| gwp0jg.iwfr.my.id/img/style-img/logo.png | 104.21.11.79 | 200 OK | 8.3 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/img/style-img/logo.png IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typePNG image data, 616 x 90, 8-bit/color RGBA, non-interlaced Hashc632e6bfd0076695e56477bdb3f7232c 5b4212f029814b5dfda946ac5e5a6ba97857feb9 86ccbc1dbeb58af3e6bce5ee52f86a47399da998ad34a0fd2ce9b0b539d92f6c
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/style-img/logo.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 8314
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Sun, 07 Apr 2024 13:48:20 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Jvf22iZmwbaCoPWP2UckipS2%2FDYoqD3y%2B9ZfipVpbar9TUGayD0EeT%2FDEoaYObBga4ayxNgaA9oKzTgSWzJ9NFNDiI6OAM8ho6YXKkc0QzP9c%2FQYBUlcsxzna4aTsuIazqnyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494e9b8a56bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/img/logo.png | 104.21.11.79 | 200 OK | 11 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/img/logo.png IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typePNG image data, 459 x 138, 8-bit/color RGBA, non-interlaced Hashf77fe97fc8f4d06fd93eaf7552c4a3e9 c73f03f3e5a9f460eb83e10ae7312738a36ce720 b695d33c5ece1af9739e89855c4cc718fd6e9550528009ee5ff644cac193cb41
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/logo.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 11185
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Sun, 07 Apr 2024 13:48:24 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VB8RNMXLi8hfkGbj2xpZu6ptIxQpvuDOBYupkDFXmdt2PH3oB8UhOKhFLFVtPPdwmxIlcJ9o%2BkHKP49tnyzLNBFQ0VMhq2MPWtbVMIG8%2BnWiDhwQ5m7cadvRWhm7aZUqE44tEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494eabc256bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/img/tokens.png | 104.21.11.79 | 200 OK | 5.5 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/img/tokens.png IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typePNG image data, 135 x 130, 8-bit colormap, non-interlaced Hashc17d58c98659f3829c4a29a44b737861 53fd8ba7e57e6dcfcbc40b469320b21bf777cbea a20b9d4d4ba5d014e36e326e4f04f5a4a8c1d37803858ba4388b10b12e9177ac
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/tokens.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 5474
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Tue, 09 Apr 2024 13:41:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=il%2FIcxeJgUAyeQBgmh5J1j63WYNgqMqHZcJ4Mykii60%2FPHNVRNvrrppfdSZ0S%2FafPYxHiJH2%2BYJkXzmcDYnQVjxUMPF594Aumwni17u3cE9FZKkRWAjqvuW6Em4MF%2Bj3qqCoaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494eabc656bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/img/loadlogin.png | 104.21.11.79 | 200 OK | 66 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/img/loadlogin.png IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=761, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1501], progressive, precision 8, 1501x761, components 3 Hash421bf7fc26bc832d2e7299bc0d0b7e71 78a347370d34e5748d29066e649721ffd099c627 61e4301996bf745767be4b899737afa23955f825870184df2a111b3921448d29
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/loadlogin.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 65943
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 17 Apr 2024 17:15:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2YhAQ9Y7AZKx2uIbn2n%2FrdTkIYFyW6gyLEYJgrswNb%2F4Ub1S7jgSoBZiwNfehN9TXcQQcjtu9lSHobWQD2RmpQMkdZVDko1Hc5GIZmZ8fni387fI%2Bw64CEhchghrTAGlWPfYVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494eabc756bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/img/style-img/google.png | 104.21.11.79 | 200 OK | 5.7 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/img/style-img/google.png IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typePNG image data, 66 x 64, 8-bit/color RGBA, non-interlaced Hashcd4ff185d3410ed9052bc68e7d4d3215 9e9d601cf6b1d92bcd97ea2552791290f87a7791 1ebc9fc493da388dfbc7c7616b83d9a340b851c9c789d758933dc0b77e4fa003
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/style-img/google.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 5664
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Tue, 06 Feb 2024 21:53:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6BpceryiBNfDSEK%2BVsfoEeiJ8tUKwu5C6fumvzkYpIyydcYpHqMp%2Bkd7R273GBJimwLUik6J0SqB7hfe1JR85PA8iWPml4BD3z7eHDj%2BTUriEisnmfSd7fWK9cKQU5M4yPXyGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494eabc956bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/img/style-img/facebook-text.png | 104.21.11.79 | 200 OK | 29 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/img/style-img/facebook-text.png IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typePNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced Hash74190b93fc4f5d88f0c8e6411ba20bd8 89ce2ecb660a90b8e6ed1b335443d7767c59f28a 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/style-img/facebook-text.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 28789
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 25 Oct 2023 01:55:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qk%2FWF33IV2q5EG9uTc7dDPiVtY7j6BdaQ%2Fv%2B0FAObCHAzIJrMvbMQk1YHdNkE2K1rn0%2BN0V85lQ9lPsKwzwbQGO6EoNNLogtjKtYLI1W2896qRXqccnZl%2F1zRp5PVFJSP%2F54Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494ecbf056bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/img/style-img/icon_2.jpg | 104.21.11.79 | 200 OK | 9.6 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/img/style-img/icon_2.jpg IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeRIFF (little-endian) data, Web/P image Hashe595d05f92349dc2b5aa37164ae376e7 f4ed874d1fceb5eafb7bd5c213715e683fff690f 50cb8b539efb773ccb042e5f18ed308f2d99418e6974603bfe6d39b48659970f
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/style-img/icon_2.jpg HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/jpeg
content-length: 9604
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Sun, 07 Apr 2024 13:48:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1n4S4Od1XAvuBM%2FOEgdcRpdv4a7RAAN95VSMC8RzPtlKv5ZVpfa1lAT2WLRg7sU6y%2BWggE8ByXhyQyFIZZ3ZeLEvlkujzw7v%2F2%2BgvTA7emZCdECrFWm%2FTQaIY0tMDXMWlBVZEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494ecbf456bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/img/style-img/icon_fb.png | 104.21.11.79 | 200 OK | 4.5 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/img/style-img/icon_fb.png IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typePNG image data, 512 x 512, 8-bit colormap, non-interlaced Hash55eef055b7e3c9a7b01e75bf1d946602 298bedf186fdcc606901513a2edbb5bc3ca233e6 9af17159dff494810a71a37678db1df805f264b935730d1c2e5a4d970305917f
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/style-img/icon_fb.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 4549
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Sat, 08 Apr 2023 14:29:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDWze6lFfYEi1ZwJ4Gerya6nvx01Cek0ovbKWMeA6djsC5FHLUodD%2F8Yy1sv4qeOuh2xpsk7QUnwhW3x3CfSC%2B6aQQ6qSxAQqCwSG3ciCK3SGDWu7xK6xh66cVupWu61EW5TRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494ecbf556bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/img/popup-close2.png | 104.21.11.79 | 200 OK | 867 B |
URL GET HTTP/3gwp0jg.iwfr.my.id/img/popup-close2.png IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typePNG image data, 30 x 31, 8-bit/color RGBA, non-interlaced Hash75b8fc9fb0f1dce9c0e53d119e637af8 c429caf6e1ed51a43421419c2a08d8ab8a654ae9 be08cce2cf15dba627fec531ea422ca0bdc76de1c2b61d6de21e2920687d4678
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/popup-close2.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 867
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 25 Oct 2023 01:55:12 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4%2BCXaXRqu4f1ZwlsuCeRUNuKBBRXqUw1AwBVGdl%2BnVGm6KBkO%2FwA3zux1plIjqmE%2B%2BOi%2FhM1vkgDUF5UDOo1A9quFV1S4wS592%2BKGHjXdMfR4jvhvWDLa1JehKUWbcHKYswPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494eabc456bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css | 104.17.24.14 | 200 OK | 19 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css IP104.17.24.14:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (52276) Hash5222e06b77a1692fa2520a219840e6be 8b4236206a8b86af3761a244277663046d7ff7ee 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
GET /ajax/libs/font-awesome/6.4.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css; charset=utf-8
content-length: 18778
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64cac444-495a"
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 346529
expires: Thu, 24 Apr 2025 17:42:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lk1C1SnOn5qwg%2FI0gaA5RPxrtNjJ%2F6IL7bHtmLAZdDVYvUozgeqyI%2FYHTSivhubdFN%2FXeAy9xLX9fsHkoAPKWgv6Gx%2BCZrdhFKBLXSkBqjIAbdTMLd%2BWQkmQSSVSvkRbCmV3wwj6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea494f493156c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css | 104.17.24.14 | 200 OK | 5.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css IP104.17.24.14:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashe9365fe85b7e4db79a87015e52c3db6c 2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9 dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 342229
expires: Thu, 24 Apr 2025 17:42:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xy38Tl224sTJ69YMhNNCTV3IApJfskk4ZeV5chbtuQeIeUNzO8M7FFT1nrk3V3DxrOIdihG84u2f1TvRge4eodeauFQARW%2BDBI9WfE5ZVnf0G%2BvtsoX2GYR%2FXW7qwRuSmdiYIGHv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea494f593f56c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-1.10.2.min.js | 151.101.194.137 | 200 OK | 33 kB |
URL GET HTTP/2code.jquery.com/jquery-1.10.2.min.js IP151.101.194.137:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32072) Hash628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 May 2024 17:42:16 GMT
age: 20043930
x-served-by: cache-lga13622-LGA, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 1, 23844
x-timer: S1714844536.307455,VS0,VE0
vary: Accept-Encoding
content-length: 32788
X-Firefox-Spdy: h2
|
|
| gwp0jg.iwfr.my.id/css/tr.css | 104.21.11.79 | 200 OK | 6.7 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/css/tr.css IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeassembler source, ASCII text, with CRLF line terminators Hashdeaf05db7975bb3861f72433be0074ba b65fa8bb2e0df03ee368b9c7b220477043bc83ce 6b301e05779b0f24d1f86939bfb356e8ac7159192daf0a2c948a928597d5d955
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/tr.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 24 Apr 2024 19:15:04 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FRoJ5KRxLUl8nLHVvDvb3Uefhq2O8lJaXYnhmkc%2Fs6rpL5E0fX1O3Vc90OFhfTDFuEg0dTkPkFn9F8yxyowQwsQSfRSz2JjqAjsIujjNUVS480AJh51xZdjtxEUy28g6IMSMHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e9b8556bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js | 142.250.74.170 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP142.250.74.170:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (32180) Hash32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 16:37:20 GMT
expires: Fri, 02 May 2025 16:37:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 176696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js | 142.250.74.170 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP142.250.74.170:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeJavaScript source, ASCII text, with very long lines (32061) Hashe40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:24:46 GMT
expires: Fri, 02 May 2025 23:24:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 152250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i.ibb.co/pZDr8sd/Twitter-Hide-Password.png | 162.19.58.158 | 200 OK | 28 kB |
URL GET HTTP/2i.ibb.co/pZDr8sd/Twitter-Hide-Password.png IP162.19.58.158:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT
File typePNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced Hash8d1f08b46884df302bf7300fc234832c 5735d57b6fa211c400d439095d5ff2f5bb57e691 e4cff1f68b85c3343554090b3479273a54e5eed2dbb3e56ceb9f86c4ebe8b0e7
GET /pZDr8sd/Twitter-Hide-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 28029
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| gwp0jg.iwfr.my.id/js/lazcode.js | 104.21.11.79 | 200 OK | 212 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/js/lazcode.js IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeJavaScript source, ASCII text Size212 kB (211981 bytes) Hash861c5b24b0d507422bd3135316d53991 78d8bd9bba8ea72352b115816378269641e05977 7a95c7a570bd27ee23efde0d51636c2a01e4a331ffc3b603a9d479cb378e254d
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /js/lazcode.js HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/javascript
last-modified: Wed, 24 Apr 2024 17:48:08 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=diRmwDS%2BAliEXf8P1Gn5WrLgyZt0nix54c%2FHkfpHDI5xnC0%2F3N4fCqY0rTTvOXjZv2CP%2BRF6jpn3qhCoYkGk6LnYANzNTLiX%2FKXiBNloNHWDhURbaTvYlOR9c7Rfjr0fLWw2Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494ecbf656bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/img/lazbutton.png | 104.21.11.79 | 200 OK | 64 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/img/lazbutton.png IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typePNG image data, 760 x 175, 8-bit/color RGBA, non-interlaced Hashf2e0aad42493c3acecf22fc5f41d1779 d929bb4540513eee48019bca0ca4eb16dc9dd258 98c433cba5798e38edc467e6b2399e281003a66613192f9f4dfd626287d96178
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/lazbutton.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 63807
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:50 GMT
last-modified: Tue, 23 Apr 2024 00:35:44 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19886
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2HhNb8FpBmdmPBvh8vRjBaU%2F4%2FEIYcKbBnaCs2G2aD6yoIN3S06bHAr1EUONGikkQ3iz9IBFkN1x2mREZFt0WekpXz%2B9kh5%2BX24E3egiyFf5p15f2WIU4ynjakTae6LHNm5TA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea495269f356bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.pubgmobile.com/en/images/nav_language.svg | 23.36.76.250 | 200 OK | 675 B |
URL GET HTTP/2www.pubgmobile.com/en/images/nav_language.svg IP23.36.76.250:443 ASN#20940 Akamai International B.V.
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashd8ba211bb1be1a15bf5b0143ca1b009a 215203609a551dcaccf6e434508623f302635f86 a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6
GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
content-length: 675
date: Sat, 04 May 2024 17:42:16 GMT
akamai-grn: 0.f64c2417.1714844536.6477895
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 | 104.17.24.14 | 200 OK | 150 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 IP104.17.24.14:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 150020, version 772.1280 Size150 kB (150020 bytes) Hashd5e647388e2415268b700d3df2e30a0d 97f0942c6627ddd89fb62170e5cac9a2cbd6c98c 886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9
GET /ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gwp0jg.iwfr.my.id
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150020
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "64cac444-24a04"
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 342087
expires: Thu, 24 Apr 2025 17:42:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Z13JWJoPiDLPEWrVPZ4HSMWaiqCe0KDy%2B38%2BaHqPCzfdBo0Cwhqf%2Fu5qJD7DzStfgNH%2FiNfQ3OM6foJhFAEpJUNhv4kNFlR%2BtccJ7ZiQQ%2FiJFQzlCho8VBE4niE8ff9CTB%2FHkNf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea4952fe240b59-OSL
alt-svc: h3=":443"; ma=86400
|
|
| i.ibb.co/PYpHF6b/Twitter-Show-Password.png | 162.19.58.158 | 200 OK | 28 kB |
URL GET HTTP/2i.ibb.co/PYpHF6b/Twitter-Show-Password.png IP162.19.58.158:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT
File typePNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced Hash2fd203703821d5ce5d18bee2a51b779a a78d7b1369ce8bc34de57909af142043cae446f0 6b82611fa96f118128b0db9692dd982ca0fe79b1b4d8048946880600cc4f97c8
GET /PYpHF6b/Twitter-Show-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 28355
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 IP216.58.207.227:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15044, version 1.0 Hash4806226b885b3b3d0ae52142f6bfb3af 2ea5cc6d5e4adb874989a2b74bda062296fb1ad3 714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gwp0jg.iwfr.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 11:50:19 GMT
expires: Sat, 03 May 2025 11:50:19 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
age: 107517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png | 104.16.156.36 | 200 OK | 8.3 kB |
URL GET HTTP/1.1dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png IP104.16.156.36:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerTrustAsia Technologies, Inc. Subjectdl.dir.freefiremobile.com Fingerprint98:6C:52:83:2D:43:AE:BF:56:35:62:21:67:C0:64:1C:06:AB:10:36 ValidityThu, 18 Apr 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT
File typePNG image data, 616 x 90, 8-bit/color RGBA, non-interlaced Hashc632e6bfd0076695e56477bdb3f7232c 5b4212f029814b5dfda946ac5e5a6ba97857feb9 86ccbc1dbeb58af3e6bce5ee52f86a47399da998ad34a0fd2ce9b0b539d92f6c
GET /common/web_event/official2/dist/client/img/full_logo.969f536.png HTTP/1.1
Host: dl.dir.freefiremobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 May 2024 17:42:16 GMT
Content-Type: image/png
Content-Length: 8314
Connection: keep-alive
x-obs-request-id: 0000018EF0C84E84941CD169E3F393ED
Content-MD5: xjLmv9AHZpXlZHe9s/cjLA==
x-obs-replication-status: REPLICA
ETag: "c632e6bfd0076695e56477bdb3f7232c"
Last-Modified: Wed, 10 Apr 2024 03:54:58 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSWVQDaQXvzJjcpftemybSShaG5ASS7x
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Server: cloudflare
CF-RAY: 87ea495388031c02-OSL
|
|
| gwp0jg.iwfr.my.id/index.html | 104.21.11.79 | 404 Not Found | 1.1 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/index.html IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash8150f458ed6fb9b1db4e5cfa57a1a281 6e5726854d28687b560d7fdcb5c782c425c7dfb9 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /index.html HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJ9Etni%2B2XBt%2FCiw0w8u1uGxmBpqLyaiO482rDslw%2FtLvu5sh9a9O5gPTlfR9aytYefbmp26BeLknk1L%2BadGsG5EmEO8VYsGeJTuOZtzlGMoRCYHGKqqH50lbGkrK%2FE%2FVZxxAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea495269ed56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| d2wn68h1k.olf.my.id/media/putaran.mp3 | 188.114.97.1 | 404 Not Found | 818 B |
URL GET HTTP/3d2wn68h1k.olf.my.id/media/putaran.mp3 IP188.114.97.1:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectolf.my.id FingerprintCF:AA:4B:28:2C:23:8C:75:D1:85:47:F4:39:D4:AE:85:55:56:0F:C6 ValiditySat, 13 Apr 2024 09:44:18 GMT - Fri, 12 Jul 2024 09:44:17 GMT
Hashf67ed3cb3a5a6d303a71e00741aa2a5f 5a5ff708f77ab28bcdfda8ab23def2fb837c1cc9 de0561748945b817e812f1cf741b87d700e9ac53fe93b4a99460d9fe1cf49834
GET /media/putaran.mp3 HTTP/1.1
Host: d2wn68h1k.olf.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLpH77kCdrxxYwXOz1VIi6hdIfHTaSx9bd5viLpFU2BPNZ1AaxsTRVEE%2BEmdg%2FK%2B2itfUrcZPH2WMbIVgLscmes6MJhVXK9pZi%2FJhKx12vT08r4ZK23rNRBr%2BVRruwSMv4Mftiia"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4952ecc3b4f4-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/css/style.css | 104.21.11.79 | 200 OK | 6.3 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/css/style.css IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeASCII text, with very long lines (354) Hash0371419b5ddd4578b8882916cce3aae1 7cb9039cf719e52bfd5449e0bf0ff713fa838d05 1144f1063a0254e9764d9c23da12852aab26f6adc6bac76493c12401a20e0a5d
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/style.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 24 Apr 2024 17:40:38 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2RpeYX7fCJwhCAyi6Q0xL1EN02LW3ZTInc9Q1zXipar1IXUGkj%2BlbRWi9YAYo5LlBVkxsVEv4E1GLHCL5dBlmYveCtpK8y2nOKcNTMsn%2BNC7gvlwWbCvD1j0X8kdXsSOihD7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e6b4556bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/js/showHide.js | 104.21.11.79 | 200 OK | 18 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/js/showHide.js IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeASCII text, with CRLF line terminators Hashd3e46c4a7d95270da519489746521b1a 5f5a383b6a1a635695e2c72aace79363708f82be 8023fc37af7de956061342860b38dd1646ce1f1fa7ecc2ce703e2b544b2bd283
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /js/showHide.js HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/javascript
last-modified: Wed, 25 Oct 2023 01:54:20 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 1864
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J69E1QsUee4SJ97Z1rSswMcEw5qRNYmNsnDoJOUWzaAWo9Wu3H%2F8b6MdyTzGGD%2BV2vczWynscngZ89A7wROdRfX%2BbJU3h4vKQd6Sk5qztXwi1rk66i06z1%2FclpLeutIYOLTWwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea4952ead756bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| l.top4top.io/m_1725u5z7i1.mp3 | 135.181.63.70 | 206 Partial Content | 20 kB |
URL GET HTTP/2l.top4top.io/m_1725u5z7i1.mp3 IP135.181.63.70:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerLet's Encrypt Subject*.top4top.co Fingerprint8E:68:31:71:67:48:80:97:18:D7:75:1F:EF:2C:6E:F5:43:2B:3E:B2 ValidityMon, 01 Apr 2024 00:05:12 GMT - Sun, 30 Jun 2024 00:05:11 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Hashee5b5d12064ae26f839b882edb33da62 6fa93ef00f294eec4ef05276e81813db1e95e346 4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Sat, 04 May 2024 17:42:16 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sun, 05 May 2024 17:18:56 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Sat, 04 May 2024 19:42:16 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
|
|
| gwp0jg.iwfr.my.id/css/animate.css | 104.21.11.79 | 200 OK | 5.5 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/css/animate.css IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
Hash8eae1a9cfafdc593321d4d59ec4905ea 232f5f3f4c3a0a56823e0e933f9c7fec3aa9cbcc e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/animate.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 25 Oct 2023 01:51:02 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IIqGjORQRK5mfkQNxXjlzR39uEApGbRsp6x%2FgzyEI1un1qyG1FZQAIx09Z%2BJdwteMTZGkaesdlksWld9umzdNwYVtkl4TYEkrYhrjxEPT01vnKtVSNweYvn4S%2BcoFHK9xFcUtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e7b4e56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| | 104.21.11.79 | 200 OK | 24 kB |
URL User Request GET HTTP/2IP104.21.11.79:443
CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (452) Hashc45b6fa358c4359b17f9cbd90f64b24b 192048bf3f5ae92c286e732aba46fea3dd72edd3 dc90965357dff7b9ac15861c1126742325440332dcbebaad5fc963bf55d497c1
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET / HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:42:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uYbeN8hi0KekLLWBBR%2FqmPk78urt0wvLvNhDXzQGKl7zbjTE7BVKRDSxIcljuF4bPpv1jvbYW0%2Btn57xBdoHElWFfpL3b5FwLgLaY7XIOBltM16eo0ujsAXQa5ReUcppH47eow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494a582856b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gwp0jg.iwfr.my.id/css/style2.css | 104.21.11.79 | 200 OK | 25 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/css/style2.css IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeASCII text, with very long lines (7259) Hash2e04791ca92885338dba25667e11f755 d52f88066b5bbbedf07c402be63b15c1fb3d64ee 482c6bcc8b1fa18556592b0b7f42bf13f68798dd2921d86e0bda175b528c8829
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/style2.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 24 Apr 2024 17:40:38 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tyhTNGZIOaRseiDgQeZT2P%2FK5ge88o9pHnxRXt2tK8WDM75G7x4CuIu5F6Y0sWZq21RZggnDdV%2FJj03BWpAWxTySWUwnk7L2xJgR6ery6u1rf%2FIwwHBrzuJn7iP9BrixcNZmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e7b4d56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 22 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.10.207:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9e01696f4dd85a48838a9ea9ee82ef4a
cdn-cache: HIT
cf-cache-status: HIT
age: 350681
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea494fdcb1712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gwp0jg.iwfr.my.id/fonts/laza.woff2 | 104.21.11.79 | 200 OK | 22 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/fonts/laza.woff2 IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 22220, version 1.0 Hash345579e8566a3dd6dc9feb5362fbe7e1 df075dd0c26e72fd7df19948f07904c1eaa72ded 1d0dfcc32b3be2bf3b3dbc371e9b7c5ce205f4bc6f7c8ce0226256cc7064c3e4
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /fonts/laza.woff2 HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:17 GMT
content-type: font/woff2
content-length: 22220
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 17:42:17 GMT
last-modified: Wed, 29 Nov 2023 23:01:44 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n6ICVjkwCyanv8YCMgV1V0%2FkpdPZrWNumuzafigN2J6kyG%2FVmBfKt5%2FAtmHwwKT6weTF1nAd2eN9WS1ywJ1VS%2F9LNA0cDqJemCCCEwxYs%2F3buWWPxsuBw5BhIPUEtQiadTkh6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea495269f556bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/media/close.mp3 | 104.21.11.79 | 404 Not Found | 2.7 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/media/close.mp3 IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
Hash054c4e5b0731cef556131e170ca16280 6b64c5865490f0488138454127386514cd47430c f851a6b7f2bb3292c85bb5bb88b5c18b2bb97b0364aa234f39fe9c8ea38d8183
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /media/close.mp3 HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Sat, 04 May 2024 17:42:17 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VVLwHDTsx879Drumkk%2FdXLqNbzumx9ZWsWXCgOeLySOLPaObXAKKo5%2Bf%2BH9l%2B6kSzdWfsVn4ogQCnlridoyinycPTTXPoOh1RIddbtzGFXvxF0yikyQ85PyRlUrDZJa%2BCGaj2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea49539c0b56bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.pubgmobile.com/en/images/nav_menu.svg | 23.36.76.250 | 200 OK | 426 B |
URL GET HTTP/2www.pubgmobile.com/en/images/nav_menu.svg IP23.36.76.250:443 ASN#20940 Akamai International B.V.
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hasha1f09c4f5c87271dbccf8cb05885ad42 18bbacc9c372dcb6bc77c2475595e058c1ad1594 b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a
GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 04 May 2024 17:42:18 GMT
content-length: 426
akamai-grn: 0.f64c2417.1714844536.6477896
X-Firefox-Spdy: h2
|
|
| gwp0jg.iwfr.my.id/css/login/facebook.css | 104.21.11.79 | 200 OK | 4.1 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/css/login/facebook.css IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeASCII text, with very long lines (4392), with no line terminators Hash3adc29a32c52542550c5c29cf3745026 535971433c82b138b250f7c921b36f3f1152d908 1c6b34f563e3dd9d9e6c582637924e10dbee2b77003a16716952d8d71981a320
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/login/facebook.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Sun, 30 Apr 2023 12:33:24 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9fqDSh4fBAd3%2BuBeWn%2FkqN0EogXcMFZXAN%2BdkFyBFmaM1xaVGA6yqbqcL0olmulsLk6rtoN8g5oDdxpMaJnill0aopKk4jQT5W%2BKJYMdttDkP3ogiwkncVtjo8vn0zoSiwV%2B7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e7b5f56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/css/google.css | 104.21.11.79 | 200 OK | 4.7 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/css/google.css IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeASCII text, with very long lines (5117), with no line terminators Hash89a5d57984f3b8f805d26d28b1186269 232b658c1f732dff7f5eb75cd45adafe60e712ab a6272b0608c58d56d36fa0bfa33ac7dcc854d4d74fa1a02adf4d2b6c738fb04d
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/google.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 10 Apr 2024 15:47:52 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bHYAuzkFdwgf55CQFuWhGTIaVHfanUMPB2PTJmMCwyxnsJsiswvUPgp0yTi2B9GQ2wfgnx7TvRvrQufcTR7xhkPD7gXZhk0TUVfSDxMUtbWjnYlRrImBywTlhJ9r9mkNZlLoYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e7b6056bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/js/sliders.js | 104.21.11.79 | 200 OK | 515 B |
URL GET HTTP/3gwp0jg.iwfr.my.id/js/sliders.js IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeASCII text, with very long lines (547), with no line terminators Hash1a8aabdbd97c821c7818e5b5a1bca336 035e2e037daddbceb4393cde1ff972be3ae7cb87 3b13dafadf708ff1f8415c83e2224fd3f90d77d94c24d77af050600822e0338b
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /js/sliders.js HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/javascript
last-modified: Mon, 04 Dec 2023 13:53:42 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n9HiXN4Xn4oKoPwnYvSx31hDXNpcNBTcTZdqWd1kK%2FVRqrKYL%2BK8jkkg3xf9gsg4qIy3IPrI92%2Bw6ehSHr%2Bq7DqVKm3HZaGJWgMRgWK3a45uqpelEG7ghZRSrcyshNgZcFghxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494ecbfe56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Teko&display=swap | 142.250.74.74 | 200 OK | 1.2 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Teko&display=swap IP142.250.74.74:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typeASCII text, with very long lines (1182), with no line terminators Hash517c67874f6f9ada9c4283fe962de9cf 3ef9577a3d48a4d102dbad75e10bc5563e08d81f 6a843b3e563cf2b17bbb15e15041f252e7524deb41991c4a2ce088b0e1c7f29a
GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 17:42:16 GMT
date: Sat, 04 May 2024 17:42:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gwp0jg.iwfr.my.id/js/timer.js | 104.21.11.79 | 200 OK | 3.1 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/js/timer.js IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeJavaScript source, ASCII text, with very long lines (3320), with no line terminators Hashefd255d5169e94333606783e17b0c305 d32b417dc9e56d27f979feb79db8b9a8efafc2be c322ed023b5df32a9f6c4c5423723d0e045a7b5196b1aa268caf1946c005740d
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /js/timer.js HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/javascript
last-modified: Sat, 02 Dec 2023 13:22:04 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SKoUxjljanTUsHLf%2FpXT7fldryoDHs4WErsW5LRRwVNHCXNYVnOTGQv4LJL7BNXbJzjTNLKaWy%2FIkUYqcy22y1jBpOH4EvJyRmqj5pHEP%2B7y7LdqUi%2BGbdsctJJMjSEiYcxA0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494ecbff56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/css/loader.css | 104.21.11.79 | 200 OK | 6.0 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/css/loader.css IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeASCII text, with very long lines (6144), with no line terminators Hash0871902c1e3fc03adc8b54a4e0a72fe0 4f3d6341461c9830fa69c856f32620ebc04ecf60 0ec9849f16e30ce86df6ddd24db1f52074a26a965ff230da299726bac140e5e6
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/loader.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 25 Oct 2023 01:51:20 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FqAGxmoQaHQ6FHXW8UcaE79kDfNBpa0u8kI09iXRziiTFWwi3Uov1MlrfQMbmhSqcGCSDLt5o7DO5aNugJEVPUAv8CzoUFY2Pv9dHJ1yFkDLRYDmo2pBVN%2BY%2FfElTOZhLr94rA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e7b5c56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/js/slidernotif.js | 104.21.11.79 | 200 OK | 405 B |
URL GET HTTP/3gwp0jg.iwfr.my.id/js/slidernotif.js IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeASCII text, with very long lines (424), with no line terminators Hashd04e2bb8735775658ecc02f82de70932 57fa114a33033889cd385cab4da967d093fc7eb6 1e0b76759a4ed491e1ca4ae888c32d19a9f1523856e5e4080c395e8f91fa6612
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /js/slidernotif.js HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/javascript
last-modified: Sat, 02 Dec 2023 17:41:52 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDpCM6yIUURQkreOtAD1MvmJqpq1t%2By%2BETKKFf72iKJ3zs0N9ktLj6deZq1Kmn5pePt%2B6B4KTwHbh%2Flg7paGnXSAoEwggyPtYnjs8CftOsTiHHdB%2FdGohgojETxZYq6MhQghIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494ecbfd56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/media/open.mp3 | 104.21.11.79 | 404 Not Found | 1.3 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/media/open.mp3 IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeHTML document, ASCII text, with very long lines (1285), with no line terminators Hash94f08a3a6562f7f079c4f5a67b7260e2 cc5d03e17c41ee6bb2ebf0d26d4354a486ca1823 44ea069d9a3f7dcea953ac173384578b6185f4b2ece05a6f4513b9fda29c4c29
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /media/open.mp3 HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 04 May 2024 17:42:17 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77Qqbo8b8ZAej4vr4MD1FI4hxyrQ2hVhDTRt0POHXcVjqcnXPYczuNYl6jM%2FvNGzUsb7%2Fbx3FSsX%2Fw5L8XcU6sIJqNCaeQ68Z%2FSqUYHtKnC0fa%2FaVuaoQD9cv5PkxPfZ8x613w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4952ead956bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| a.top4top.io/m_1725zobal2.mp3 | 65.21.235.194 | 206 Partial Content | 18 kB |
URL GET HTTP/2a.top4top.io/m_1725zobal2.mp3 IP65.21.235.194:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerLet's Encrypt Subject*.top4top.co Fingerprint8E:68:31:71:67:48:80:97:18:D7:75:1F:EF:2C:6E:F5:43:2B:3E:B2 ValidityMon, 01 Apr 2024 00:05:12 GMT - Sun, 30 Jun 2024 00:05:11 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Hash70ded6b0b406f9710307bc35e221629f 7034ec2ff72c936255b04c0890ce8976599380cc 22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Sat, 04 May 2024 17:42:16 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sun, 05 May 2024 17:18:56 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Sat, 04 May 2024 19:42:16 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
|
|
| d2wn68h1k.olf.my.id/img/style-img/twitter-text.png | 188.114.97.1 | 404 Not Found | 0 B |
URL GET HTTP/2d2wn68h1k.olf.my.id/img/style-img/twitter-text.png IP188.114.97.1:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectolf.my.id FingerprintCF:AA:4B:28:2C:23:8C:75:D1:85:47:F4:39:D4:AE:85:55:56:0F:C6 ValiditySat, 13 Apr 2024 09:44:18 GMT - Fri, 12 Jul 2024 09:44:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/style-img/twitter-text.png HTTP/1.1
Host: d2wn68h1k.olf.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FckSelmRfY8bVzxlVZ%2FsM3Kwc7metVpLR7VgTwgAfelgnjBgFgtZaoIWHlv%2FvR%2FIMHVUPMK5bfcmrVIMpcOgh4%2Bcu%2BKTRFmu4QPqSy5HqSyfIfdrCjtM1BJimP09zzkR%2BLweq%2Fx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494fcd63b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 | 142.250.74.74 | 200 OK | 12 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 IP142.250.74.74:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
Hash807349734f3707b50b73c3fd626526e8 2f3ab67f0ffa01bc1f0c180cae9085ecc8d96d63 ce7d7e11e41b1b3619cbdf436bbf2557fda2d97d434e65fab281207ffae5c0d0
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 17:42:16 GMT
date: Sat, 04 May 2024 17:42:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gwp0jg.iwfr.my.id/media/open.mp3 | 104.21.11.79 | 404 Not Found | 1.3 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/media/open.mp3 IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeHTML document, ASCII text, with very long lines (1285), with no line terminators Hash94f08a3a6562f7f079c4f5a67b7260e2 cc5d03e17c41ee6bb2ebf0d26d4354a486ca1823 44ea069d9a3f7dcea953ac173384578b6185f4b2ece05a6f4513b9fda29c4c29
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /media/open.mp3 HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 04 May 2024 17:42:17 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wUgzXU7wfobphcrnE9gYF5F2%2FL5LGGa%2F59lPLQZ9gzOBLym0m3T7i1lxUhSnXpr%2FRIvtKJq9yvzkww720OOD1%2F3o5N%2Fi0y%2BSxv0YqAAh9GdbOJoU1OpNPEsFbFNBuSp1AW6c3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea49539c0056bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gwp0jg.iwfr.my.id/img/style-img/ff-logo-icon.png | 104.21.11.79 | 200 OK | 1.4 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/img/style-img/ff-logo-icon.png IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typePNG image data, 71 x 61, 8-bit/color RGBA, non-interlaced Hash7829ec7999775865a662468dd7e96117 d2dda88c46098945bfc1282724aa86478acddc10 049490ddf516d0c066e4245937065d8ff549ecddfd0f6ebe55891960627c86e8
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/style-img/ff-logo-icon.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:17 GMT
content-type: image/png
content-length: 1414
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:51 GMT
last-modified: Wed, 10 Apr 2024 23:33:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19886
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gVZDQy50p%2F7kDbD6mydYUOMxvG5getD9CycV5TBlGV2qtWnBVoU4TklYOQNc1aa17cEDJrbY%2BID1A%2BJRKlCLsrSXtdoxX4sbiGZ2IAQXpzHbEPQlS2yswpqGLluZlAJ1E6NbUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea49572b3556bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| d2wn68h1k.olf.my.id/img/namm4.png | 188.114.97.1 | 404 Not Found | 0 B |
URL GET HTTP/2d2wn68h1k.olf.my.id/img/namm4.png IP188.114.97.1:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectolf.my.id FingerprintCF:AA:4B:28:2C:23:8C:75:D1:85:47:F4:39:D4:AE:85:55:56:0F:C6 ValiditySat, 13 Apr 2024 09:44:18 GMT - Fri, 12 Jul 2024 09:44:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/namm4.png HTTP/1.1
Host: d2wn68h1k.olf.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guad8gvzVn%2FaTU24%2FT3XTrzC8v6zF5XmE0eWq1A9helAZtaFyJ74aT114iktOw%2F%2F7q0QznVXPJ7k%2FuoizpIdAHkPvqPtrRxzUZhY%2BWixJkd4VXwVC4pn9dq%2FbqoTfG%2BoKyF6NMD3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494fdd83b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gwp0jg.iwfr.my.id/img/bgreward.jpg | 104.21.11.79 | 200 OK | 210 kB |
URL GET HTTP/3gwp0jg.iwfr.my.id/img/bgreward.jpg IP104.21.11.79:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectiwfr.my.id Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31 ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2157, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1080], progressive, precision 8, 1080x1884, components 3 Size210 kB (210267 bytes) Hasha54746056ec103509238b3ee4d1abe37 1254a00b8ae7da04b7f628c1da5fb1d5dcc5eab4 5e83547f2124d71adadd5ab6402109ac93d4b4f54f94aa55338dfecc0807445a
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/bgreward.jpg HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/jpeg
content-length: 210267
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:50 GMT
last-modified: Tue, 23 Apr 2024 00:19:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19886
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bl64DBzMEH5SaMcVMVd%2BA0UBoXOjxusy%2BRQQe7tbNWLbq%2FHNW%2FTYJU0jTFUBXFRiGFbDDoV1O7ZFB1KxbRY%2FBztEwhPWyZHUuYkCtJRMp8YvID1tAmu19YgKb%2BA1FsZKO9umdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea495269f056bb-OSL
alt-svc: h3=":443"; ma=86400
|
|
| d2wn68h1k.olf.my.id/img/timer.png | 188.114.97.1 | 404 Not Found | 0 B |
URL GET HTTP/3d2wn68h1k.olf.my.id/img/timer.png IP188.114.97.1:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectolf.my.id FingerprintCF:AA:4B:28:2C:23:8C:75:D1:85:47:F4:39:D4:AE:85:55:56:0F:C6 ValiditySat, 13 Apr 2024 09:44:18 GMT - Fri, 12 Jul 2024 09:44:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /img/timer.png HTTP/1.1
Host: d2wn68h1k.olf.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KD%2FtY%2B1dRC0VpoGndB7er4jnrITD484W19kujyIbPaeZfvpOobz03S7kzi6wBCMf0qMk0OVvo5WKSzVjAK3918S2zdR8jA8W29DEhgTwyHE7AcVxaGtjjI7nx9C28kt4BKSADyF0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea49526b80b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| d2wn68h1k.olf.my.id/css/login/twitter.css | 188.114.97.1 | 404 Not Found | 0 B |
URL GET HTTP/2d2wn68h1k.olf.my.id/css/login/twitter.css IP188.114.97.1:443
Requested byhttps://gwp0jg.iwfr.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectolf.my.id FingerprintCF:AA:4B:28:2C:23:8C:75:D1:85:47:F4:39:D4:AE:85:55:56:0F:C6 ValiditySat, 13 Apr 2024 09:44:18 GMT - Fri, 12 Jul 2024 09:44:17 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/login/twitter.css HTTP/1.1
Host: d2wn68h1k.olf.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0SjvPT6eFuqgr6DdQAwcQeInATbz1PKYCV%2BNZQFvVkaNpBG7Evf8SE31IBLCx7mkt3%2B1XrBvbwWeiJFci%2FXNYa6CIBUeo22ejMe0aKrnj3%2FRcTlNkHqFIlb6Y5Cx405q%2F8Rcvtrh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494fcd62b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|