Report - 7dihfa.dgwt.my.id/

Report Overview

Submitted URL
7dihfa.dgwt.my.id/
IP
172.67.180.71
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 05:57:19
Access
public
Website Title
Garena Free Fire. Best survival Battle Royale on mobile!
Final URL
7dihfa.dgwt.my.id/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
66

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
telegra.ph	61046	unknown	2016-03-03	2024-04-22	452 B	11 kB	149.154.164.13
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-25	1.0 kB	32 kB	216.58.207.227
l.top4top.io	926491	2019-11-19	2020-01-15	2024-04-17	499 B	20 kB	135.181.63.70
a.top4top.io	588496	2019-11-19	2019-12-05	2024-04-17	499 B	18 kB	65.21.235.194
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-24	463 B	12 kB	142.250.74.170
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-24	1.1 kB	46 kB	104.17.25.14
i.ibb.co	13485	2010-07-20	2018-11-25	2024-04-24	431 B	29 kB	162.19.58.161
code.jquery.com	634	2005-12-10	2012-05-21	2024-04-23	412 B	94 kB	151.101.130.137
ajax.twitterapis.com	unknown	unknown	No data	No data	1.7 kB	0 B	0.0.0.0
7dihfa.dgwt.my.id	unknown	unknown	No data	No data	13 kB	1.5 MB	172.67.180.71
txtsbeio.bjusy.xyz	unknown	unknown	No data	No data	1.6 kB	2.8 kB	104.21.54.128
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-04-24	462 B	32 kB	104.18.11.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena
2024-04-24	medium	7dihfa.dgwt.my.id/	Garena

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-25	medium	twitterapis.com	Sinkholed
2024-04-25	medium	twitterapis.com	Sinkholed
2024-04-25	medium	twitterapis.com	Sinkholed
2024-04-25	medium	twitterapis.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-1.10.2.min.js	93 kB	2023-03-07	2024-05-04
Pretty URL code.jquery.com/jquery-1.10.2.min.js IP 151.101.130.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-05-04 12:24:40 Times Seen10405 Hash 628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Loading...

	7dihfa.dgwt.my.id/	6.5 kB	2024-04-24	2024-04-29
Pretty URL 7dihfa.dgwt.my.id/ IP 172.67.180.71 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 08:15:29 Last Seen2024-04-29 08:08:08 Times Seen4 Hash d4fd5731b4809ac1a2c912daca91ee78 717055c42c7d4334476deee478553175026114a1 5b2c9d896a8dda9f9938616ea111e9bbd5cda79e32964b6a14a25845b5ba6699 Loading...

HTTP Transactions (48)

URL IP Response Size

7dihfa.dgwt.my.id/img/bff.png

172.67.180.71

200 OK

11 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/bff.png
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
PNG image data, 459 x 138, 8-bit/color RGBA, non-interlaced
Size
11 kB (11185 bytes)
Hash
f77fe97fc8f4d06fd93eaf7552c4a3e9
c73f03f3e5a9f460eb83e10ae7312738a36ce720
b695d33c5ece1af9739e89855c4cc718fd6e9550528009ee5ff644cac193cb41

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/bff.png HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/png
content-length: 11185
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 03:10:42 GMT
last-modified: Thu, 18 Apr 2024 10:36:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 9970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4caLis4WnEcgRdIaKENWmwjlp%2BDOc1FwgcjG4Tq1G9Qiq8Sj4AIdcURXI2Nx1qjytEWWPjdtXzU1FPkE24tF%2BgmVsbedHS2ReEUk0V8Pkhpjrs%2FVFxxFRH0yfqbGrVg5c7stTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a27bf10afe-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.25.14

200 OK

5.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
e9365fe85b7e4db79a87015e52c3db6c
2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1205765
expires: Tue, 15 Apr 2025 05:56:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFfY42lJghMjDOVqe1qMcELnYotRjEDAa4g5BbrSqX7Iz%2Fif4D3z0IfvaEnYQGHRclXHfp2I1ISczhA5pDwUG05tqdG%2FJersSiukm9irb5fZ29Lrf%2FIFDr2g6uGFwWeMrwpKpij6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879c17a28869b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.ibb.co/Wg8qQxh/facebook-text.png

162.19.58.161

200 OK

29 kB

URL GET HTTP/2
i.ibb.co/Wg8qQxh/facebook-text.png
IP
162.19.58.161:443
ASN
#16276 OVH SAS

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectibb.co
Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D
ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

HTTP Headers

GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.10.2.min.js

151.101.130.137

200 OK

93 kB

URL GET HTTP/2
code.jquery.com/jquery-1.10.2.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32072)
Size
93 kB (93107 bytes)
Hash
628072e7212db1e8cdacb22b21752cda
0511abe9863c2ea7084efa7e24d1d86c5b3974f1
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

HTTP Headers

GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 05:56:52 GMT
age: 672418
x-served-by: cache-lga13622-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 1606, 531
x-timer: S1714024612.310964,VS0,VE0
vary: Accept-Encoding
content-length: 93107
X-Firefox-Spdy: h2

telegra.ph/file/d8f63c616348e86fb7ac2.jpg

149.154.164.13

10 kB

URL GET
telegra.ph/file/d8f63c616348e86fb7ac2.jpg
IP
149.154.164.13:0
ASN
#62041 Telegram Messenger Inc

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerGoDaddy.com, Inc.
Subject*.telegra.ph
FingerprintA4:8C:17:73:1C:81:F5:01:E7:C4:0B:2C:96:22:5F:A4:80:CE:4A:55
ValidityTue, 05 Sep 2023 19:09:41 GMT - Sun, 06 Oct 2024 19:09:41 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 512x512, components 3
Size
10 kB (10340 bytes)
Hash
2c37914ef06b1c3c379fca122ced0513
23973cafe2108868ef3de6cac3cba6f95647eb58
aab6f15b5d13e0ab98cf29eccbe27af4ebc48056c3155e5f0b1bc39cfd5d6962

HTTP Headers

GET /file/d8f63c616348e86fb7ac2.jpg HTTP/1.1
Host: telegra.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 10340
cache-control: max-age=10800, must-revalidate
expires: Thu, 25 Apr 2024 08:56:52 GMT
etag: "7c706a64504c2cb3fefd07de3e81a66d36761c4b"
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2

7dihfa.dgwt.my.id/img/popup-close.png

172.67.180.71

200 OK

422 B

URL GET HTTP/3
7dihfa.dgwt.my.id/img/popup-close.png
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
422 B (422 bytes)
Hash
d45afd0750df1473f2835dceb7933be8
25fe98b2ed17c8d857094d1d254fcc2a2f34c363
fd5d4a16b40eb27ac0372e93f5f0f9faa21032d1004a980838024f99798b37c8

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/popup-close.png HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/png
content-length: 422
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Fri, 24 Jun 2022 09:10:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TACs2zV1u0OCqSTczUzvIaGbTD0hh107YQ1RgzZbq8L81cqN7qjHnUc%2BpC%2Fj7cOC8Su6eRgOa4AfS%2Fn%2F82Q483kKhRz5T7FfUtjCatZo1powHGUMz2x6%2BuSkhNxM4rJgBpDj1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a27bf20afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/rewards/2.jpg

172.67.180.71

200 OK

23 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/rewards/2.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3
Size
23 kB (22804 bytes)
Hash
950ebcbde26134cbf74bfe2d753761c6
510ec4714b4923eef01c79c29c2736b9f55ceaaf
056a23671e32c208d1e1f83f7ee4396e2e1e72c27ec47257eceb4fbf0905ea39

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/rewards/2.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 22804
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:18:38 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRJVE9NycNhzaQ34bEsOgF06Li0b%2FTyTkdHmo3V8PSvIlWen9ERx0kcimE32VdKveq19sAfsIXiKtokS3PiwXVWv76Du93WboUEPTivU1CtfRZ69E3%2FpjCf2KIEQGRu7BZt%2FfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bd80afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/tokens.png

172.67.180.71

200 OK

21 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/tokens.png
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
PNG image data, 480 x 120, 8-bit/color RGBA, non-interlaced
Size
21 kB (21002 bytes)
Hash
473833883cfc465f8ce5f007187461fb
77531888cfe50ad3a9a5572f2f12efe13909a61e
51951dd1d36ce7e606a323aa14770d286e1d1d6b7f7d191d5b161235270ef7c7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/tokens.png HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/png
content-length: 21002
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Fri, 19 Apr 2024 12:07:14 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2J5MjKAxA9pgtWRBjS1PaVUQxErJBHY8mFnFeyOd4hAD4%2FCGlwNiE3%2FvPNUi9ZvcouPU6SCYwE7JgTufycdBsNhmS048i0yZq9AfyBAeIHrN2qNosMqJ4qfF%2BO0glr%2BbnoMW2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bd70afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/rewards/7.jpg

172.67.180.71

200 OK

25 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/rewards/7.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3
Size
25 kB (24640 bytes)
Hash
417823719e6cfa032ab103bcd9ddc001
d783c6f4565097023f9205b3c39eee8b103c366a
465bb1e330b8cfb4d8500a5f3512c07d37c11d52df2caf4e91497adf87279869

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/rewards/7.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 24640
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:19:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2FfXU4LyA13J3R7xH2B1n1zu4VjpwKSiVy9jTIGSHc2f9MVRgwp%2BhFGiOZ1UhnpYtqWH3mssZcVIQY9HGmr7Ju4T5yuvjouT%2FZZbeN34nWMHCx124nY1rIyOHFrC6tnto1N9BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bde0afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/rewards/1.jpg

172.67.180.71

200 OK

28 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/rewards/1.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3
Size
28 kB (28200 bytes)
Hash
e30bcec75f2c4c077d907d4bbcd499be
c3d769b0d136589e4f4c4d6ad4ab62a804cd9257
c54db05983dc834cdacc66e3d4bf97b9714c51c7252dfe2beea29dd290cfd42d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/rewards/1.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 28200
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:17:46 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5GuiYd5Y9P1%2BzpugKxM4iytFYCMVKVhHVVmja8GYDpX5pzmPXoz9PkXfurXOkDEzS7HMkzLyvMf9HAN5PtkbBhZsaVpdxxBtsHWwEZmpawE%2FpaeUQu2Vxrk75oZioYg4OA1IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a24bd50afe-OSL
alt-svc: h3=":443"; ma=86400

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0

104.17.25.14

200 OK

38 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 38384, version 1.0
Size
38 kB (38384 bytes)
Hash
a4d31128b633bc0b1cc1f18a34fb3851
6ee4c79372c3fd679706306ede47e4b03cf53d60
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://7dihfa.dgwt.my.id
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 38384
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03ed9-95f0"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 33929
expires: Tue, 15 Apr 2025 05:56:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=te%2FpIjKyEbRuJJkyntf8GsCv1xpvrkwz21anbf6vqeU%2Bt%2FHODb%2F1EEFSCCh8OSjdO4BFoHGJN8ZSAGyUAn52TR8NnaMCsIv9EaK3V1KpC2fGM9vtIIA1cx3v0mVhEIP8Xw45jwex"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879c17a678535687-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/rewards/3.jpg

172.67.180.71

200 OK

31 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/rewards/3.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3
Size
31 kB (30888 bytes)
Hash
1c88d95060ab733a9b2ba6989f2c8f49
07bf082e05dadf6e0eda4c5d2a12397ad23c4b78
fbf3170ab0dac3a8f61f37e3a7cdafd2734b9aaf89e4132777f9a0bf922a0c61

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/rewards/3.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 30888
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:17:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YgF0dUP1enc%2BjqKddnV9pstCJLm1jqxpbjhhYvwKS0TcAVI%2Bru9YbOWiMVdNnF%2BolKo70VBBVqp83AFV9hIEslzRiA1z2Fcw6XNzahhT4T0aojEMOwu3OabPM7AL%2FX4atidAUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bd90afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/rewards/4.jpg

172.67.180.71

200 OK

27 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/rewards/4.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3
Size
27 kB (26863 bytes)
Hash
99b68ca57582eeceab2beb71b7d12baf
29dafd5aeef8e9f765dcd457b773f8008aed5021
a89a0129966d6a3dd8dea5a3c498894dc66821e62668431f6ab474c00e70f405

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/rewards/4.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 26863
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:18:28 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=plkagf%2FyeOvJbYi7DGvY6Hh62uzU9pp4eEyw9a7oZJUmKjvzBFtc%2BGXzIOQ8%2B8ai9NJHN3H8iKUez3t98RkJFCYSPv%2FChX6u6Dgo20hJN708sE3rYEVUbGEdgYBj7AAakC5Iag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bda0afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/rewards/9.jpg

172.67.180.71

200 OK

41 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/rewards/9.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3
Size
41 kB (41316 bytes)
Hash
0a3bc56ffdbafea57688e25dd7d9df6a
9e99435786062b48bb69c5a1877d5e42a6772c3b
b37ed8c76cdaaf9d952723eecbec7f63714c2d9edd875002df0bc8e2e08e4081

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/rewards/9.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 41316
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:20:18 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtAARfpBgzROs%2B2MhWg2XTenTdMvUt7R%2BHPKKsrE2DcYvRdIBXjGxQWFYG1IgMJENDckZ1Whedi5n%2B2WQBXxdMp3E3k7xUjZTbkvRWFNyeBJk%2FkbSMKdIPV9MGiFEUNbpRak4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25be10afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/rewards/5.jpg

172.67.180.71

200 OK

27 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/rewards/5.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3
Size
27 kB (27367 bytes)
Hash
e2ccdc69aa8d9dc22e63f6ed0dd299a9
87845ddd7b94fb61e19c28ffa9df83b4ca57be6e
c6ec45b17e5977709a95e028613f6ce7418fc5c349a2771ed7e5df7ae59a1955

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/rewards/5.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 27367
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:17:18 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9d2OApB2JfzAT8R0ipzB%2BpUitaFTEBsCMkU2qV5qnwI76TpRjYGUjc45izl7kcLPT%2BCEGl5z8DuoFy1U9I7vc%2FS%2BuHx50mu7D0PUvZafjVyx671%2BG8lNapl3JfjA0H4WlmXp5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bdb0afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/rewards/6.jpg

172.67.180.71

200 OK

23 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/rewards/6.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3
Size
23 kB (22569 bytes)
Hash
b92f86713a796e10f6b9ac90a666664f
c4f8d34d0677e07c9ab3321ac00ae26695f708c3
759759f31a3cca1ad1754ed870a0f987c76a1c08452bb2ba23c3a3a6b1d015b7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/rewards/6.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 22569
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:26:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=niatYm1ynmgSGolAJUu9IHpJuujK0Gt5jfMWvoUyysAKZxxX50EpCf2H6S7uoh6wvh9OT5QtzBd9tyuS9a2KPgW6KQJv3rnJNxY9AU%2BYaIqRxLgatOpzb2Ef19fycBGPp5I4Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bdc0afe-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15044, version 1.0
Size
15 kB (15044 bytes)
Hash
4806226b885b3b3d0ae52142f6bfb3af
2ea5cc6d5e4adb874989a2b74bda062296fb1ad3
714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f

HTTP Headers

GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://7dihfa.dgwt.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 20:39:45 GMT
expires: Tue, 22 Apr 2025 20:39:45 GMT
cache-control: public, max-age=31536000
age: 206227
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15044, version 1.0
Size
15 kB (15044 bytes)
Hash
4806226b885b3b3d0ae52142f6bfb3af
2ea5cc6d5e4adb874989a2b74bda062296fb1ad3
714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f

HTTP Headers

GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://7dihfa.dgwt.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 20:39:45 GMT
expires: Tue, 22 Apr 2025 20:39:45 GMT
cache-control: public, max-age=31536000
age: 206227
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

7dihfa.dgwt.my.id/img/rewards/11.jpg

172.67.180.71

200 OK

45 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/rewards/11.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3
Size
45 kB (45021 bytes)
Hash
f19212e0972cd4c0cbd1ae3b3e2f9bbc
14a1153ec4b178d369418a9084f79f235633f71b
c6f38a26ae871b4f86d83579fd963468bf2e994b7f058b6047f98f89243ee968

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/rewards/11.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 45021
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:19:24 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LvmKIaRipZiS4tKTn6eUAyqIyiiUPZJ3TrztF21y1IjTyusDi15o8QgDt5nEZoTwTekKzHdg56f9WnhdmyFn6Fbq3w5i3B9JnOZEAv%2FXBjV%2F1Oq2rbgAMnoEhurMO8aGY3T8Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a26beb0afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/rewards/12.jpg

172.67.180.71

200 OK

43 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/rewards/12.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3
Size
43 kB (42788 bytes)
Hash
a0c69273a26e8758529afbc255447a91
72ee2402ab145333749ab2b3f2a9ea650c17dea3
b7c04cfefa5ca5332c50be84d64b30cdd30a5ce6fd8e9d77c46b9399448056c1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/rewards/12.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 42788
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:20:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P9sFYlBG%2FzsT%2B4K6xGCV2ihOAtI5zTQROT6A5%2BN7iZRT05bLmIKQisie34H5rApzf%2FEVBTCDVOFmbENSPxQuvysJY%2F5OXpSSMymb9UH8shhIPfL1Iyl4O%2FDOeNSDCbgnoNx0kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a26bef0afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/gamecon.jpg

172.67.180.71

200 OK

85 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/gamecon.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
85 kB (84850 bytes)
Hash
e4dd890e64827b632c6f2a9f7960b709
fe750e7afa5634af5fdd82815a599817c9e227f0
163aad2fec6b167bec769c24b4156222392ebf25b9377d9278e20b811bc24d06

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/gamecon.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 84850
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 08 Feb 2024 05:04:38 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Tkq7DwEkTGY7F77AOFBhB3jtIxk5Gqn6rfZscKEgnT6r%2BGYPdZ%2Bh%2BtW5J4GWdXIjTEY6rYecKpT7yCXsF7w1T9i1hCG%2BLcxscbc1UKJsv2iza1%2BpwJuqVAYEwWP%2B1C%2F%2BBAM8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a27bf80afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/rewards/8.jpg

172.67.180.71

200 OK

45 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/rewards/8.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, software=PicSay Pro 1.8.0.5, datetime=2024:04:06 18:10:54], baseline, precision 8, 480x480, components 3
Size
45 kB (44897 bytes)
Hash
5aef10801a628f517f3fa40666a87f69
15122c24d494069114e94a966b2986375509c341
cb1f70e59a10258ae97521fc26ea10c2987a568835ee042706fb34e51363fa35

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/rewards/8.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 44897
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:20:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2BoebiwxDDkAbQCN4wZIRvDH3jjM4BQv%2Fz%2Fk%2B1TBcD6ttDbGblMPiBq%2FZxo9LXVO18ApraNCLDT8FxOmMKCRTctRdpoGuz0bhvnAbgmmKlZWcccwUGsH3VVz%2FH5o9abzVLPYOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25be00afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/rewards/10.jpg

172.67.180.71

200 OK

43 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/rewards/10.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3
Size
43 kB (43269 bytes)
Hash
b21d09600cb975ab27eb9079632386a8
16ce983e518d684c3b60af13624dc642068bbfb9
843810e9023f0e9dafbd0baa8266f5c83eaf4ed7b23975554f0d32cf5de6fb5d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/rewards/10.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 43269
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:19:44 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UyzR9Soh1Y7W9%2Bb71ZXrK3aPXoT%2FD7052FOgnbeKN%2FDL4fBHMZSj0%2FjvafFLv%2FUU5Y0b%2FEv0d63F0XRduCQW4jw5hCSjToppDZy%2Bf8MGnJzw6mLRgRslmd8tIPuQpBTUZNNPgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a26bea0afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/popup-footer.png

172.67.180.71

200 OK

1.6 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/popup-footer.png
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
PNG image data, 480 x 45, 1-bit colormap, non-interlaced
Size
1.6 kB (1606 bytes)
Hash
ff0757ae087db7b747fd2edd05fb05bb
8f545db349797e3499cc283b7d6427a572c3223b
239c98a9d91bad31fba09475147cc928f5a0f076563ac4e21f3182d44209a07d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/popup-footer.png HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/png
content-length: 1606
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:53 GMT
last-modified: Fri, 24 Jun 2022 09:10:18 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2Bph9RB1u4mt8bKlTd4wvo2kTNrS2uFQWMPqlRsFgO9p6Eqy0Dk1s4KqIKEgPehQJsty5%2FwxnuD36ogUSxt0alrUoYEIaPzHm7RXLrangOgjojkKBZF%2BEDxR0N0h8bDsmJ448Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a66dcb0afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/event-theme.png

172.67.180.71

200 OK

19 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/event-theme.png
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
PNG image data, 858 x 111, 8-bit/color RGBA, non-interlaced
Size
19 kB (19354 bytes)
Hash
d46f39c2f22cc01a71d52bdccc050728
5c411127a00ac1c13fc7c212e3212e54c2043228
da72b0015459d762198b95e8fc6111b1689652ae72b449f8fcff4ab6c2ffd53f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/event-theme.png HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/png
content-length: 19354
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:53 GMT
last-modified: Thu, 18 Apr 2024 11:10:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ub7wUl24A%2FTEJYDDBWfVs0dKrldvR3JY4ib%2BLUc6oT7m5%2FJ%2FIYpwr0Nk0jgU7rxXZXObgc6gft7ocFxOgxxkVyYyfAJXT07NsTx8a5gn2WnvQmVdh59MvZqsKHoU6LCQZHmqjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a62dae0afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/container.jpg

172.67.180.71

200 OK

29 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/container.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1399, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=527], progressive, precision 8, 527x1399, components 3
Size
29 kB (28662 bytes)
Hash
656a9909c48f54651964f1c8367701a6
089fb0764624c59412418aadac080f7b3e5f7954
49992ecbf7cfd2699670e3f0e5cd55ab9583ccc214f84fcbc6ab9e4e61b81a77

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/container.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 28662
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:53 GMT
last-modified: Fri, 24 Jun 2022 09:10:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MTKYmKwEG8an9RyplHSbEAhLgMZmvHVTKRNADrnUT0lFq3GQ2dpFYXCjByN%2B9UvXCwxWL%2BRv5VBoRkyywKquINNJsulO%2BkjqXMR8RGxiL3ghMuBMXXGuq3kiEUlwxIqpxHHXnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a60da20afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/index.php

172.67.180.71

200 OK

33 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/index.php
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
HTML document, Unicode text, UTF-8 text
Size
33 kB (33286 bytes)
Hash
a4d37bb48c91a0f6d8405d59488b8026
fe84bbab142599d953b460de86ebe67cfcdb65d7
25fdf3ddbd104e396830543e48de5edd9c51df4a472bc4ef84a5c967dd29fca9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /index.php HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BWBH4Oxk6psBQaguC9kbkVnhgaWAUyha8nwdOJxmPcshGOtAkCA6oGLqZGILZ7mi4f7F9eknOeyhXN6o7aslxBzh26JUazfOHZCICpxsBzvhSG1OYO3z7oKcHmypYHX7z7Nhhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c17a27bf40afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/btn_item.png

172.67.180.71

200 OK

44 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/btn_item.png
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
PNG image data, 1280 x 433, 8-bit/color RGBA, non-interlaced
Size
44 kB (43770 bytes)
Hash
5275d53998d2f0983901cfb7eff3c15c
fe22b6a215e341dba12443ad785362e0d5c1b726
dafc6643f0ea080b4db78a45ec8f3fe634a53f98922ee14cd2446bc7c430e565

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/btn_item.png HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/png
content-length: 43770
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:53 GMT
last-modified: Thu, 18 Apr 2024 10:59:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axHIEOLLAoX4HRegPusDj3mMR0dPD2f6T3h8TWZacZcxXk8tpUxsv%2FSSx9%2FBpHIgD4ZvIadSbDd7NsHzwyiI1B1tUNbqxgaxqWbBtVHfn1FTuiJh3vlncFGhWuOyBdBFf0hsew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a64dc10afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/img/heade77r.jpg

172.67.180.71

200 OK

634 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/heade77r.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3
Size
634 kB (634353 bytes)
Hash
f1eb8abe2de00a07c0bcc26b8123cb68
9472c04313084215b2b10950063ca6fb2ae9b37c
2d84b08c1d3e4dce9f22f9f921c808f974de9ba6d1773c16fadc8a6748f55198

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/heade77r.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 634353
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Wed, 17 Apr 2024 16:20:32 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4bD62W3ygCj7WH4dbMOn%2BgP9yYkYRjSinAn%2FAZUIQaPtI%2B4c86TCuSP9qWG%2FaGhzQHzA2aoCv5wL%2BWMTBafkQBMYtikTfGn4Zrmtg8vyIIGAz7A%2F7%2BhRKp5pLc7eRXPo%2FBlhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a24bd30afe-OSL
alt-svc: h3=":443"; ma=86400

l.top4top.io/m_1725u5z7i1.mp3

135.181.63.70

206 Partial Content

20 kB

URL GET HTTP/2
l.top4top.io/m_1725u5z7i1.mp3
IP
135.181.63.70:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subject*.top4top.co
Fingerprint8E:68:31:71:67:48:80:97:18:D7:75:1F:EF:2C:6E:F5:43:2B:3E:B2
ValidityMon, 01 Apr 2024 00:05:12 GMT - Sun, 30 Jun 2024 00:05:11 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
Size
20 kB (19781 bytes)
Hash
ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

HTTP Headers

GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Thu, 25 Apr 2024 05:56:54 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Fri, 26 Apr 2024 05:33:34 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Thu, 25 Apr 2024 07:56:54 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2

a.top4top.io/m_1725zobal2.mp3

65.21.235.194

206 Partial Content

18 kB

URL GET HTTP/2
a.top4top.io/m_1725zobal2.mp3
IP
65.21.235.194:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subject*.top4top.co
Fingerprint8E:68:31:71:67:48:80:97:18:D7:75:1F:EF:2C:6E:F5:43:2B:3E:B2
ValidityMon, 01 Apr 2024 00:05:12 GMT - Sun, 30 Jun 2024 00:05:11 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo
Size
18 kB (17691 bytes)
Hash
70ded6b0b406f9710307bc35e221629f
7034ec2ff72c936255b04c0890ce8976599380cc
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65

HTTP Headers

GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Thu, 25 Apr 2024 05:56:54 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Fri, 26 Apr 2024 05:33:34 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Thu, 25 Apr 2024 07:56:54 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2

7dihfa.dgwt.my.id/favicon.ico

172.67.180.71

404 Not Found

13 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/favicon.ico
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
13 kB (12624 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 05:56:54 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xhf0W3E2tgGf56DdD2EHbGaNCd8U2bv89Kxmk9ao8turiPlVR%2FxpbHQNBGcqvmDxWB2%2BL3kauxfn4K6W3VF9rljAdYuCjrGJRMoERCxIXz4LzG6d2XRDQau7yAvjMIrPtyANqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17ae49ab0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

142.250.74.170

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500
IP
142.250.74.170:443
ASN
#15169 GOOGLE

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text
Size
12 kB (11840 bytes)
Hash
807349734f3707b50b73c3fd626526e8
2f3ab67f0ffa01bc1f0c180cae9085ecc8d96d63
ce7d7e11e41b1b3619cbdf436bbf2557fda2d97d434e65fab281207ffae5c0d0

HTTP Headers

GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 05:56:52 GMT
date: Thu, 25 Apr 2024 05:56:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.twitterapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

0.0.0.0

0 B

URL GET
ajax.twitterapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://7dihfa.dgwt.my.id/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.twitterapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

txtsbeio.bjusy.xyz/js/script.js

104.21.54.128

404 Not Found

0 B

URL GET HTTP/2
txtsbeio.bjusy.xyz/js/script.js
IP
104.21.54.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectbjusy.xyz
Fingerprint73:45:EB:39:4D:82:A0:72:42:50:4D:B3:4B:73:F8:22:0E:F9:FD:41
ValidityTue, 09 Apr 2024 03:01:35 GMT - Mon, 08 Jul 2024 03:01:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/script.js HTTP/1.1
Host: txtsbeio.bjusy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iR4%2BH5RrGS%2BqGRdkO6FLrvMTjGe3rpcp3Fp9I0JAfmgbdTicuS2a%2BoZhHC1dAik2Qne769bWX13iME%2FCfOTb0pX%2F9NKjoE52coxrOoAM%2FKLQ%2Bnbf%2BorxZ3HTsJc2QgPUZlYxST0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a34da60b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.twitterapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

0.0.0.0

0 B

URL GET
ajax.twitterapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://7dihfa.dgwt.my.id/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.twitterapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

7dihfa.dgwt.my.id/

172.67.180.71

200 OK

32 kB

URL User Request GET HTTP/2
7dihfa.dgwt.my.id/
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type

Size
32 kB (31625 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET / HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:56:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7e%2FOnMelnUZJZOZwQHHk8A0UeZz6jtyCP8b3fyLmTmfqC4qceXJs%2Bkp1zVAr8Ib%2BasaBqxOPh32CW9SYUZDbKf4iwEUbHfnoK3aMexEg6GWAXEO5aGWk3UuharDL1uJeWMuN7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c179e0ec85695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ajax.twitterapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

0.0.0.0

0 B

URL GET
ajax.twitterapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://7dihfa.dgwt.my.id/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.twitterapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

txtsbeio.bjusy.xyz/js/showHide.js

104.21.54.128

404 Not Found

0 B

URL GET HTTP/3
txtsbeio.bjusy.xyz/js/showHide.js
IP
104.21.54.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectbjusy.xyz
Fingerprint73:45:EB:39:4D:82:A0:72:42:50:4D:B3:4B:73:F8:22:0E:F9:FD:41
ValidityTue, 09 Apr 2024 03:01:35 GMT - Mon, 08 Jul 2024 03:01:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/showHide.js HTTP/1.1
Host: txtsbeio.bjusy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 05:56:54 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovhuEn%2Fj7eUbnlbM89bLrrrAcZ3be7JRQkKNkTZshlQr9ZxMAnPBGShumUohspiziCixSV%2Bn0bUnrpj22eaaJ1%2F2x9A3cUlBt%2BKhtiDQea8wYsVSYWHCnQgT8%2Brk9XAV0M%2FZdSo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a81f3f568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/css/login/facebook.css

172.67.180.71

200 OK

3.7 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/css/login/facebook.css
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
ASCII text, with very long lines (4127), with no line terminators
Size
3.7 kB (3699 bytes)
Hash
237151604596d0e43759c893022b147e
b1a99fde79b252a90dc6b061716afe5850f678c8
145b21f00c40ca6514e0a4a1030206815e4ba99c7b4819ee9e9fa626c6cb7324

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/login/facebook.css HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Fri, 24 Jun 2022 09:11:44 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZEvyAPpXH0ybZaqflQV%2FkABusgX6%2BjTnSZcYHbpx55tGWZ4ek41jORZ38jbGsaQcs6s8DZm1yI5tsBaVQqkhImye2MB44PCZpIYATYn4WbGEczfZMh0doWyHoo7uYtF0G9mSmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c17a24bcd0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

txtsbeio.bjusy.xyz/js/showHide.js

104.21.54.128

404 Not Found

0 B

URL GET HTTP/2
txtsbeio.bjusy.xyz/js/showHide.js
IP
104.21.54.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectbjusy.xyz
Fingerprint73:45:EB:39:4D:82:A0:72:42:50:4D:B3:4B:73:F8:22:0E:F9:FD:41
ValidityTue, 09 Apr 2024 03:01:35 GMT - Mon, 08 Jul 2024 03:01:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/showHide.js HTTP/1.1
Host: txtsbeio.bjusy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CjesuPlglIoEA%2BOtZwAghq9vE12esYTu%2BlK7x%2BTWNycPpt4Opc6z9CN3QaxcdO179F5wmYqx9WkeejhAQPDuSA3yVYqd2n295n7HpM67o89AL6EJ3yfR3%2B2jO6LLDzyG9viNdVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a34da80b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

7dihfa.dgwt.my.id/css/animate.css

172.67.180.71

200 OK

82 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/css/animate.css
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
ASCII text, with CRLF, CR line terminators
Size
82 kB (81519 bytes)
Hash
14f7a07011a763336109ffff5bd0d4a1
842fea0dc0aa64bfcfd24eb77fc880e73bce5b12
8e320187d4f00e2b9aa97f93f389c5c1c8ba9aa2cbb07f757a9ec0a2c59279f5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Fri, 24 Jun 2022 09:11:20 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1sUm1vRdflbKzwteP4zQu5BJn0gkszVoSAjTUW1zbcNSceVmInhKY2HTvqIsF1%2FMBVW76is6VHzWVvGwRHvMAEzj87NgAdCma6pZbO4qIRQZXuuLTCwWMHkwyzg8QatRrD9rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c17a24bc80afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

31 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 13398787
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879c17a2aea75688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

7dihfa.dgwt.my.id/img/navbar.jpg

172.67.180.71

200 OK

28 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/img/navbar.jpg
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x172, components 3
Size
28 kB (27487 bytes)
Hash
1719363c262e5dc4a37c9781c363ae26
e3551b470efa9552c27c94ebdbae4b41618d6bb9
f555e12a2bb64109a2d5525f41b0220c200f63d2a0b6cc9525da06f3a67042ab

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/navbar.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 27487
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:53 GMT
last-modified: Thu, 18 Apr 2024 10:23:54 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CTQWNYTEzd2ofTGDsc72Yik1UBvKH7oRUVcgV0kk4KbV6sC16%2Fab4vz%2FHQmgzXBv9BqwkkXI%2F3oEE4yWYUftd8fHuy2GIQCw0lxKrb%2BikaNEYyF6dBFskI%2FWuqSLLsVDE1tzkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a62dac0afe-OSL
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/css/style.css

172.67.180.71

200 OK

13 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/css/style.css
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
assembler source, ASCII text
Size
13 kB (13072 bytes)
Hash
cddf9eddfaed8c2264deeba327500fe8
752543f45ba9040b0404ef570c3fac437d86bb8e
801712498313e773d44046de1ec1826e5905f1e2351176a0b6dcf95d58319990

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/style.css HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Sun, 21 Apr 2024 18:52:46 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JsoyrX%2BxBhB2wrgw0yNeVCLYKTVDDaeHs0AFHplcQyuKyPZsMjqFMNNaNq%2BYXlB2TugfHZw1NCgK5M9qV8gqL8g3TG%2BEQhQDsHsc6UuGi97k2e2ozrqZJs0Iwm8Ke9zYxXzVMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c17a24bc70afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

7dihfa.dgwt.my.id/css/login/twitter.css

172.67.180.71

200 OK

2.5 kB

URL GET HTTP/3
7dihfa.dgwt.my.id/css/login/twitter.css
IP
172.67.180.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerLet's Encrypt
Subjectdgwt.my.id
Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B
ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT

File type
ASCII text, with very long lines (2805), with no line terminators
Size
2.5 kB (2510 bytes)
Hash
7eb8548950ccbfbd2bc960987422c35b
f1dd90b00845e5e9c76a1f3e0c86046639ce82c3
788e3b67027bc969d860068f7a732f169160a43271eba9169eb534211a2628d5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/login/twitter.css HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Fri, 24 Jun 2022 09:11:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QUSVGzwMLRMouIvlhgR6MuwJL7sCArxQYcNH5P1vdVryYeLUWSQJ%2BHkyavvCIqNiAaUCmXDLzu2YJs%2BLVqXXsDAf40z%2F55%2F0lI67DpM3SBlnnYvQp5YQ%2Fuj%2BwqAinIfA2UewTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c17a24bcf0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

ajax.twitterapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

0.0.0.0

0 B

URL GET
ajax.twitterapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://7dihfa.dgwt.my.id/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.twitterapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

txtsbeio.bjusy.xyz/js/script.js

104.21.54.128

404 Not Found

0 B

URL GET HTTP/3
txtsbeio.bjusy.xyz/js/script.js
IP
104.21.54.128:443
ASN
#13335 CLOUDFLARENET

Requested by
https://7dihfa.dgwt.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectbjusy.xyz
Fingerprint73:45:EB:39:4D:82:A0:72:42:50:4D:B3:4B:73:F8:22:0E:F9:FD:41
ValidityTue, 09 Apr 2024 03:01:35 GMT - Mon, 08 Jul 2024 03:01:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/script.js HTTP/1.1
Host: txtsbeio.bjusy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jcWnE2Iufd4lhrnzw0lrV0sRn8sQmKG9Abk7KbSsXM6U%2BIRiTlUlNfpcuqavwGmnas9C1Zj8IFUDrTqnu4eaQWyQokQ%2BZ4Xv2BygwX696nQ5u1qoofd9bEWpBizDwzH0%2FFvHoxM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a6ae0b568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (48)

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP