| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css |  104.17.25.14 | 200 OK | 6.3 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css IP104.17.25.14:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
Hash0920ea34072683229e6ea8299345cd09 0903033a844336f7c78ed4abbbcd92cd3115a03e f37d6f502a5a961ac5c3f17c8d58685ff6b0dc0f69c2dcdd379ccabc96ec3bf2
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: text/css; charset=utf-8
content-length: 6252
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-14d38"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 62558
expires: Tue, 15 Apr 2025 14:24:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9pVz96YBbiK97prB4dWgmsVBE81qA1pSmVYxTAS6WZv3yyZUQLovEUqJrqn1BX1QanmU76s0%2BYMFF0kn%2FWppVMnREUfh%2FMeKC3b8aGItHUSMNsSRBaeNI9h%2BSLFY7Viq%2FNQ7pGkJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879efeea5c9b56b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gvd8ed.dgwt.my.id/hadiah/2.png | 104.21.56.74 | 200 OK | 53 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/2.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 566x847, components 3 Hasheac78412ce1621cf15eae2186e14510a 422938c91bff2da79aa2d21f6deb7376af6ce393 88f2b3ad9a9c7361edf94eb80bba6a6081aba191746c92040727abc31e5fc1aa
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/2.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 53179
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CYxExgEvLy8tnbyruWrCnktlCB8IerJIgGUTNa5V5Nuoab%2BmgRyCj8iYmLqK3kUcCYInP%2B2AY7gZlE7gSVtaQxkBH%2Fne1mHI1XpHz4bRXZW2ZAc5tzU5EL3JH%2FPqdiGxQg5B7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea3c51712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/5.png | 104.21.56.74 | 200 OK | 34 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/5.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 336x371, components 3 Hashe5f52df7a6fe9b1d8cbb6344dd1e54c9 4e888fcaf94655783a4ac004d7f6e8598f5e27f2 4c8c501f2643af6e7cf81a765e7b7cdb8a76dcea523fb875bd17faa355aada23
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/5.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 33878
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u82pIy9VSxN%2F%2Bvmrq3kRYPBq66Wzel8NA2yXnZnh1Z7mEFy%2BIEfg33Hfp53nVDtdln9E6OGEG5lG8oajQnLg3BRAa7sL84vjyGJnZybyUailPqKVirVE6YbSy15xpWgxU94%2BYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c74712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/6.png | 104.21.56.74 | 200 OK | 55 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/6.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 554x837, components 3 Hash5969fd22c7daa813287a12ef44109d49 789f33c53957ce8907fd9604ef46e1f97ba15cc4 7bd1e4557b769f1420306954ec799ae6d0918a209077531eb5cd0fc5ccb9c08e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/6.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 55330
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MVv59Awk%2FYzd7YdrKl6Tum%2FSJ%2F4RiKurW%2FfEOfhtGCro44c1kDI2I0lA%2FtbYCugc2Ku6CoZZ7mrIH%2BF89XQ8QsqwnLz7EXOYFGfymnX4P35077%2F5yHLkevGQDnc5a8L26RDR%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c76712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/7.png | 104.21.56.74 | 200 OK | 24 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/7.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 270x344, components 3 Hash247d941ec211c1011eb36382af80fe6d 46f4aed3061612e9a4d2adeedcb82babf443247d b1a212ba42e56d054647c28e79c04f745569523cd3082ebdd30898271507e2fe
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/7.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 24340
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbhMv42xViKk%2B2QUtj7bdG78bQsYxfphuRp8WB1pxwx7vwx4MK5IXA6Gf73J%2Ffv4gRVFuSGT4PfvTrOgHZIoEfXedAckcmk7J%2BoW6jQsNFwlFtTAFgfjlM8HgbXohqMDRZE3KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c78712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/9.png | 104.21.56.74 | 200 OK | 15 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/9.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 171x229, components 3 Hash3ca39831410c114cd628c096f0746a03 3518cd6ce86078f5251b2dfedc5abca0697c398f 91720cc832af5016e3bb65f1c44c497f3542824a8f13d636552c146792bb581a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/9.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 14610
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ORwgeTLgsLIqQCvbHDMXCnM7KRmDOvfS8tFSHAqM%2F%2FPbUxkMzw7D8UrXCgLnxx70Mj8KiSedHipnBRCwahwB3XxZS4b43UiZdUkOizkmsjK9TpDvZCqKZsbz8qFXh8MTpAt6yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c7a712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/11.png | 104.21.56.74 | 200 OK | 8.6 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/11.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 249x294, components 3 Hashbfc4f3a23386b8d14554c27b12a3c686 cb39f9595b865899a7117cce7b0f7e01498be111 84bac5543716871d299b539a014ffa9dc37bb7b1d89b62be4eaca17900b6883b
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/11.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 8551
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xki7GHLsGFQfTiUWIvhBzpCxruQJXAIciDB1KvjHZnBZzsKsYowe%2B7sBXnuKQQmzzEKd%2FEZPB4lPRiNKy0Jd8jjwPCxLhklpxIBpTsJiICmd1GlRKk3wY7nMN4l4LU17fCfV4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c7c712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/14.png | 104.21.56.74 | 200 OK | 22 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/14.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 267x334, components 3 Hash836b3d6bbb1ebac0473b33abc371e12a 38e4d575f0b9aa3f4724c0420393a7922e2d42cf 17aebe875202f1400777dd04a6ae7ee39493341ad4ccbbd3490aed21a862f156
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/14.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 21688
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=44S3708IRgll8zCb7wijo0rYo67wIcAlh3YtPFloBbWYEcf%2FfFyKsTtg6Hzq00ZX7hpH0vj13Ln6AKXbEfjtciM5bgUaERC5HhBQGrAzcqeKLnnD8mcnHDXRk5jOuNJgN%2B7jyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c7f712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/15.png | 104.21.56.74 | 200 OK | 342 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/15.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1031x1280, components 3 Size342 kB (341458 bytes) Hasha8249e9cc7ebea4e409cf1602f38fb03 e2d5b6aa94c2bfb2d73ccf9d44ffe0cdcc199086 3fde121390bd9222fef9d613ac6ba91455b0bcda8e819f2bf4d3845e2fbcb8ce
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/15.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 341458
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TgUT4Z5iQbz6xzYLV6L2XTx6IgutAN8a%2BnO4klI0g7OZcb5CQrEGKYbNcHo4jD%2BhQERz%2BRnGSQBgrWRA8dBEMV2CXWH%2BhvaNsD9WdXMt%2FFiFB1QiHNx7jir9sd6i0IpVdowXrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c81712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/17.png | 104.21.56.74 | 200 OK | 391 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/17.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1024x1280, components 3 Size391 kB (391298 bytes) Hash26982ee9d60a9ce43a20f0a76606d216 de034b9751b4ddb4dc99e9152360e6383c5f44b5 5f047fdd4bf3ea2e7994115f284fb06c93a7c1c0333993db02cef24004527f51
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/17.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 391298
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7vSOh0fbpsRDgzmvMibmA08e2YkyPwoakNgPyQUL0cyhbtX91tl%2Fk%2FCVDHlold9sm%2FF132XCEhheKYJqLIY6i%2FQHSYbYBVTjAt1qAXqJRoK0FWlVgUAmEs3q1cSU0%2BtWwqTzwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c84712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/cupid.png | 104.21.56.74 | 200 OK | 26 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/cupid.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 335x354, components 3 Hash042df6ae6e2a48458b94a41111fce6da 7785d4cd7f9ab767f3ab8495e94c1888e29f0542 7b8542123bfc06f37312a1756361916d7e3f7a1af974877a63da2b2ff8dd03ab
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/cupid.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 25821
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1TX5MZ6lwXt%2Fq7nUHzK3vHMgpmZl9xw5%2FJC4byrGhJ3J%2BVDkwWVPhvyOrcPhNVLz%2BY8MpoSV74t9kHO5dPjmp1L9NYcx3vy0x8BOpWaHIGsjksvxst3kE080X5oJSZOyNuSyug%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c89712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/m1014.png | 104.21.56.74 | 200 OK | 7.4 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/m1014.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 255x279, components 3 Hash21656287a79f813c24a29dd3214eea75 c68604a72eea42128a05754611b03de60cb1391f ccedebc3d5fd56d5b6b408ef8351a577d4c9334d422d005ab557c9e6f9ac0b06
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/m1014.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 7416
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mkfjLqzJAzKUsYGJe5i7XszYDG6uhF%2FTo7D2PAJXu52BkCbFrQf84varMs1SPWaTsOqeqokqnlCPjcqXFI0tWmpI2ehfdRJ%2BxI9i4WKTOprLjVlbwrnjrHSmPZzCwI4yMzSP1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c8c712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/m4.png | 104.21.56.74 | 200 OK | 78 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/m4.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 997x1024, components 3 Hash22481399131d102cfd8f0a54a7cc2477 6d3d8b0ee6b75e568dc105596cd65b788a2d62a9 a932647f3f142202bc341dd50cb0c949fb4cca3f2dc39b6cc3aa749902946893
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/m4.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 77540
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kfBnwcZ6bJ644G79lKwcZsoFpfDODQEN%2BIJEKinn9PuSCUwA2YtBojTWKeS0UWNUQyH84VW9ho9h4JP%2B7mQkU0zIuywNxwpk5ot1S1zPr%2FPePg50I7oCil3vLaSU%2BsYlyCcyaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea6c95712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/p90.png | 104.21.56.74 | 200 OK | 77 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/p90.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 997x1024, components 3 Hash66590d161f346c433923d589c910c863 c4072fe94ce82cfb9ab1d38dd81a01303a11cd61 4938ae629c2a3c4d5b7b1ff9874600f48bf8e2e2ad1d384a56a93c7224026037
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/p90.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 77251
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=279NK7aExdzjcqarbwpOYou2pgCoUfjl3s4WnsexJLaMmLTB3r%2FaiBU%2FQdRrIzKNWf3BLpo3HKyW0VXCBsr%2FACKtkBOoGVgr9uxZQ7%2BrZ96bvNKXXoaYpeCYYNeRR6bXehhigw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea9cc6712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/ncc.png | 104.21.56.74 | 200 OK | 79 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/ncc.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 997x1024, components 3 Hash4f888ee4d82b8b10aabbc99132f6e634 2c4cecb94e770f50e13393d9d2faccbb3fdc721a c16df14281d1408cf61af9bf97f8c07b1c4e5365b2787c356e0bad96c222c999
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/ncc.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 78583
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9xGsLDYVOgCu4d0ZwBzGWJL5dLKYaqazw6q%2FfWKHtcjfAACJl3AtI9hSRUG97eZ5u4CGWDHBYxTza0QlPfOZFt%2FsPQ4Mr3Z9LI2wVhWaJrKXHiBoEo2RmEYYfSWO4CB4oCR0tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea9cc7712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/epass.png | 104.21.56.74 | 200 OK | 6.3 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/epass.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 200x200, components 3 Hashef62380ca3f76be41f940577d3acef75 726aef72fad835045ecdfd611426f9f20dba621c d0de18e25281edc3a278a94ea4428e0080b9b5277de29ec249b9d377c0c830d8
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/epass.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 6252
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WOc8X6e%2BoClhmAKmLKpzxf%2BkS7u9psmP2m%2Fiza%2FROEBTZK27M%2Bba0GyBAyzJl0kPKi6OPU6%2BGIAUB6bo52CWpgoeZ7iZCVGa4eQ96%2FGiOq3luWqqhcHafYeuf4tJA4e%2BXXdIHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea9cc9712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/other/dm.png | 104.21.56.74 | 200 OK | 13 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/other/dm.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typePNG image data, 183 x 97, 8-bit/color RGBA, non-interlaced Hash9501d601e510f2815bbf2f2df049b5f4 afdfd5813751fa52c2006018fd8adb5aa3c532f6 268523b73611cfc71afb01bb12a0350655371688590f38808eaa72af73e4fe22
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/other/dm.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 12847
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310753
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UDV7MBeciUDAMQHwn8HKOBY7jsquRzX9TeUHwD%2B%2BVkjSX1I%2BBDT8JtIWjiIv%2FvM9C0GCYH7y6DjgOZSwoPENbTs3o8sWN3J0mVD0bLwgF2jt5HQbhfzVy3b%2B64hT7%2BFOttMPkg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea9ccc712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js |  216.58.207.234 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js IP216.58.207.234:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (32061) Hashe40ec2161fe7993196f23c8a07346306 afb90752e0a90c24b7f724faca86c5f3d15d1178 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
GET /ajax/libs/jquery/2.1.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29671
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:32:11 GMT
expires: Fri, 18 Apr 2025 17:32:11 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 593526
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js | 216.58.207.234 | 200 OK | 30 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js IP216.58.207.234:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeJavaScript source, ASCII text, with very long lines (32180) Hash32015dd42e9582a80a84736f5d9a44d7 41b4bfbaa96be6d1440db6e78004ade1c134e276 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29707
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 18:35:20 GMT
expires: Thu, 24 Apr 2025 18:35:20 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 71337
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-1.10.2.min.js | 151.101.66.137 | 200 OK | 93 kB |
URL GET HTTP/2code.jquery.com/jquery-1.10.2.min.js IP151.101.66.137:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (32072) Hash628072e7212db1e8cdacb22b21752cda 0511abe9863c2ea7084efa7e24d1d86c5b3974f1 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
GET /jquery-1.10.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: "28feccc0-16bb3"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 25 Apr 2024 14:24:17 GMT
age: 702863
x-served-by: cache-lga13622-LGA, cache-hel1410022-HEL
x-cache: HIT, HIT
x-cache-hits: 1606, 3158
x-timer: S1714055057.309794,VS0,VE0
vary: Accept-Encoding
content-length: 93107
X-Firefox-Spdy: h2
|
|
| gvd8ed.dgwt.my.id/hadiah/12.png | 104.21.56.74 | 200 OK | 6.8 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/12.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 235x263, components 3 Hash4fe56f9d69178c7e640e85336ca69f7b 14d34c895aa243ee1afa65e4825c83bb3fec7569 810d38eb34a997b6a6fa3a8ff11282680558f4c65d88098c6da2c6987b04b376
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/12.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 6779
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RXwp%2BskC0WyVB3POTzWBKw6GcNXDl%2BqpxaSSctD7o7dlg99kPRzHdrlxEAvyNkJdQ6H57bLx0q1mWE8B860jqvmE3HJijfRC3QlR9azsggH4HUgFLWHh%2FB3%2BkHXAqYUc9ht8Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c7d712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/10.png | 104.21.56.74 | 200 OK | 5.6 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/10.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 238x255, components 3 Hashfb9587b043b1e2bc68489b4314307726 537bc22c172ea078653bd01692e38d5e1c1ee039 468fabab9dd2728f417355852f61fe51d54ea8fbbe00604a1c222aa14853f2d9
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/10.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 5575
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zIJsMHC4RyY8eo5ThI1FO8QhNBSCleWoOan4Wj2Ap4ciJB9p5UOgMzJJ8bg9akn3RKLCYvC0Um9wZDmP4fkHJ2JkMV5vT1RYogp%2FBj1WxGGIyY8KolX9%2FaZSSYCIZRmJn77Lbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c7b712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/sg2v2.png | 104.21.56.74 | 200 OK | 5.2 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/sg2v2.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x234, components 3 Hash0420771522168c66627ef34560e08652 3d986435160449958ce1481a906fe830332e4b99 145c1c61215abfb0e9d565fcc12caf0589a20a6fbf7be74170d1af19c2a53681
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/sg2v2.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 5161
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V60c4pVzH9gEPYVoM%2BMA2TIAWeM7NWrC39yX8to%2FJfetP0GC6A9r8DW7dcG7jSRlF24RBm1tYoyvqVScG8Fc0GYDWk103s1SSH7ldPX37XaT1w7bn%2BQvf33jBiiHMaSkRNQbvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c8d712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/sg2.png | 104.21.56.74 | 200 OK | 6.7 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/sg2.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 256x281, components 3 Hashc2bbb2493e91d8db0d47b58a9fbd819a edbc9815e543fa043d3c3a9a0dda904bb178a3a4 fe648eab2bbfecd429d31533b10d395de19bff2a836956b53c059fecedf0e5c3
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/sg2.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 6671
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=krsFstkeCNbcSs4qgSc3Ox67akLPzsJ4T5FOqPdRqcn1I4UnYFGiiOq6%2FbPyrUUP5K4zmjEJDafDK%2FNxzGW4cqoLiCMpQ0oXtYbNzLwGX%2BVmZJKLkr%2Ff6%2B2KDjgB2Wh2hL3%2Bzw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c8b712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 | 104.17.25.14 | 200 OK | 38 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 IP104.17.25.14:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 38384, version 1.0 Hasha4d31128b633bc0b1cc1f18a34fb3851 6ee4c79372c3fd679706306ede47e4b03cf53d60 e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
GET /ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gvd8ed.dgwt.my.id
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 38384
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03ed9-95f0"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 64374
expires: Tue, 15 Apr 2025 14:24:17 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R2doMzLHVgiuXhzCEQp2h19x0MM0Znk8h4ApfLhoJwevVyTqxAiRC1gWQ1PoSn%2FK2sR8qretr7qgVk4V%2B%2FVmTvGM3XrIP8k00WlZeCxAv1LsZzkB2%2FzepuAqE%2F6Nor5Wb%2FbkGFYZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 879efeed2855b515-OSL
alt-svc: h3=":443"; ma=86400
|
|
| i.ibb.co/W0V2vPK/twitter-text.png |  162.19.58.160 | 404 Not Found | 1.0 kB |
URL GET HTTP/2i.ibb.co/W0V2vPK/twitter-text.png IP162.19.58.160:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectibb.co Fingerprint0C:8B:6F:2F:B8:9F:91:1E:3A:DD:B1:1B:45:47:B4:65:FD:56:73:3D ValidityMon, 22 Apr 2024 06:29:44 GMT - Sun, 21 Jul 2024 06:29:43 GMT
File typePNG image data, 180 x 180, 4-bit colormap, non-interlaced Hash7325e2012a6cf941a6ea14f0061ff764 0d2ba63e280b979a98bc431bec8a7af985578769 63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
GET /W0V2vPK/twitter-text.png HTTP/1.1
Host: i.ibb.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 1031
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/teko/v20/LYjYdG7kmE0gV69VVPPdFl06VN8XG4S11zM.woff2 | 142.250.74.67 | 200 OK | 7.8 kB |
URL GET HTTP/2fonts.gstatic.com/s/teko/v20/LYjYdG7kmE0gV69VVPPdFl06VN8XG4S11zM.woff2 IP142.250.74.67:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7780, version 1.0 Hash507c329139e1756ce9bff8c6552d0412 b56bbcc8b220ab2839e5713f03d1d445f43d120b 064e4592bfa4dfda87fd9808ee81f704c1f7bab179ba6558de6853d8854e4f12
GET /s/teko/v20/LYjYdG7kmE0gV69VVPPdFl06VN8XG4S11zM.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gvd8ed.dgwt.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 Apr 2024 02:47:58 GMT
expires: Fri, 25 Apr 2025 02:47:58 GMT
cache-control: public, max-age=31536000
age: 41779
last-modified: Thu, 24 Aug 2023 21:55:09 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| gvd8ed.dgwt.my.id/hadiah/4.png | 104.21.56.74 | 200 OK | 31 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/4.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 307x372, components 3 Hash32899535ec4f593b4064612024686b41 7c5af5026b0b65da53891d7e17d1e301aaa031ec 6079598ca6146c5463794913e4ead6bfd284c86f0c4b3f9298a87e999f2833cf
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/4.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 31361
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WrgJqakmukfrWiDosSNgcnxiCnnAlCWRnvYzWY9AWb8IH2JdVNfL%2F0pRai3FL3Bg%2BGouDqbNWwSvDu9bMafkAkW0svrTuPzWYiEyc1ZQBN9d5khYsEbYHZGv23MGOIhXTMZYZw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea3c55712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/8.png | 104.21.56.74 | 200 OK | 20 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/8.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 271x335, components 3 Hashf57507f5d11a806512c5849d5b00d0c1 b3a5ce11ed3015358028a7a90e8f93d05bb9d84e 8ee9d88cc24fbd863ca154a0d75b88bb3c413663803fac2d280adf6f98fe5ebd
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/8.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 19566
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hlff3meLBY4yeT3IGgALqlQly7dEdCJcylwIxa2Kq45947A9NQCGvcxeWeGtLr0%2F%2BfZMhRpACRY0c23nosZPnxQiUsAiaRCldGZ4Loy%2BAqCCZiNCKpm%2FQouJecFxp6rTC2ozuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c79712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/3.png | 104.21.56.74 | 200 OK | 53 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/3.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 561x828, components 3 Hash1bf9b01e715147c6a75072906b2ec71f 223661494150392530a32559883c7b7c6c79d0b2 2e3bf52f33a6258303aeb310aaa4121db4ba002353d3d8d3bbbf1127a3ad2925
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/3.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 53011
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nf%2F8w2Me7R%2Fme6Grr96ZsQjtx5C%2Bf5bwPkyn73o2Qq%2FYBOIHPaNK%2FH%2BS%2FqQux0TPmAh3FXvHytEdLNP61vP4uaj69AnKKv40tpRfi5Rr2B3OMFPfUMrjulYyLN7zGhFJiP0ZKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea3c53712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/js/popup.js | 104.21.56.74 | 200 OK | 13 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/js/popup.js IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
Hash154409c265d13dc594757acda03d4f26 6ea7508e09e02d96094ea1450da350616e502a37 63e75694933fa2dc7ef67c229ca5209b0c96907e3489be2bb26e736275c894d6
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /js/popup.js HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: text/javascript
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WeYUIwyUwmPu%2F0zz2esbxnWts2t%2F5YUSHid7MJVpC8V4LotVU2q1eaQ8FMSSJD4xM75CwH52lLKMbzCAwK6eTfS8wT3I2dmV7kyv8laqAMg%2BKHJa8K%2FZ2EBJvjXi5sOodRxowQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879efeee395a712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/awm.png | 104.21.56.74 | 200 OK | 71 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/awm.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 997x1024, components 3 Hashc821534adb20f376ce12aa00882d5176 595d250457e663e3bd2abc340673d687c92a8a8e 72ded0a877f43cd6a0739294b968f20b247029847e97ddd1f41075382dd98dc1
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/awm.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 71150
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2nFARpwsP%2BvRqgxUOJVLdHIxdzrPUiawEk%2FpLgP5owA88fXbTE%2BCR%2BoqkrZhrBNIqklUD%2FQMWaFxZgYILbffqEHK%2BgsHjea74zBiTuEwwZ6YilgSuMMiuE%2FpFLuqUArdmJvj2A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c90712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/m1014v2.png | 104.21.56.74 | 200 OK | 77 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/m1014v2.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 997x1024, components 3 Hasha087a0506c939dc7cf9f805dfb5eccdd 80ad21430b061bea1b3c0d2f27c6981de973e669 7416d0179c064507a786d9dd35c57692e8e02445e228fb24dfbf53a96aee09bc
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/m1014v2.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 77242
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69ZRCFAgbuGuFfVwH%2BXNRgtyh13hCapxWoOAir7XpKyqKHk1ZUA3NJT8Fg5%2FgvSJf4k7nhAn%2BQKGFCN29XvDmzXBD3ctKlOYp9f6yeHZb0TEK52meGr5iC1RnsoLNE3HUczQag%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c8e712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/ak.png | 104.21.56.74 | 200 OK | 47 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/ak.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x740, components 3 Hashdae76322741301f8aa1384636c9a0b15 d1a9b81837d1660dd92b0fe3cc3439c4ece67cd0 516ec8f5074cc7e52bfc102e42923b36d36729496cc69aa6a84a1ecbd4bc44fd
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/ak.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 47405
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=25Ud1Own4IoQ2n8TPwjwFrPfPwL4lkY%2FTxR7WKW%2FffkdfHLxKu7k8ug6H1%2BwDZ0h3F3fdI%2BVtzOFpPT%2FcRQ6TQV0RWWRiIGe7jAIrK8GHgY5QF7RU0T4xpxGxzezA%2F%2FhLmMDyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c87712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/1.png | 104.21.56.74 | 200 OK | 52 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/1.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 537x824, components 3 Hash18d7879e3459cf3d30591fbe08250528 801549b4fab86cc04546c13857d52b0ccb15fcff 2faa2ad92f0af43b4f6a0b2b9c39b0a87073a928c451a12c19f61227f0d05d7a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/1.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 51741
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fkY%2BywQWdIVoiJDPUA7k%2FGB4aO3s773P1X7GWWf6bBMzknfhSq%2F7yuglQqxPn814JMCa8SntZfFo0bYLfN9V78FA6jQdlzgAHl1h0nTWYZhflpXlp4SnDZ2KX2dtIrI1BbFncg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea3c50712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/titan.png | 104.21.56.74 | 200 OK | 83 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/titan.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 796x1052, components 3 Hash3cccee9d57d94fdbf74c48a850f0f98e 98c88f308741de8229882af1cbd8f2a6baf4d4de 5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/titan.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 83104
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F78OI%2BmH3IGUnCWxvXXAKVC%2BRzmtBLfzqxsImBO7ywH8FZuG2mU0l%2FigH%2FgE%2B42alemrRL4foKxtrezIhZUzvD48Cv1JjHlK0FRogDkC5k5NnTJrra58wwD7iiD7AM4j9rJ4NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c86712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/13.png | 104.21.56.74 | 200 OK | 49 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/13.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=5, height=540, software=Android Gallery, orientation=[*0*], width=544], baseline, precision 8, 544x540, components 3 Hash211f77eadfb913d3c373845665fbc80d a745750da7fbd89f99b70c6ac18057f16f1fda41 1713a10e9eda3a010054e07979f957f79409b853679f9a30051fd144bfcdf03a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/13.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 48829
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pcMdrwerrNaGd8IVouFwnGebzbu8nPRh3VWs2iDJfW%2FoH8x7TUZWmMwwfaQq0nKxUoMVgysEaA22bdLe61keT7szo77g9pd15ebjPqfwW8SVMZOgpofUQJVi4i3gP5Gdno3oYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c7e712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/mp40.png | 104.21.56.74 | 200 OK | 78 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/mp40.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 997x1024, components 3 Hashd82b517e8761b68da708dfdb37917490 5c88ffba47d2c80b620b973473ed33b259f90ba1 c14e18b02723b0d52d3f1103294c3c85b58c637b566dedf6fb028c143da18235
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/mp40.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 78490
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0oysus9v9FercChmGzjbwBItt%2F14NtDBZGD%2B%2FAYIpRJg6PRJlw5lk2RS9EpW0odTIo%2Bx9Iw4OKmujK6F70gDAlYLM9C2%2FZATyhdMPIeywJMTf0k5z9UfH%2FuWLm88KZK%2BWJ%2FukA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c8f712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/famas.png | 104.21.56.74 | 200 OK | 78 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/famas.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 999x1024, components 3 Hash5b9bd06824081f3370d369a3bae652e7 d6e93b6128cede7828fbc922c6c55ca8a257b303 355c5fb2f6587040eb783d3348ff54ca3ee3939c0bdee1d508a7275cfd9c2ab4
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/famas.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 78490
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=07Qkgznghsi9clR9pNWZMgtWTlKwow2vpVWcsa6%2BWvQFD1qWLAYszrZLrc4y3RsvRf9G95Q4uoPkztYDFaY25cAlVj9lWAh%2FVjZX8gSIBTdhwyc0IsHgoP20qEgVFX913Dae3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea9cc3712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/reward/season/mp40lgi.png | 104.21.56.74 | 200 OK | 71 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/reward/season/mp40lgi.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 997x1024, components 3 Hasha3345416dac30e86b8364351305def73 0bbaaa56053da71d4101c75659b21fb13ef9a9fa a48cf4e6e34f133db106976a46b2fbcb96d421acc5e5b469fb45d9b58a6028a8
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/reward/season/mp40lgi.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 71133
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KzX5x4jnCv7%2FdppdweXHNS5E6gFPchClBu5t83vd2ZqJLXBpXHDstXbM4it056UHpiWCEjMLH7QuD1vXISZxNujvMy8flkRThsEuit%2BxnnM5T1DB1%2FerhXSgovjYR9Bc4Kk3HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea9cc5712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/img/container.jpg | 104.21.56.74 | 200 OK | 61 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/img/container.jpg IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, height=0, orientation=[*0*], datetime=2020:12:14 18:26:48, GPS-Data, width=0], baseline, precision 8, 301x431, components 3 Hash34f948b7f09960898db436eb52f4585e f5d7bda7a050eb60c34e2daab22b6fad76f383aa 0fdd9daeec011c38cd91d4c1fb8c3dfe2dd85e55f4e1afac97f1aeb84ad6c635
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /img/container.jpg HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:18 GMT
content-type: image/jpeg
content-length: 61252
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XNy6ZZU2cmBPBMHP7gqbty4Ffku00Zv5ptdagLu70QTKabfo4NbweCPk7Eo2OAXce3FQTifmFRuOs5JasiPJiIA%2FeaNyHZIoABkvPPwkLsLg8gQgE%2B6M%2F94bABpL51g3SuMmxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeecefd0712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/hadiah/18.png | 104.21.56.74 | 200 OK | 398 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/18.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1029x1280, components 3 Size398 kB (397646 bytes) Hash4469d08792a46cdeeb556b173ce6abef eebeafabda8ea4d8322670b91dc71d250764a223 57e3cbfe13772249b9df6792d4f0fbf968e7d805ab1e1f1f5d95afa0a197807f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/18.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 397646
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MNYjtEU%2FrR7oRvNkaq%2FzO6VY%2Faxzthlff0rCP6tVqUyeeyGJqJfEpPOAAdSgDFcPx0YkWaM6yrFvckrYhmAyDBJ3RCbf6kKMasRIG%2B6RwBwcHbMPgxFi%2FyXC6iA4Pz8TFFX4Mw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c85712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefiremobile-a.akamaihd.net/ffwebsite/images/app-icon.png |  23.36.76.115 | 200 OK | 12 kB |
URL GET HTTP/1.1freefiremobile-a.akamaihd.net/ffwebsite/images/app-icon.png IP23.36.76.115:443 ASN#20940 Akamai International B.V.
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typePNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced Hash6939bf661102c88284e29c6869ca6b76 3d9f354e4a65658b93aeeeee69eb2f24ec420f39 09dbef6fe2c290c0e263be3a3af6bded42c0250895328f47ad049c6fd67d598e
GET /ffwebsite/images/app-icon.png HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: OBS
Content-Type: image/png
Content-Length: 12092
x-obs-request-id: 0000018F13C8AB36980673BF3BBD86FD
Accept-Ranges: bytes
ETag: "6939bf661102c88284e29c6869ca6b76"
Last-Modified: Thu, 04 Aug 2022 12:38:42 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS3JqY7NQJ87rgZqZATiSpcMdtzfc2EN
Date: Thu, 25 Apr 2024 14:24:18 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
|
|
| gvd8ed.dgwt.my.id/hadiah/16.png | 104.21.56.74 | 200 OK | 1.1 MB |
URL GET HTTP/3gvd8ed.dgwt.my.id/hadiah/16.png IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typePNG image data, 962 x 961, 8-bit/color RGB, non-interlaced Size1.1 MB (1082906 bytes) Hash6b92172f44890e53bf81d64f4a1a85fd cffb6ea2a54bb69f8a5bee4efa965cb94661cd40 f7d63a99172b1de40f77339f52d944b70de41d781b4391976865888ed80f7d96
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /hadiah/16.png HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: image/png
content-length: 1082906
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:56 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZJlV7PLMIZhjVkWZI%2B44Z0KT7OOuuVKqKCZjWEkLar8eu%2B%2FprO%2B4jIWEs1pdjqmvacLL0Vg%2B0kWXD4Uefmt0lhK5t3bNFUM1%2FhuXzYvOT8JsvG55ZfIkqw0YV7UwFuL%2FfN3iLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879efeea5c83712f-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefiremobile-a.akamaihd.net/ffwebsite/images/app-icon.png | 23.36.76.115 | 200 OK | 12 kB |
URL GET HTTP/1.1freefiremobile-a.akamaihd.net/ffwebsite/images/app-icon.png IP23.36.76.115:443 ASN#20940 Akamai International B.V.
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typePNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced Hash6939bf661102c88284e29c6869ca6b76 3d9f354e4a65658b93aeeeee69eb2f24ec420f39 09dbef6fe2c290c0e263be3a3af6bded42c0250895328f47ad049c6fd67d598e
GET /ffwebsite/images/app-icon.png HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: OBS
Content-Type: image/png
Content-Length: 12092
x-obs-request-id: 0000018F13C8AB36980673BF3BBD86FD
Accept-Ranges: bytes
ETag: "6939bf661102c88284e29c6869ca6b76"
Last-Modified: Thu, 04 Aug 2022 12:38:42 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS3JqY7NQJ87rgZqZATiSpcMdtzfc2EN
Date: Thu, 25 Apr 2024 14:24:18 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
|
|
| freefiremobile-a.akamaihd.net/ffwebsite/images/logo-small-fixed.png | 23.36.76.115 | 200 OK | 11 kB |
URL GET HTTP/1.1freefiremobile-a.akamaihd.net/ffwebsite/images/logo-small-fixed.png IP23.36.76.115:443 ASN#20940 Akamai International B.V.
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typePNG image data, 240 x 100, 8-bit/color RGBA, non-interlaced Hashbd03f747be802d6ada38e233546dfc5e d32cc84163bd4cdd6e239cfec91c0528a663504b f1da7d56ec1e2c36a66bf41364f3dbcaa254e2a64e1fb6fc961fbf6bb9bb0e2a
GET /ffwebsite/images/logo-small-fixed.png HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: OBS
Content-Type: image/png
Content-Length: 10700
x-obs-request-id: 0000018F15A496DF941CD0670E22B6D2
Accept-Ranges: bytes
ETag: "bd03f747be802d6ada38e233546dfc5e"
Last-Modified: Thu, 04 Aug 2022 12:38:52 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSKMVegsb8lXpD+XHSjWbWmQ8+rBG/5O
Date: Thu, 25 Apr 2024 14:24:19 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
|
|
| freefiremobile-a.akamaihd.net/ffwebsite/images/logo-small-fixed.png | 23.36.76.115 | 200 OK | 11 kB |
URL GET HTTP/1.1freefiremobile-a.akamaihd.net/ffwebsite/images/logo-small-fixed.png IP23.36.76.115:443 ASN#20940 Akamai International B.V.
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typePNG image data, 240 x 100, 8-bit/color RGBA, non-interlaced Hashbd03f747be802d6ada38e233546dfc5e d32cc84163bd4cdd6e239cfec91c0528a663504b f1da7d56ec1e2c36a66bf41364f3dbcaa254e2a64e1fb6fc961fbf6bb9bb0e2a
GET /ffwebsite/images/logo-small-fixed.png HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: OBS
Content-Type: image/png
Content-Length: 10700
x-obs-request-id: 0000018F15A496DF941CD0670E22B6D2
Accept-Ranges: bytes
ETag: "bd03f747be802d6ada38e233546dfc5e"
Last-Modified: Thu, 04 Aug 2022 12:38:52 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSKMVegsb8lXpD+XHSjWbWmQ8+rBG/5O
Date: Thu, 25 Apr 2024 14:24:19 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
|
|
| gvd8ed.dgwt.my.id/js/tab.js | 104.21.56.74 | 200 OK | 8.0 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/js/tab.js IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
Hash7c718a725f7e25aeb30ccb2897345e24 20c4080a0dbd8214f0ea636c68fba7d58b233194 540026665ffdea5632b232fa0186d4af1c02c0efa9ccff9cde261e1f5c390a65
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /js/tab.js HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: text/javascript
last-modified: Sat, 12 Mar 2022 21:20:58 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W3MrceJXttNVXZXZ0JjCtwe4W%2Bvd3bzPsrLlmcaPCkUnF47Y64cZruFmcVe%2FqlufQPHndLELayHo0656sLN6yH%2B1ZNLpXTAcLsDtz6M5wM84RseQ59fbn6hkP3ZnSF4zr5mXww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879efeeadd0a712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/css/login/facebook.css | 104.21.56.74 | 200 OK | 3.1 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/css/login/facebook.css IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeASCII text, with very long lines (3358), with no line terminators Hashbbebeacccd930c7d1ecd4e6d8af7cc9d 619cb00e35275b5413c8f41436a46a2244fe4a75 c02d26826c43d679f6f7f35dcb5f9f81057281c564c721b29108493b0274638e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /css/login/facebook.css HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310752
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQONxsPb4FvSRbqOFK1u3aAp0MSEmjbBmvBbVS7COpyUStaSq9PGyswlVg20%2FGwJBp5vyBaiJB2DT0m08z5CkDjv6%2FViQgGqLaoPOhCn7D%2BP9SNBqKKQ1RKHotdK5ZUEDlXM6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879efeea2c12712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Teko&display=swap | 142.250.74.106 | 200 OK | 1.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Teko&display=swap IP142.250.74.106:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
File typeASCII text, with very long lines (1113), with no line terminators Hash0f4e6414a1d8b6eab6f2a56d5f312a9a 9a91de5441ba69a31a8aa6adffec868ce610029b 2e386a6e155e7e149b8326c30d7b8946267e7fd99deeccbd639ae85a3ec27d79
GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 14:24:17 GMT
date: Thu, 25 Apr 2024 14:24:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| | 104.21.56.74 | 200 OK | 33 kB |
URL User Request GET HTTP/2IP104.21.56.74:443
CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET / HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 25 Apr 2024 14:24:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UdfcXmpNSe8cHEQQizqdHuamneYJ0lxfUi3S0%2FyfFNtoBu3qeLA0jd%2BFvrLK9CUg%2BeRBPjBid8xL0OWRzpZ7oU%2Bt6F76OcdAor7dOeFL%2Bl6js9bsXM8fMJHsu3R1R%2F7ehUvtrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879efee63b33b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| gvd8ed.dgwt.my.id/ | 104.21.56.74 | 200 OK | 33 kB |
IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET / HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h58hi7jpORoeDYqkC0daM7i05P8HK4Buhaz%2BIWmIHmUMD5TDFW5RASR58rJuYI%2B0%2BRjh%2BZs9SsubBW%2FbLfkCVNJDvCyNLFQu5pLFuF%2BzkR1N%2FZiIF2t1e6ruB93yFuwdMoHQ0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879efeeabce2712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/css/animate.css | 104.21.56.74 | 200 OK | 78 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/css/animate.css IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
Hash91cc40989e5e96e8d6bddc0f19598441 77b5378a2b4bfc120e52782dd869aeab7efe2fd4 6b6b686ecaa56e02ec5aced95541a03f922f599b31f1b4cd429ceca824a6e669
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /css/animate.css HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310752
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SacDyD6es26oOeg682RjAW4xD5CnRwf6aV8yhiOWLuYAOFxRbz6M2bQT3IFzuWYx451m1WhUOfUvQlrTel23lnKxb3VrAIu6Dzwf9z1JJpDGI1NIgaQL1v64fMFrQ8J1Pj1mMA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879efeea2c1a712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/css/login/twitter.css | 104.21.56.74 | 200 OK | 1.8 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/css/login/twitter.css IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeASCII text, with very long lines (1961), with no line terminators Hash951641108d84968611b6eef53747a65c 81bdaa898e4a4a966f2078e2840ae87e4b631904 0ebb9cd0fd9589d23fdd146cae3ff29822314261289e20830d379e280c1b7bbe
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /css/login/twitter.css HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:16 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Mon, 29 Apr 2024 00:05:04 GMT
last-modified: Sat, 12 Mar 2022 21:20:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 310752
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=73OeBqUwgUJ4arU33xjGjZ28Q%2F0SYwnkGpQad4ecUzV%2FEONjEMe1FTbgWQj74BdbmOkoTN1FMx2gfdVXCQCDCADnP1e1%2B8wfznbEdIz62I3MFFN3RDd7xzz%2FY%2FsxwbSfs0makg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879efeea2c14712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| gvd8ed.dgwt.my.id/css/login/google.css | 104.21.56.74 | 200 OK | 4.4 kB |
URL GET HTTP/3gvd8ed.dgwt.my.id/css/login/google.css IP104.21.56.74:443
Requested byhttps://gvd8ed.dgwt.my.id/ CertificateIssuerLet's Encrypt Subjectdgwt.my.id Fingerprint23:F4:DB:42:D1:64:BC:30:C9:80:30:3E:51:C4:12:B2:77:F9:94:2B ValidityWed, 13 Mar 2024 14:09:00 GMT - Tue, 11 Jun 2024 14:08:59 GMT
File typeASCII text, with very long lines (4660), with no line terminators Hash01a8e2e01e9c0163625cdb23f3847e2d e2c75e3df440f99896749e10f9ad431b373c8815 0779d44fa3b38a0736cbaae9a591d82324f59297e89eb6cec1030f3e110ea3ec
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Tencent |
GET /css/login/google.css HTTP/1.1
Host: gvd8ed.dgwt.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gvd8ed.dgwt.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 25 Apr 2024 14:24:17 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 02 May 2024 14:24:17 GMT
last-modified: Sat, 12 Mar 2022 21:20:56 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oA%2BuIyCgVc1PdUOKL3V1J%2BaaOAemUi3bJLDlUBZWRNnAE%2BWcDg%2BZDbliF8HaTt0iX9KCASy6m0k7eUaLR0K5EqYtL8xvKQlUyZr%2Bi9BfkQRr11aBPCSOTqwO%2FUxwSpQfJKZVbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879efeea2c17712f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|