Report - jwgsiegwi31.adsfor.my.id/

Report Overview

Visited public
2023-10-26 13:00:14
Tags
URL
jwgsiegwi31.adsfor.my.id/
Finishing URL
jwgsiegwi31.adsfor.my.id/
IP / ASN
172.67.160.220
#13335 CLOUDFLARENET
Title
PUBG MOBILE - Midasbuy

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-10-25 18:23:27	421 B	33 kB	151.101.66.137
cdn.midasbuy.com	279351	2018-06-05	2020-07-20 04:57:04	2023-10-23 17:31:01	10 kB	1.1 MB	101.33.10.29
www.pubgmobile.com	21653	2017-10-18	2018-04-27 13:06:13	2023-10-25 19:57:53	467 B	75 kB	23.36.76.250
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-10-25 18:12:06	2.0 kB	4.2 kB	142.250.74.131
ocsp.digicert.cn	37572	2006-01-24	2020-03-20 18:45:56	2023-10-25 16:27:58	990 B	2.9 kB	47.246.48.205
mp.midasbuy.com	unknown	2018-06-05	2022-11-03 17:01:31	2023-10-21 21:43:15	1.1 kB	22 kB	3.126.195.33
site-assets.fontawesome.com	299062	2012-10-18	2022-02-10 07:20:21	2023-10-25 18:41:16	1.6 kB	935 kB	104.18.23.52
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-10-25 18:14:16	503 B	6.8 kB	104.17.24.14
i.postimg.cc	23840	2016-06-11	2018-04-11 12:01:12	2023-10-25 18:12:43	890 B	34 kB	162.19.88.69
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-10-25 18:16:21	942 B	11 kB	142.250.74.106
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15 22:36:43	2023-10-25 19:18:35	471 B	32 kB	104.18.11.207
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-10-25 19:35:04	882 B	61 kB	142.250.74.74
jwgsiegwi31.adsfor.my.id	unknown	2023-08-31	2023-10-25 19:21:38	2023-10-26 02:21:12	4.6 kB	325 kB	172.67.160.220
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-10-25 18:52:09	529 B	17 kB	216.58.211.3

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-10-26 12:59:55	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-10-26 12:59:55	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-10-25	medium	jwgsiegwi31.adsfor.my.id/	Tencent
2023-10-25	medium	jwgsiegwi31.adsfor.my.id/	Tencent
2023-10-25	medium	jwgsiegwi31.adsfor.my.id/	Tencent
2023-10-25	medium	jwgsiegwi31.adsfor.my.id/	Tencent
2023-10-25	medium	jwgsiegwi31.adsfor.my.id/	Tencent
2023-10-25	medium	jwgsiegwi31.adsfor.my.id/	Tencent
2023-10-25	medium	jwgsiegwi31.adsfor.my.id/	Tencent
2023-10-25	medium	jwgsiegwi31.adsfor.my.id/	Tencent
2023-10-25	medium	jwgsiegwi31.adsfor.my.id/	Tencent
2023-10-25	medium	jwgsiegwi31.adsfor.my.id/	Tencent

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	jwgsiegwi31.adsfor.my.id/js/script.js	ScriptElement	4.5 kB	2023-10-26	2024-08-21
Pretty URL jwgsiegwi31.adsfor.my.id/js/script.js IP 172.67.160.220 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-26 15:00 Last Seen2024-08-21 03:18 Times Seen2 Hash d4a44e9ba400ce1f4b9b933b7521216a 6cbf970a4285706a57f45cb1549f58a62633d229 96938e894f3a7d62ea268d2f48b774cdc250e3977a5f332674271f88bcf9828e Loading...

	jwgsiegwi31.adsfor.my.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js	ScriptElement	1.2 kB	2023-03-07	2025-05-09
Pretty URL jwgsiegwi31.adsfor.my.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js IP 172.67.160.220 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 03:15 Times Seen68179 Hash 9e8f56e8e1806253ba01a95cfc3d392c a8af90d7482e1e99d03de6bf88fed2315c5dd728 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8 Loading...

	jwgsiegwi31.adsfor.my.id/	ScriptElement	321 B	2023-08-04	2025-05-07
Pretty URL jwgsiegwi31.adsfor.my.id/ IP 172.67.160.220 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-08-04 00:11 Last Seen2025-05-07 12:08 Times Seen96 Hash 99a98e72d307aff08b53ecc304f4c66a 3688499a4c070a2de50a8b8e0aa1e87faef1a94d d44944314938ac9b57e3369eb209b25a0040ba489e8062bdb98dc66e6914f2c3 Loading...

	code.jquery.com/jquery-1.10.2.min.js	ScriptElement	93 kB	2023-03-07	2025-05-08
Pretty URL code.jquery.com/jquery-1.10.2.min.js IP 151.101.66.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-08 14:38 Times Seen6550 Hash 628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-09
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 03:24 Times Seen8022 Hash e40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-08
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-08 17:05 Times Seen7258 Hash 32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Loading...

HTTP Transactions (57)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.24.14

200 OK

5.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
e9365fe85b7e4db79a87015e52c3db6c
2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 26 Oct 2023 12:59:54 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1435032
expires: Tue, 15 Oct 2024 12:59:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0TCznVG2Hcn%2FMCsq%2F1bvdumaZlXHT1ogLcy9m6ExMTgU2cauiMdagqz4dIUnzJ0hyqImUBiOKvHKiAvGKy6KdkfmbBci1Nnta2t63Uz4EfXRvQHryIKMNiqlS5PEA6GIYT%2Fdizp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81c2e1142f65b52d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-1.10.2.min.js

151.101.66.137

200 OK

33 kB

URL GET HTTP/2
code.jquery.com/jquery-1.10.2.min.js
IP
151.101.66.137:443
ASN
#54113 FASTLY

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32072)
Size
33 kB (32788 bytes)
Hash
628072e7212db1e8cdacb22b21752cda
0511abe9863c2ea7084efa7e24d1d86c5b3974f1
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

HTTP Headers

GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 26 Oct 2023 12:59:54 GMT
age: 3522994
x-served-by: cache-lga13622-LGA, cache-bma1650-BMA
x-cache: HIT, HIT
x-cache-hits: 47, 33248
x-timer: S1698325195.975060,VS0,VE0
vary: Accept-Encoding
content-length: 32788
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a7e6dc84285a2e7d15aa8afde0751d4b
5392c576e5f3980abcb99892c53a37585cecd57b
9107b66eafd000a5042343b6179e579c317a8deb6aba714b351a0f138eb7167c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 12:59:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a7e6dc84285a2e7d15aa8afde0751d4b
5392c576e5f3980abcb99892c53a37585cecd57b
9107b66eafd000a5042343b6179e579c317a8deb6aba714b351a0f138eb7167c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 12:59:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a7e6dc84285a2e7d15aa8afde0751d4b
5392c576e5f3980abcb99892c53a37585cecd57b
9107b66eafd000a5042343b6179e579c317a8deb6aba714b351a0f138eb7167c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 12:59:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

142.250.74.74

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint28:23:2B:8B:2D:09:6C:BB:06:7A:35:80:95:BB:F8:03:41:C8:99:2C
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
ASCII text, with very long lines (32061)
Size
30 kB (29671 bytes)
Hash
e40ec2161fe7993196f23c8a07346306
afb90752e0a90c24b7f724faca86c5f3d15d1178
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

HTTP Headers

GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Oct 2023 12:48:31 GMT
expires: Sat, 19 Oct 2024 12:48:31 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 519084
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

142.250.74.74

200 OK

30 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint28:23:2B:8B:2D:09:6C:BB:06:7A:35:80:95:BB:F8:03:41:C8:99:2C
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
ASCII text, with very long lines (32180)
Size
30 kB (29707 bytes)
Hash
32015dd42e9582a80a84736f5d9a44d7
41b4bfbaa96be6d1440db6e78004ade1c134e276
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

HTTP Headers

GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Oct 2023 11:09:34 GMT
expires: Tue, 22 Oct 2024 11:09:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 265821
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a7e6dc84285a2e7d15aa8afde0751d4b
5392c576e5f3980abcb99892c53a37585cecd57b
9107b66eafd000a5042343b6179e579c317a8deb6aba714b351a0f138eb7167c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 12:59:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a7e6dc84285a2e7d15aa8afde0751d4b
5392c576e5f3980abcb99892c53a37585cecd57b
9107b66eafd000a5042343b6179e579c317a8deb6aba714b351a0f138eb7167c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 12:59:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

jwgsiegwi31.adsfor.my.id/img/LinkedLoginBoxClose.png

172.67.160.220

200 OK

1.2 kB

URL GET HTTP/3
jwgsiegwi31.adsfor.my.id/img/LinkedLoginBoxClose.png
IP
172.67.160.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerLet's Encrypt
Subjectadsfor.my.id
Fingerprint67:CD:D3:CA:DE:1F:BD:8C:5A:F8:50:96:14:53:1E:83:87:AA:0A:65
ValidityThu, 31 Aug 2023 04:53:25 GMT - Wed, 29 Nov 2023 04:53:24 GMT

File type
PNG image data, 43 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
1.2 kB (1170 bytes)
Hash
68fb5b6f86421b10e17cb96a65cbe4d3
80dd39fc67e874953d49ceb2321a1147d0018821
d0eda953f3d7bb15aa078cb44b27702566108120d8b9b37e9a3324e2b767aa08

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /img/LinkedLoginBoxClose.png HTTP/1.1
Host: jwgsiegwi31.adsfor.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 26 Oct 2023 12:59:55 GMT
content-type: image/png
content-length: 1170
cache-control: public, max-age=604800
expires: Thu, 02 Nov 2023 12:59:55 GMT
last-modified: Sun, 09 Oct 2022 17:18:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGi1OFtFeursIlCReRszr77im3PXcyviLV02epVN5cRe4tUpVVlX%2BEu%2F70oFF9kNPVd%2Bf5R7bWbR7QJpqI3hp26glECfcrJ76cgBL6QtDg8jjjOzqQwKJ8XUu00w0%2FM%2BwWCwWlePGtgMK70%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81c2e1142a6356b1-OSL
alt-svc: h3=":443"; ma=86400

ocsp.digicert.cn/

47.246.48.205

471 B

URL
ocsp.digicert.cn/
IP
47.246.48.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
95f1a1343a407fecb197ab44805c41a0
00b65f5199b6d003ff4ae34cb201da4d2f3f4734
e94fb3ecc1428a9382b9354e9da71a6fd3370b41c4c823622003086c46e46bab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Thu, 26 Oct 2023 12:59:56 GMT
Ali-Swift-Global-Savetime: 1698325196
Via: cache21.l2de2[53,53,200-0,M], cache21.l2de2[55,0], cache4.nl2[62,61,200-0,M], cache4.nl2[65,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 26 Oct 2023 12:59:56 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff6309816983251960125793e

ocsp.digicert.cn/

47.246.48.205

471 B

URL
ocsp.digicert.cn/
IP
47.246.48.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
95f1a1343a407fecb197ab44805c41a0
00b65f5199b6d003ff4ae34cb201da4d2f3f4734
e94fb3ecc1428a9382b9354e9da71a6fd3370b41c4c823622003086c46e46bab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Thu, 26 Oct 2023 12:59:56 GMT
Ali-Swift-Global-Savetime: 1698325196
Via: cache14.l2de2[54,54,200-0,M], cache14.l2de2[55,0], cache4.nl2[62,61,200-0,M], cache4.nl2[65,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 26 Oct 2023 12:59:56 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff6309816983251960135796e

ocsp.digicert.cn/

47.246.48.205

471 B

URL
ocsp.digicert.cn/
IP
47.246.48.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
471 B (471 bytes)
Hash
95f1a1343a407fecb197ab44805c41a0
00b65f5199b6d003ff4ae34cb201da4d2f3f4734
e94fb3ecc1428a9382b9354e9da71a6fd3370b41c4c823622003086c46e46bab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: max-age=7200
Date: Thu, 26 Oct 2023 12:59:56 GMT
Ali-Swift-Global-Savetime: 1698325196
Via: cache9.l2de2[5,4,200-0,M], cache9.l2de2[7,0], cache2.nl2[13,13,200-0,M], cache2.nl2[29,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Thu, 26 Oct 2023 12:59:56 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff6309616983251960251920e

cdn.midasbuy.com/images/30ee99398.png

101.33.10.29

200 OK

3.2 kB

URL GET HTTP/2
cdn.midasbuy.com/images/30ee99398.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 72 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
3.2 kB (3234 bytes)
Hash
0ee99398065f2d000412b89818bcde71
4fc6a30f8071825d30b1264d98ba255b9f2a4973
3ae92fbc0ab23564539add612992ce7382d1c8aaa2a802dcb65fd834f00e7962

HTTP Headers

GET /images/30ee99398.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 3234
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Sat, 08 May 2021 10:10:20 GMT
x-nws-log-uuid: 3bda85b9-5110-48de-953c-e0d5437bef3f
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/images/%E8%A7%92%E8%89%B2.9895a14b.png

101.33.10.29

200 OK

107 kB

URL GET HTTP/2
cdn.midasbuy.com/images/%E8%A7%92%E8%89%B2.9895a14b.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 562 x 244, 8-bit/color RGBA, non-interlaced\012- data
Size
107 kB (106789 bytes)
Hash
9895a14b53b0f95c700148d5cca55798
7175d3e8abd905927321663415f12e1d1d282b59
c8817de5bfef71ad6152b8603bc4642ee50372af3881e3958c27b04e57ea97b9

HTTP Headers

GET /images/%E8%A7%92%E8%89%B2.9895a14b.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 106789
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Mon, 20 Mar 2023 12:51:40 GMT
x-nws-log-uuid: 831da80c-a728-47ac-9aca-9cba6cf422bb
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/images/bg%20%281%29.b811a49f.jpg

101.33.10.29

200 OK

41 kB

URL GET HTTP/2
cdn.midasbuy.com/images/bg%20%281%29.b811a49f.jpg
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x244, components 3\012- data
Size
41 kB (40839 bytes)
Hash
b811a49fb84377c1eee0a2bbf88b4055
29908cfefc97e31040b3968e940485a0421891c3
dcb55c455da74a380f90c5b45a4e964f3bebcb6bba0b2911cce393da1fcd6860

HTTP Headers

GET /images/bg%20%281%29.b811a49f.jpg HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/jpeg
content-length: 40839
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Mon, 20 Mar 2023 12:49:58 GMT
x-nws-log-uuid: 06297430-4145-4d2e-a436-4d200072f1ce
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/images/apps/pubgm/1599546041426W8hmErMS.png

101.33.10.29

200 OK

28 kB

URL GET HTTP/2
cdn.midasbuy.com/images/apps/pubgm/1599546041426W8hmErMS.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 176 x 86, 8-bit/color RGBA, non-interlaced\012- data
Size
28 kB (27837 bytes)
Hash
2b38e95ee41668ded718611d1bb7fadb
841cd4c8bbf7c302684ab09838efd1b1cfeea817
83456ddf216212a3a5961bb3f687e2bab72c837200a78af6876c4ef1da705065

HTTP Headers

GET /images/apps/pubgm/1599546041426W8hmErMS.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 27837
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Thu, 17 Dec 2020 08:04:24 GMT
x-nws-log-uuid: 5ca370d1-8c32-4886-9db8-47b8115c08d2
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/images/app.94f4a21f.png

101.33.10.29

200 OK

23 kB

URL GET HTTP/2
cdn.midasbuy.com/images/app.94f4a21f.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
23 kB (23377 bytes)
Hash
94f4a21f1c9d4c07d7487e0c953b5c81
c7f8afba5deeeac7960380811e638d33133ef99b
b7e9ade637a760767be3d216f46e5c16651a08155b0d11f9bd53436fcd51f5f4

HTTP Headers

GET /images/app.94f4a21f.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 23377
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Thu, 20 Oct 2022 07:45:46 GMT
x-nws-log-uuid: f260c433-57c0-4679-bb1e-e7f79a254b8d
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/images/apps/pubgm/1599546052747L5gSu7VB.png

101.33.10.29

200 OK

33 kB

URL GET HTTP/2
cdn.midasbuy.com/images/apps/pubgm/1599546052747L5gSu7VB.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 176 x 113, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (32824 bytes)
Hash
30cf930aa533bbed8bcfd57f005b62b7
a7835e3a608934e3a3dcbbd14789e2836969b7e2
ec9e1d5b10a89779cfb363004a640bbf95421a286d1deee187be01959f5a50c6

HTTP Headers

GET /images/apps/pubgm/1599546052747L5gSu7VB.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 32824
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Thu, 17 Dec 2020 08:04:24 GMT
x-nws-log-uuid: 15478c33-3691-4541-b5e8-c3d7663082c1
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/images/uc-small.bc30c95b.png

101.33.10.29

200 OK

11 kB

URL GET HTTP/2
cdn.midasbuy.com/images/uc-small.bc30c95b.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (10893 bytes)
Hash
bc30c95b931dd2f7f2121d95c4d3b39d
7db7521aa4d3045a9dba019fc1bcea8c5edcf569
e44ee2766003a814afcf630316894f783e253d754056fb17b5ce32dd733ec875

HTTP Headers

GET /images/uc-small.bc30c95b.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 10893
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Fri, 21 Oct 2022 03:18:08 GMT
x-nws-log-uuid: a0f2f2e7-35b3-4ed5-a68e-c4050eb88001
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/images/apps/pubgm/1599546071746KqkIhrzG.png

101.33.10.29

200 OK

55 kB

URL GET HTTP/2
cdn.midasbuy.com/images/apps/pubgm/1599546071746KqkIhrzG.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 176 x 150, 8-bit/color RGBA, non-interlaced\012- data
Size
55 kB (54572 bytes)
Hash
7760087792ff8cfe29b8de58c2a417c8
3bc983a6be59707192ad3b4608461dd9fb48d08e
5e1ed74d48a857034a509b63602360ea0b39ce7c15c4df9db42619fde5815bb0

HTTP Headers

GET /images/apps/pubgm/1599546071746KqkIhrzG.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 54572
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Thu, 17 Dec 2020 08:04:24 GMT
x-nws-log-uuid: 59147b35-081b-403f-b560-554344ee7252
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/images/apps/pubgm/1599546061912PLgMlY23.png

101.33.10.29

200 OK

40 kB

URL GET HTTP/2
cdn.midasbuy.com/images/apps/pubgm/1599546061912PLgMlY23.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 176 x 131, 8-bit/color RGBA, non-interlaced\012- data
Size
40 kB (39489 bytes)
Hash
5403aecda5c624c460a7baf90f7f1145
46a62be7e7a398c358c7fe9f2605f9d551a3b4e5
e585e21100d4c2dfd20708ac23c62faf66451a6eed5c8af72c348d635aac542b

HTTP Headers

GET /images/apps/pubgm/1599546061912PLgMlY23.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 39489
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Thu, 17 Dec 2020 08:04:24 GMT
x-nws-log-uuid: cf3c2d60-0445-47bb-a998-8c3e5c92090d
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/images/footer/footer-ins-new.png

101.33.10.29

200 OK

7.6 kB

URL GET HTTP/2
cdn.midasbuy.com/oversea_web/static/images/footer/footer-ins-new.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size
7.6 kB (7625 bytes)
Hash
cc70b37c298ba08069f3c91b1df297fe
d7c87f6337f5a48f94190eca6a1b74eef9323f38
f2ad27dbb5397878470e88c31ca3c398f490f9e720ba0ca649ec6bf137f4d6bc

HTTP Headers

GET /oversea_web/static/images/footer/footer-ins-new.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 7625
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Tue, 13 Jul 2021 11:45:46 GMT
x-nws-log-uuid: f96c8471-6a73-4c41-a8ea-4e0e92da798b
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/images/footer/footer-fb-new.png

101.33.10.29

200 OK

2.9 kB

URL GET HTTP/2
cdn.midasbuy.com/oversea_web/static/images/footer/footer-fb-new.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2899 bytes)
Hash
9be2c56c1a42fab7e2f5b764573dea4d
16f58f9b1f5fd465d3a8bc765b972eadb5166f24
cc8830f258c471b9cb15d69cda554d5181bd680996dd0041e3b9986b3b0769bf

HTTP Headers

GET /oversea_web/static/images/footer/footer-fb-new.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 2899
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Tue, 13 Jul 2021 11:45:46 GMT
x-nws-log-uuid: 60b29f67-19e9-4eef-b79f-7e3f6aa155bd
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/images/footer/footer-youtube-new.png

101.33.10.29

200 OK

4.0 kB

URL GET HTTP/2
cdn.midasbuy.com/oversea_web/static/images/footer/footer-youtube-new.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size
4.0 kB (3955 bytes)
Hash
b6f18fca57bb1657d719961d350bda7c
1e99ce9e9852ea8615b1c8c6f361058019d92dab
0e888a266c4ad5136be1cf650faf222ed0d644c54d83068f0dfabc0fae53e90c

HTTP Headers

GET /oversea_web/static/images/footer/footer-youtube-new.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 3955
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Tue, 13 Jul 2021 11:45:46 GMT
x-nws-log-uuid: 4c33d8f4-fa03-437c-9256-1f69a98d16f0
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/images/footer/footer-twitter-new.png

101.33.10.29

200 OK

5.2 kB

URL GET HTTP/2
cdn.midasbuy.com/oversea_web/static/images/footer/footer-twitter-new.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5151 bytes)
Hash
e13a1bb9c094e0f585719ee363feaa31
09cc870cb5cb04adde778ea6c5f1184840844689
d6a605020cfb1091630b300b918363d2b61333c9f68c498eb6a73f323b35e1a7

HTTP Headers

GET /oversea_web/static/images/footer/footer-twitter-new.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 5151
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Tue, 13 Jul 2021 11:45:46 GMT
x-nws-log-uuid: 49f42592-4c3f-4ff7-9cb9-4f259fcffb09
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/images/footer/footer-email-subscribe.png

101.33.10.29

200 OK

3.3 kB

URL GET HTTP/2
cdn.midasbuy.com/oversea_web/static/images/footer/footer-email-subscribe.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size
3.3 kB (3349 bytes)
Hash
150e097b432034e3fedf6443b4551a16
a4299dadb4feda18e484362ce6892c52b507d5e6
b9ca6c3a516ec9dfbe4f33e318d560f265836d51627cb9fa3d881062a2fd98e2

HTTP Headers

GET /oversea_web/static/images/footer/footer-email-subscribe.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 3349
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Thu, 26 Oct 2023 12:32:26 GMT
x-nws-log-uuid: becdcc16-27f1-4546-a352-13eddeeffc19
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/images/Discord.8277bca0.png

101.33.10.29

200 OK

5.2 kB

URL GET HTTP/2
cdn.midasbuy.com/images/Discord.8277bca0.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5224 bytes)
Hash
8277bca0aac01af0b679d71f4de55459
e06892977682cd5f57c31245ff7cc8efb14c92f0
25157739816315d396c664fd1f45336d8ab8bf9d768aa911e93cbebc95614a58

HTTP Headers

GET /images/Discord.8277bca0.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 5224
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Fri, 22 Apr 2022 08:25:18 GMT
x-nws-log-uuid: d07a1885-ce81-4fb3-85c0-0918f93d23d5
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/images/footer-reddit.d66cdc0d.png

101.33.10.29

200 OK

5.0 kB

URL GET HTTP/2
cdn.midasbuy.com/images/footer-reddit.d66cdc0d.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size
5.0 kB (5043 bytes)
Hash
d66cdc0d92659b0e64d7aefab70a60f6
f8dcf359bb72ed8aa3ef84a6d3f79102869a82f0
642703b53950fc841394918d79cbabec6060242e45c8ded41d324e7d6dce8924

HTTP Headers

GET /images/footer-reddit.d66cdc0d.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 5043
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Mon, 26 Sep 2022 03:12:26 GMT
x-nws-log-uuid: ce8eb6e6-4990-484a-810f-9358e9bd80aa
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/images/footer-tiktok-white.7743a9ae.png

101.33.10.29

200 OK

2.1 kB

URL GET HTTP/2
cdn.midasbuy.com/images/footer-tiktok-white.7743a9ae.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 72 x 72, 8-bit/color RGBA, non-interlaced\012- data
Size
2.1 kB (2135 bytes)
Hash
7743a9aef9d3b6d89f6567e7514036d4
08fea638e8c8f7641edaae510c80879686ddeb77
f10cdb32b8d7212970310db9166bb421eaea8128f1767604c22001fac1d5aa97

HTTP Headers

GET /images/footer-tiktok-white.7743a9ae.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 2135
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Mon, 26 Sep 2022 03:12:26 GMT
x-nws-log-uuid: 2c911759-8682-45a3-9634-0b5d0aa98a70
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/css/main.1273a902.css

101.33.10.29

200 OK

502 kB

URL GET HTTP/2
cdn.midasbuy.com/oversea_web/static/css/main.1273a902.css
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
502 kB (502411 bytes)
Hash
d6fe91626621553a18827f2c8c1fca15
38d931db218bb3ce9ce0b69e61276f6f32936dde
8c872c6cce19db78a5a3e836e287265b05f6deadabebc03383e6d7aff5349fc7

HTTP Headers

GET /oversea_web/static/css/main.1273a902.css HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: text/css
content-length: 502411
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Tue, 25 Jul 2023 07:25:13 GMT
content-encoding: gzip
x-nws-log-uuid: f8e9400a-ef3f-4512-8008-0969333638b7
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From Disktank3 Gz
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/css/318.5753ecd8.chunk.css

101.33.10.29

200 OK

7.1 kB

URL GET HTTP/2
cdn.midasbuy.com/oversea_web/static/css/318.5753ecd8.chunk.css
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (52169), with no line terminators
Size
7.1 kB (7109 bytes)
Hash
f0249e632419f87508cb0b0b1dc1ae6e
d9c82117d250d48d2abd83c57f8614a44a37602a
69d5057120a19a800933cce9f040bd1aadc7b2a5fd9a160f07d9965dde84c0a7

HTTP Headers

GET /oversea_web/static/css/318.5753ecd8.chunk.css HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: text/css
content-length: 7109
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:55 GMT
last-modified: Mon, 07 Aug 2023 13:50:25 GMT
content-encoding: gzip
x-nws-log-uuid: 946501d7-a406-4d77-9360-9d4fb877b0ab
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From MemCache Gz
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/css/183.1f990dec.chunk.css

101.33.10.29

200 OK

3.6 kB

URL GET HTTP/2
cdn.midasbuy.com/oversea_web/static/css/183.1f990dec.chunk.css
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (27197), with no line terminators
Size
3.6 kB (3615 bytes)
Hash
4aa61e07bb32d86be90173ea43cfb363
37b558056545efbed005a8375a618aeb186715a2
2d06603298c0a12afe20be68b2551e6f99007b033b89e3c8bdf5b9e7e36f67ee

HTTP Headers

GET /oversea_web/static/css/183.1f990dec.chunk.css HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: text/css
content-length: 3615
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:56 GMT
last-modified: Fri, 11 Aug 2023 08:17:14 GMT
content-encoding: gzip
x-nws-log-uuid: b5c82601-566d-4936-be24-cb1dfbc071da
x-daa-tunnel: hop_count=2
x-cache-lookup: Hit From Upstream, Hit From MemCache Gz
accept-ranges: bytes
X-Firefox-Spdy: h2

mp.midasbuy.com/cdn/upload/Activity_1668582829_GLONSO/9d2246ed1739376de0207865050d719a.png?imageMogr2/format/webp

3.126.195.33

200 OK

6.1 kB

URL GET HTTP/2
mp.midasbuy.com/cdn/upload/Activity_1668582829_GLONSO/9d2246ed1739376de0207865050d719a.png?imageMogr2/format/webp
IP
3.126.195.33:443
ASN
#16509 AMAZON-02

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
6.1 kB (6086 bytes)
Hash
f21c1e41f92b8ce1df05e4c31b4611a4
cfa012c063f5bcfb9165e684d4731290dcfc926c
a8564f6d5d94039a09fae8538cddc4b19b485cb88ee7f3fd9eebb0f99cf302f1

HTTP Headers

GET /cdn/upload/Activity_1668582829_GLONSO/9d2246ed1739376de0207865050d719a.png?imageMogr2/format/webp HTTP/1.1
Host: mp.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Wed, 25 Oct 2023 20:45:48 GMT
etag: "f21c1e41f92b8ce1df05e4c31b4611a4"
content-type: image/webp
access-control-allow-origin: *
date: Wed, 25 Oct 2023 20:45:48 GMT
server: tencent-cos
timing-allow-origin: *
x-delay: 6946 us
x-cos-hash-crc64ecma: 15487379744028622058
x-cos-request-id: NjUzOTdlN2NfOTZlZjc4MGJfMTUwYjJfOTEyNDZiYQ==
age: 58448
content-length: 6086
accept-ranges: bytes
x-nws-log-uuid: 14717209962019285746
x-cache-lookup: Cache Hit
cache-control: max-age=2592000
X-Firefox-Spdy: h2

www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg

23.36.76.250

200 OK

75 kB

URL GET HTTP/2
www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
IP
23.36.76.250:443
ASN
#20940 Akamai International B.V.

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint50:05:83:7A:D7:1C:3C:CA:53:85:80:2E:04:C3:47:C2:45:54:EC:6A
ValiditySat, 19 Nov 2022 00:00:00 GMT - Wed, 22 Nov 2023 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 500x500, components 3\012- data
Size
75 kB (75149 bytes)
Hash
92c19dc5bd77186e5bb8ed35ce668979
646bf70d1c669c7d7388f95a0a33755e4721289c
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef

HTTP Headers

GET /id/event/royalepass10/images/icon_logo.jpg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/jpeg
content-length: 75149
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
etag: "614196e3-1258d"
accept-ranges: bytes
cache-control: max-age=23
expires: Thu, 26 Oct 2023 13:00:19 GMT
date: Thu, 26 Oct 2023 12:59:56 GMT
X-Firefox-Spdy: h2

mp.midasbuy.com/cdn/upload/Activity_1668582829_GLONSO/be262ff31cda4e8bbd0b3198ad0bdaa0.png?imageMogr2/format/webp

3.126.195.33

200 OK

14 kB

URL GET HTTP/2
mp.midasbuy.com/cdn/upload/Activity_1668582829_GLONSO/be262ff31cda4e8bbd0b3198ad0bdaa0.png?imageMogr2/format/webp
IP
3.126.195.33:443
ASN
#16509 AMAZON-02

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
14 kB (14430 bytes)
Hash
183492c6e80a837955ac4f7aa758cfa6
02fac0011a8f4ad0be049eb151f952c7570198a2
8350c8c2825a477677f5b00e3be20deaedd0d7bb14bdb5629d185a5d345cec15

HTTP Headers

GET /cdn/upload/Activity_1668582829_GLONSO/be262ff31cda4e8bbd0b3198ad0bdaa0.png?imageMogr2/format/webp HTTP/1.1
Host: mp.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 26 Oct 2023 07:29:02 GMT
etag: "183492c6e80a837955ac4f7aa758cfa6"
content-type: image/webp
access-control-allow-origin: *
date: Thu, 26 Oct 2023 07:29:02 GMT
server: tencent-cos
timing-allow-origin: *
x-delay: 38303 us
x-cos-hash-crc64ecma: 2806400684452172967
x-cos-request-id: NjUzYTE1M2VfZjI4YzdjMWVfMjdhZWVfOTAwNzZhOQ==
age: 19854
content-length: 14430
accept-ranges: bytes
x-nws-log-uuid: 14128015970121398701
x-cache-lookup: Cache Hit
cache-control: max-age=2592000
X-Firefox-Spdy: h2

cdn.midasbuy.com/oversea_web/static/media/bar_bg_m.5561b110fa7cb24b096a.png

101.33.10.29

200 OK

19 kB

URL GET HTTP/2
cdn.midasbuy.com/oversea_web/static/media/bar_bg_m.5561b110fa7cb24b096a.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 280 x 136, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18851 bytes)
Hash
64b7dca92c902dffd9c0dd30a9a69e7a
d730a7a492dfdbe6c02ba085968163f8548ff062
6d0dbfe102b7820a46dba718ffe3ef89bd7197a39b94fa1c28c1c696d94003e7

HTTP Headers

GET /oversea_web/static/media/bar_bg_m.5561b110fa7cb24b096a.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.midasbuy.com/oversea_web/static/css/main.1273a902.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 18851
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:56 GMT
last-modified: Thu, 26 Oct 2023 12:33:40 GMT
x-nws-log-uuid: b9359cad-4c32-4f17-902c-1f467d460cd8
timing-allow-origin: https://cdn.midasbuy.com
access-control-allow-origin: https://cdn.midasbuy.com
x-cache-lookup: Hit From MemCache
accept-ranges: bytes
X-Firefox-Spdy: h2

jwgsiegwi31.adsfor.my.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

172.67.160.220

200 OK

135 kB

URL GET HTTP/3
jwgsiegwi31.adsfor.my.id/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
172.67.160.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerLet's Encrypt
Subjectadsfor.my.id
Fingerprint67:CD:D3:CA:DE:1F:BD:8C:5A:F8:50:96:14:53:1E:83:87:AA:0A:65
ValidityThu, 31 Aug 2023 04:53:25 GMT - Wed, 29 Nov 2023 04:53:24 GMT

File type
gzip compressed data, from Unix\012- data
Size
135 kB (134993 bytes)
Hash
f8440ef31016d0830ed5cf978c1926f0
16d69c4e121bad5e8f0bba3e2dc16779405182e0
51e50e39ebe5b058fd46040794d4ea35b9070e2943243b24ce49d734dae1042f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: jwgsiegwi31.adsfor.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 26 Oct 2023 12:59:54 GMT
content-type: application/javascript
last-modified: Fri, 20 Oct 2023 18:17:19 GMT
etag: W/"6532c42f-4d7"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfxdYoxB7TRda8NRfcihR1A3uyuo5gxLt7X5qC5bphCV56FOtTpe6qRFeN2dWrPFk4JqRIqa3ks%2FE%2F4%2BIeoBQBpy7rVsqtQFCJ8gIE8Lz4h5T3%2B5nwXRcs%2BWLrFYxGH5Ppw6m3i2NzYgu0o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81c2e1142a6656b1-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 28 Oct 2023 12:59:54 GMT
cache-control: max-age=172800, public
content-encoding: gzip

jwgsiegwi31.adsfor.my.id/css/twitter.css

172.67.160.220

200 OK

1.2 kB

URL GET HTTP/3
jwgsiegwi31.adsfor.my.id/css/twitter.css
IP
172.67.160.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerLet's Encrypt
Subjectadsfor.my.id
Fingerprint67:CD:D3:CA:DE:1F:BD:8C:5A:F8:50:96:14:53:1E:83:87:AA:0A:65
ValidityThu, 31 Aug 2023 04:53:25 GMT - Wed, 29 Nov 2023 04:53:24 GMT

File type
ASCII text
Size
1.2 kB (1157 bytes)
Hash
9f8ea1e186065b70b0d8197fa0747431
284e1a0181daed7a0ee423dc578c5ff1f4f8c065
23f8abb95cfca4e7843f19d4edaf4c99169711c823529e48bac8a53cea331e9f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /css/twitter.css HTTP/1.1
Host: jwgsiegwi31.adsfor.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 26 Oct 2023 12:59:55 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 Nov 2023 12:59:55 GMT
last-modified: Fri, 20 Jan 2023 04:16:24 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YW1FIf35xV6GDkJP1N1B2ti98ycAxw4Wl55JYO8XPfYrYn3ySiTZ3zMR68e1e1OuoyYEnynPBPnUUb5s0BUGB8Qf3xzy9HevBVY1MrruKjP7VlXlNV9ex6uZlUeqHdf7bMTgsNcZs%2FTy3TA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81c2e113fa2e56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.211.3

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.211.3:443
ASN
#15169 GOOGLE

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint55:7F:79:64:ED:7A:04:50:63:54:9C:32:2A:AF:B7:95:17:D7:E0:33
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jwgsiegwi31.adsfor.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Oct 2023 02:00:44 GMT
expires: Sat, 19 Oct 2024 02:00:44 GMT
cache-control: public, max-age=31536000
age: 557952
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
cf24af84f2ef501aec7ab5241cd90cd6
4e1c1e7c028c195d9658f7ce45713f8530315aee
c59a67efbe5d50a13fbcd53e087c886f9bf0f6be5df8ce7c504089442b7433df

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Oct 2023 12:59:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

jwgsiegwi31.adsfor.my.id/css/style.css

172.67.160.220

200 OK

107 kB

URL GET HTTP/3
jwgsiegwi31.adsfor.my.id/css/style.css
IP
172.67.160.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerLet's Encrypt
Subjectadsfor.my.id
Fingerprint67:CD:D3:CA:DE:1F:BD:8C:5A:F8:50:96:14:53:1E:83:87:AA:0A:65
ValidityThu, 31 Aug 2023 04:53:25 GMT - Wed, 29 Nov 2023 04:53:24 GMT

File type
ASCII text, with CRLF line terminators
Size
107 kB (106874 bytes)
Hash
9a56d21b8b3ae47a1e1778135916c666
03fbd56b5d82c8bf34f680b0f4203afc8c67ae33
efe5b758be2c14105970790026d3682d295c4eeed90c9c630d4529ca5c95cc0f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /css/style.css HTTP/1.1
Host: jwgsiegwi31.adsfor.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 26 Oct 2023 12:59:55 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 Nov 2023 12:59:55 GMT
last-modified: Tue, 24 Oct 2023 10:55:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pvidcFQixVMRzqSNvKwcrviG0nW%2FmCDU8%2F7yqYLZ8RNUnq8NjiGPrlDzXvnSP0opDpGLZr%2Bgi0%2BUI08mNLyKmrhgTPGLz9I8CVEnGtBVxnNMNb4XfCmDfpOq6tGrFuPYg8AgxPWP61%2BLlc0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81c2e113ea2856b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

jwgsiegwi31.adsfor.my.id/font/DINMITTELSCHRIFTSTD.ae4cacf317c4c9c6befd.woff

172.67.160.220

200 OK

25 kB

URL GET HTTP/3
jwgsiegwi31.adsfor.my.id/font/DINMITTELSCHRIFTSTD.ae4cacf317c4c9c6befd.woff
IP
172.67.160.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerLet's Encrypt
Subjectadsfor.my.id
Fingerprint67:CD:D3:CA:DE:1F:BD:8C:5A:F8:50:96:14:53:1E:83:87:AA:0A:65
ValidityThu, 31 Aug 2023 04:53:25 GMT - Wed, 29 Nov 2023 04:53:24 GMT

File type
Web Open Font Format, TrueType, length 24996, version 1.40\012- data
Size
25 kB (24996 bytes)
Hash
2018d35e708e07985693c6bc12a59861
12faf69d54217b30d4458fffad689e758b8a91c6
c2293fa86d99d0f1f06b2ac7f85ae0517e4a3bacfd9946de7b012f04aa2d831c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /font/DINMITTELSCHRIFTSTD.ae4cacf317c4c9c6befd.woff HTTP/1.1
Host: jwgsiegwi31.adsfor.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 26 Oct 2023 12:59:57 GMT
content-type: font/woff
content-length: 24996
cache-control: public, max-age=604800
expires: Thu, 02 Nov 2023 12:59:57 GMT
last-modified: Thu, 06 Apr 2023 16:11:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9geOR89sXKQZwuEa2KCoezEr%2BJ75GuFmd21T2eQ9cWdOSxhDbOSdRZOiSBwKtj4MWszRc07104xk7ocDV1vyG81Da45M%2BnZcZG9GqpcVdDuxLXMUaJ7FGr0CvIt0U10N35EQhxFx%2BKKqHLQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81c2e11f7c5856b1-OSL
alt-svc: h3=":443"; ma=86400

site-assets.fontawesome.com/releases/v6.1.1/webfonts/fa-solid-900.woff2

104.18.23.52

200 OK

329 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.1.1/webfonts/fa-solid-900.woff2
IP
104.18.23.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 329204, version 769.768\012- data
Size
329 kB (329204 bytes)
Hash
6ebcf9f18ded9c54f71ec1198c32aa52
06695b645047b29c333edac0c78a97922a135ad9
f350c708b5e7748a452b4b98600fa49127166d995686e260ccafb58d51a4ea62

HTTP Headers

GET /releases/v6.1.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jwgsiegwi31.adsfor.my.id
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 26 Oct 2023 12:59:57 GMT
content-type: font/woff2
content-length: 329204
x-amz-id-2: Jl2OznswOz7ltFVnH/ZV6PJ5V0kmICShQhOR4bE4Jmgf1RRvf6rMtoUVzxTUpegrElwn/vPXbEg=
x-amz-request-id: 8N56NEPKFSF3WNW9
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 22 Mar 2022 15:42:55 GMT
etag: "6ebcf9f18ded9c54f71ec1198c32aa52"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 81c2e11fbce7b4f1-OSL
X-Firefox-Spdy: h2

i.postimg.cc/3wBVgZTz/login-Method1.png

162.19.88.69

200 OK

29 kB

URL GET HTTP/2
i.postimg.cc/3wBVgZTz/login-Method1.png
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

HTTP Headers

GET /3wBVgZTz/login-Method1.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 26 Oct 2023 12:59:58 GMT
content-type: image/png
content-length: 28789
last-modified: Sun, 26 Dec 2021 01:51:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/dtyfWFF2/login-Method2.png

162.19.88.69

200 OK

4.3 kB

URL GET HTTP/2
i.postimg.cc/dtyfWFF2/login-Method2.png
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintA5:BC:82:6C:AF:0C:87:E6:4B:2F:B4:1A:26:A9:BB:4B:55:67:EA:1F
ValidityTue, 24 Oct 2023 07:31:42 GMT - Mon, 22 Jan 2024 07:31:41 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4298 bytes)
Hash
fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

HTTP Headers

GET /dtyfWFF2/login-Method2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 26 Oct 2023 12:59:58 GMT
content-type: image/png
content-length: 4298
last-modified: Sun, 26 Dec 2021 01:53:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Teko:wght@300;400;500;600;700&display=swap

142.250.74.106

200 OK

5.4 kB

URL GET HTTP/3
fonts.googleapis.com/css2?family=Teko:wght@300;400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint28:23:2B:8B:2D:09:6C:BB:06:7A:35:80:95:BB:F8:03:41:C8:99:2C
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
ASCII text, with very long lines (5530), with no line terminators
Size
5.4 kB (5395 bytes)
Hash
b8bebf2c0b4216c1203644cb164298a5
fb11da2e64b8db6f2a2fa930d00b005569be17d2
2b93a012c7e04211f42d0a7cb5b633a6e2012efbb1000ca711d7a04f31a848ac

HTTP Headers

GET /css2?family=Teko:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Oct 2023 12:59:55 GMT
date: Thu, 26 Oct 2023 12:59:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.midasbuy.com/oversea_web/static/media/card-img-bg.191385920e2e85e49db4.png

101.33.10.29

200 OK

134 kB

URL GET HTTP/2
cdn.midasbuy.com/oversea_web/static/media/card-img-bg.191385920e2e85e49db4.png
IP
101.33.10.29:443
ASN
#132203 Tencent Building, Kejizhongyi Avenue

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.midasbuy.com
FingerprintD4:89:34:AA:C5:6C:89:48:80:03:B1:43:1C:5A:BF:98:5E:5E:4E:78
ValidityTue, 11 Apr 2023 00:00:00 GMT - Sat, 11 May 2024 23:59:59 GMT

File type
PNG image data, 320 x 296, 8-bit/color RGBA, non-interlaced\012- data
Size
134 kB (134338 bytes)
Hash
dcb06265a7d3e94e3edc586d359f7234
32646c696a8b2eb970473b8385c810674d60528e
5856741ee292f469c4e29a36a13631479b899dcd5694da333f4b434364eebb25

HTTP Headers

GET /oversea_web/static/media/card-img-bg.191385920e2e85e49db4.png HTTP/1.1
Host: cdn.midasbuy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: NWSs
date: Thu, 26 Oct 2023 12:59:56 GMT
content-type: image/png
content-length: 134338
cache-control: max-age=600
expires: Thu, 26 Oct 2023 13:09:56 GMT
last-modified: Thu, 26 Oct 2023 12:33:41 GMT
x-nws-log-uuid: ca448cb3-45c3-4e13-866b-e3dd4d74eac4
x-cache-lookup: Hit From MemCache
access-control-allow-origin: https://www.midasbuy.com
timing-allow-origin: https://www.midasbuy.com
accept-ranges: bytes
X-Firefox-Spdy: h2

jwgsiegwi31.adsfor.my.id/favicon.ico

172.67.160.220

404 Not Found

1.2 kB

URL GET HTTP/3
jwgsiegwi31.adsfor.my.id/favicon.ico
IP
172.67.160.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerLet's Encrypt
Subjectadsfor.my.id
Fingerprint67:CD:D3:CA:DE:1F:BD:8C:5A:F8:50:96:14:53:1E:83:87:AA:0A:65
ValidityThu, 31 Aug 2023 04:53:25 GMT - Wed, 29 Nov 2023 04:53:24 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1276), with no line terminators
Size
1.2 kB (1238 bytes)
Hash
24b426fea67958554911ff4c943fdfe4
b92889146d4c1bbddccabe58ca15c814ea066f72
335fd88e127ff1b19e6c5af3c801186182f064e4c6747b9a76a0b3988553716c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: jwgsiegwi31.adsfor.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 404 Not Found
date: Thu, 26 Oct 2023 12:59:57 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RiHppgXh5b3ESyn27Hh3Qr7QKpqqqFdg2cZc6aWW2inucmzmXCYsumVJbiPUhxbOGklZz8OE54PEh%2BXDK3fDSG0wxP9XqqJdYhaq5S3F9t%2F9A93goDlUCG2Iv6JA31E9B0lKnzqkBpRAbA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81c2e125893656b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

jwgsiegwi31.adsfor.my.id/

172.67.160.220

200 OK

36 kB

URL User Request GET HTTP/2
jwgsiegwi31.adsfor.my.id/
IP
172.67.160.220:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectadsfor.my.id
Fingerprint67:CD:D3:CA:DE:1F:BD:8C:5A:F8:50:96:14:53:1E:83:87:AA:0A:65
ValidityThu, 31 Aug 2023 04:53:25 GMT - Wed, 29 Nov 2023 04:53:24 GMT

File type

Size
36 kB (35949 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET / HTTP/1.1
Host: jwgsiegwi31.adsfor.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 26 Oct 2023 12:59:54 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8jJPgLbC%2BSx4B5tTWSfnK7c0XaaR4zaszfPAy6nYzeBwfzSUnV3N3reuGqF4cbnioetHDpyvKcHXKeMDmi49ZZEIxpOYwwsY4r8COxM%2FDM09cEXI1L8hXlWueMOTx7CH%2Bj7yQBzA1RT8yQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81c2e10f5f4e56ba-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Roboto:wght@300;400&display=swap

142.250.74.106

200 OK

4.5 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Roboto:wght@300;400&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint28:23:2B:8B:2D:09:6C:BB:06:7A:35:80:95:BB:F8:03:41:C8:99:2C
ValidityThu, 28 Sep 2023 05:32:05 GMT - Thu, 21 Dec 2023 05:32:04 GMT

File type
ASCII text, with very long lines (4666), with no line terminators
Size
4.5 kB (4540 bytes)
Hash
8addbe4695cf89a9f2c9209922cfbb14
d979256bac2d4f77862f772413025fb7b7899a8e
d42ddb20ea4b624899478090824c2293296240ebad893da67fcfd7fcbee16cda

HTTP Headers

GET /css2?family=Roboto:wght@300;400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Oct 2023 12:59:55 GMT
date: Thu, 26 Oct 2023 12:59:55 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

jwgsiegwi31.adsfor.my.id/css/facebook.css

172.67.160.220

200 OK

3.7 kB

URL GET HTTP/3
jwgsiegwi31.adsfor.my.id/css/facebook.css
IP
172.67.160.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerLet's Encrypt
Subjectadsfor.my.id
Fingerprint67:CD:D3:CA:DE:1F:BD:8C:5A:F8:50:96:14:53:1E:83:87:AA:0A:65
ValidityThu, 31 Aug 2023 04:53:25 GMT - Wed, 29 Nov 2023 04:53:24 GMT

File type
ASCII text, with very long lines (3967), with no line terminators
Size
3.7 kB (3705 bytes)
Hash
ddb021ec4b489649404e92d44a973b20
29b842f24c201e9b9a1dcaa2a94c4af819512840
fd9524d4bcf670a3187037aa0aa9329b5009056dd66b6d3ac3c11e28c79a491e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /css/facebook.css HTTP/1.1
Host: jwgsiegwi31.adsfor.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 26 Oct 2023 12:59:55 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 Nov 2023 12:59:55 GMT
last-modified: Sat, 25 Mar 2023 21:06:32 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Fc%2F7pKZEiAhHQy5plEVa%2BtxzhfdaNSqjR2MKjvHONxpVA%2Fk%2Fs3tt1ikMgVnKvIZrWo6sZv7Rpik5wFWt6xWB4tKt0p7Y2vCyXBC2%2FUkRkERaiWT4fPo1DmIVz1Wsf7s826I9kHailoLLS4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81c2e113ea2b56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

jwgsiegwi31.adsfor.my.id/js/script.js

172.67.160.220

200 OK

4.5 kB

URL GET HTTP/3
jwgsiegwi31.adsfor.my.id/js/script.js
IP
172.67.160.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerLet's Encrypt
Subjectadsfor.my.id
Fingerprint67:CD:D3:CA:DE:1F:BD:8C:5A:F8:50:96:14:53:1E:83:87:AA:0A:65
ValidityThu, 31 Aug 2023 04:53:25 GMT - Wed, 29 Nov 2023 04:53:24 GMT

File type
ASCII text, with very long lines (4855), with no line terminators
Size
4.5 kB (4522 bytes)
Hash
08a6538fd07d34162f088c554ccd308e
5490fe26f015c94caf67075674ea468b7cc3fd66
1523a5f048d0b332f9778d582d1015d677cd3ea8fdcd5c06947bea01138f2f24

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /js/script.js HTTP/1.1
Host: jwgsiegwi31.adsfor.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 26 Oct 2023 12:59:55 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 02 Nov 2023 12:59:55 GMT
last-modified: Tue, 24 Oct 2023 12:29:18 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7R4FyFt1J1irsPpiXiclHPrQk%2FIQmu6bAowlNxKJ%2B5D3LT3elkFLKfHHf5gwHJfXkKg3bzyPi7eHxsFAjUIY1LJyFRsAT3D%2B0qBXfAhHAUhg9%2Bt6HWgtIhuvtW1W43gbs4vlrHjwAljpRQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81c2e1140a4a56b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

site-assets.fontawesome.com/releases/v6.1.1/css/all.css

104.18.23.52

200 OK

498 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.1.1/css/all.css
IP
104.18.23.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65360)
Size
498 kB (498160 bytes)
Hash
325672b036bab9b57f6873aed5eccc43
264f5db348311950380ad1bca79754ff593d87e2
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

HTTP Headers

GET /releases/v6.1.1/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 26 Oct 2023 12:59:54 GMT
content-type: text/css
x-amz-id-2: 332zxxLyeOA0bVHaDihkoNN8z15TpqoPHwlgSqo0+JYF9Eb1EbFs+dM6zZXyMDQJzxobqXmUSog=
x-amz-request-id: DBBNDRR8JR1BQ6BC
last-modified: Tue, 22 Mar 2022 15:39:41 GMT
etag: W/"325672b036bab9b57f6873aed5eccc43"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 4837588
vary: Accept-Encoding
server: cloudflare
cf-ray: 81c2e1147dad5699-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

jwgsiegwi31.adsfor.my.id/css/linked.css

172.67.160.220

200 OK

3.1 kB

URL GET HTTP/3
jwgsiegwi31.adsfor.my.id/css/linked.css
IP
172.67.160.220:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerLet's Encrypt
Subjectadsfor.my.id
Fingerprint67:CD:D3:CA:DE:1F:BD:8C:5A:F8:50:96:14:53:1E:83:87:AA:0A:65
ValidityThu, 31 Aug 2023 04:53:25 GMT - Wed, 29 Nov 2023 04:53:24 GMT

File type
ASCII text, with very long lines (3490), with no line terminators
Size
3.1 kB (3098 bytes)
Hash
1c3b2fb21b0fa928ab0723b3d803dd5e
9b534649d01ef5c9656a10f7024ed85b47d5b4c2
01d3ae6fe5c98d7972a4c4e55806819fa974c37c7a0d41c3d00664cc788a9a4f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Tencent

HTTP Headers

GET /css/linked.css HTTP/1.1
Host: jwgsiegwi31.adsfor.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 26 Oct 2023 12:59:55 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 Nov 2023 12:59:55 GMT
last-modified: Tue, 24 Oct 2023 12:31:10 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OqHOLTQp9vr6tngiM9BKuBH2PiguLSaQ%2BB9uVvq0NSW4Sph1KKHG%2B70ikxdtvr%2BtwvGoxxjnwChl5nROzjeRckJz97Aw2tmknuNT%2Fn7dG6h0FYsoh0GNBU6Vw9u0NA8McbdYoJyG4vUTsIc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81c2e113fa3356b1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

31 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://jwgsiegwi31.adsfor.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 26 Oct 2023 12:59:54 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 11/18/2022 06:18:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: b3a57c6aca414a3b87fe0638b631146d
cdn-cache: HIT
cf-cache-status: HIT
age: 25137
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 81c2e1141913568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

site-assets.fontawesome.com/releases/v6.1.1/webfonts/fa-brands-400.woff2

104.18.23.52

200 OK

106 kB

URL GET HTTP/2
site-assets.fontawesome.com/releases/v6.1.1/webfonts/fa-brands-400.woff2
IP
104.18.23.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://jwgsiegwi31.adsfor.my.id/
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 105768, version 769.768\012- data
Size
106 kB (105768 bytes)
Hash
ea24446014ea86d85129883a9511629f
90fe0513c6a0ff1d8f564ec782fa54b559e7d3f8
3701cbff3acccd80b1f2eede4311050514f7a64c2039eb77a77368fcd6e3de28

HTTP Headers

GET /releases/v6.1.1/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://jwgsiegwi31.adsfor.my.id
DNT: 1
Connection: keep-alive
Referer: https://site-assets.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 26 Oct 2023 12:59:57 GMT
content-type: font/woff2
content-length: 105768
x-amz-id-2: uihyKpm1ZPArKZHbZ1HIJZoLOVJZ35KVMWUfObBq1kXzheer78OUpQoy++tUcuBukrzvVF+VBV8=
x-amz-request-id: 8N51SK9AKJT8AMWS
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Tue, 22 Mar 2022 15:42:55 GMT
etag: "ea24446014ea86d85129883a9511629f"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 81c2e11f9cc8b4f1-OSL
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (57)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash