF5:77:F8:8A:2B:3F:21:8D:73:D0:20:7B:ED:41:3A:00:FB:B1:91:0A
ValidityThu, 14 Sep 2023 21:22:00 GMT - Wed, 13 Dec 2023 21:21:59 GMT
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 5fc43091cd71cae3235668128e133e9b
18b4bc6ee053138a8292ba54b0807b95d92bccfd
9aee401e2aeebc61bcaae205612528e9f8692b300871871d4ad5241e5e263eb6
GET /website/banjar4d/img/user-icon.png HTTP/1.1
Host: kodesakti.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:22 GMT
content-type: image/png
content-length: 2202
last-modified: Mon, 18 Sep 2023 16:27:45 GMT
etag: "65087a81-89a"
expires: Thu, 16 Nov 2023 06:39:22 GMT
cache-control: max-age=1296000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McO1kSoiDvJ044LtSDRDkf3vVi0PABw6dUKxM0RAHs%2FMmbY1T1Nt%2F9qWUioovK25MDi1CzIU5mXNwePsfNgfChYho5xaApznya88MzvQOfijtB8eE2RWZlQl%2FMWMvjWB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f223e4eb05b511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
kodesakti.com/website/banjar4d/img/lock-icon.png
200 OK 2.2 kB URL GET HTTP/2 kodesakti.com/website/banjar4d/img/lock-icon.png
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerGoogle Trust Services LLC
Subject*.kodesakti.com
FingerprintF5:77:F8:8A:2B:3F:21:8D:73:D0:20:7B:ED:41:3A:00:FB:B1:91:0A
ValidityThu, 14 Sep 2023 21:22:00 GMT - Wed, 13 Dec 2023 21:21:59 GMT
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 2372a08dd2dad88e32655ca07e0a534e
ece3e39cf9cb3cf725b9839392c34805a74908d6
c9a4bf7dd2f2145f38cdea165877edfea931fa893fabc4fc9401ca84856f4081
GET /website/banjar4d/img/lock-icon.png HTTP/1.1
Host: kodesakti.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:22 GMT
content-type: image/png
content-length: 2151
last-modified: Mon, 18 Sep 2023 16:27:45 GMT
etag: "65087a81-867"
expires: Thu, 16 Nov 2023 06:39:22 GMT
cache-control: max-age=1296000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uE39As%2FWKXOmQjfnIm2ZJ9H2mHH6Vkd7qWcmueIvmd5peHKPLxGaRQq%2F0gvnR%2FbwrTcV6pwaPydk27mVTOFMbeo1bkMRYNJkSJi3IqEvAwBbjo1lDaLZl0%2BgJcI%2BQ8o5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f223e4fb06b511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
kodesakti.com/website/banjar4d/img/search-icon.png
200 OK 2.5 kB URL GET HTTP/2 kodesakti.com/website/banjar4d/img/search-icon.png
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerGoogle Trust Services LLC
Subject*.kodesakti.com
FingerprintF5:77:F8:8A:2B:3F:21:8D:73:D0:20:7B:ED:41:3A:00:FB:B1:91:0A
ValidityThu, 14 Sep 2023 21:22:00 GMT - Wed, 13 Dec 2023 21:21:59 GMT
File type PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash bd1584ee7d07383afdc45aebfdbcdb08
1432010be484178520fb2b40ea35cc7c52b35394
1f2fec66feee5f87c1186ca8693ba54b253e8bb59a9421d83f83576063183c91
GET /website/banjar4d/img/search-icon.png HTTP/1.1
Host: kodesakti.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:22 GMT
content-type: image/png
content-length: 2525
last-modified: Mon, 18 Sep 2023 16:27:45 GMT
etag: "65087a81-9dd"
expires: Thu, 16 Nov 2023 06:39:22 GMT
cache-control: max-age=1296000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7oiBMd9AsHFj%2FETUllhG9kJrhPEO05fYibKCLGGDrx54M%2FlKjGMdp4lvdMGz4geAynQ8SLWynO2t4v%2FkK%2BQJ47TTB7YrkRUxs915FVnUbb6SmogEcpYMHhFXDSLDXUl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f223e4eaffb511-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
146.190.74.26/m/assets/css/Aller_Rg.woff2
200 OK 34 kB URL GET HTTP/1.1 146.190.74.26/m/assets/css/Aller_Rg.woff2
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 34008, version 1.0\012- data
Hash 3b341b0ebaba39765fbe4db198987731
9caf720d089f50268656a7058d71f0d62904d9aa
5e8776d952f534858533c782117e689c5b7d543a8e9ccf100e2992271ba57c53
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/css/Aller_Rg.woff2 HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/assets/css/cih/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:22 GMT
Content-Type: application/font-woff2
Content-Length: 34008
Connection: keep-alive
Last-Modified: Mon, 28 Aug 2023 03:12:22 GMT
ETag: "e99c7e765dd9d91:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wdry8nV9%2FKtFoXKsvLkBHQxWEDLfTzTYwTYHEMY0eg02tFLmCTYadwtSSXhYq1no8ul76NQcMJK0aX83LMfQny4mDKAhO75%2BOa3sWvf7quEFDHKAkY9N2UVfrcocNaw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e1ef825e84-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/nomor/rl/21.png
200 OK 612 B URL GET HTTP/1.1 146.190.74.26/m/assets/img/nomor/rl/21.png
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type PNG image data, 58 x 58, 8-bit colormap, non-interlaced\012- data
Hash a3fff98deb0453ed35dcc518a88946db
1765823418e27e5b65da1c995724343d211057ca
2173bd909bb6f5be484bff7fc27679b02cade38ecfa5e7fc0068801acd991720
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/nomor/rl/21.png HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:22 GMT
Content-Type: image/png
Content-Length: 612
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "1c94ae94e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nVf%2B3ITUDG%2B%2FdM61kVo7FU4yZ7IE8Vb3YR8%2BDXwvKt1%2FZw%2FcON%2FYWnzhnwthTzglS6HG6XfUnEAOoIZJ15APxD7PlF7aXu1ojjSJhkgLq%2BRSjoY7ZET%2FwIFUh1T25Cg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e4291b0c88-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/css/Aller_Rg.woff2
200 OK 34 kB URL GET HTTP/1.1 146.190.74.26/m/assets/css/Aller_Rg.woff2
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 34008, version 1.0\012- data
Hash 3b341b0ebaba39765fbe4db198987731
9caf720d089f50268656a7058d71f0d62904d9aa
5e8776d952f534858533c782117e689c5b7d543a8e9ccf100e2992271ba57c53
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/css/Aller_Rg.woff2 HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/assets/css/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:22 GMT
Content-Type: application/font-woff2
Content-Length: 34008
Connection: keep-alive
Last-Modified: Mon, 28 Aug 2023 03:12:22 GMT
ETag: "e99c7e765dd9d91:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ujuE3A3swBU6OnJfX5L86KywN9AdeT2tj5fi5ubCMi1jz24a0leUY9m0c3w2Ap%2BkZt7C1S5I8ENaHq3yhTbGh1ds6J6qfsFGdUBrAKyavoxP%2B9O0fu%2B9boCMjyZ10io%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e1eaaa435e-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/nomor/dice/dice2.png
200 OK 564 B URL GET HTTP/1.1 146.190.74.26/m/assets/img/nomor/dice/dice2.png
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type PNG image data, 20 x 20, 8-bit colormap, non-interlaced\012- data
Hash 261c06a5e89d162db3477a1093840aae
5015a9a6a5eaf3818a5aecb7d6591dcaa1e11d6b
d74f0b8c25b150f7fc496a1f78e9a45160eb20153825b625e75ed3279e59ef76
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/nomor/dice/dice2.png HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:22 GMT
Content-Type: image/png
Content-Length: 564
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "aae29d94e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HENya5YKol5YYaoYVGxLpe7fOZUVhsYF5ioDwsAQbf0jgUPw2jPaFN0bhJ2PBZreArhQyymWVzQIGlJhiHuTfOI%2Fispmb50suvhLyTmqEhAs%2Fz32mH7RAdlUud%2FhVxg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e4587415c3-EWR
alt-svc: h3=":443"; ma=86400
stylesheet.site/assets/img/gif-banjar4d.gif
200 OK 2.8 MB URL GET HTTP/3 stylesheet.site/assets/img/gif-banjar4d.gif
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type GIF image data, version 89a, 728 x 90\012- data
Size 2.8 MB (2814818 bytes)
Hash e8f2091d915ef191a69ad37e724073c1
e222181042dfaf1e4001c8b28a026335fe4cdee5
37a07adcf62e601b73b53e64efb25568befe8dc2bbc796579347e4379c6744cb
GET /assets/img/gif-banjar4d.gif HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 06:39:22 GMT
content-type: image/gif
content-length: 2814818
last-modified: Sat, 28 Oct 2023 08:27:55 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2FFLZmnX3cLRcIbJiFI%2FgyFJhzQ0d%2FEB9tML4bHZJsxwPvOb6IfdhU6%2FKJlmIyNAOqhfDBEHLJrmDDYZEaEvM%2FxGLCKD%2B39%2F%2B14opjKQyZvtVRwiyIJbcg%2Fp15SzEfn9R2Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81f223dfeb2156c5-OSL
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/nomor/dice/dice3.png
200 OK 572 B URL GET HTTP/1.1 146.190.74.26/m/assets/img/nomor/dice/dice3.png
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type PNG image data, 20 x 20, 8-bit colormap, non-interlaced\012- data
Hash a0c515987356d4d80f7a13dfdc7f3627
d0e2563e34d55576e8d0aa1603dac6dc6ff881b0
e720d12f14321f503feb64ceaa42da7e57de53e99bc16d0d2126417aaada6718
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/nomor/dice/dice3.png HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:23 GMT
Content-Type: image/png
Content-Length: 572
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "aae29d94e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88xk0JRRUmz4ceCDmIVrsrlALZYA1Agcu%2BTb1i98REUZQFlMxi%2BYUyMHVysmylrOXCgOGlZUxw3lwmp%2F%2F%2FhE7TKmIBFftkx149b6hv6Mk1IyoRF51ZoZWePlz4Qk8W8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e5cdc3439f-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/nomor/dice/dice4.png
200 OK 636 B URL GET HTTP/1.1 146.190.74.26/m/assets/img/nomor/dice/dice4.png
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type PNG image data, 20 x 20, 8-bit colormap, non-interlaced\012- data
Hash 78f7abee2c6ff251e397c244a1e8108b
34e7979a5be4148fe2d807df9c0c746cece04ee9
40096f5dd266b62b7bfa065c94cebd53d39220dee32007fc5134ba34701f18dd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/nomor/dice/dice4.png HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:23 GMT
Content-Type: image/png
Content-Length: 636
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "aae29d94e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0HgeWXTHGnfSSkdvX75dGLRJKYBMtddIdqF0Y5CeRmZyJk5%2BMbwLNx%2BqeoEWyoVql3fDmv3aKZZDFQVdFOItLZRJpJE3fUalPFJYhRDGSXpr%2Bk6WllB7SinJL5TAtU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e5cfef8ce0-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/green-dot.GIF
200 OK 4.5 kB URL GET HTTP/1.1 146.190.74.26/m/assets/img/green-dot.GIF
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type GIF image data, version 89a, 18 x 19\012- data
Hash 1f054157de3d015c61e22f35246cbff5
8967bd32fec5af2616268cd33c1deedd4926de41
3c2bfc2238429f24c4dee999823a6ac3c24d562c399023416899bfcaf9e33346
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/green-dot.GIF HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:23 GMT
Content-Type: image/gif
Content-Length: 4506
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "325b9494e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2F3YPBkK2LF7l0XOB0cbzHM8Ntzf5WZwn5DLA%2BctHXup6HuKDArw41RG9FbQtxlGoA8tkqGfcsdy3RhMZpoo7dhxcOTRLxig8EeZ%2Buig7OXFbDNiaLlLMjfdHLHA5uc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e7f9c1c448-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/bank/bca.webp
200 OK 1.6 kB URL GET HTTP/1.1 146.190.74.26/m/assets/img/bank/bca.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 90c98f5c17a6ce343894c1e98d90078f
cc7b555ad308bcd0f85cba346ee9fee9c54d9c6a
4b58a08eb29e04adc619089d8124e83109f9a175c93dcf1293cfd11feaba383f
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/bank/bca.webp HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:23 GMT
Content-Type: image/webp
Content-Length: 1578
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "6da8694e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kcm5xVWPisfvNN6g1O8XJLCSZIk6bPkbXlAsbKw0h5JO77jHPZbhZZVVbpD3GBHygyivARM5qyCNzJ9Jb5Wgs0BLH3TJV8kGDMuXm9ZIVSvHQgfDm88f7p%2BECcXIBtk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e809b641cf-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/bank/bni.webp
200 OK 1.4 kB URL GET HTTP/1.1 146.190.74.26/m/assets/img/bank/bni.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash a212537bf4fc2840241c900d731644f4
b782d767b812dbba7e14b93914fd3c8f2166d35a
583f47b27830ed546a65537ad6534a99f179c4495c1016282f76fd4f5781cf42
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/bank/bni.webp HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:23 GMT
Content-Type: image/webp
Content-Length: 1364
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "6da8694e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYRk%2Fh%2BOAPKorH1Q1WMXVsThu1IAZSSdnxkJWZNy%2Fqj3TAfWjuLMbdZvZfkYMYB%2Be4%2F99iD3t5wwN4QiGRXU8WYxuhS%2Bw2FXbt2Tw%2Bxa8xabxiodA3nn2tWq1j0Tfn0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e83e7742c4-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/bank/bri.webp
200 OK 1.2 kB URL GET HTTP/1.1 146.190.74.26/m/assets/img/bank/bri.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c0962baf592c0fbbe7dca5ecd1d25b9c
d5d1f393fc494f8f4139e78ecf0acdefe3b29dd1
d0c2d57b187ea0297a89acafd79c8fb3dda297730e958b62cee6b07066f8c543
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/bank/bri.webp HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:23 GMT
Content-Type: image/webp
Content-Length: 1192
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "6da8694e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zN4gr0bcXXNucaSc0G12KlKR%2FOocRS2PCU%2Ff6QeAddrI%2FN27v3tOtSyRkXHQEcAVNbIkcEacKNhfiohGxguxIQ1OHHQrMHcJpb5rLAQ8xD7hhMEg11%2BIIEapYfzsWJw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223e87932c434-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/bank/linkaja.webp
200 OK 1.6 kB URL GET HTTP/1.1 146.190.74.26/m/assets/img/bank/linkaja.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5c64e177423a98d281961223c92cab2c
f6b9c089d17c0f3dc8d65c60b9a84691dafd3fb3
b99f1a88207af0d38ef737730d43eca61491f50ace09dcd609f8e673979c0768
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/bank/linkaja.webp HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:23 GMT
Content-Type: image/webp
Content-Length: 1630
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "c56f8894e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IOFOQ%2BaAUHU65ZJWLON7tWVHMJ3jbni2%2FFLe400hmHFsqTKAnNHCXADvZS57H%2FyirRES3%2BqqmOvClkJfIsFEPrUePWeTPTKm%2B8ny6Qmbj%2BC6hFk3Mv8dMawEt3a5%2Bxw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223ebddae0f3b-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/bank/mandiri.webp
200 OK 1.5 kB URL GET HTTP/1.1 146.190.74.26/m/assets/img/bank/mandiri.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2353b8053907decc64f44b359ece209d
04e7249895d9f04bfee8e5c9f7e2eb7316298fe1
3f7fc3e4963723b9301d534230914251012b5a2db1a1b87b9f981ea5f85beaff
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/bank/mandiri.webp HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:23 GMT
Content-Type: image/webp
Content-Length: 1450
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "c56f8894e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZUn%2BvjKSo69OdBhIkuvOCYxxtCc1ruQZP6h%2FE5fRiNG1RS%2BKZsnze3t5Oa%2FhSF3aUFaWl0RgTmWgWJckNp%2FusC8YbTnEQ5EnKrOnwzkerlqWQetWC3cHroC1egvang%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223ec09d043e6-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/bank/dana.webp
200 OK 1.4 kB URL GET HTTP/1.1 146.190.74.26/m/assets/img/bank/dana.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 32db2de3804855356658188a27404441
139e4fd925416ccdc5c8cf52d528374979cd8588
b5eaee746179856064fc540a51fe11475ec1cbb66ec723c99a3ba24a6606dc4c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/bank/dana.webp HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:23 GMT
Content-Type: image/webp
Content-Length: 1430
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "6da8694e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9rnY0CgekaYeVv36%2FtZsUegl0gY0276d3MTer6AJBd6jgz4SbofiHEX57j2x2HJws6Yx1siDSzd87STK67ldfnwg%2Fcdrietde3zhGy0iH6P2jKbOFA%2FYS5oZketiBWQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223eaed5718b1-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/bank/gopay.webp
200 OK 1.3 kB URL GET HTTP/1.1 146.190.74.26/m/assets/img/bank/gopay.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 27e1755407a1e39c3b9fac2015111315
4887cb22484802ff14e0b0379b536f2805f6208c
4604988c5963c5119a29fd4428d134812e332e2a2d4f3cbf7c9ae1b766b62d1b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/bank/gopay.webp HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:23 GMT
Content-Type: image/webp
Content-Length: 1262
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "6da8694e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8U%2Bsk%2BDNuMqJsQSJQogvqjgP%2F6PuqhFx3GG6SvyraupxpBcBNx%2FY%2FJKUddO2yv%2B2dKdhLv0667qncZja9LWL32UICi4Z9cwRzXvMd8cUoEo55Kiat9xbpOFMaK%2BuuU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223eaffa41770-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/bank/ovo.webp
200 OK 1.1 kB URL GET HTTP/1.1 146.190.74.26/m/assets/img/bank/ovo.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 61fd7bd6fe526fdc44afd6cc25d1ee8a
8dccf3ad02ef163b68363b770990f68e2e0f4c22
52092166fb894b8cc8f3ab635a90fa23ee5a3301dd5be574c9b038a3d6d36ecd
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/bank/ovo.webp HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:24 GMT
Content-Type: image/webp
Content-Length: 1130
Connection: keep-alive
Last-Modified: Sat, 18 Jun 2022 12:26:05 GMT
ETag: "c56f8894e83d81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rov0mG7kozsGJ8zZY3VnEd%2BiDeOfolkMOjHllUxJCti6ILekf%2B2HKvbvqTuRghqT99NMsPsNEb4Xp62Y%2BmsV2pKRe%2FvLbmDVrEZ83IF64MlsNol%2BwqIPprKWtrr6nBY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223ec1f60c463-EWR
alt-svc: h3=":443"; ma=86400
146.190.74.26/m/assets/img/idnplay_w.png
200 OK 39 kB URL GET HTTP/1.1 146.190.74.26/m/assets/img/idnplay_w.png
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type PNG image data, 1406 x 161, 8-bit/color RGBA, non-interlaced\012- data
Hash a3de87fab75e7ce205055ebf5a2f4f65
d3e8af8a88ca589afceba7f5235e2f7d1b005a5f
c4cb22031dbeb5333cb6a11b65cf9dad265586c9e80dc5e8ed4e06e2cd83c19d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /m/assets/img/idnplay_w.png HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:24 GMT
Content-Type: image/png
Content-Length: 38741
Connection: keep-alive
Last-Modified: Fri, 23 Sep 2022 04:40:58 GMT
ETag: "701afdac6cfd81:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDcHRdP7CGwmGG4aOx68dgRjwf3jmN7LpunvWjDlAN86%2FNg94voNWxhFySWRWnkEsosOwsRx2HajPWjwkCb1y27EdUONQZ0cqsoG7mTIFkcI6woRnvroWuaaF0niXCo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223ec8b0843af-EWR
alt-svc: h3=":443"; ma=86400
stylesheet.site/assets/img/wa-banjar.webp
200 OK 12 kB URL GET HTTP/3 stylesheet.site/assets/img/wa-banjar.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash e3c41eb46598171538811cb7a5ccc8ea
025faf9f17dc768ae65e57885700ba1dfe29be6e
a0cab3eb94660d06f3451282b467aabe394118264490c6856d9729ca64a71220
GET /assets/img/wa-banjar.webp HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 01 Nov 2023 06:39:21 GMT
content-type: image/webp
last-modified: Sat, 28 Oct 2023 10:04:24 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3nyyJ5bGCbpCCuKPbnfnRCZILusDLOz4tZ5Kr5Yi2DcZqtZ7zF6yHV9VNTfVqXJ2K6%2BD8PRdw1ep7MCu9hH1EM9IBxJuFX63oU7M85UpCOz%2FoGE6jZ76Tnh%2FWK%2B6gQSfnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223dfdb0c56c5-OSL
alt-svc: h3=":443"; ma=86400
stylesheet.site/assets/img/4-mode-betting-togel.webp
200 OK 164 kB URL GET HTTP/3 stylesheet.site/assets/img/4-mode-betting-togel.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Size 164 kB (164140 bytes)
Hash eacac1422a66dee8719e6f8013c0d341
6b5c82d86c789598c709dcce489463f29d634a91
ae197a48ff96f788cce7efe344a9f4f22a366428fb202c54c6b4611920967c29
GET /assets/img/4-mode-betting-togel.webp HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 06:39:23 GMT
content-type: image/webp
last-modified: Sat, 14 Oct 2023 10:20:16 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kd9Yd%2BjzVdiCWm0u%2FbiYgTryhvtHT0ClzMrEiysj7MKOYXbpHNnVbHOjJV%2B7wWcRRDebxgWJWBDBS9Rk5rGQV760Ng9LWt%2BZLEvd79XCkYpu8ejlj1uJhtg4CtOLkCeFIxo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223e80a6b56c5-OSL
alt-svc: h3=":443"; ma=86400
stylesheet.site/assets/css/i-mb.css?v=1.7.6
200 OK 32 kB URL GET HTTP/2 stylesheet.site/assets/css/i-mb.css?v=1.7.6
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type assembler source, ASCII text, with CRLF line terminators
Hash e08ece14cdff46bf9dbd70f6da1131ca
f0217a4916c72e685be8cd21643208b55af81968
1057cfb84ce8f7edc64caac1df14095ce92eac524008fc3856aced1ad3fc7f4f
GET /assets/css/i-mb.css?v=1.7.6 HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:20 GMT
content-type: text/css
last-modified: Sat, 28 Oct 2023 05:40:48 GMT
vary: Accept-Encoding,User-Agent
expires: Wed, 01 Nov 2023 06:44:15 GMT
etag: W/"PSA-4I7OFM3_Rr"
x-original-content-length: 31894
cache-control: max-age=14400, s-maxage=10
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmtR5d0C2%2BduFO3%2BQAbTiNDU07HU3zyVDHEhlfiQv6Jc9BMjGdsB5jkqU62QH7biSItr3AZGqeGozXpH8pl%2FaJ9mTr%2FoAww5fqDYAw52LRCmdMvlqdxzFQCzrJwb54ipXdE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223d44eb6b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stylesheet.site/assets/img/welcome-banjar4d-bbfs8.webp
200 OK 170 kB URL GET HTTP/3 stylesheet.site/assets/img/welcome-banjar4d-bbfs8.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Size 170 kB (169852 bytes)
Hash 85b9aa0c917616211c3f25d1f8c2c872
673ef0fb3b5ffbe9f6f074696b18e325ac85b56d
38b1b48fc2561bda879355abfdb93a67a64acd6e720e2ecff8d71cb7454fbebf
GET /assets/img/welcome-banjar4d-bbfs8.webp HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 06:39:23 GMT
content-type: image/webp
last-modified: Sat, 14 Oct 2023 10:24:15 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSzTX2hQGXxcQuUyBKzOdpYC89EwBnpxVOnrDPESUh1%2BTCNcq4XEkUDCLyLbz2BsZazkS6HsUBy4SdAfwcK7A0CETezx6DCOWOlj1NHkcAHlzxQIOoQ8gyCL6mg1%2F3ggAu0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223e80a6956c5-OSL
alt-svc: h3=":443"; ma=86400
stylesheet.site/assets/js/splide.min.js?v=1.1.2
200 OK 29 kB URL GET HTTP/2 stylesheet.site/assets/js/splide.min.js?v=1.1.2
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type ASCII text, with very long lines (28948), with CRLF line terminators
Hash 87e82731c2ec73d82a3b595b3bfabe7e
5b5fab7d2ead86b2f1936e7123aa09af59e56715
df43006bd9e57b0ad22ae679ac4c3f5dcb1df183cfb36dd8944c157152f6331e
GET /assets/js/splide.min.js?v=1.1.2 HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:20 GMT
content-type: application/javascript
last-modified: Mon, 18 Sep 2023 17:53:00 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YAposTaRPP%2BwxkuQ6dP9E6XZZXLeukEr6WIDMJe1yxBBEAhP2cgSIYVsINUdKC33TRE4AEgUv1KlvsJ9Fgh8Zj6KdpIFEOT0nJCttjh0wD9V1GMXLUymijmdQGuNy1wr3Ns%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223d45ec7b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
kodesakti.com/api/website
200 OK 553 B URL POST HTTP/2 kodesakti.com/api/website
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerGoogle Trust Services LLC
Subject*.kodesakti.com
FingerprintF5:77:F8:8A:2B:3F:21:8D:73:D0:20:7B:ED:41:3A:00:FB:B1:91:0A
ValidityThu, 14 Sep 2023 21:22:00 GMT - Wed, 13 Dec 2023 21:21:59 GMT
File type troff or preprocessor input, ASCII text, with very long lines (636), with no line terminators
Hash 6f31dcb3923f8ef59a2e8fd26e4f3f64
ce2814113fb6d5ea189b80d327d48ca371721c65
3da5b2809b21f8c3e9674c39eb8aaa31efcd1f0fc1b34e5892481ba76f280ffb
POST /api/website HTTP/1.1
Host: kodesakti.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 58
Origin: https://146.190.74.26
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:22 GMT
content-type: application/json
vary: Accept-Encoding
cache-control: no-cache, private
x-ratelimit-limit: 60
x-ratelimit-remaining: 59
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHNAmmkB2GaHeQb0Z5yRER3tRYIUrgKJE%2BfyH6mW4gX4e3WjHz%2Bjr2WGqrEud4Zp82qRQGtjZXJJYiC8C7p1LvEQvBCAEQ%2Fs68CFmPhajE678%2FuSv6lYmm13m3Qu9TD5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223e4ec0a56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stylesheet.site/assets/img/telegram-banjar.webp
200 OK 9.8 kB URL GET HTTP/3 stylesheet.site/assets/img/telegram-banjar.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 64284771715e708d5afd98ec7878f36f
dfc68dc7e28628fdf425116f97af8ac1243b66ed
195ca0c6493539da302c95f538935967f2eafd428e6eb5742ef6650d0ef57dd1
GET /assets/img/telegram-banjar.webp HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 06:39:21 GMT
content-type: image/webp
last-modified: Sat, 28 Oct 2023 10:04:24 GMT
vary: Accept-Encoding,User-Agent
expires: Wed, 01 Nov 2023 06:44:17 GMT
etag: W/"PSA-ZChHcXFecI-gzip"
cache-control: max-age=14400, s-maxage=10
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MtPSWwAjdU%2BXcLLgngS8PzfiHCCKQRrnFVAOAZKUKb0dnTWc9BZ6O7eb9VpCgeiaC%2BQOE22x%2Fm4XWu9VUx9t7rTGGjn26i%2BqTmOcCOHs88PlmviuaSt2rzcvsVjPfdc0T34%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223dfdb0e56c5-OSL
alt-svc: h3=":443"; ma=86400
stylesheet.site/assets/css/f-mb.css?v=1.1.2
200 OK 23 kB URL GET HTTP/2 stylesheet.site/assets/css/f-mb.css?v=1.1.2
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type ASCII text, with very long lines (630), with CRLF line terminators
Hash c5448e7857d5817aafdb1d67d40ecf16
466414ad74f4c9aa34c730a6da1b0ebc7a51c077
391138fc84984840f7bf8d3c63aac8c163b8c2bbde75327e15f1bfbe3fd5ab82
GET /assets/css/f-mb.css?v=1.1.2 HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:20 GMT
content-type: text/css
last-modified: Sun, 24 Sep 2023 12:13:04 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hfiQufxXoSvfB4lb2uWEPwHMoPQviskgSgMMdvLG9UosPVV%2BuhmmK95qhQQJ10v5zGakmYyTcAfflEul98OpABfrVPMSNZ%2BbOLgm5hSfd6YP08nVI%2FQ4P6k1pNJPRnukGw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223d45ec5b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stylesheet.site/assets/css/keluaran.css
200 OK 855 B URL GET HTTP/2 stylesheet.site/assets/css/keluaran.css
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type ASCII text, with very long lines (907), with no line terminators
Hash bbf5add31f1caec8eaab2c90cb8309a7
30a489a76acd5e24536ffa32c136da53de6fd376
93d20503ffbe9741ae97ee36629ed9c3547605fa4af01008b7338e4652a4541b
GET /assets/css/keluaran.css HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:20 GMT
content-type: text/css
last-modified: Sun, 24 Sep 2023 11:27:22 GMT
vary: Accept-Encoding,User-Agent
expires: Wed, 01 Nov 2023 06:44:15 GMT
etag: W/"PSA-eifWbcXixZ"
x-original-content-length: 855
cache-control: max-age=14400, s-maxage=10
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OScSCYLS5HO0igDm6Ge1At%2B8EigwxCeuRbF43Z%2FgCVjytUbAyqxq6gjz00VTs4XfupRDWJ6nEC1DD00%2FGIt0udTtaOa8DlyQ08wyKS%2BSSSUyFixorMgUai%2BzZrTay4pVTAc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223d41e95b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stylesheet.site/assets/css/f-mb.css?v=1.1.3
200 OK 23 kB URL GET HTTP/2 stylesheet.site/assets/css/f-mb.css?v=1.1.3
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type ASCII text, with very long lines (630), with CRLF line terminators
Hash c5448e7857d5817aafdb1d67d40ecf16
466414ad74f4c9aa34c730a6da1b0ebc7a51c077
391138fc84984840f7bf8d3c63aac8c163b8c2bbde75327e15f1bfbe3fd5ab82
GET /assets/css/f-mb.css?v=1.1.3 HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:20 GMT
content-type: text/css
last-modified: Sun, 24 Sep 2023 12:13:04 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7tmI8muxkqxWXycPS80M6BpK1ipnyQPHG1F42HGbz3tmtqCiOLDVFkl86rCIFT3%2BKbHxXj5o%2Fv515LkY5uTRzkYIkfXtsp0fNE1a7dvbwoPbYnLbRVBWs%2FbnEGbn1uW8Hc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223d44eb7b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
146.190.74.26/assets/img/cih/favicon.png
200 OK 445 B URL GET HTTP/1.1 146.190.74.26/assets/img/cih/favicon.png
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerZeroSSL
Subject146.190.74.26
Fingerprint9F:A8:FA:91:E7:28:97:47:4D:28:F8:8E:1F:3B:E6:E0:7F:E0:B0:AB
ValiditySun, 15 Oct 2023 00:00:00 GMT - Mon, 14 Oct 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 0b81063a89e4d4ea4dca0e1d922b2875
87f33d8e8916ecace298bde3f6046988ce3d118d
373879bac40eb765fa51cb8ad40d38fb87c848fb79531f066893f51c8273e135
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /assets/img/cih/favicon.png HTTP/1.1
Host: 146.190.74.26
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/m/index.php
Cookie: _ga_E0LWP4D1R1=GS1.1.1698820762.1.0.1698820762.0.0.0; _ga=GA1.1.2145570447.1698820762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.0 (Ubuntu)
Date: Wed, 01 Nov 2023 06:39:24 GMT
Content-Type: image/png
Content-Length: 445
Connection: keep-alive
Last-Modified: Tue, 05 Sep 2023 08:36:11 GMT
ETag: "d4706d4dfd91:0"
Strict-Transport-Security: max-age=31536000
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdPEs6MZbBCHgGGFbYXqJjXQhTcwig1lBY%2FdQcuhSPD12E8i5mTPzxFUMPDkM9OuxdZYVo7qNsb4BxyWVHTJv1fBGU3q4R%2ByBqsqDtrQI%2Fn1T1mVZiQWEbBEkKFQayU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
CF-RAY: 81f223f0c92e0c8a-EWR
alt-svc: h3=":443"; ma=86400
stylesheet.site/assets/js/script-b4d.js?v=1.1.2
200 OK 1.9 kB URL GET HTTP/2 stylesheet.site/assets/js/script-b4d.js?v=1.1.2
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type ASCII text, with very long lines (2053), with no line terminators
Hash aa49e2668ff41147929f0d5ca59079ad
25166635705eed06545ddde86c4d204cea916a78
3beacfcf3d934b7f4cfdb437a90040f11c1b1fd3004e1e9b5a48f9e773d9fa2a
GET /assets/js/script-b4d.js?v=1.1.2 HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:20 GMT
content-type: application/javascript
last-modified: Mon, 18 Sep 2023 16:33:53 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g0x1Aw4h7Of%2BPxGc3FyTeEzGGXFjfOatCbjUEGo5BJJJEQI%2BHHkLMv1rBxwyp5npZquW6fW9ira%2Bh4mEJypvwALF7c%2F8%2BpH5ReW2%2FLyW6IuhCB9prAHXxZXMhSKoAGOsp3g%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223d41e97b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stylesheet.site/assets/img/twitter-banjar.webp
200 OK 10 kB URL GET HTTP/3 stylesheet.site/assets/img/twitter-banjar.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash b752ea85f69695fe57a7595714b220ca
e2d2b4dc0d7e364af4ed60584d0f04228e369bb7
a666f660142b32cdfb6226ca7d8541344ccdd8c1671aa4110a0e190b9233164e
GET /assets/img/twitter-banjar.webp HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 06:39:21 GMT
content-type: image/webp
last-modified: Sat, 28 Oct 2023 10:04:24 GMT
vary: Accept-Encoding,User-Agent
expires: Wed, 01 Nov 2023 06:44:17 GMT
etag: W/"PSA-t1LqhfaWlf-gzip"
cache-control: max-age=14400, s-maxage=10
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=enA56QVEauv8hAD70RFIIgFhxNtREuYtLQlxoC4t0RVXGe365p91pjYSoCtUfRZuP9ghw2dnluNS0zgGWoe36HXCduxVZ0XvgmYEHl%2FpF4LBdbyuvDOWJEhveauu2OiH98o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223dfdb1056c5-OSL
alt-svc: h3=":443"; ma=86400
stylesheet.site/assets/img/bonus-sultan.webp
200 OK 77 kB URL GET HTTP/3 stylesheet.site/assets/img/bonus-sultan.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 840x482, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cf89b11504ecd843c5a3606c22461936
c35ec17279731838dea5bd50f9007726b18d4764
480571f7618280b5548692b6774517ac865125506c2f09730dd54735fc5257a4
GET /assets/img/bonus-sultan.webp HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 06:39:23 GMT
content-type: image/webp
x-original-content-length: 188708
etag: W/"PSA-aj-z4mxFQTs2E-gzip"
expires: Wed, 01 Nov 2023 06:44:03 GMT
cache-control: max-age=14400
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGwr3ZXVK9k9nl5NM3tGf7cdkHsqplYWTMuHtnGYlgIC5sL58yveauAfOLut8y3xjRwcBZ%2B2CZ%2Bj2EN6bUkxxuHbQuwyeypIGrTsu0WEpQcNRVUlhY824ETtiJYNf%2FLPCGI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223e80a6d56c5-OSL
alt-svc: h3=":443"; ma=86400
stylesheet.site/assets/js/m-4d.js
200 OK 12 kB URL GET HTTP/2 stylesheet.site/assets/js/m-4d.js
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type ASCII text, with CRLF line terminators
Hash 96998f24d7d6728cd34a76a79c2c3262
f363ed604da7c7511f76e7b65e2f59a4128440d6
aa9beea3d769e3157696ca797149bf5ae75ea23a11f6964d32937a78ee1e6987
GET /assets/js/m-4d.js HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 01 Nov 2023 06:39:20 GMT
content-type: application/javascript
last-modified: Mon, 18 Sep 2023 16:33:53 GMT
vary: Accept-Encoding,User-Agent
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G5UvHfzDdSGGGvBiYQe5d38UYOBt3xCdc%2FKzJKPwzNr%2B7YGpQCuMntqoHuuxBX3izOATczXfn8MPat2RBC6pm2q6t0yjN3PgKCSw7hOw5BHHRH598rK4%2Bu3Tx2wXqcS8qT4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223d45ec9b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
stylesheet.site/assets/img/facebook-banjar.webp
200 OK 11 kB URL GET HTTP/3 stylesheet.site/assets/img/facebook-banjar.webp
IP
Requested by https://146.190.74.26/m/index.php
Certificate IssuerLet's Encrypt
Subjectstylesheet.site
Fingerprint2F:CE:55:C1:AF:E3:11:24:7E:B3:1B:F2:4E:AF:21:A0:2A:90:86:97
ValidityWed, 06 Sep 2023 07:44:45 GMT - Tue, 05 Dec 2023 07:44:44 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 811be061adf5e4fb50e1978582d47056
1fe836bd24b2548795e1383ff3a4820b8a71b258
f4d9617e4f4885cc66c7635547ccc35703434317d560f9866569e0ff03de7f3f
GET /assets/img/facebook-banjar.webp HTTP/1.1
Host: stylesheet.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://146.190.74.26/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 01 Nov 2023 06:39:21 GMT
content-type: image/webp
last-modified: Sat, 28 Oct 2023 10:04:24 GMT
vary: Accept-Encoding,User-Agent
expires: Wed, 01 Nov 2023 06:44:17 GMT
etag: W/"PSA-gRvgYa315P-gzip"
cache-control: max-age=14400, s-maxage=10
x-content-type-options: nosniff
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xByOmQovyQ5oV%2BL%2BOCQIC%2B0KIg6RqV%2ByN3tArLh%2BaK9sa34aoVp24aWsAtrwSqM4Im62IUI545SpXQtWQLsSg67qsVTTeOETNgo5qBxCxo57bLt4yCPJSwJ6CGu5Pst%2FiI4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81f223dfeb1656c5-OSL
alt-svc: h3=":443"; ma=86400
146.190.74.26
188.114.96.1
104.21.54.185