Report - gwp0jg.iwfr.my.id/

Report Overview

Submitted URL
gwp0jg.iwfr.my.id/
IP
172.67.165.168
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-04 17:42:42
Access
public
Website Title
Garena Free Fire. Game genre Battle Royale mobile terbaik!
Final URL
gwp0jg.iwfr.my.id/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-03	412 B	33 kB	151.101.194.137
www.pubgmobile.com	21653	2017-10-18	2018-04-27	2024-05-03	880 B	1.8 kB	23.36.76.250
dl.dir.freefiremobile.com	27937	2017-09-04	2020-07-27	2024-04-22	487 B	8.9 kB	104.16.156.36
d2wn68h1k.olf.my.id	unknown	unknown	No data	No data	2.3 kB	4.0 kB	188.114.97.1
l.top4top.io	926491	2019-11-19	2020-01-15	2024-03-02	499 B	20 kB	135.181.63.70
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-05-03	460 B	23 kB	104.18.10.207
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-04	905 B	14 kB	142.250.74.74
gwp0jg.iwfr.my.id	unknown	unknown	No data	No data	13 kB	782 kB	104.21.11.79
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-04	1.5 kB	178 kB	104.17.24.14
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-04	516 B	16 kB	216.58.207.227
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2024-05-04	864 B	61 kB	142.250.74.170
a.top4top.io	588496	2019-11-19	2019-12-05	2024-04-17	501 B	18 kB	65.21.235.194
i.ibb.co	13485	2010-07-20	2018-11-25	2024-05-03	878 B	57 kB	162.19.58.158

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena
2024-05-04	medium	gwp0jg.iwfr.my.id/	Garena

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (116)

	URL	Size	First Seen	Last Seen
	gwp0jg.iwfr.my.id/js/lazcode.js	7.9 kB	2024-05-04	2024-05-04
Pretty URL gwp0jg.iwfr.my.id/js/lazcode.js IP 104.21.11.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 19:42:51 Last Seen2024-05-04 19:42:52 Times Seen2 Hash 861c5b24b0d507422bd3135316d53991 78d8bd9bba8ea72352b115816378269641e05977 7a95c7a570bd27ee23efde0d51636c2a01e4a331ffc3b603a9d479cb378e254d Loading...

	unknown	35 B	2024-05-04	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-05-04 19:42:51 Last Seen2024-05-04 19:42:51 Times Seen1 Hash e5a6be7816aecac3567058df9a3bcaa7 5148d3339a859e376bc673c680a1f49c4197ef2f 8403151c7379b5915dd9d32d558008330d6285472c3bc90daf32c879b52d78a0 Loading...

	gwp0jg.iwfr.my.id/	111 B	2023-11-03	2024-05-05
Pretty URL gwp0jg.iwfr.my.id/ IP 104.21.11.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-03 00:57:47 Last Seen2024-05-05 08:05:36 Times Seen24 Hash c6ac8320956a92634a96ae0f7f1f48b5 fd3f3f1cd36acf5546c8b886a6607d4fa41fe348 d416a2cbda4b9dfd876b7b7527d09873b1b851e79148daaa2048043fc107abfa Loading...

	gwp0jg.iwfr.my.id/js/sliders.js	515 B	2024-05-04	2024-05-04
Pretty URL gwp0jg.iwfr.my.id/js/sliders.js IP 104.21.11.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 19:42:51 Last Seen2024-05-04 19:42:51 Times Seen1 Hash 771456f2db7acfc14bf42c3db81d3f30 e49c702fb636f7a3f33cdc46c168c08e983bd797 a0e281d9baa291a46eab76393d5b6a265d870950060897fd5ac62d5d3c48028c Loading...

	gwp0jg.iwfr.my.id/	461 B	2024-05-04	2024-05-04
Pretty URL gwp0jg.iwfr.my.id/ IP 104.21.11.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 19:42:51 Last Seen2024-05-04 19:42:51 Times Seen1 Hash 33f39df1d1c194a6d2074d736bbf8ed7 158965bf04396d72f1e02b1ebd782800a70b161c 48b89f1b9d878eb78233f314ade11604f83ff5b16f75ff441520d6bf9297fb1f Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js	84 kB	2023-03-07	2024-05-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-18 10:23:49 Times Seen14600 Hash 32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Loading...

	gwp0jg.iwfr.my.id/js/timer.js	3.1 kB	2024-05-04	2024-05-04
Pretty URL gwp0jg.iwfr.my.id/js/timer.js IP 104.21.11.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-04 19:42:51 Last Seen2024-05-04 19:42:51 Times Seen1 Hash b2fec816cc5d8384d80170ad26caa0b1 dd6ec646c39a87e2c0c8daf6c2f7c1485cfe26d9 aca033b3c440a42ea7c617ad37302623a124108b9f44d414d88205d6cc0a2a02 Loading...

	unknown	79 B	2023-04-11	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:38:58 Last Seen2024-05-18 13:27:14 Times Seen126531 Hash aa049e2749b8531cb8f233c2f64fc2b2 b611a5a62c1813ae5b4763378b3a4a565556530a e52e51d5897d7a179089ddcf8f5de7aeb3ef4f27b054b63e937cf308b685c9e2 Loading...

	gwp0jg.iwfr.my.id/js/slidernotif.js	405 B	2023-03-08	2024-05-16
Pretty URL gwp0jg.iwfr.my.id/js/slidernotif.js IP 104.21.11.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:56 Last Seen2024-05-16 07:16:02 Times Seen536 Hash 03f6029516392f1ce262df03393de901 d88548c8d6c92e84646efe7e605f73cac7ca136c 7f0e1993cf5d96d6068606888b26fa168840e8028395c818db1ab4c584eb8775 Loading...

	unknown	37 B	2023-04-11	2024-05-18
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:31:25 Last Seen2024-05-18 13:27:14 Times Seen237829 Hash 29d0c84b9d1d8da446a6062c6a840ad9 6d6b3a6065667c7c50d92f3889c85ed65a9ad784 3c3cbdb71d0d2c22f504f4d63d8a6ffe8d250cde7e58300619be35b6bbab26a1 Loading...

	gwp0jg.iwfr.my.id/	5.0 kB	2024-05-04	2024-05-04
Pretty URL gwp0jg.iwfr.my.id/ IP 104.21.11.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 19:42:51 Last Seen2024-05-04 19:42:51 Times Seen1 Hash 84e837da68441a220555d648196f624b 7f47f2bf9f158bfe173ca1618a9baba252b6509b 4464940e8d491237724ead8b17005090a36288255f579cb8a95c984aeb699e10 Loading...

	gwp0jg.iwfr.my.id/	191 B	2024-05-04	2024-05-04
Pretty URL gwp0jg.iwfr.my.id/ IP 104.21.11.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 19:42:51 Last Seen2024-05-04 19:42:51 Times Seen1 Hash ac5af74fd90d6d6140dca709aa316848 6f0a4babaf0aba5844218059e1cdb926c6a84275 2124403a9326dfc16720506433a68ae1d322244f59c054932bb05f78471bc633 Loading...

	code.jquery.com/jquery-1.10.2.min.js	93 kB	2023-03-07	2024-05-18
Pretty URL code.jquery.com/jquery-1.10.2.min.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-18 13:41:15 Times Seen10632 Hash 628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Loading...

	gwp0jg.iwfr.my.id/js/showHide.js	1.1 kB	2023-03-07	2024-05-14
Pretty URL gwp0jg.iwfr.my.id/js/showHide.js IP 104.21.11.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-05-14 07:39:58 Times Seen1179 Hash d3e46c4a7d95270da519489746521b1a 5f5a383b6a1a635695e2c72aace79363708f82be 8023fc37af7de956061342860b38dd1646ce1f1fa7ecc2ce703e2b544b2bd283 Loading...

	gwp0jg.iwfr.my.id/	194 B	2024-05-04	2024-05-04
Pretty URL gwp0jg.iwfr.my.id/ IP 104.21.11.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-04 19:42:51 Last Seen2024-05-04 19:42:51 Times Seen1 Hash b6c4ba5ea5a8fa82fb6db6178edaeb47 8cf00f24b63ba0363bdd25b0fd91e5010caf1b71 0fbc938abba615b59ae2274d40aac2105398e87025b2d71a310c264529414172 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js	84 kB	2023-03-07	2024-05-18
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP 142.250.74.170 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-18 10:23:49 Times Seen14248 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

		Size	First Seen	Last Seen
	#1 Write - da8268b7f06713dcb4a225ed4352c5b7	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash da8268b7f06713dcb4a225ed4352c5b7 64e26d66dbc71a35e56b995b7ed2952cd4416698 4565f77725f2acb3bb1ddbd1a8154d6156bf0d399bc87dd62e22e5bd836468ad Loading...

	#2 Write - 2ae35f56a615f14d8728c7874404207c	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen442 Hash 2ae35f56a615f14d8728c7874404207c b41cbe47fbc97c9f18d854d5209e0871beb5237d a6effe7a48b7aaf9b0f0efb65395e3f6a3a0f74703508a1190c62eada4a95ba0 Loading...

	#3 Write - f647cf4291b3514acb6dfc5903620806	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen442 Hash f647cf4291b3514acb6dfc5903620806 77b87aa14c8a186cbfa31490eba508307ea1b58c 745aea14ad1731fa076e2e237af3006c8c7a0ed94379ba01dbe3abcd0947efc4 Loading...

	#4 Write - 6a0f475b9036eaf5ed81b8fbd3723157	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:07 Times Seen442 Hash 6a0f475b9036eaf5ed81b8fbd3723157 ca0eec508471941b33160812e50112521f27f317 f552df46f9705f908d8c238fa31da2a9343a706c85c0d9e318b0f1ff3b82fc9f Loading...

	#5 Write - 249ee03bf7db43c6f29e76ba6404b78d	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen442 Hash 249ee03bf7db43c6f29e76ba6404b78d 9b4125a177d266bfc1519b6335a3fbda4d67c5cd 3956d7cb31e362559ca075d5528bec5005aee524c51a9f77cd9455d3f41615a9 Loading...

	#6 Write - fb95a63e798bbc1c52b2f422cfe52052	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen442 Hash fb95a63e798bbc1c52b2f422cfe52052 03786e47acce519416eaea6350a4488f36ef2edd 383ca780d1ed19d7c3b4a02d2b928ef255554880c51ee3317b58974bb7ba453f Loading...

	#7 Write - f82dff41574b0ddcad47c145b0e28050	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen452 Hash f82dff41574b0ddcad47c145b0e28050 a2370f27ed38a5fc1e12ed4711814951c6926b1e db847cb68230ec9117bd8205a6aff20b71d27c3eceace3c765b22f92653cfa83 Loading...

	#8 Write - 914dadef0120224114573295cd60933c	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:07 Times Seen460 Hash 914dadef0120224114573295cd60933c c4811ce68cfbc54e1eca2c2ba1af8dd6fbced84e c5cbce3172fffe2ca10ef64d85ba4b2ff52cf3989e7ba4a04b3024f50efa5f31 Loading...

	#9 Write - 2f5270701fdc3701859bc4c4c050d9ee	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen441 Hash 2f5270701fdc3701859bc4c4c050d9ee 709cb0666d8c2d6ac55bf7c6cdd5fdf10f3b08f6 61c8f97e4290c1b6e5cad7f1dc88316ceff39ae9f8c6473c8868ea010875ff11 Loading...

	#10 Write - c03b9a1c6d2d1376ab7110b920b5d11d	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:07 Times Seen442 Hash c03b9a1c6d2d1376ab7110b920b5d11d bc7832ff98ec68e189cd59bdac5faaa8cd059747 ee40c4a368f53c7893aff3c16c8ac59dbec639ee5bcce94243e05aff45db1089 Loading...

	#11 Write - dbca3d0c2e30aec4bb8135129e26071e	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash dbca3d0c2e30aec4bb8135129e26071e c9e1cfe63d9ca153308d08d009b38f5281ac9073 39e9000d8bf5dab29600ed51f277c601b33e2950a545e583542b9bd68cb9b1da Loading...

	#12 Write - fccb11dde8a7d3a197ba6dc22fbb231d	20 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen457 Hash fccb11dde8a7d3a197ba6dc22fbb231d c86b853f11220a14d0a667bbe08be97d18679fcc f37b4e527dba46d6e9ebf512a36a060780533a164c538b67a259910b79d96125 Loading...

	#13 Write - 2eabd15d7fb48764ad68da88149d6155	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen442 Hash 2eabd15d7fb48764ad68da88149d6155 d8a3fe7e022a7625954db8a68c259d8195898051 7cd8d5733848900383d3a6998886c7cdfd5a57eaa280c916d7c39c84c91faa3a Loading...

	#14 Write - d376a619d339b30958e60e92b3613146	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen434 Hash d376a619d339b30958e60e92b3613146 28cc836bf9fb7b587bfb4b7159862e2adc8d432e ff4ce15fa895a6743337778c3a010eed23f7ffc99a2c50f64ccfbd6ca4e76dd1 Loading...

	#15 Write - c27e5c2ed7c9bc021cf46027c8d241a2	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen458 Hash c27e5c2ed7c9bc021cf46027c8d241a2 251315bfd44456a07441481d1c9b3fc811f4aa3a 0870b6fdcbe4700c7e9c7c316ad592e0dd191f78b472267d3946db8a8ecc8f21 Loading...

	#16 Write - d3b57cc7a3f68972d1d815b2b7c9d262	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen442 Hash d3b57cc7a3f68972d1d815b2b7c9d262 d753b0fa88877e503d25cb2d4f84a46b742ea90d faf7526df94ba09d8201c854b3605295bd6c991b47bf736166a418e3f86ddf7d Loading...

	#17 Write - 104eaaec377fb78d0b1478984f38f3d3	19 B	2023-03-12	2024-05-17
Pretty Observations First Seen2023-03-12 16:21:53 Last Seen2024-05-17 21:27:06 Times Seen452 Hash 104eaaec377fb78d0b1478984f38f3d3 cc4f020560b23626807ca4c76f343b81602c2d1c 72e9c6362d28cbf9388242bcbf0459073706e7893281cdf07d314bcec18b69ee Loading...

	#18 Write - fcf74b4a77f8a18258dfe246846fd85d	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash fcf74b4a77f8a18258dfe246846fd85d 4c9f24c70f5d69ff80690a78e47f62c2ef9b8fff 7a519afdf92bd1373c0aa3900c6c455811f624a070d68cccf5da124e6579f54c Loading...

	#19 Write - 7a2758e340ecd0b98d3fff7299fd1893	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:07 Times Seen433 Hash 7a2758e340ecd0b98d3fff7299fd1893 d62c034d608bd0dff30b756d7f4bc19bab964411 967ad897643bf218aad6f18ba7572b8f1ab6d3f577b1dcbcfa82cc9deabedd47 Loading...

	#20 Write - 57574f53b6de200174d35574df1da053	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:07 Last Seen2024-05-17 21:27:06 Times Seen459 Hash 57574f53b6de200174d35574df1da053 2fb004ca614092eee28fc45611cdeca1d38ad065 c990e04237a0fabc10c638a3340f0af26b4555ddbc373bdf453ff00910afa15f Loading...

	#21 Write - d04ea7f0b92f18997d7780e97ecc7005	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen442 Hash d04ea7f0b92f18997d7780e97ecc7005 46147adf20a41b5c1b52c5f72e9204dc76ca23db 360fa8d722755207a3463bfc054ad79c3c49db3d6062f57977f1eba3ce662d58 Loading...

	#22 Write - d90560affe7012b8f8e4cbf45b4ca9ce	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen442 Hash d90560affe7012b8f8e4cbf45b4ca9ce 6cf02cda967c64f7b85bcfde72f88c7c53623f38 0a0204c41ed0bf5389f077f49cfda3e0acbd1a5941414f8c0fc74ee91aa81581 Loading...

	#23 Write - 76329b4f309ad0211bd98453fff68ac5	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen452 Hash 76329b4f309ad0211bd98453fff68ac5 50bf5e047121af855a3d42a222c9143d86c8d091 b02a058152f38597d83528c997017bb74bf95d4eed4d224883a406a4db4236a6 Loading...

	#24 Write - b463a44051f5ec20ae48196f36054e13	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash b463a44051f5ec20ae48196f36054e13 5b732f6e972167e618e38cdcdf292c5a63dca9d3 87da72b460eea48a4375dcf38b3192896a661cd64ec1465b856b81538f7e3918 Loading...

	#25 Write - f5cab08d58af1c86a04a9231f211264f	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash f5cab08d58af1c86a04a9231f211264f f2d69d788b83bd5ae40c26941d0c498b2fffd6aa f17b1d59157c1da10c25ba260aee32275310e2af951352611a5d40acee244cd0 Loading...

	#26 Write - 54dadabdb14c173b950fc5ac0647dc61	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash 54dadabdb14c173b950fc5ac0647dc61 100c82bb931eedb7fe034bbbbf0c1373cbef348e 1d8d74849c3855d65dcdf22c44407e3b34d34279aff0b991e24c5a08a8f62b07 Loading...

	#27 Write - 3c1546a94da3620e4978e2a646044824	18 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen440 Hash 3c1546a94da3620e4978e2a646044824 5308f928d39eb12a2d72472adb2be17ff63165df a00fa4d73a796073d56091271d0bccb0259527e76ab4a4174a145c41b4bf8059 Loading...

	#28 Write - 246541b0664433f23212b252305bb32a	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen451 Hash 246541b0664433f23212b252305bb32a 0866efa92eb7f9c75b3a45856a9c7e3310719b7d d056a96cf6d509c9def10b7dd78a46fc7b137713344e804ed849f9766c57ad19 Loading...

	#29 Write - c57e69dc1c3714796fe1663d7f6a758e	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash c57e69dc1c3714796fe1663d7f6a758e 103d84e469f09107059d8a67f615cf2e20652664 eebd48c89f0b43036acec1a4db2909eeb314c5076bacaa6ac8bf9f4921a50ece Loading...

	#30 Write - 8fc40ad6c73bea5a889fe64e47f00b8f	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen443 Hash 8fc40ad6c73bea5a889fe64e47f00b8f cbb493e570ab2e501f3932563bb18efdeef3b2d8 499654ba55a697b3ae5283cac5c035e0f9c55e1c887d2c53b8a9097857b65c4d Loading...

	#31 Write - d8e70e433e262e3409d713393b5055de	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen433 Hash d8e70e433e262e3409d713393b5055de 279d1b9c1b4f513b80d1b5abe34e691269a5642c a4627a0619402e40b332d3152fcb46564ee28df15bb24963393da28364090d20 Loading...

	#32 Write - b1b8a68909e47131052789e18ed991c5	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash b1b8a68909e47131052789e18ed991c5 bcd0f3c9cfceb4a62dfddb168f3547b0ff706374 8476c02876aea613cda596f888e3e454d1aad05d221a3d45f3a60ae9393ed319 Loading...

	#33 Write - 7b777c8258be4d66daa963d0851338d0	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash 7b777c8258be4d66daa963d0851338d0 7d3e13bc46e3ff6b2d1365e2c51b943b6b250f5b 690824b051f1ae8815e995f91232422bdb859066dc36605eb3d5cfacf604c908 Loading...

	#34 Write - 37964c4d9cce527dcb1ac8b7c24a3786	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen442 Hash 37964c4d9cce527dcb1ac8b7c24a3786 5338666ec585469c5b572b68d3927bcca80fce09 9fc0e0126edd39b42528d8f8851ffb1275b8cb9db15548041fab20c581d1b070 Loading...

	#35 Write - d29638340b860a0169f2c6cbc8dc9e94	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash d29638340b860a0169f2c6cbc8dc9e94 2dda54c8164c7e88101cc3f8af0464102035e38b 21049af0b39201d5e0689734e95ddfa2a20244afeabcbea8cd9fc4de8c8bfef9 Loading...

	#36 Write - cdcc8499dec336fe655502037873ad09	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:07 Times Seen460 Hash cdcc8499dec336fe655502037873ad09 df29230c72cec47be7797309e7f4dd868b430a32 4b74080433c7e1e2cc034124f3f5acb444b95bd320d9ef3827db207b92214e6d Loading...

	#37 Write - 3e0783099007df1ed28a11c3e447ea74	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:07 Times Seen459 Hash 3e0783099007df1ed28a11c3e447ea74 01fa4d2d862c8d4cec527823cea2028de9928c5f afbd1461a80f657118dc4824a30e2604804026fabfcbe6ca2ab93458a53e8a82 Loading...

	#38 Write - c64569b31d5a228f032c7af0dbbb959e	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash c64569b31d5a228f032c7af0dbbb959e e73d60cace93a0fba385efd2dda2fc91144b857f faff0e661677302655ef41c0fbef9c2a414473eb4fc91717bff201e5d58e311c Loading...

	#39 Write - ada9a1753b25fc846f70be907672be67	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen442 Hash ada9a1753b25fc846f70be907672be67 62284959825518893b665ebea6b031ef55df7f80 8e135684ca301e393371d1b6ecd56ae0e4012f5385a482770053ccea41476ccb Loading...

	#40 Write - 8dc6baddfb887c207f2cfc80a440e097	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen458 Hash 8dc6baddfb887c207f2cfc80a440e097 c44cdd6dd814762e2d52f58f72f09249aadf60c1 7f97e2f5d8ac6458a314d609681f35979521288e3a0f2950cbabb8f0c0cad0c3 Loading...

	#41 Write - 2ff07b7af9c1223cc816428b9699a077	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:07 Times Seen458 Hash 2ff07b7af9c1223cc816428b9699a077 2f7744b74e67feb8b4d37fd68c5b341e657a5d09 947ba6e211b46fd494a831c93774e351a2114a2068306ac8137023a29c22d717 Loading...

	#42 Write - 892073ca8ede08c4c19af3b85f4738de	18 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:07 Times Seen442 Hash 892073ca8ede08c4c19af3b85f4738de eabe1476df968605084d2546e97ee712e62657b8 ebb8dddc409d0524ba533290ecbe2f1c59ada52063109d097a5617ddd53d514a Loading...

	#43 Write - 680fb8d8d22989bb18183258dcdf9f56	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen457 Hash 680fb8d8d22989bb18183258dcdf9f56 57474cf81ab39e5b093493d0c35d048cbf466fb2 2e2f7a853d7480bd50d7021551e427eadcf5e7814f07eaa47ee2542835a512c3 Loading...

	#44 Write - 3881d0ce03d76f22df4ba5ad7b17e61b	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:07 Times Seen457 Hash 3881d0ce03d76f22df4ba5ad7b17e61b 344a651785ec5e4e5ca05d468aece729e927533a b14632ce7eeab46e72d4414f3ea594402c906d09dfba025f62ef714681b8008d Loading...

	#45 Write - 26b2bc4dfa81b43fe5a91d2c178dd361	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash 26b2bc4dfa81b43fe5a91d2c178dd361 fd7919b5dda72e5dc5ff29f39439ed5f6ca81871 8adcf28e1f74b9d284b6a8e7621e79f89ff5bb458dc81d9b366fc51bcb75f28b Loading...

	#46 Write - 0d5998c0f8104238cd96cf17a9a2faeb	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen434 Hash 0d5998c0f8104238cd96cf17a9a2faeb 8550a2347fba8b97c74e0b766f099c7610736be7 89543153b3f84846def623cedf6219a84f697be7e8ba4f30d5b9b613c3f2ea4c Loading...

	#47 Write - 5d2dc822e8d4f0b306ca69e54950679d	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen449 Hash 5d2dc822e8d4f0b306ca69e54950679d ec5cf0bb110d219d7e4bda5d14c0071c703cafd7 374f328ec9257ea51783a844612b0d075cc7ecc70805534c0224f44adda5e069 Loading...

	#48 Write - 4999933195d7474661a7588a5ceea991	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen458 Hash 4999933195d7474661a7588a5ceea991 a10e2435d00ff565b423650e231fc3a7ab060671 0bd8d756a5a5967d29f7675f3cdada4a6b19f54af7e23e9b62fdb386b325d74e Loading...

	#49 Write - 1381ddde79e03e1767f7819397700163	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:07 Times Seen458 Hash 1381ddde79e03e1767f7819397700163 bdc8e80553918ed9d64bf922becac723bd9fb729 9b80a2abb7cef34f34d9c1b5f2ed4154352b8b4b1802b6fa3609b3c9d2b1a458 Loading...

	#50 Write - e4c7a3c9e72ec837c02a88cbf6b7a80b	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen434 Hash e4c7a3c9e72ec837c02a88cbf6b7a80b 0444c709587d095566e6bebb1d03c22291bd0784 dcc572e88b89cf5f1e285e3ecdf898574e421fcdc7edb5e215a334161e7a23eb Loading...

	#51 Write - e517ae48d6a82cefa2de65e88b6f5693	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash e517ae48d6a82cefa2de65e88b6f5693 ca25ce518f711726cb813ee73efcddd79211e1e0 169ebb8cf7ebcc8b8340edea912177a118a79c22c031852b1d412cffd13500a0 Loading...

	#52 Write - d5d4a03bd7a18c5386526c4809b986be	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash d5d4a03bd7a18c5386526c4809b986be cd8ee075dd8b9b45e44a1f294a363189d12c037c c391d5c8f3478b12e350ffe590cc18b8b53b7c0ace33d1ebc9f6a91f227515bf Loading...

	#53 Write - 6a1cc42d9ecc09ad04c6b7f1ed9b6f7c	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen442 Hash 6a1cc42d9ecc09ad04c6b7f1ed9b6f7c 0addfe6c569b463fc78a85f1a000f46141678101 06f04bb101ca5086aa7cc8625be865598db47cfeadd30fc16d8198aeb100cfff Loading...

	#54 Write - b6dc090a79226495e9644bbeee756518	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash b6dc090a79226495e9644bbeee756518 449b67436c8785555c781956ba56a454515682bb 8367a78ccb1e3cde37697b3af2f117e317393718fe68e566e6c13ef210dcc66a Loading...

	#55 Write - f24fb692080af454ea0130ae04dc8273	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen434 Hash f24fb692080af454ea0130ae04dc8273 a434de2f9c55719a8bd7eebabfad3ba9d74f0395 e7e4e3b9731b5f668a1bf28080a2908caa3c2c2e811ef8cdbb762c7fd226296f Loading...

	#56 Write - ce67180f52a4e213b02a73de699ac9d7	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen450 Hash ce67180f52a4e213b02a73de699ac9d7 406af3ae3db036d5e0a52bced3aa8502371a4cf2 49b4dfb6858a942ac006505cb2511424617ae6f26d173aa2363f1128e32bb503 Loading...

	#57 Write - f7aae66ae2b52b128d01fd1b35e33453	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash f7aae66ae2b52b128d01fd1b35e33453 52b74544712d5ff9de4b1a5305f5a7a388ab6346 519ac6acbff2bfb0f62eeec8219821a845f2cd063737b2aef9d4f2384fa6f733 Loading...

	#58 Write - 1f0abd9d8e8190ccb8b56268b03eb97a	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash 1f0abd9d8e8190ccb8b56268b03eb97a 852e909d6d20f5672428502ba0541fad7f0ee2c1 a14c6fff6bca9d195ec25fe83830d69768fdb69b0fd1488e29cc7ba00ca04755 Loading...

	#59 Write - 2411b0302e914ba65e0fa282ccdb294d	18 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:07 Times Seen433 Hash 2411b0302e914ba65e0fa282ccdb294d 7665ae057c875df2a3b5627aed7505144d01ca47 dd6dc2cae94ee25ed18e37d5129912d4b59c065c9b4544948d80bd1a090d1f26 Loading...

	#60 Write - a9760db6ce462dc40062b65a940fb027	18 B	2023-03-12	2024-05-17
Pretty Observations First Seen2023-03-12 16:21:53 Last Seen2024-05-17 21:27:06 Times Seen442 Hash a9760db6ce462dc40062b65a940fb027 7d6f111c75e4d5b4b061f8c6c81692883e80fce8 a155a9d1fd9ba999b8a5e384a89513097831bdfcec72082c4b7d8dbc74439af1 Loading...

	#61 Write - 6b917a41c9ce27526ca480713e81d2d5	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:07 Times Seen433 Hash 6b917a41c9ce27526ca480713e81d2d5 765c462784fa25ea41d89b454897d227b6c9c63d f0a7e368791613d36120e33ac4525e01c01d1c007fb79a454e761f4a95ed0d7a Loading...

	#62 Write - a33748764d90c55aca2d7c5eea289616	18 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen436 Hash a33748764d90c55aca2d7c5eea289616 5d61e51294395a77b6738e3a7f82be2478f9d801 d6cbf00237a8151746b2ebf6ba332d9f62d6981fc2b717b63e7dc5e70e026c2a Loading...

	#63 Write - c063106f27cd1452ae135f642e53eebf	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash c063106f27cd1452ae135f642e53eebf 47a5ba2c254149265ba308a7be7b39924ea90b2a 7ce37963c8c42196e5562cd6f4804e4e7eb5ffb3d9393e0e8404bc55f6113cba Loading...

	#64 Write - af42124fb23866e29287836fff6d3896	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen457 Hash af42124fb23866e29287836fff6d3896 8417cd2acf7b2fb483102d54c5238f91da85deb9 1f0008a619fdf98128a6bd9c386f8f8b41254adcfec1a1195d46009568c67b63 Loading...

	#65 Write - f5799f97dd01d1b506b6c56d11b4b3ab	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash f5799f97dd01d1b506b6c56d11b4b3ab 24baa553dfea4ee7eea29c33ba5b62c8da6e62bc be90525374346d2f86a64dd1b13c775c34e9f7ed52f78543c308590d29336f24 Loading...

	#66 Write - 3a3037c3b96ff0a3193bca0e7f88aadc	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen457 Hash 3a3037c3b96ff0a3193bca0e7f88aadc 76a57d086b2730b9f8ed53d9d436cec27afd6f25 427baae29ffa2912b54f3efe7289d6feb962258dab66f3e66fe7f97a74c05781 Loading...

	#67 Write - cac42769044d0dbe5b683086ab70007f	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:07 Last Seen2024-05-17 21:27:07 Times Seen460 Hash cac42769044d0dbe5b683086ab70007f 451bc1076e896baf8c00f8c311abbd65f85d50b7 7559e26f738b52c0f790444412c346745de4d13ebb8fcc28884862560cc9519f Loading...

	#68 Write - 7d5854ef579b22b85a1308a464991cbe	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash 7d5854ef579b22b85a1308a464991cbe bca2593c39b377d192b5be3d23f73a6acc1ba9dd ee855aef125f82c560259778b792cdeb143dee61b40be24ae78345ba96ab07dd Loading...

	#69 Write - f81a8aa27ad547b620591c871a087e2d	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash f81a8aa27ad547b620591c871a087e2d 77daa19609f08762d1e7544cc63e0feb2200ddc7 6f75db5c15ff88f889f6ad98cf6ce1a0aef119df1777de1b1a992fa0798fa077 Loading...

	#70 Write - f878e8bd0445ab90e42c6ff26a714cd5	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash f878e8bd0445ab90e42c6ff26a714cd5 cef4addbd9946a09aa2545fea536b580e5aa75bb bd2a6457dcf585698134e31288339b2c83c90bc3efa0207082c16f1947d81698 Loading...

	#71 Write - 79c215027f08cd82c529a10402c8b253	18 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen441 Hash 79c215027f08cd82c529a10402c8b253 99e302dfaec95f521c1deee55d07fe431578dfd1 6e6f81dd25c454e564a7dd6db3c735f45dbe63bc45aedfc18d6c63fa82b0934d Loading...

	#72 Write - b85819574e5970e1d42dbe01ece588e3	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen443 Hash b85819574e5970e1d42dbe01ece588e3 41f6388934d879255cce5ac579ad8081280437d8 68a074bfbfb0580f9e91dc885af163fc951ece471b3e477e02d8aa4dcd869bf9 Loading...

	#73 Write - b44ff8f68d1f8325df640a60702c18f6	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:07 Times Seen442 Hash b44ff8f68d1f8325df640a60702c18f6 38b8117a575001fb06f9a0ceadc55228ccdce7b3 d6465167999520a23127488c727ed47123218b0418295045e7fcd628039c0b31 Loading...

	#74 Write - a1c6b372448acd4925b2d6d2ec1a69fd	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen434 Hash a1c6b372448acd4925b2d6d2ec1a69fd 93d1d5fade913b71328130aa3bf7e11621dd7620 a47fb74d2df6ec243a96b3afb0a02569398d11e82a11d77acd303fe9c2ac83e4 Loading...

	#75 Write - db0a49341fdf4c15231eac4c984768eb	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:07 Last Seen2024-05-17 21:27:06 Times Seen460 Hash db0a49341fdf4c15231eac4c984768eb 7f672147079f45765be2a5aa1259520ac55d5187 a096d07cb4eb3f9b68c17cb876dbc2e067c1092e38dbe84704fc00b1112b5530 Loading...

	#76 Write - 35411849173c3d4db532cb75586fbeda	18 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen438 Hash 35411849173c3d4db532cb75586fbeda 068c3c37cd989d0b2ac9ba507218914b98f9194f 419a2e337ee37ad5e724a3f328d81af33322d8ccacc12c9e4ce5e4e39fa2e757 Loading...

	#77 Write - 162f95de2178cea10bf79eb715e4d3b5	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen443 Hash 162f95de2178cea10bf79eb715e4d3b5 0ac1048b6863928b93acc3f91cda49b162326c20 661cc1cfe956c3e47afe43542b0956d36df0967d344be3a5abc13daf7f6f9646 Loading...

	#78 Write - f2bafedfaadb0f2669dd99db32cfaec2	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:07 Times Seen442 Hash f2bafedfaadb0f2669dd99db32cfaec2 26952b7bb4226705e8f86f7f191ff4e5a5f8ecff 3d7208cc324b7fd6b0e4582c2b82b92314b1d40f918f7cffef7054ff38888eff Loading...

	#79 Write - 3e8af7d0f5e6370da8570b377c888d9c	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash 3e8af7d0f5e6370da8570b377c888d9c c2de01f9d3daa641b9401c4e55770b1a4bac5b4b 8ef50bb1bcd890c39e916c12f6eb9f1db9c08bf1e326342d1cc5ebaa4fe446be Loading...

	#80 Write - 596e6606d7c4ede34de2935f3c6c187e	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash 596e6606d7c4ede34de2935f3c6c187e d3ea84761e98142b91559b1a922cea287a5a3011 a6171bc58c97c84152bf23c4cd548779070196e84b8ac898f0c3f6c573bb372d Loading...

	#81 Write - d2708560ddddf9fe2854103ea6095b0e	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen452 Hash d2708560ddddf9fe2854103ea6095b0e 61af9e5b5b5e96580a7da75ebc27c57debb6137b 6d013dfe3b7e6304821534f0802b91d7ecb34e69dc880ef3efecac06a14e8a78 Loading...

	#82 Write - 08981acc0dd5c00d58e592297ed2f12d	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash 08981acc0dd5c00d58e592297ed2f12d 6d917c2adac56ad56decf665139db8643f8713ac 3e305db42daec26a98e6e0cf1a29a7c956a323a6ed1b0304409a505ebc7c5e1f Loading...

	#83 Write - 3b7cb9e898b2368382615803a65c75d3	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:07 Last Seen2024-05-17 21:27:07 Times Seen455 Hash 3b7cb9e898b2368382615803a65c75d3 60fa902993681d254fde4c6066be68db74de2ed3 38dfdd15caf30f9899d49a6422b73018cb552f873de5dce24d1c2bd01a72c888 Loading...

	#84 Write - 53c240fa6885652da29ddaf4dbf8c505	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash 53c240fa6885652da29ddaf4dbf8c505 ed8d6bbc962db63b8e7c34225a0f0698ba2119d1 35567e82ee7df5a7386f8ca0a1e6b1e67b0a2e3522bc94ddd21829e6711a240e Loading...

	#85 Write - 160edc8db45d8cf1db6b306e01b1b522	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash 160edc8db45d8cf1db6b306e01b1b522 eb3cc2404ff47a884d1b38f4e5570e992c2b28c1 5c4db52d774d189e67be581f8cf0a1be27580d903ac882f6dc8fcdbca5d4dc89 Loading...

	#86 Write - 709dcd1b74993ea1d86ef30bbe75bda5	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash 709dcd1b74993ea1d86ef30bbe75bda5 49c6ebfdbff7a45a3af735dba2494fd9ab107b17 4ad9deee352fba0870bc0b6f55370cf953f8a042e00c7ccbd3bceb16592f4df7 Loading...

	#87 Write - c2274bf4d3d8c56c24099c9c6c922129	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash c2274bf4d3d8c56c24099c9c6c922129 f9ca14e62356c3d1ac19c1cfbaf96bd721bcafd9 da55c710a4bfa6102e7212e9685e1e6ca6072de478b9b5a4ef73fb629043b9f2 Loading...

	#88 Write - 54fa6a1a732804cb2eb71846c1c88c85	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:07 Times Seen459 Hash 54fa6a1a732804cb2eb71846c1c88c85 ac48a7381ce0cea53de9797bff9ee3d827e1c50b 28776dcbc8585ccfedc6125ab43dabb41c1733e77220bddc30365376adf9de4f Loading...

	#89 Write - ce5b835c74307454b195bc9b87ab25ad	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash ce5b835c74307454b195bc9b87ab25ad 6e2a7143cb9d2f1c196ea81fcff842aa7ad2bfd0 2bc85f2a21ff1488d409bb7549110022cdc2274fca518696103e6ea4ee971392 Loading...

	#90 Write - 0aaabba7ccc2505b6870a656b6819d3b	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen458 Hash 0aaabba7ccc2505b6870a656b6819d3b 5ee2b0096cb5a7a03db1452893d0f0efbd3f051c f32cced9669187aebe75ba41a8f0d897a27cb02bbcd5dcf0ad6dbfe31cc208a0 Loading...

	#91 Write - 8eaf4d081dedfc08c187aba7541c733d	18 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:07 Times Seen442 Hash 8eaf4d081dedfc08c187aba7541c733d 31db4de8047c65cf3f13398fa2a6370d9bf24715 fb1e251f69d755e669e5e0207910977ba8bec923abcd0c264331da8ed4bc5de4 Loading...

	#92 Write - 647fb2e887881e7a43e38681c7fccfff	19 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen441 Hash 647fb2e887881e7a43e38681c7fccfff 3aafaaa41604b57786f6c68f552b18ddbcc2e3a0 bd46d9f7163328d6cfe6f1ffe092d73d4bf31a10b7c13afbbee0819760113b4e Loading...

	#93 Write - 9268bb720f57b661570d77717fb1cf8f	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:07 Last Seen2024-05-17 21:27:06 Times Seen457 Hash 9268bb720f57b661570d77717fb1cf8f b9a950fd874919ed5bb11d31b42cc036b1984ae1 e4d50938965686c89329c9f3f0f7b67f9d183ac06da98664125994353784e4ed Loading...

	#94 Write - f2f9eb963a5bc112561501b10eb9f688	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:07 Times Seen459 Hash f2f9eb963a5bc112561501b10eb9f688 e7be8ffd6bdc4082a2c86b83940f291ddee8cb9e eb6d59fae5702df6e19944401b185d631f495acc6a1b27707bc524e4a26d3768 Loading...

	#95 Write - 569cbaa5d4e07d93d0ef40f00325dd8a	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen459 Hash 569cbaa5d4e07d93d0ef40f00325dd8a d53d3ccf37eb01c61ab82418727c25fb284eb205 c2a331c02c1ee796f08d7178d991fbaf91961275a5cf9986035d61a484fad97e Loading...

	#96 Write - 729409264fc1bf2874651a3c16ed3ac1	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:07 Times Seen460 Hash 729409264fc1bf2874651a3c16ed3ac1 744d4edbcb9de5287abd15da414ac712e4ba7dfd 63370806c302182c42c242c16817f18c7d204507c31a32957a241323a667b93f Loading...

	#97 Write - 2407ddb62e965883f20fa23c826bf328	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen460 Hash 2407ddb62e965883f20fa23c826bf328 8870fbad82926b2a51ec8f4d96b0dea661f54d0a 87484b3dbb15f32dfc8952ebd6b9530b83bd03c1693c2c0a870db80921c241a6 Loading...

	#98 Write - 4faba762a8b0eeda162b204eacb9c3af	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:07 Times Seen460 Hash 4faba762a8b0eeda162b204eacb9c3af 9b9ccf92f9811df1df8ea6d9d4cd650f8719d23c 67a750f06cb8461db3c08f09cd4cb51932b8f99be5afc6e97b094be20ff17b45 Loading...

	#99 Write - 1fdff8c34626da4017aff0a2821d8b13	19 B	2023-04-22	2024-05-17
Pretty Observations First Seen2023-04-22 10:34:06 Last Seen2024-05-17 21:27:06 Times Seen458 Hash 1fdff8c34626da4017aff0a2821d8b13 55f2cd64499c15d5984aab9866dd55d365ccef23 b3dff5aa27eafabdaad74a18cff6b5fe4c1d8f3772ecf27d7f97a929cb88de33 Loading...

	#100 Write - 22e39ae49f7a49a8c6ac9e9a426a64fd	18 B	2023-03-07	2024-05-17
Pretty Observations First Seen2023-03-07 13:51:20 Last Seen2024-05-17 21:27:06 Times Seen426 Hash 22e39ae49f7a49a8c6ac9e9a426a64fd 73706b4bf4bb0e76c3bf8edb7852f248d4e5e91b 08d0469b8cafe434d317480ce41859356a91804de4d8fd6243a7068d7d926524 Loading...

HTTP Transactions (52)

URL IP Response Size

gwp0jg.iwfr.my.id/img/style-img/logo.png

104.21.11.79

200 OK

8.3 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/img/style-img/logo.png
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
PNG image data, 616 x 90, 8-bit/color RGBA, non-interlaced
Size
8.3 kB (8314 bytes)
Hash
c632e6bfd0076695e56477bdb3f7232c
5b4212f029814b5dfda946ac5e5a6ba97857feb9
86ccbc1dbeb58af3e6bce5ee52f86a47399da998ad34a0fd2ce9b0b539d92f6c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/style-img/logo.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 8314
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Sun, 07 Apr 2024 13:48:20 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Jvf22iZmwbaCoPWP2UckipS2%2FDYoqD3y%2B9ZfipVpbar9TUGayD0EeT%2FDEoaYObBga4ayxNgaA9oKzTgSWzJ9NFNDiI6OAM8ho6YXKkc0QzP9c%2FQYBUlcsxzna4aTsuIazqnyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494e9b8a56bb-OSL
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/img/logo.png

104.21.11.79

200 OK

11 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/img/logo.png
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
PNG image data, 459 x 138, 8-bit/color RGBA, non-interlaced
Size
11 kB (11185 bytes)
Hash
f77fe97fc8f4d06fd93eaf7552c4a3e9
c73f03f3e5a9f460eb83e10ae7312738a36ce720
b695d33c5ece1af9739e89855c4cc718fd6e9550528009ee5ff644cac193cb41

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/logo.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 11185
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Sun, 07 Apr 2024 13:48:24 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VB8RNMXLi8hfkGbj2xpZu6ptIxQpvuDOBYupkDFXmdt2PH3oB8UhOKhFLFVtPPdwmxIlcJ9o%2BkHKP49tnyzLNBFQ0VMhq2MPWtbVMIG8%2BnWiDhwQ5m7cadvRWhm7aZUqE44tEA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494eabc256bb-OSL
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/img/tokens.png

104.21.11.79

200 OK

5.5 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/img/tokens.png
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
PNG image data, 135 x 130, 8-bit colormap, non-interlaced
Size
5.5 kB (5474 bytes)
Hash
c17d58c98659f3829c4a29a44b737861
53fd8ba7e57e6dcfcbc40b469320b21bf777cbea
a20b9d4d4ba5d014e36e326e4f04f5a4a8c1d37803858ba4388b10b12e9177ac

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/tokens.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 5474
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Tue, 09 Apr 2024 13:41:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=il%2FIcxeJgUAyeQBgmh5J1j63WYNgqMqHZcJ4Mykii60%2FPHNVRNvrrppfdSZ0S%2FafPYxHiJH2%2BYJkXzmcDYnQVjxUMPF594Aumwni17u3cE9FZKkRWAjqvuW6Em4MF%2Bj3qqCoaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494eabc656bb-OSL
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/img/loadlogin.png

104.21.11.79

200 OK

66 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/img/loadlogin.png
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=761, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1501], progressive, precision 8, 1501x761, components 3
Size
66 kB (65943 bytes)
Hash
421bf7fc26bc832d2e7299bc0d0b7e71
78a347370d34e5748d29066e649721ffd099c627
61e4301996bf745767be4b899737afa23955f825870184df2a111b3921448d29

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/loadlogin.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 65943
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 17 Apr 2024 17:15:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2YhAQ9Y7AZKx2uIbn2n%2FrdTkIYFyW6gyLEYJgrswNb%2F4Ub1S7jgSoBZiwNfehN9TXcQQcjtu9lSHobWQD2RmpQMkdZVDko1Hc5GIZmZ8fni387fI%2Bw64CEhchghrTAGlWPfYVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494eabc756bb-OSL
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/img/style-img/google.png

104.21.11.79

200 OK

5.7 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/img/style-img/google.png
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
PNG image data, 66 x 64, 8-bit/color RGBA, non-interlaced
Size
5.7 kB (5664 bytes)
Hash
cd4ff185d3410ed9052bc68e7d4d3215
9e9d601cf6b1d92bcd97ea2552791290f87a7791
1ebc9fc493da388dfbc7c7616b83d9a340b851c9c789d758933dc0b77e4fa003

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/style-img/google.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 5664
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Tue, 06 Feb 2024 21:53:48 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6BpceryiBNfDSEK%2BVsfoEeiJ8tUKwu5C6fumvzkYpIyydcYpHqMp%2Bkd7R273GBJimwLUik6J0SqB7hfe1JR85PA8iWPml4BD3z7eHDj%2BTUriEisnmfSd7fWK9cKQU5M4yPXyGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494eabc956bb-OSL
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/img/style-img/facebook-text.png

104.21.11.79

200 OK

29 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/img/style-img/facebook-text.png
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/style-img/facebook-text.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 28789
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 25 Oct 2023 01:55:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qk%2FWF33IV2q5EG9uTc7dDPiVtY7j6BdaQ%2Fv%2B0FAObCHAzIJrMvbMQk1YHdNkE2K1rn0%2BN0V85lQ9lPsKwzwbQGO6EoNNLogtjKtYLI1W2896qRXqccnZl%2F1zRp5PVFJSP%2F54Ng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494ecbf056bb-OSL
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/img/style-img/icon_2.jpg

104.21.11.79

200 OK

9.6 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/img/style-img/icon_2.jpg
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
RIFF (little-endian) data, Web/P image
Size
9.6 kB (9604 bytes)
Hash
e595d05f92349dc2b5aa37164ae376e7
f4ed874d1fceb5eafb7bd5c213715e683fff690f
50cb8b539efb773ccb042e5f18ed308f2d99418e6974603bfe6d39b48659970f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/style-img/icon_2.jpg HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/jpeg
content-length: 9604
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Sun, 07 Apr 2024 13:48:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1n4S4Od1XAvuBM%2FOEgdcRpdv4a7RAAN95VSMC8RzPtlKv5ZVpfa1lAT2WLRg7sU6y%2BWggE8ByXhyQyFIZZ3ZeLEvlkujzw7v%2F2%2BgvTA7emZCdECrFWm%2FTQaIY0tMDXMWlBVZEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494ecbf456bb-OSL
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/img/style-img/icon_fb.png

104.21.11.79

200 OK

4.5 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/img/style-img/icon_fb.png
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
PNG image data, 512 x 512, 8-bit colormap, non-interlaced
Size
4.5 kB (4549 bytes)
Hash
55eef055b7e3c9a7b01e75bf1d946602
298bedf186fdcc606901513a2edbb5bc3ca233e6
9af17159dff494810a71a37678db1df805f264b935730d1c2e5a4d970305917f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/style-img/icon_fb.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 4549
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Sat, 08 Apr 2023 14:29:52 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zDWze6lFfYEi1ZwJ4Gerya6nvx01Cek0ovbKWMeA6djsC5FHLUodD%2F8Yy1sv4qeOuh2xpsk7QUnwhW3x3CfSC%2B6aQQ6qSxAQqCwSG3ciCK3SGDWu7xK6xh66cVupWu61EW5TRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494ecbf556bb-OSL
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/img/popup-close2.png

104.21.11.79

200 OK

867 B

URL GET HTTP/3
gwp0jg.iwfr.my.id/img/popup-close2.png
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
PNG image data, 30 x 31, 8-bit/color RGBA, non-interlaced
Size
867 B (867 bytes)
Hash
75b8fc9fb0f1dce9c0e53d119e637af8
c429caf6e1ed51a43421419c2a08d8ab8a654ae9
be08cce2cf15dba627fec531ea422ca0bdc76de1c2b61d6de21e2920687d4678

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/popup-close2.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 867
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 25 Oct 2023 01:55:12 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v4%2BCXaXRqu4f1ZwlsuCeRUNuKBBRXqUw1AwBVGdl%2BnVGm6KBkO%2FwA3zux1plIjqmE%2B%2BOi%2FhM1vkgDUF5UDOo1A9quFV1S4wS592%2BKGHjXdMfR4jvhvWDLa1JehKUWbcHKYswPw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494eabc456bb-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css

104.17.24.14

200 OK

19 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/css/all.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (52276)
Size
19 kB (18778 bytes)
Hash
5222e06b77a1692fa2520a219840e6be
8b4236206a8b86af3761a244277663046d7ff7ee
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

HTTP Headers

GET /ajax/libs/font-awesome/6.4.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css; charset=utf-8
content-length: 18778
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64cac444-495a"
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 346529
expires: Thu, 24 Apr 2025 17:42:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lk1C1SnOn5qwg%2FI0gaA5RPxrtNjJ%2F6IL7bHtmLAZdDVYvUozgeqyI%2FYHTSivhubdFN%2FXeAy9xLX9fsHkoAPKWgv6Gx%2BCZrdhFKBLXSkBqjIAbdTMLd%2BWQkmQSSVSvkRbCmV3wwj6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea494f493156c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.24.14

200 OK

5.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
e9365fe85b7e4db79a87015e52c3db6c
2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 342229
expires: Thu, 24 Apr 2025 17:42:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xy38Tl224sTJ69YMhNNCTV3IApJfskk4ZeV5chbtuQeIeUNzO8M7FFT1nrk3V3DxrOIdihG84u2f1TvRge4eodeauFQARW%2BDBI9WfE5ZVnf0G%2BvtsoX2GYR%2FXW7qwRuSmdiYIGHv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea494f593f56c3-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.10.2.min.js

151.101.194.137

200 OK

33 kB

URL GET HTTP/2
code.jquery.com/jquery-1.10.2.min.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32072)
Size
33 kB (32788 bytes)
Hash
628072e7212db1e8cdacb22b21752cda
0511abe9863c2ea7084efa7e24d1d86c5b3974f1
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

HTTP Headers

GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 04 May 2024 17:42:16 GMT
age: 20043930
x-served-by: cache-lga13622-LGA, cache-hel1410020-HEL
x-cache: HIT, HIT
x-cache-hits: 1, 23844
x-timer: S1714844536.307455,VS0,VE0
vary: Accept-Encoding
content-length: 32788
X-Firefox-Spdy: h2

gwp0jg.iwfr.my.id/css/tr.css

104.21.11.79

200 OK

6.7 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/css/tr.css
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
assembler source, ASCII text, with CRLF line terminators
Size
6.7 kB (6672 bytes)
Hash
deaf05db7975bb3861f72433be0074ba
b65fa8bb2e0df03ee368b9c7b220477043bc83ce
6b301e05779b0f24d1f86939bfb356e8ac7159192daf0a2c948a928597d5d955

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/tr.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 24 Apr 2024 19:15:04 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FRoJ5KRxLUl8nLHVvDvb3Uefhq2O8lJaXYnhmkc%2Fs6rpL5E0fX1O3Vc90OFhfTDFuEg0dTkPkFn9F8yxyowQwsQSfRSz2JjqAjsIujjNUVS480AJh51xZdjtxEUy28g6IMSMHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e9b8556bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

142.250.74.170

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (32180)
Size
30 kB (29707 bytes)
Hash
32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 16:37:20 GMT
expires: Fri, 02 May 2025 16:37:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 176696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

142.250.74.170

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
JavaScript source, ASCII text, with very long lines (32061)
Size
30 kB (29671 bytes)
Hash
e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

HTTP Headers

GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 23:24:46 GMT
expires: Fri, 02 May 2025 23:24:46 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 152250
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

i.ibb.co/pZDr8sd/Twitter-Hide-Password.png

162.19.58.158

200 OK

28 kB

URL GET HTTP/2
i.ibb.co/pZDr8sd/Twitter-Hide-Password.png
IP
162.19.58.158:443
ASN
#16276 OVH SAS

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D
ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT

File type
PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced
Size
28 kB (28029 bytes)
Hash
8d1f08b46884df302bf7300fc234832c
5735d57b6fa211c400d439095d5ff2f5bb57e691
e4cff1f68b85c3343554090b3479273a54e5eed2dbb3e56ceb9f86c4ebe8b0e7

HTTP Headers

GET /pZDr8sd/Twitter-Hide-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 28029
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

gwp0jg.iwfr.my.id/js/lazcode.js

104.21.11.79

200 OK

212 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/js/lazcode.js
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
JavaScript source, ASCII text
Size
212 kB (211981 bytes)
Hash
861c5b24b0d507422bd3135316d53991
78d8bd9bba8ea72352b115816378269641e05977
7a95c7a570bd27ee23efde0d51636c2a01e4a331ffc3b603a9d479cb378e254d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/lazcode.js HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/javascript
last-modified: Wed, 24 Apr 2024 17:48:08 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=diRmwDS%2BAliEXf8P1Gn5WrLgyZt0nix54c%2FHkfpHDI5xnC0%2F3N4fCqY0rTTvOXjZv2CP%2BRF6jpn3qhCoYkGk6LnYANzNTLiX%2FKXiBNloNHWDhURbaTvYlOR9c7Rfjr0fLWw2Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494ecbf656bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/img/lazbutton.png

104.21.11.79

200 OK

64 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/img/lazbutton.png
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
PNG image data, 760 x 175, 8-bit/color RGBA, non-interlaced
Size
64 kB (63807 bytes)
Hash
f2e0aad42493c3acecf22fc5f41d1779
d929bb4540513eee48019bca0ca4eb16dc9dd258
98c433cba5798e38edc467e6b2399e281003a66613192f9f4dfd626287d96178

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/lazbutton.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 63807
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:50 GMT
last-modified: Tue, 23 Apr 2024 00:35:44 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19886
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k2HhNb8FpBmdmPBvh8vRjBaU%2F4%2FEIYcKbBnaCs2G2aD6yoIN3S06bHAr1EUONGikkQ3iz9IBFkN1x2mREZFt0WekpXz%2B9kh5%2BX24E3egiyFf5p15f2WIU4ynjakTae6LHNm5TA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea495269f356bb-OSL
alt-svc: h3=":443"; ma=86400

www.pubgmobile.com/en/images/nav_language.svg

23.36.76.250

200 OK

675 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_language.svg
IP
23.36.76.250:443
ASN
#20940 Akamai International B.V.

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
675 B (675 bytes)
Hash
d8ba211bb1be1a15bf5b0143ca1b009a
215203609a551dcaccf6e434508623f302635f86
a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6

HTTP Headers

GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
content-length: 675
date: Sat, 04 May 2024 17:42:16 GMT
akamai-grn: 0.f64c2417.1714844536.6477895
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2

104.17.24.14

200 OK

150 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150020, version 772.1280
Size
150 kB (150020 bytes)
Hash
d5e647388e2415268b700d3df2e30a0d
97f0942c6627ddd89fb62170e5cac9a2cbd6c98c
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

HTTP Headers

GET /ajax/libs/font-awesome/6.4.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gwp0jg.iwfr.my.id
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150020
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "64cac444-24a04"
last-modified: Wed, 02 Aug 2023 21:01:56 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 342087
expires: Thu, 24 Apr 2025 17:42:16 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Z13JWJoPiDLPEWrVPZ4HSMWaiqCe0KDy%2B38%2BaHqPCzfdBo0Cwhqf%2Fu5qJD7DzStfgNH%2FiNfQ3OM6foJhFAEpJUNhv4kNFlR%2BtccJ7ZiQQ%2FiJFQzlCho8VBE4niE8ff9CTB%2FHkNf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87ea4952fe240b59-OSL
alt-svc: h3=":443"; ma=86400

i.ibb.co/PYpHF6b/Twitter-Show-Password.png

162.19.58.158

200 OK

28 kB

URL GET HTTP/2
i.ibb.co/PYpHF6b/Twitter-Show-Password.png
IP
162.19.58.158:443
ASN
#16276 OVH SAS

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D
ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT

File type
PNG image data, 656 x 656, 8-bit/color RGBA, non-interlaced
Size
28 kB (28355 bytes)
Hash
2fd203703821d5ce5d18bee2a51b779a
a78d7b1369ce8bc34de57909af142043cae446f0
6b82611fa96f118128b0db9692dd982ca0fe79b1b4d8048946880600cc4f97c8

HTTP Headers

GET /PYpHF6b/Twitter-Show-Password.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/png
content-length: 28355
last-modified: Tue, 17 Jan 2023 04:04:57 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15044, version 1.0
Size
15 kB (15044 bytes)
Hash
4806226b885b3b3d0ae52142f6bfb3af
2ea5cc6d5e4adb874989a2b74bda062296fb1ad3
714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f

HTTP Headers

GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gwp0jg.iwfr.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 May 2024 11:50:19 GMT
expires: Sat, 03 May 2025 11:50:19 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
age: 107517
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png

104.16.156.36

200 OK

8.3 kB

URL GET HTTP/1.1
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png
IP
104.16.156.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerTrustAsia Technologies, Inc.
Subjectdl.dir.freefiremobile.com
Fingerprint98:6C:52:83:2D:43:AE:BF:56:35:62:21:67:C0:64:1C:06:AB:10:36
ValidityThu, 18 Apr 2024 00:00:00 GMT - Fri, 18 Apr 2025 23:59:59 GMT

File type
PNG image data, 616 x 90, 8-bit/color RGBA, non-interlaced
Size
8.3 kB (8314 bytes)
Hash
c632e6bfd0076695e56477bdb3f7232c
5b4212f029814b5dfda946ac5e5a6ba97857feb9
86ccbc1dbeb58af3e6bce5ee52f86a47399da998ad34a0fd2ce9b0b539d92f6c

HTTP Headers

GET /common/web_event/official2/dist/client/img/full_logo.969f536.png HTTP/1.1
Host: dl.dir.freefiremobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 May 2024 17:42:16 GMT
Content-Type: image/png
Content-Length: 8314
Connection: keep-alive
x-obs-request-id: 0000018EF0C84E84941CD169E3F393ED
Content-MD5: xjLmv9AHZpXlZHe9s/cjLA==
x-obs-replication-status: REPLICA
ETag: "c632e6bfd0076695e56477bdb3f7232c"
Last-Modified: Wed, 10 Apr 2024 03:54:58 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSWVQDaQXvzJjcpftemybSShaG5ASS7x
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Server: cloudflare
CF-RAY: 87ea495388031c02-OSL

gwp0jg.iwfr.my.id/index.html

104.21.11.79

404 Not Found

1.1 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/index.html
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
1.1 kB (1143 bytes)
Hash
8150f458ed6fb9b1db4e5cfa57a1a281
6e5726854d28687b560d7fdcb5c782c425c7dfb9
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /index.html HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pJ9Etni%2B2XBt%2FCiw0w8u1uGxmBpqLyaiO482rDslw%2FtLvu5sh9a9O5gPTlfR9aytYefbmp26BeLknk1L%2BadGsG5EmEO8VYsGeJTuOZtzlGMoRCYHGKqqH50lbGkrK%2FE%2FVZxxAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea495269ed56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

d2wn68h1k.olf.my.id/media/putaran.mp3

188.114.97.1

404 Not Found

818 B

URL GET HTTP/3
d2wn68h1k.olf.my.id/media/putaran.mp3
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectolf.my.id
FingerprintCF:AA:4B:28:2C:23:8C:75:D1:85:47:F4:39:D4:AE:85:55:56:0F:C6
ValiditySat, 13 Apr 2024 09:44:18 GMT - Fri, 12 Jul 2024 09:44:17 GMT

File type
data
Size
818 B (818 bytes)
Hash
f67ed3cb3a5a6d303a71e00741aa2a5f
5a5ff708f77ab28bcdfda8ab23def2fb837c1cc9
de0561748945b817e812f1cf741b87d700e9ac53fe93b4a99460d9fe1cf49834

HTTP Headers

GET /media/putaran.mp3 HTTP/1.1
Host: d2wn68h1k.olf.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NLpH77kCdrxxYwXOz1VIi6hdIfHTaSx9bd5viLpFU2BPNZ1AaxsTRVEE%2BEmdg%2FK%2B2itfUrcZPH2WMbIVgLscmes6MJhVXK9pZi%2FJhKx12vT08r4ZK23rNRBr%2BVRruwSMv4Mftiia"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4952ecc3b4f4-OSL
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/css/style.css

104.21.11.79

200 OK

6.3 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/css/style.css
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
ASCII text, with very long lines (354)
Size
6.3 kB (6336 bytes)
Hash
0371419b5ddd4578b8882916cce3aae1
7cb9039cf719e52bfd5449e0bf0ff713fa838d05
1144f1063a0254e9764d9c23da12852aab26f6adc6bac76493c12401a20e0a5d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/style.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 24 Apr 2024 17:40:38 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19886
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2RpeYX7fCJwhCAyi6Q0xL1EN02LW3ZTInc9Q1zXipar1IXUGkj%2BlbRWi9YAYo5LlBVkxsVEv4E1GLHCL5dBlmYveCtpK8y2nOKcNTMsn%2BNC7gvlwWbCvD1j0X8kdXsSOihD7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e6b4556bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/js/showHide.js

104.21.11.79

200 OK

18 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/js/showHide.js
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
ASCII text, with CRLF line terminators
Size
18 kB (17925 bytes)
Hash
d3e46c4a7d95270da519489746521b1a
5f5a383b6a1a635695e2c72aace79363708f82be
8023fc37af7de956061342860b38dd1646ce1f1fa7ecc2ce703e2b544b2bd283

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/showHide.js HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/javascript
last-modified: Wed, 25 Oct 2023 01:54:20 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 1864
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J69E1QsUee4SJ97Z1rSswMcEw5qRNYmNsnDoJOUWzaAWo9Wu3H%2F8b6MdyTzGGD%2BV2vczWynscngZ89A7wROdRfX%2BbJU3h4vKQd6Sk5qztXwi1rk66i06z1%2FclpLeutIYOLTWwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea4952ead756bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

l.top4top.io/m_1725u5z7i1.mp3

135.181.63.70

206 Partial Content

20 kB

URL GET HTTP/2
l.top4top.io/m_1725u5z7i1.mp3
IP
135.181.63.70:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerLet's Encrypt
Subject*.top4top.co
Fingerprint8E:68:31:71:67:48:80:97:18:D7:75:1F:EF:2C:6E:F5:43:2B:3E:B2
ValidityMon, 01 Apr 2024 00:05:12 GMT - Sun, 30 Jun 2024 00:05:11 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
Size
20 kB (19781 bytes)
Hash
ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

HTTP Headers

GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Sat, 04 May 2024 17:42:16 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sun, 05 May 2024 17:18:56 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Sat, 04 May 2024 19:42:16 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2

gwp0jg.iwfr.my.id/css/animate.css

104.21.11.79

200 OK

5.5 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/css/animate.css
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
ASCII text
Size
5.5 kB (5517 bytes)
Hash
8eae1a9cfafdc593321d4d59ec4905ea
232f5f3f4c3a0a56823e0e933f9c7fec3aa9cbcc
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 25 Oct 2023 01:51:02 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IIqGjORQRK5mfkQNxXjlzR39uEApGbRsp6x%2FgzyEI1un1qyG1FZQAIx09Z%2BJdwteMTZGkaesdlksWld9umzdNwYVtkl4TYEkrYhrjxEPT01vnKtVSNweYvn4S%2BcoFHK9xFcUtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e7b4e56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/

104.21.11.79

200 OK

24 kB

URL User Request GET HTTP/2
gwp0jg.iwfr.my.id/
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (452)
Size
24 kB (23628 bytes)
Hash
c45b6fa358c4359b17f9cbd90f64b24b
192048bf3f5ae92c286e732aba46fea3dd72edd3
dc90965357dff7b9ac15861c1126742325440332dcbebaad5fc963bf55d497c1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET / HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 17:42:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uYbeN8hi0KekLLWBBR%2FqmPk78urt0wvLvNhDXzQGKl7zbjTE7BVKRDSxIcljuF4bPpv1jvbYW0%2Btn57xBdoHElWFfpL3b5FwLgLaY7XIOBltM16eo0ujsAXQa5ReUcppH47eow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494a582856b5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

gwp0jg.iwfr.my.id/css/style2.css

104.21.11.79

200 OK

25 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/css/style2.css
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
ASCII text, with very long lines (7259)
Size
25 kB (25256 bytes)
Hash
2e04791ca92885338dba25667e11f755
d52f88066b5bbbedf07c402be63b15c1fb3d64ee
482c6bcc8b1fa18556592b0b7f42bf13f68798dd2921d86e0bda175b528c8829

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/style2.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 24 Apr 2024 17:40:38 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tyhTNGZIOaRseiDgQeZT2P%2FK5ge88o9pHnxRXt2tK8WDM75G7x4CuIu5F6Y0sWZq21RZggnDdV%2FJj03BWpAWxTySWUwnk7L2xJgR6ery6u1rf%2FIwwHBrzuJn7iP9BrixcNZmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e7b4d56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.10.207

200 OK

22 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (30837)
Size
22 kB (22262 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9e01696f4dd85a48838a9ea9ee82ef4a
cdn-cache: HIT
cf-cache-status: HIT
age: 350681
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 87ea494fdcb1712d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

gwp0jg.iwfr.my.id/fonts/laza.woff2

104.21.11.79

200 OK

22 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/fonts/laza.woff2
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
Web Open Font Format (Version 2), TrueType, length 22220, version 1.0
Size
22 kB (22220 bytes)
Hash
345579e8566a3dd6dc9feb5362fbe7e1
df075dd0c26e72fd7df19948f07904c1eaa72ded
1d0dfcc32b3be2bf3b3dbc371e9b7c5ce205f4bc6f7c8ce0226256cc7064c3e4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /fonts/laza.woff2 HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:17 GMT
content-type: font/woff2
content-length: 22220
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 17:42:17 GMT
last-modified: Wed, 29 Nov 2023 23:01:44 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n6ICVjkwCyanv8YCMgV1V0%2FkpdPZrWNumuzafigN2J6kyG%2FVmBfKt5%2FAtmHwwKT6weTF1nAd2eN9WS1ywJ1VS%2F9LNA0cDqJemCCCEwxYs%2F3buWWPxsuBw5BhIPUEtQiadTkh6w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea495269f556bb-OSL
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/media/close.mp3

104.21.11.79

404 Not Found

2.7 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/media/close.mp3
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
data
Size
2.7 kB (2665 bytes)
Hash
054c4e5b0731cef556131e170ca16280
6b64c5865490f0488138454127386514cd47430c
f851a6b7f2bb3292c85bb5bb88b5c18b2bb97b0364aa234f39fe9c8ea38d8183

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /media/close.mp3 HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 04 May 2024 17:42:17 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VVLwHDTsx879Drumkk%2FdXLqNbzumx9ZWsWXCgOeLySOLPaObXAKKo5%2Bf%2BH9l%2B6kSzdWfsVn4ogQCnlridoyinycPTTXPoOh1RIddbtzGFXvxF0yikyQ85PyRlUrDZJa%2BCGaj2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea49539c0b56bb-OSL
alt-svc: h3=":443"; ma=86400

www.pubgmobile.com/en/images/nav_menu.svg

23.36.76.250

200 OK

426 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_menu.svg
IP
23.36.76.250:443
ASN
#20940 Akamai International B.V.

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint5C:D9:77:1B:16:32:99:FE:C5:2E:BD:E3:86:D8:71:22:B0:1B:6A:3F
ValidityMon, 30 Oct 2023 00:00:00 GMT - Wed, 30 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
426 B (426 bytes)
Hash
a1f09c4f5c87271dbccf8cb05885ad42
18bbacc9c372dcb6bc77c2475595e058c1ad1594
b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a

HTTP Headers

GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
date: Sat, 04 May 2024 17:42:18 GMT
content-length: 426
akamai-grn: 0.f64c2417.1714844536.6477896
X-Firefox-Spdy: h2

gwp0jg.iwfr.my.id/css/login/facebook.css

104.21.11.79

200 OK

4.1 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/css/login/facebook.css
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
ASCII text, with very long lines (4392), with no line terminators
Size
4.1 kB (4105 bytes)
Hash
3adc29a32c52542550c5c29cf3745026
535971433c82b138b250f7c921b36f3f1152d908
1c6b34f563e3dd9d9e6c582637924e10dbee2b77003a16716952d8d71981a320

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/login/facebook.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Sun, 30 Apr 2023 12:33:24 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9fqDSh4fBAd3%2BuBeWn%2FkqN0EogXcMFZXAN%2BdkFyBFmaM1xaVGA6yqbqcL0olmulsLk6rtoN8g5oDdxpMaJnill0aopKk4jQT5W%2BKJYMdttDkP3ogiwkncVtjo8vn0zoSiwV%2B7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e7b5f56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/css/google.css

104.21.11.79

200 OK

4.7 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/css/google.css
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
ASCII text, with very long lines (5117), with no line terminators
Size
4.7 kB (4677 bytes)
Hash
89a5d57984f3b8f805d26d28b1186269
232b658c1f732dff7f5eb75cd45adafe60e712ab
a6272b0608c58d56d36fa0bfa33ac7dcc854d4d74fa1a02adf4d2b6c738fb04d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/google.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 10 Apr 2024 15:47:52 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bHYAuzkFdwgf55CQFuWhGTIaVHfanUMPB2PTJmMCwyxnsJsiswvUPgp0yTi2B9GQ2wfgnx7TvRvrQufcTR7xhkPD7gXZhk0TUVfSDxMUtbWjnYlRrImBywTlhJ9r9mkNZlLoYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e7b6056bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/js/sliders.js

104.21.11.79

200 OK

515 B

URL GET HTTP/3
gwp0jg.iwfr.my.id/js/sliders.js
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
ASCII text, with very long lines (547), with no line terminators
Size
515 B (515 bytes)
Hash
1a8aabdbd97c821c7818e5b5a1bca336
035e2e037daddbceb4393cde1ff972be3ae7cb87
3b13dafadf708ff1f8415c83e2224fd3f90d77d94c24d77af050600822e0338b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/sliders.js HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/javascript
last-modified: Mon, 04 Dec 2023 13:53:42 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n9HiXN4Xn4oKoPwnYvSx31hDXNpcNBTcTZdqWd1kK%2FVRqrKYL%2BK8jkkg3xf9gsg4qIy3IPrI92%2Bw6ehSHr%2Bq7DqVKm3HZaGJWgMRgWK3a45uqpelEG7ghZRSrcyshNgZcFghxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494ecbfe56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Teko&display=swap

142.250.74.74

200 OK

1.2 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Teko&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (1182), with no line terminators
Size
1.2 kB (1155 bytes)
Hash
517c67874f6f9ada9c4283fe962de9cf
3ef9577a3d48a4d102dbad75e10bc5563e08d81f
6a843b3e563cf2b17bbb15e15041f252e7524deb41991c4a2ce088b0e1c7f29a

HTTP Headers

GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 17:42:16 GMT
date: Sat, 04 May 2024 17:42:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gwp0jg.iwfr.my.id/js/timer.js

104.21.11.79

200 OK

3.1 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/js/timer.js
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
JavaScript source, ASCII text, with very long lines (3320), with no line terminators
Size
3.1 kB (3062 bytes)
Hash
efd255d5169e94333606783e17b0c305
d32b417dc9e56d27f979feb79db8b9a8efafc2be
c322ed023b5df32a9f6c4c5423723d0e045a7b5196b1aa268caf1946c005740d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/timer.js HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/javascript
last-modified: Sat, 02 Dec 2023 13:22:04 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SKoUxjljanTUsHLf%2FpXT7fldryoDHs4WErsW5LRRwVNHCXNYVnOTGQv4LJL7BNXbJzjTNLKaWy%2FIkUYqcy22y1jBpOH4EvJyRmqj5pHEP%2B7y7LdqUi%2BGbdsctJJMjSEiYcxA0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494ecbff56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/css/loader.css

104.21.11.79

200 OK

6.0 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/css/loader.css
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
ASCII text, with very long lines (6144), with no line terminators
Size
6.0 kB (5955 bytes)
Hash
0871902c1e3fc03adc8b54a4e0a72fe0
4f3d6341461c9830fa69c856f32620ebc04ecf60
0ec9849f16e30ce86df6ddd24db1f52074a26a965ff230da299726bac140e5e6

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/loader.css HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:49 GMT
last-modified: Wed, 25 Oct 2023 01:51:20 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19887
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FqAGxmoQaHQ6FHXW8UcaE79kDfNBpa0u8kI09iXRziiTFWwi3Uov1MlrfQMbmhSqcGCSDLt5o7DO5aNugJEVPUAv8CzoUFY2Pv9dHJ1yFkDLRYDmo2pBVN%2BY%2FfElTOZhLr94rA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494e7b5c56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/js/slidernotif.js

104.21.11.79

200 OK

405 B

URL GET HTTP/3
gwp0jg.iwfr.my.id/js/slidernotif.js
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
ASCII text, with very long lines (424), with no line terminators
Size
405 B (405 bytes)
Hash
d04e2bb8735775658ecc02f82de70932
57fa114a33033889cd385cab4da967d093fc7eb6
1e0b76759a4ed491e1ca4ae888c32d19a9f1523856e5e4080c395e8f91fa6612

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/slidernotif.js HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/javascript
last-modified: Sat, 02 Dec 2023 17:41:52 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDpCM6yIUURQkreOtAD1MvmJqpq1t%2By%2BETKKFf72iKJ3zs0N9ktLj6deZq1Kmn5pePt%2B6B4KTwHbh%2Flg7paGnXSAoEwggyPtYnjs8CftOsTiHHdB%2FdGohgojETxZYq6MhQghIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87ea494ecbfd56bb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/media/open.mp3

104.21.11.79

404 Not Found

1.3 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/media/open.mp3
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
HTML document, ASCII text, with very long lines (1285), with no line terminators
Size
1.3 kB (1251 bytes)
Hash
94f08a3a6562f7f079c4f5a67b7260e2
cc5d03e17c41ee6bb2ebf0d26d4354a486ca1823
44ea069d9a3f7dcea953ac173384578b6185f4b2ece05a6f4513b9fda29c4c29

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /media/open.mp3 HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 04 May 2024 17:42:17 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77Qqbo8b8ZAej4vr4MD1FI4hxyrQ2hVhDTRt0POHXcVjqcnXPYczuNYl6jM%2FvNGzUsb7%2Fbx3FSsX%2Fw5L8XcU6sIJqNCaeQ68Z%2FSqUYHtKnC0fa%2FaVuaoQD9cv5PkxPfZ8x613w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea4952ead956bb-OSL
alt-svc: h3=":443"; ma=86400

a.top4top.io/m_1725zobal2.mp3

65.21.235.194

206 Partial Content

18 kB

URL GET HTTP/2
a.top4top.io/m_1725zobal2.mp3
IP
65.21.235.194:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerLet's Encrypt
Subject*.top4top.co
Fingerprint8E:68:31:71:67:48:80:97:18:D7:75:1F:EF:2C:6E:F5:43:2B:3E:B2
ValidityMon, 01 Apr 2024 00:05:12 GMT - Sun, 30 Jun 2024 00:05:11 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
Size
18 kB (17691 bytes)
Hash
70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65

HTTP Headers

GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Sat, 04 May 2024 17:42:16 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sun, 05 May 2024 17:18:56 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Sat, 04 May 2024 19:42:16 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2

d2wn68h1k.olf.my.id/img/style-img/twitter-text.png

188.114.97.1

404 Not Found

0 B

URL GET HTTP/2
d2wn68h1k.olf.my.id/img/style-img/twitter-text.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectolf.my.id
FingerprintCF:AA:4B:28:2C:23:8C:75:D1:85:47:F4:39:D4:AE:85:55:56:0F:C6
ValiditySat, 13 Apr 2024 09:44:18 GMT - Fri, 12 Jul 2024 09:44:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img/style-img/twitter-text.png HTTP/1.1
Host: d2wn68h1k.olf.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4%2FckSelmRfY8bVzxlVZ%2FsM3Kwc7metVpLR7VgTwgAfelgnjBgFgtZaoIWHlv%2FvR%2FIMHVUPMK5bfcmrVIMpcOgh4%2Bcu%2BKTRFmu4QPqSy5HqSyfIfdrCjtM1BJimP09zzkR%2BLweq%2Fx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494fcd63b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

142.250.74.74

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
12 kB (11840 bytes)
Hash
807349734f3707b50b73c3fd626526e8
2f3ab67f0ffa01bc1f0c180cae9085ecc8d96d63
ce7d7e11e41b1b3619cbdf436bbf2557fda2d97d434e65fab281207ffae5c0d0

HTTP Headers

GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 May 2024 17:42:16 GMT
date: Sat, 04 May 2024 17:42:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

gwp0jg.iwfr.my.id/media/open.mp3

104.21.11.79

404 Not Found

1.3 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/media/open.mp3
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
HTML document, ASCII text, with very long lines (1285), with no line terminators
Size
1.3 kB (1251 bytes)
Hash
94f08a3a6562f7f079c4f5a67b7260e2
cc5d03e17c41ee6bb2ebf0d26d4354a486ca1823
44ea069d9a3f7dcea953ac173384578b6185f4b2ece05a6f4513b9fda29c4c29

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /media/open.mp3 HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 04 May 2024 17:42:17 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wUgzXU7wfobphcrnE9gYF5F2%2FL5LGGa%2F59lPLQZ9gzOBLym0m3T7i1lxUhSnXpr%2FRIvtKJq9yvzkww720OOD1%2F3o5N%2Fi0y%2BSxv0YqAAh9GdbOJoU1OpNPEsFbFNBuSp1AW6c3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea49539c0056bb-OSL
alt-svc: h3=":443"; ma=86400

gwp0jg.iwfr.my.id/img/style-img/ff-logo-icon.png

104.21.11.79

200 OK

1.4 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/img/style-img/ff-logo-icon.png
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
PNG image data, 71 x 61, 8-bit/color RGBA, non-interlaced
Size
1.4 kB (1414 bytes)
Hash
7829ec7999775865a662468dd7e96117
d2dda88c46098945bfc1282724aa86478acddc10
049490ddf516d0c066e4245937065d8ff549ecddfd0f6ebe55891960627c86e8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/style-img/ff-logo-icon.png HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:17 GMT
content-type: image/png
content-length: 1414
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:51 GMT
last-modified: Wed, 10 Apr 2024 23:33:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19886
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gVZDQy50p%2F7kDbD6mydYUOMxvG5getD9CycV5TBlGV2qtWnBVoU4TklYOQNc1aa17cEDJrbY%2BID1A%2BJRKlCLsrSXtdoxX4sbiGZ2IAQXpzHbEPQlS2yswpqGLluZlAJ1E6NbUw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea49572b3556bb-OSL
alt-svc: h3=":443"; ma=86400

d2wn68h1k.olf.my.id/img/namm4.png

188.114.97.1

404 Not Found

0 B

URL GET HTTP/2
d2wn68h1k.olf.my.id/img/namm4.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectolf.my.id
FingerprintCF:AA:4B:28:2C:23:8C:75:D1:85:47:F4:39:D4:AE:85:55:56:0F:C6
ValiditySat, 13 Apr 2024 09:44:18 GMT - Fri, 12 Jul 2024 09:44:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img/namm4.png HTTP/1.1
Host: d2wn68h1k.olf.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=guad8gvzVn%2FaTU24%2FT3XTrzC8v6zF5XmE0eWq1A9helAZtaFyJ74aT114iktOw%2F%2F7q0QznVXPJ7k%2FuoizpIdAHkPvqPtrRxzUZhY%2BWixJkd4VXwVC4pn9dq%2FbqoTfG%2BoKyF6NMD3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494fdd83b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

gwp0jg.iwfr.my.id/img/bgreward.jpg

104.21.11.79

200 OK

210 kB

URL GET HTTP/3
gwp0jg.iwfr.my.id/img/bgreward.jpg
IP
104.21.11.79:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectiwfr.my.id
Fingerprint79:A3:BA:F5:04:93:2D:81:B9:A6:2D:7D:86:3D:B2:4F:74:69:4F:31
ValidityThu, 02 May 2024 09:11:36 GMT - Wed, 31 Jul 2024 09:11:35 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=2157, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=1080], progressive, precision 8, 1080x1884, components 3
Size
210 kB (210267 bytes)
Hash
a54746056ec103509238b3ee4d1abe37
1254a00b8ae7da04b7f628c1da5fb1d5dcc5eab4
5e83547f2124d71adadd5ab6402109ac93d4b4f54f94aa55338dfecc0807445a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/bgreward.jpg HTTP/1.1
Host: gwp0jg.iwfr.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 May 2024 17:42:16 GMT
content-type: image/jpeg
content-length: 210267
cache-control: public, max-age=604800
expires: Sat, 11 May 2024 12:10:50 GMT
last-modified: Tue, 23 Apr 2024 00:19:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 19886
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bl64DBzMEH5SaMcVMVd%2BA0UBoXOjxusy%2BRQQe7tbNWLbq%2FHNW%2FTYJU0jTFUBXFRiGFbDDoV1O7ZFB1KxbRY%2FBztEwhPWyZHUuYkCtJRMp8YvID1tAmu19YgKb%2BA1FsZKO9umdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea495269f056bb-OSL
alt-svc: h3=":443"; ma=86400

d2wn68h1k.olf.my.id/img/timer.png

188.114.97.1

404 Not Found

0 B

URL GET HTTP/3
d2wn68h1k.olf.my.id/img/timer.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectolf.my.id
FingerprintCF:AA:4B:28:2C:23:8C:75:D1:85:47:F4:39:D4:AE:85:55:56:0F:C6
ValiditySat, 13 Apr 2024 09:44:18 GMT - Fri, 12 Jul 2024 09:44:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /img/timer.png HTTP/1.1
Host: d2wn68h1k.olf.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KD%2FtY%2B1dRC0VpoGndB7er4jnrITD484W19kujyIbPaeZfvpOobz03S7kzi6wBCMf0qMk0OVvo5WKSzVjAK3918S2zdR8jA8W29DEhgTwyHE7AcVxaGtjjI7nx9C28kt4BKSADyF0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea49526b80b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

d2wn68h1k.olf.my.id/css/login/twitter.css

188.114.97.1

404 Not Found

0 B

URL GET HTTP/2
d2wn68h1k.olf.my.id/css/login/twitter.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://gwp0jg.iwfr.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectolf.my.id
FingerprintCF:AA:4B:28:2C:23:8C:75:D1:85:47:F4:39:D4:AE:85:55:56:0F:C6
ValiditySat, 13 Apr 2024 09:44:18 GMT - Fri, 12 Jul 2024 09:44:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /css/login/twitter.css HTTP/1.1
Host: d2wn68h1k.olf.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gwp0jg.iwfr.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Sat, 04 May 2024 17:42:16 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0SjvPT6eFuqgr6DdQAwcQeInATbz1PKYCV%2BNZQFvVkaNpBG7Evf8SE31IBLCx7mkt3%2B1XrBvbwWeiJFci%2FXNYa6CIBUeo22ejMe0aKrnj3%2FRcTlNkHqFIlb6Y5Cx405q%2F8Rcvtrh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87ea494fcd62b512-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (116)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by