| 7dihfa.dgwt.my.id/img/bff.png | 172.67.180.71 | 200 OK | 11 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/bff.png IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typePNG image data, 459 x 138, 8-bit/color RGBA, non-interlaced Hashf77fe97fc8f4d06fd93eaf7552c4a3e9 c73f03f3e5a9f460eb83e10ae7312738a36ce720 b695d33c5ece1af9739e89855c4cc718fd6e9550528009ee5ff644cac193cb41
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/bff.png HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/png
content-length: 11185
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 03:10:42 GMT
last-modified: Thu, 18 Apr 2024 10:36:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 9970
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4caLis4WnEcgRdIaKENWmwjlp%2BDOc1FwgcjG4Tq1G9Qiq8Sj4AIdcURXI2Nx1qjytEWWPjdtXzU1FPkE24tF%2BgmVsbedHS2ReEUk0V8Pkhpjrs%2FVFxxFRH0yfqbGrVg5c7stTA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a27bf10afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css | 104.17.25.14 | 200 OK | 5.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css IP104.17.25.14:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashe9365fe85b7e4db79a87015e52c3db6c 2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9 dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1205765
expires: Tue, 15 Apr 2025 05:56:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFfY42lJghMjDOVqe1qMcELnYotRjEDAa4g5BbrSqX7Iz%2Fif4D3z0IfvaEnYQGHRclXHfp2I1ISczhA5pDwUG05tqdG%2FJersSiukm9irb5fZ29Lrf%2FIFDr2g6uGFwWeMrwpKpij6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879c17a28869b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.ibb.co/Wg8qQxh/facebook-text.png | 162.19.58.161 | 200 OK | 29 kB |
URL GET HTTP/2i.ibb.co/Wg8qQxh/facebook-text.png IP162.19.58.161:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT
File typePNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced Hash74190b93fc4f5d88f0c8e6411ba20bd8 89ce2ecb660a90b8e6ed1b335443d7767c59f28a 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /Wg8qQxh/facebook-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/png
content-length: 28789
last-modified: Mon, 18 Oct 2021 19:35:50 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-1.10.2.min.js | 151.101.130.137 | 200 OK | 93 kB |
URL GET HTTP/2code.jquery.com/jquery-1.10.2.min.js IP151.101.130.137:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32072) Hash628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 05:56:52 GMT
age: 672418
x-served-by: cache-lga13622-LGA, cache-hel1410026-HEL
x-cache: HIT, HIT
x-cache-hits: 1606, 531
x-timer: S1714024612.310964,VS0,VE0
vary: Accept-Encoding
content-length: 93107
X-Firefox-Spdy: h2
|
|
| telegra.ph/file/d8f63c616348e86fb7ac2.jpg | 149.154.164.13 | | 10 kB |
URL GET telegra.ph/file/d8f63c616348e86fb7ac2.jpg IP149.154.164.13:0 ASN#62041 Telegram Messenger Inc
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerGoDaddy.com, Inc. Subject*.telegra.ph FingerprintA4:8C:17:73:1C:81:F5:01:E7:C4:0B:2C:96:22:5F:A4:80:CE:4A:55 ValidityTue, 05 Sep 2023 19:09:41 GMT - Sun, 06 Oct 2024 19:09:41 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 512x512, components 3 Hash2c37914ef06b1c3c379fca122ced0513 23973cafe2108868ef3de6cac3cba6f95647eb58 aab6f15b5d13e0ab98cf29eccbe27af4ebc48056c3155e5f0b1bc39cfd5d6962
GET /file/d8f63c616348e86fb7ac2.jpg HTTP/1.1
Host: telegra.ph
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 10340
cache-control: max-age=10800, must-revalidate
expires: Thu, 25 Apr 2024 08:56:52 GMT
etag: "7c706a64504c2cb3fefd07de3e81a66d36761c4b"
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 7dihfa.dgwt.my.id/img/popup-close.png | 172.67.180.71 | 200 OK | 422 B |
URL GET HTTP/37dihfa.dgwt.my.id/img/popup-close.png IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hashd45afd0750df1473f2835dceb7933be8 25fe98b2ed17c8d857094d1d254fcc2a2f34c363 fd5d4a16b40eb27ac0372e93f5f0f9faa21032d1004a980838024f99798b37c8
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/popup-close.png HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/png
content-length: 422
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Fri, 24 Jun 2022 09:10:16 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TACs2zV1u0OCqSTczUzvIaGbTD0hh107YQ1RgzZbq8L81cqN7qjHnUc%2BpC%2Fj7cOC8Su6eRgOa4AfS%2Fn%2F82Q483kKhRz5T7FfUtjCatZo1powHGUMz2x6%2BuSkhNxM4rJgBpDj1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a27bf20afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/rewards/2.jpg | 172.67.180.71 | 200 OK | 23 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/rewards/2.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hash950ebcbde26134cbf74bfe2d753761c6 510ec4714b4923eef01c79c29c2736b9f55ceaaf 056a23671e32c208d1e1f83f7ee4396e2e1e72c27ec47257eceb4fbf0905ea39
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/2.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 22804
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:18:38 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BRJVE9NycNhzaQ34bEsOgF06Li0b%2FTyTkdHmo3V8PSvIlWen9ERx0kcimE32VdKveq19sAfsIXiKtokS3PiwXVWv76Du93WboUEPTivU1CtfRZ69E3%2FpjCf2KIEQGRu7BZt%2FfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bd80afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/tokens.png | 172.67.180.71 | 200 OK | 21 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/tokens.png IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typePNG image data, 480 x 120, 8-bit/color RGBA, non-interlaced Hash473833883cfc465f8ce5f007187461fb 77531888cfe50ad3a9a5572f2f12efe13909a61e 51951dd1d36ce7e606a323aa14770d286e1d1d6b7f7d191d5b161235270ef7c7
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/tokens.png HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/png
content-length: 21002
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Fri, 19 Apr 2024 12:07:14 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2J5MjKAxA9pgtWRBjS1PaVUQxErJBHY8mFnFeyOd4hAD4%2FCGlwNiE3%2FvPNUi9ZvcouPU6SCYwE7JgTufycdBsNhmS048i0yZq9AfyBAeIHrN2qNosMqJ4qfF%2BO0glr%2BbnoMW2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bd70afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/rewards/7.jpg | 172.67.180.71 | 200 OK | 25 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/rewards/7.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hash417823719e6cfa032ab103bcd9ddc001 d783c6f4565097023f9205b3c39eee8b103c366a 465bb1e330b8cfb4d8500a5f3512c07d37c11d52df2caf4e91497adf87279869
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/7.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 24640
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:19:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8%2FfXU4LyA13J3R7xH2B1n1zu4VjpwKSiVy9jTIGSHc2f9MVRgwp%2BhFGiOZ1UhnpYtqWH3mssZcVIQY9HGmr7Ju4T5yuvjouT%2FZZbeN34nWMHCx124nY1rIyOHFrC6tnto1N9BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bde0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/rewards/1.jpg | 172.67.180.71 | 200 OK | 28 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/rewards/1.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hashe30bcec75f2c4c077d907d4bbcd499be c3d769b0d136589e4f4c4d6ad4ab62a804cd9257 c54db05983dc834cdacc66e3d4bf97b9714c51c7252dfe2beea29dd290cfd42d
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/1.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 28200
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:17:46 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5GuiYd5Y9P1%2BzpugKxM4iytFYCMVKVhHVVmja8GYDpX5pzmPXoz9PkXfurXOkDEzS7HMkzLyvMf9HAN5PtkbBhZsaVpdxxBtsHWwEZmpawE%2FpaeUQu2Vxrk75oZioYg4OA1IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a24bd50afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 | 104.17.25.14 | 200 OK | 38 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 IP104.17.25.14:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 38384, version 1.0 Hasha4d31128b633bc0b1cc1f18a34fb3851 6ee4c79372c3fd679706306ede47e4b03cf53d60 e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://7dihfa.dgwt.my.id
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 38384
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03ed9-95f0"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 33929
expires: Tue, 15 Apr 2025 05:56:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=te%2FpIjKyEbRuJJkyntf8GsCv1xpvrkwz21anbf6vqeU%2Bt%2FHODb%2F1EEFSCCh8OSjdO4BFoHGJN8ZSAGyUAn52TR8NnaMCsIv9EaK3V1KpC2fGM9vtIIA1cx3v0mVhEIP8Xw45jwex"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879c17a678535687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/rewards/3.jpg | 172.67.180.71 | 200 OK | 31 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/rewards/3.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hash1c88d95060ab733a9b2ba6989f2c8f49 07bf082e05dadf6e0eda4c5d2a12397ad23c4b78 fbf3170ab0dac3a8f61f37e3a7cdafd2734b9aaf89e4132777f9a0bf922a0c61
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/3.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 30888
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:17:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YgF0dUP1enc%2BjqKddnV9pstCJLm1jqxpbjhhYvwKS0TcAVI%2Bru9YbOWiMVdNnF%2BolKo70VBBVqp83AFV9hIEslzRiA1z2Fcw6XNzahhT4T0aojEMOwu3OabPM7AL%2FX4atidAUg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bd90afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/rewards/4.jpg | 172.67.180.71 | 200 OK | 27 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/rewards/4.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hash99b68ca57582eeceab2beb71b7d12baf 29dafd5aeef8e9f765dcd457b773f8008aed5021 a89a0129966d6a3dd8dea5a3c498894dc66821e62668431f6ab474c00e70f405
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/4.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 26863
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:18:28 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=plkagf%2FyeOvJbYi7DGvY6Hh62uzU9pp4eEyw9a7oZJUmKjvzBFtc%2BGXzIOQ8%2B8ai9NJHN3H8iKUez3t98RkJFCYSPv%2FChX6u6Dgo20hJN708sE3rYEVUbGEdgYBj7AAakC5Iag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bda0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/rewards/9.jpg | 172.67.180.71 | 200 OK | 41 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/rewards/9.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3 Hash0a3bc56ffdbafea57688e25dd7d9df6a 9e99435786062b48bb69c5a1877d5e42a6772c3b b37ed8c76cdaaf9d952723eecbec7f63714c2d9edd875002df0bc8e2e08e4081
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/9.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 41316
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:20:18 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XtAARfpBgzROs%2B2MhWg2XTenTdMvUt7R%2BHPKKsrE2DcYvRdIBXjGxQWFYG1IgMJENDckZ1Whedi5n%2B2WQBXxdMp3E3k7xUjZTbkvRWFNyeBJk%2FkbSMKdIPV9MGiFEUNbpRak4A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25be10afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/rewards/5.jpg | 172.67.180.71 | 200 OK | 27 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/rewards/5.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hashe2ccdc69aa8d9dc22e63f6ed0dd299a9 87845ddd7b94fb61e19c28ffa9df83b4ca57be6e c6ec45b17e5977709a95e028613f6ce7418fc5c349a2771ed7e5df7ae59a1955
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/5.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 27367
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:17:18 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9d2OApB2JfzAT8R0ipzB%2BpUitaFTEBsCMkU2qV5qnwI76TpRjYGUjc45izl7kcLPT%2BCEGl5z8DuoFy1U9I7vc%2FS%2BuHx50mu7D0PUvZafjVyx671%2BG8lNapl3JfjA0H4WlmXp5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bdb0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/rewards/6.jpg | 172.67.180.71 | 200 OK | 23 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/rewards/6.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=480, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=480], progressive, precision 8, 480x480, components 3 Hashb92f86713a796e10f6b9ac90a666664f c4f8d34d0677e07c9ab3321ac00ae26695f708c3 759759f31a3cca1ad1754ed870a0f987c76a1c08452bb2ba23c3a3a6b1d015b7
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/6.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: image/jpeg
content-length: 22569
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:26:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=niatYm1ynmgSGolAJUu9IHpJuujK0Gt5jfMWvoUyysAKZxxX50EpCf2H6S7uoh6wvh9OT5QtzBd9tyuS9a2KPgW6KQJv3rnJNxY9AU%2BYaIqRxLgatOpzb2Ef19fycBGPp5I4Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25bdc0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 IP216.58.207.227:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15044, version 1.0 Hash4806226b885b3b3d0ae52142f6bfb3af 2ea5cc6d5e4adb874989a2b74bda062296fb1ad3 714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://7dihfa.dgwt.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 20:39:45 GMT
expires: Tue, 22 Apr 2025 20:39:45 GMT
cache-control: public, max-age=31536000
age: 206227
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 IP216.58.207.227:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15044, version 1.0 Hash4806226b885b3b3d0ae52142f6bfb3af 2ea5cc6d5e4adb874989a2b74bda062296fb1ad3 714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://7dihfa.dgwt.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 Apr 2024 20:39:45 GMT
expires: Tue, 22 Apr 2025 20:39:45 GMT
cache-control: public, max-age=31536000
age: 206227
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 7dihfa.dgwt.my.id/img/rewards/11.jpg | 172.67.180.71 | 200 OK | 45 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/rewards/11.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3 Hashf19212e0972cd4c0cbd1ae3b3e2f9bbc 14a1153ec4b178d369418a9084f79f235633f71b c6f38a26ae871b4f86d83579fd963468bf2e994b7f058b6047f98f89243ee968
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/11.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 45021
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:19:24 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LvmKIaRipZiS4tKTn6eUAyqIyiiUPZJ3TrztF21y1IjTyusDi15o8QgDt5nEZoTwTekKzHdg56f9WnhdmyFn6Fbq3w5i3B9JnOZEAv%2FXBjV%2F1Oq2rbgAMnoEhurMO8aGY3T8Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a26beb0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/rewards/12.jpg | 172.67.180.71 | 200 OK | 43 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/rewards/12.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3 Hasha0c69273a26e8758529afbc255447a91 72ee2402ab145333749ab2b3f2a9ea650c17dea3 b7c04cfefa5ca5332c50be84d64b30cdd30a5ce6fd8e9d77c46b9399448056c1
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/12.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 42788
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:20:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P9sFYlBG%2FzsT%2B4K6xGCV2ihOAtI5zTQROT6A5%2BN7iZRT05bLmIKQisie34H5rApzf%2FEVBTCDVOFmbENSPxQuvysJY%2F5OXpSSMymb9UH8shhIPfL1Iyl4O%2FDOeNSDCbgnoNx0kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a26bef0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/gamecon.jpg | 172.67.180.71 | 200 OK | 85 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/gamecon.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashe4dd890e64827b632c6f2a9f7960b709 fe750e7afa5634af5fdd82815a599817c9e227f0 163aad2fec6b167bec769c24b4156222392ebf25b9377d9278e20b811bc24d06
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/gamecon.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 84850
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 08 Feb 2024 05:04:38 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0Tkq7DwEkTGY7F77AOFBhB3jtIxk5Gqn6rfZscKEgnT6r%2BGYPdZ%2Bh%2BtW5J4GWdXIjTEY6rYecKpT7yCXsF7w1T9i1hCG%2BLcxscbc1UKJsv2iza1%2BpwJuqVAYEwWP%2B1C%2F%2BBAM8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a27bf80afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/rewards/8.jpg | 172.67.180.71 | 200 OK | 45 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/rewards/8.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, software=PicSay Pro 1.8.0.5, datetime=2024:04:06 18:10:54], baseline, precision 8, 480x480, components 3 Hash5aef10801a628f517f3fa40666a87f69 15122c24d494069114e94a966b2986375509c341 cb1f70e59a10258ae97521fc26ea10c2987a568835ee042706fb34e51363fa35
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/8.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 44897
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:20:10 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z%2BoebiwxDDkAbQCN4wZIRvDH3jjM4BQv%2Fz%2Fk%2B1TBcD6ttDbGblMPiBq%2FZxo9LXVO18ApraNCLDT8FxOmMKCRTctRdpoGuz0bhvnAbgmmKlZWcccwUGsH3VVz%2FH5o9abzVLPYOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a25be00afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/rewards/10.jpg | 172.67.180.71 | 200 OK | 43 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/rewards/10.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x480, components 3 Hashb21d09600cb975ab27eb9079632386a8 16ce983e518d684c3b60af13624dc642068bbfb9 843810e9023f0e9dafbd0baa8266f5c83eaf4ed7b23975554f0d32cf5de6fb5d
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/rewards/10.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 43269
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Thu, 18 Apr 2024 11:19:44 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UyzR9Soh1Y7W9%2Bb71ZXrK3aPXoT%2FD7052FOgnbeKN%2FDL4fBHMZSj0%2FjvafFLv%2FUU5Y0b%2FEv0d63F0XRduCQW4jw5hCSjToppDZy%2Bf8MGnJzw6mLRgRslmd8tIPuQpBTUZNNPgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a26bea0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/popup-footer.png | 172.67.180.71 | 200 OK | 1.6 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/popup-footer.png IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typePNG image data, 480 x 45, 1-bit colormap, non-interlaced Hashff0757ae087db7b747fd2edd05fb05bb 8f545db349797e3499cc283b7d6427a572c3223b 239c98a9d91bad31fba09475147cc928f5a0f076563ac4e21f3182d44209a07d
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/popup-footer.png HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/png
content-length: 1606
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:53 GMT
last-modified: Fri, 24 Jun 2022 09:10:18 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2Bph9RB1u4mt8bKlTd4wvo2kTNrS2uFQWMPqlRsFgO9p6Eqy0Dk1s4KqIKEgPehQJsty5%2FwxnuD36ogUSxt0alrUoYEIaPzHm7RXLrangOgjojkKBZF%2BEDxR0N0h8bDsmJ448Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a66dcb0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/event-theme.png | 172.67.180.71 | 200 OK | 19 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/event-theme.png IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typePNG image data, 858 x 111, 8-bit/color RGBA, non-interlaced Hashd46f39c2f22cc01a71d52bdccc050728 5c411127a00ac1c13fc7c212e3212e54c2043228 da72b0015459d762198b95e8fc6111b1689652ae72b449f8fcff4ab6c2ffd53f
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/event-theme.png HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/png
content-length: 19354
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:53 GMT
last-modified: Thu, 18 Apr 2024 11:10:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ub7wUl24A%2FTEJYDDBWfVs0dKrldvR3JY4ib%2BLUc6oT7m5%2FJ%2FIYpwr0Nk0jgU7rxXZXObgc6gft7ocFxOgxxkVyYyfAJXT07NsTx8a5gn2WnvQmVdh59MvZqsKHoU6LCQZHmqjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a62dae0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/container.jpg | 172.67.180.71 | 200 OK | 29 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/container.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=1399, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=527], progressive, precision 8, 527x1399, components 3 Hash656a9909c48f54651964f1c8367701a6 089fb0764624c59412418aadac080f7b3e5f7954 49992ecbf7cfd2699670e3f0e5cd55ab9583ccc214f84fcbc6ab9e4e61b81a77
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/container.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 28662
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:53 GMT
last-modified: Fri, 24 Jun 2022 09:10:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MTKYmKwEG8an9RyplHSbEAhLgMZmvHVTKRNADrnUT0lFq3GQ2dpFYXCjByN%2B9UvXCwxWL%2BRv5VBoRkyywKquINNJsulO%2BkjqXMR8RGxiL3ghMuBMXXGuq3kiEUlwxIqpxHHXnA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a60da20afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/index.php | 172.67.180.71 | 200 OK | 33 kB |
URL GET HTTP/37dihfa.dgwt.my.id/index.php IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeHTML document, Unicode text, UTF-8 text Hasha4d37bb48c91a0f6d8405d59488b8026 fe84bbab142599d953b460de86ebe67cfcdb65d7 25fdf3ddbd104e396830543e48de5edd9c51df4a472bc4ef84a5c967dd29fca9
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /index.php HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BWBH4Oxk6psBQaguC9kbkVnhgaWAUyha8nwdOJxmPcshGOtAkCA6oGLqZGILZ7mi4f7F9eknOeyhXN6o7aslxBzh26JUazfOHZCICpxsBzvhSG1OYO3z7oKcHmypYHX7z7Nhhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c17a27bf40afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/btn_item.png | 172.67.180.71 | 200 OK | 44 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/btn_item.png IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typePNG image data, 1280 x 433, 8-bit/color RGBA, non-interlaced Hash5275d53998d2f0983901cfb7eff3c15c fe22b6a215e341dba12443ad785362e0d5c1b726 dafc6643f0ea080b4db78a45ec8f3fe634a53f98922ee14cd2446bc7c430e565
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/btn_item.png HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/png
content-length: 43770
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:53 GMT
last-modified: Thu, 18 Apr 2024 10:59:50 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=axHIEOLLAoX4HRegPusDj3mMR0dPD2f6T3h8TWZacZcxXk8tpUxsv%2FSSx9%2FBpHIgD4ZvIadSbDd7NsHzwyiI1B1tUNbqxgaxqWbBtVHfn1FTuiJh3vlncFGhWuOyBdBFf0hsew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a64dc10afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/img/heade77r.jpg | 172.67.180.71 | 200 OK | 634 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/heade77r.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3 Size634 kB (634353 bytes) Hashf1eb8abe2de00a07c0bcc26b8123cb68 9472c04313084215b2b10950063ca6fb2ae9b37c 2d84b08c1d3e4dce9f22f9f921c808f974de9ba6d1773c16fadc8a6748f55198
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/heade77r.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 634353
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Wed, 17 Apr 2024 16:20:32 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H4bD62W3ygCj7WH4dbMOn%2BgP9yYkYRjSinAn%2FAZUIQaPtI%2B4c86TCuSP9qWG%2FaGhzQHzA2aoCv5wL%2BWMTBafkQBMYtikTfGn4Zrmtg8vyIIGAz7A%2F7%2BhRKp5pLc7eRXPo%2FBlhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a24bd30afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| l.top4top.io/m_1725u5z7i1.mp3 | 135.181.63.70 | 206 Partial Content | 20 kB |
URL GET HTTP/2l.top4top.io/m_1725u5z7i1.mp3 IP135.181.63.70:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subject*.top4top.co Fingerprint8E:68:31:71:67:48:80:97:18:D7:75:1F:EF:2C:6E:F5:43:2B:3E:B2 ValidityMon, 01 Apr 2024 00:05:12 GMT - Sun, 30 Jun 2024 00:05:11 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Hashee5b5d12064ae26f839b882edb33da62 6fa93ef00f294eec4ef05276e81813db1e95e346 4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Thu, 25 Apr 2024 05:56:54 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Fri, 26 Apr 2024 05:33:34 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Thu, 25 Apr 2024 07:56:54 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
|
|
| a.top4top.io/m_1725zobal2.mp3 | 65.21.235.194 | 206 Partial Content | 18 kB |
URL GET HTTP/2a.top4top.io/m_1725zobal2.mp3 IP65.21.235.194:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subject*.top4top.co Fingerprint8E:68:31:71:67:48:80:97:18:D7:75:1F:EF:2C:6E:F5:43:2B:3E:B2 ValidityMon, 01 Apr 2024 00:05:12 GMT - Sun, 30 Jun 2024 00:05:11 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo Hash70ded6b0b406f9710307bc35e221629f 7034ec2ff72c936255b04c0890ce8976599380cc 22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Thu, 25 Apr 2024 05:56:54 GMT
content-type: audio/mpeg
content-length: 17691
set-cookie: klj_40d147_downloads=kh520; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Fri, 26 Apr 2024 05:33:34 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="close_reward_popup.mp3"
etag: "5f685351-451b"
expires: Thu, 25 Apr 2024 07:56:54 GMT
cache-control: max-age=7200
x-file-id: x34392024x
content-range: bytes 0-17690/17691
X-Firefox-Spdy: h2
|
|
| 7dihfa.dgwt.my.id/favicon.ico | 172.67.180.71 | 404 Not Found | 13 kB |
URL GET HTTP/37dihfa.dgwt.my.id/favicon.ico IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash0bde7d4b3da67537eaf9188e6f8049cf 64300fc482d01d38b40ab20e15960b6509665e5a 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /favicon.ico HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 05:56:54 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xhf0W3E2tgGf56DdD2EHbGaNCd8U2bv89Kxmk9ao8turiPlVR%2FxpbHQNBGcqvmDxWB2%2BL3kauxfn4K6W3VF9rljAdYuCjrGJRMoERCxIXz4LzG6d2XRDQau7yAvjMIrPtyANqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17ae49ab0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 | 142.250.74.170 | 200 OK | 12 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 IP142.250.74.170:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hash807349734f3707b50b73c3fd626526e8 2f3ab67f0ffa01bc1f0c180cae9085ecc8d96d63 ce7d7e11e41b1b3619cbdf436bbf2557fda2d97d434e65fab281207ffae5c0d0
GET /css?family=Roboto:300,400,500,700|Teko:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 05:56:52 GMT
date: Thu, 25 Apr 2024 05:56:52 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.twitterapis.com/ajax/libs/jquery/2.1.1/jquery.min.js | 0.0.0.0 | | 0 B |
URL GET ajax.twitterapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP0.0.0.0:0
Requested byhttps://7dihfa.dgwt.my.id/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.twitterapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| txtsbeio.bjusy.xyz/js/script.js | 104.21.54.128 | 404 Not Found | 0 B |
URL GET HTTP/2txtsbeio.bjusy.xyz/js/script.js IP104.21.54.128:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectbjusy.xyz Fingerprint73:45:EB:39:4D:82:A0:72:42:50:4D:B3:4B:73:F8:22:0E:F9:FD:41 ValidityTue, 09 Apr 2024 03:01:35 GMT - Mon, 08 Jul 2024 03:01:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/script.js HTTP/1.1
Host: txtsbeio.bjusy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iR4%2BH5RrGS%2BqGRdkO6FLrvMTjGe3rpcp3Fp9I0JAfmgbdTicuS2a%2BoZhHC1dAik2Qne769bWX13iME%2FCfOTb0pX%2F9NKjoE52coxrOoAM%2FKLQ%2Bnbf%2BorxZ3HTsJc2QgPUZlYxST0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a34da60b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.twitterapis.com/ajax/libs/jquery/2.1.3/jquery.min.js | 0.0.0.0 | | 0 B |
URL GET ajax.twitterapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP0.0.0.0:0
Requested byhttps://7dihfa.dgwt.my.id/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.twitterapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| | 172.67.180.71 | 200 OK | 32 kB |
URL User Request GET HTTP/2IP172.67.180.71:443
CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET / HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:56:51 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7e%2FOnMelnUZJZOZwQHHk8A0UeZz6jtyCP8b3fyLmTmfqC4qceXJs%2Bkp1zVAr8Ib%2BasaBqxOPh32CW9SYUZDbKf4iwEUbHfnoK3aMexEg6GWAXEO5aGWk3UuharDL1uJeWMuN7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c179e0ec85695-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ajax.twitterapis.com/ajax/libs/jquery/2.1.1/jquery.min.js | 0.0.0.0 | | 0 B |
URL GET ajax.twitterapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP0.0.0.0:0
Requested byhttps://7dihfa.dgwt.my.id/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.twitterapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| txtsbeio.bjusy.xyz/js/showHide.js | 104.21.54.128 | 404 Not Found | 0 B |
URL GET HTTP/3txtsbeio.bjusy.xyz/js/showHide.js IP104.21.54.128:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectbjusy.xyz Fingerprint73:45:EB:39:4D:82:A0:72:42:50:4D:B3:4B:73:F8:22:0E:F9:FD:41 ValidityTue, 09 Apr 2024 03:01:35 GMT - Mon, 08 Jul 2024 03:01:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/showHide.js HTTP/1.1
Host: txtsbeio.bjusy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 05:56:54 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ovhuEn%2Fj7eUbnlbM89bLrrrAcZ3be7JRQkKNkTZshlQr9ZxMAnPBGShumUohspiziCixSV%2Bn0bUnrpj22eaaJ1%2F2x9A3cUlBt%2BKhtiDQea8wYsVSYWHCnQgT8%2Brk9XAV0M%2FZdSo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a81f3f568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/css/login/facebook.css | 172.67.180.71 | 200 OK | 3.7 kB |
URL GET HTTP/37dihfa.dgwt.my.id/css/login/facebook.css IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeASCII text, with very long lines (4127), with no line terminators Hash237151604596d0e43759c893022b147e b1a99fde79b252a90dc6b061716afe5850f678c8 145b21f00c40ca6514e0a4a1030206815e4ba99c7b4819ee9e9fa626c6cb7324
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/login/facebook.css HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Fri, 24 Jun 2022 09:11:44 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZEvyAPpXH0ybZaqflQV%2FkABusgX6%2BjTnSZcYHbpx55tGWZ4ek41jORZ38jbGsaQcs6s8DZm1yI5tsBaVQqkhImye2MB44PCZpIYATYn4WbGEczfZMh0doWyHoo7uYtF0G9mSmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c17a24bcd0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| txtsbeio.bjusy.xyz/js/showHide.js | 104.21.54.128 | 404 Not Found | 0 B |
URL GET HTTP/2txtsbeio.bjusy.xyz/js/showHide.js IP104.21.54.128:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectbjusy.xyz Fingerprint73:45:EB:39:4D:82:A0:72:42:50:4D:B3:4B:73:F8:22:0E:F9:FD:41 ValidityTue, 09 Apr 2024 03:01:35 GMT - Mon, 08 Jul 2024 03:01:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/showHide.js HTTP/1.1
Host: txtsbeio.bjusy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CjesuPlglIoEA%2BOtZwAghq9vE12esYTu%2BlK7x%2BTWNycPpt4Opc6z9CN3QaxcdO179F5wmYqx9WkeejhAQPDuSA3yVYqd2n295n7HpM67o89AL6EJ3yfR3%2B2jO6LLDzyG9viNdVc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a34da80b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 7dihfa.dgwt.my.id/css/animate.css | 172.67.180.71 | 200 OK | 82 kB |
URL GET HTTP/37dihfa.dgwt.my.id/css/animate.css IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeASCII text, with CRLF, CR line terminators Hash14f7a07011a763336109ffff5bd0d4a1 842fea0dc0aa64bfcfd24eb77fc880e73bce5b12 8e320187d4f00e2b9aa97f93f389c5c1c8ba9aa2cbb07f757a9ec0a2c59279f5
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/animate.css HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Fri, 24 Jun 2022 09:11:20 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X1sUm1vRdflbKzwteP4zQu5BJn0gkszVoSAjTUW1zbcNSceVmInhKY2HTvqIsF1%2FMBVW76is6VHzWVvGwRHvMAEzj87NgAdCma6pZbO4qIRQZXuuLTCwWMHkwyzg8QatRrD9rg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c17a24bc80afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.11.207 | 200 OK | 31 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.11.207:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 10/31/2023 18:48:06
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dd809c84048d5afa8e77adc8acacd559
cdn-cache: HIT
cf-cache-status: HIT
age: 13398787
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879c17a2aea75688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 7dihfa.dgwt.my.id/img/navbar.jpg | 172.67.180.71 | 200 OK | 28 kB |
URL GET HTTP/37dihfa.dgwt.my.id/img/navbar.jpg IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1280x172, components 3 Hash1719363c262e5dc4a37c9781c363ae26 e3551b470efa9552c27c94ebdbae4b41618d6bb9 f555e12a2bb64109a2d5525f41b0220c200f63d2a0b6cc9525da06f3a67042ab
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /img/navbar.jpg HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: image/jpeg
content-length: 27487
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:53 GMT
last-modified: Thu, 18 Apr 2024 10:23:54 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CTQWNYTEzd2ofTGDsc72Yik1UBvKH7oRUVcgV0kk4KbV6sC16%2Fab4vz%2FHQmgzXBv9BqwkkXI%2F3oEE4yWYUftd8fHuy2GIQCw0lxKrb%2BikaNEYyF6dBFskI%2FWuqSLLsVDE1tzkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a62dac0afe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/css/style.css | 172.67.180.71 | 200 OK | 13 kB |
URL GET HTTP/37dihfa.dgwt.my.id/css/style.css IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeassembler source, ASCII text Hashcddf9eddfaed8c2264deeba327500fe8 752543f45ba9040b0404ef570c3fac437d86bb8e 801712498313e773d44046de1ec1826e5905f1e2351176a0b6dcf95d58319990
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/style.css HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Sun, 21 Apr 2024 18:52:46 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JsoyrX%2BxBhB2wrgw0yNeVCLYKTVDDaeHs0AFHplcQyuKyPZsMjqFMNNaNq%2BYXlB2TugfHZw1NCgK5M9qV8gqL8g3TG%2BEQhQDsHsc6UuGi97k2e2ozrqZJs0Iwm8Ke9zYxXzVMw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c17a24bc70afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| 7dihfa.dgwt.my.id/css/login/twitter.css | 172.67.180.71 | 200 OK | 2.5 kB |
URL GET HTTP/37dihfa.dgwt.my.id/css/login/twitter.css IP172.67.180.71:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeASCII text, with very long lines (2805), with no line terminators Hash7eb8548950ccbfbd2bc960987422c35b f1dd90b00845e5e9c76a1f3e0c86046639ce82c3 788e3b67027bc969d860068f7a732f169160a43271eba9169eb534211a2628d5
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /css/login/twitter.css HTTP/1.1
Host: 7dihfa.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 05:56:52 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 05:56:52 GMT
last-modified: Fri, 24 Jun 2022 09:11:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QUSVGzwMLRMouIvlhgR6MuwJL7sCArxQYcNH5P1vdVryYeLUWSQJ%2BHkyavvCIqNiAaUCmXDLzu2YJs%2BLVqXXsDAf40z%2F55%2F0lI67DpM3SBlnnYvQp5YQ%2Fuj%2BwqAinIfA2UewTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879c17a24bcf0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajax.twitterapis.com/ajax/libs/jquery/2.1.3/jquery.min.js | 0.0.0.0 | | 0 B |
URL GET ajax.twitterapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP0.0.0.0:0
Requested byhttps://7dihfa.dgwt.my.id/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.twitterapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| txtsbeio.bjusy.xyz/js/script.js | 104.21.54.128 | 404 Not Found | 0 B |
URL GET HTTP/3txtsbeio.bjusy.xyz/js/script.js IP104.21.54.128:443
Requested byhttps://7dihfa.dgwt.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectbjusy.xyz Fingerprint73:45:EB:39:4D:82:A0:72:42:50:4D:B3:4B:73:F8:22:0E:F9:FD:41 ValidityTue, 09 Apr 2024 03:01:35 GMT - Mon, 08 Jul 2024 03:01:34 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/script.js HTTP/1.1
Host: txtsbeio.bjusy.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://7dihfa.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Thu, 25 Apr 2024 05:56:53 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jcWnE2Iufd4lhrnzw0lrV0sRn8sQmKG9Abk7KbSsXM6U%2BIRiTlUlNfpcuqavwGmnas9C1Zj8IFUDrTqnu4eaQWyQokQ%2BZ4Xv2BygwX696nQ5u1qoofd9bEWpBizDwzH0%2FFvHoxM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879c17a6ae0b568f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|