Report - memberships.garenna.id.vn/css/sw3.jsp/

Report Overview

Submitted URL
memberships.garenna.id.vn/css/sw3.jsp/
IP
188.114.96.1
ASN
#13335 CLOUDFLARENET
Submitted
2024-03-29 15:42:51
Access
public
Website Title
Garena Free Fire Membership
Final URL
memberships.garenna.id.vn/css/sw3.jsp/#/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-03-28	467 B	3.9 kB	104.17.25.14
memberships.garenna.id.vn	unknown	unknown	No data	No data	11 kB	1.5 MB	188.114.97.1
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-03-29	502 B	30 kB	104.18.11.207
zerossl.ocsp.sectigo.com	4049	2018-08-16	2020-05-09	2024-03-28	336 B	1.2 kB	172.64.149.23
cdn.vn.garenanow.com	74387	2010-09-27	2013-11-06	2024-03-26	910 B	436 kB	125.212.198.219

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/css/sw3.jsp/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena
2024-03-29	medium	memberships.garenna.id.vn/	Garena

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	memberships.garenna.id.vn/js/chunk-vendors.af4be1be.js	217 kB	2023-03-07	2024-04-29
Pretty URL memberships.garenna.id.vn/js/chunk-vendors.af4be1be.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 22:51:29 Last Seen2024-04-29 07:54:01 Times Seen2723 Hash 89dea640423a1344887137f04512a78c 8da9202dbf075f31b0d761f6be21d5b941d8ab0e 81e6a37cde5650c889f049b7641528f33c6f0315162880258e5abc79d4fbc37a Loading...

	memberships.garenna.id.vn/js/app.2a0a3444.js	4.4 kB	2023-03-10	2024-04-29
Pretty URL memberships.garenna.id.vn/js/app.2a0a3444.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:35:44 Last Seen2024-04-29 07:54:01 Times Seen2754 Hash e0cc9473ae0330daff8f81dd804ce105 eb8cadee809ed5fd9afddd4fc0d0e004e174b764 fa727018e0b7888c4b0df6681a5ba88298c435b8687e77cd34f182fda668f927 Loading...

	memberships.garenna.id.vn/js/chunk-10a81ae2.aad79b3d.js	151 kB	2023-03-10	2024-04-28
Pretty URL memberships.garenna.id.vn/js/chunk-10a81ae2.aad79b3d.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 16:35:44 Last Seen2024-04-28 19:41:07 Times Seen3808 Hash 2b2f6196d5dd7855b470947c3610bff6 c55707c7501bc09a25135b317a0fbbc29b7e3b62 c52dd3dcf2f5e1b907ea59d27d3e583ce1e6bd8baa5cbb7a949674ce30e81683 Loading...

HTTP Transactions (28)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/fancybox/3.4.1/jquery.fancybox.min.css

104.17.25.14

200 OK

2.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/fancybox/3.4.1/jquery.fancybox.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (13924), with no line terminators
Size
2.9 kB (2912 bytes)
Hash
d07226345cd00a4b9ad6e83d96e583a5
4f4d7e065aee9417c7d7c428e3606fd32adf5977
a02fd0f27a964a5a756e48b71edf6044259a7b0e67ebf1cd935d074f86845f8c

HTTP Headers

GET /ajax/libs/fancybox/3.4.1/jquery.fancybox.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 15:42:24 GMT
content-type: text/css; charset=utf-8
content-length: 2912
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e58-3664"
last-modified: Mon, 04 May 2020 16:10:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 751587
expires: Wed, 19 Mar 2025 15:42:24 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8YX97b%2BAX4hBYBjnsVnkq5LN9lJEkb6uF2Mb0kICpUvZ1ypEiCYSGkDJKE1HiLRyRV7wGyr4F8hJRw6R8%2FZQD4Gl6540m%2BBo0cx7Ycn1LJMCfsCBqCCB08kO8vKeMYpWjQkP59Aa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86c0f83d5fc8569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

memberships.garenna.id.vn/css/app.b1f17912.css

188.114.97.1

200 OK

20 kB

URL GET HTTP/3
memberships.garenna.id.vn/css/app.b1f17912.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (20454 bytes)
Hash
5104c55a2b7a0dcaa22592709355e2ea
d9c4af0a71f261c2962bdb3e53ba0d629bf8def5
1d9ffe54b028da93632155c0341486c6899a372fb75a86c690a48473f85f92ac

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/app.b1f17912.css HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:25 GMT
content-type: text/css
cache-control: public, max-age=14400
expires: Fri, 05 Apr 2024 15:42:25 GMT
last-modified: Sun, 22 Jan 2023 20:47:58 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qnw9XdFNgFBan0DrO8UaMHyE0THiB1mk89%2Fj2rEipIT2nMhDjNX77215XnmdA8GPUVhcWGjiHbkip%2BbZBn7ZE9L5rvHNgaheL0vTUsMSgyoA%2FuhUUTqb%2FObh7efVxgE6fCqg9Yz%2FqKdG1aa9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0f83d388eb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

104.18.11.207

200 OK

29 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65324)
Size
29 kB (28707 bytes)
Hash
04aca1f4cd3ec3c05a75a879f3be75a3
675fcf28f9fbf37139d3b2c0b676f96f601a4203
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

HTTP Headers

GET /bootstrap/4.1.3/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://memberships.garenna.id.vn
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 15:42:25 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 277bed29ead3a21acd1ad058e9dd2520
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 86c0f83dbc371bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

memberships.garenna.id.vn/img/btn-bod-deactive.5810d0f4.png

188.114.97.1

200 OK

9.7 kB

URL GET HTTP/3
memberships.garenna.id.vn/img/btn-bod-deactive.5810d0f4.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
PNG image data, 152 x 46, 8-bit/color RGB, non-interlaced
Size
9.7 kB (9706 bytes)
Hash
5810d0f48cd4228f188de53b0b26a401
b55aae3f78329f78cee4eb01d578ee7a171e6fe5
466183461b2bcaa6068e573e538e4159243625a3fd6e59ec1b3b5e3dbbd3e542

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/btn-bod-deactive.5810d0f4.png HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:26 GMT
content-type: image/png
content-length: 9706
cache-control: public, max-age=2629000
expires: Fri, 05 Apr 2024 15:42:26 GMT
last-modified: Sun, 22 Jan 2023 20:48:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7652GjXHULrLsYPnBP%2FGv1%2FBjXd2tguDLeDBfBc8liJT1pB9sKAD1RBd%2F%2BsypAM4mXuZPyVAyegdtzPQ0FDzChpcQEhMX%2B0mCK3ggZvnr9APq0Ve3M5gp7iRsZcQ2Gecmzi5Id7S4yioxbGG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f844b867b509-OSL
alt-svc: h3=":443"; ma=86400

zerossl.ocsp.sectigo.com/

172.64.149.23

727 B

URL
zerossl.ocsp.sectigo.com/
IP
172.64.149.23:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
0567a7709b0470315b8d9070a3a025a3
936f35a9962f87b88388c0966466d7f7daa7a144
c98358e2e511e76c1436d594b1e4655dbe64878645be63e5d241a5ed9f1e8ecb

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 29 Mar 2024 15:42:26 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 29 Mar 2024 08:48:15 GMT
Expires: Fri, 05 Apr 2024 08:48:14 GMT
Etag: "936f35a9962f87b88388c0966466d7f7daa7a144"
Cache-Control: max-age=579347,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 86c0f846ac98569a-OSL

memberships.garenna.id.vn/images/select-arr.png

188.114.97.1

200 OK

3.3 kB

URL GET HTTP/3
memberships.garenna.id.vn/images/select-arr.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
PNG image data, 30 x 23, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3333 bytes)
Hash
250baea960d1661d6109e84ad106f217
888228c160f53b6978683d5377f6892778046a06
668531f1515acd2c3e3503a7af0f9e6259ef91aef30c56f2485c0816c5648291

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /images/select-arr.png HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/app.b1f17912.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:26 GMT
content-type: image/png
content-length: 3333
cache-control: public, max-age=2629000
expires: Fri, 05 Apr 2024 15:42:26 GMT
last-modified: Sun, 22 Jan 2023 20:48:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UR5a%2FPspsuG488to1z1FjhxfA2iVM2gc3UzOE0jlINt4KWqQoR6qJ1AcctVac6iEmJTlW4K5rqJgTesLKG2CJ0pvub3lirZb8sCfixtltLXCoVQcT4hH4IkuPFJwfu6yOLiCF5mCs5V5GIAA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f84508e2b509-OSL
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/images/yellow-bg.png

188.114.97.1

200 OK

7.5 kB

URL GET HTTP/3
memberships.garenna.id.vn/images/yellow-bg.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
PNG image data, 102 x 35, 8-bit/color RGB, non-interlaced
Size
7.5 kB (7521 bytes)
Hash
6bcd8e8f7a6d40eb79fec974ed9be56e
1d519eb77848275ce0c96349d7b4fda8a3d1f709
28e0bd6ab428b72bf9013b4423ce4fcc42bf4e894f37e1d5bb3f93ec729dbd5c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /images/yellow-bg.png HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/app.b1f17912.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:26 GMT
content-type: image/png
content-length: 7521
cache-control: public, max-age=2629000
expires: Fri, 05 Apr 2024 15:42:26 GMT
last-modified: Sun, 22 Jan 2023 20:48:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QrpN%2Frgljhcv12mx7GlBS9l0nreYbUhIAXgcWjVBetmYBmgIrobu%2BJ%2BSCB%2BlXxPPUZ1tRcGhQlG%2FgCuH9NgFn3VNoFMhh9TEq4n9OnrnSuV2t4CjM%2Fk8Q52E1baSTHSKesdHzLT0iimiAdq5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f8452909b509-OSL
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/img/dob-title.b8c16371.png

188.114.97.1

200 OK

35 kB

URL GET HTTP/3
memberships.garenna.id.vn/img/dob-title.b8c16371.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
PNG image data, 394 x 54, 8-bit/color RGBA, non-interlaced
Size
35 kB (35229 bytes)
Hash
b8c163711def158bbffae4c9f9ae147e
ac4391dbe38aa12d485a64d62678ec60fd8f4010
a229865cad68073c0190603cf6b158fb90822271c33a9ab4634bd0020a46fd7c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/dob-title.b8c16371.png HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:26 GMT
content-type: image/png
content-length: 35229
cache-control: public, max-age=2629000
expires: Fri, 05 Apr 2024 15:42:26 GMT
last-modified: Sun, 22 Jan 2023 20:48:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JdsDP5ViVzEBUGa%2FHWVz6VyPZmnt5w4t56NuLT6qcGgL9t%2B0dcdl68e7cQcamv%2BgqfN5Vh59YrMs%2FLJTsMdOKY%2FXarDGTHmuhTMUA3R3WywmBnuW%2BZgI8U9J0473C%2FS%2BTRKD%2Bm%2FnWqGs2k0K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f844b862b509-OSL
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/img/btn_history.c6c98836.png

188.114.97.1

200 OK

19 kB

URL GET HTTP/3
memberships.garenna.id.vn/img/btn_history.c6c98836.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
PNG image data, 242 x 46, 8-bit/color RGBA, non-interlaced
Size
19 kB (19334 bytes)
Hash
c6c98836a1f61eed9e1704a80fff3452
b1fb786d62d1d1e85031a82aed81819cd2ec6105
93edab30fde28fbcb7cae59fbadc3bc77b9f47c1625a17ecc2f499bbf1f5afc9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/btn_history.c6c98836.png HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:26 GMT
content-type: image/png
content-length: 19334
cache-control: public, max-age=2629000
expires: Fri, 05 Apr 2024 15:42:26 GMT
last-modified: Sun, 22 Jan 2023 20:48:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5kCp9dcq%2BJa2lxas2FB1%2B5qi7Uv8cKdr3vZq6J%2Btp5QQeH8dPtFbNHU%2BhifUXAWwg1koLuE2ZRonds3lqXenKRoCUtcJUkHRBWAgu3AF1UON4C8wgjdQuq3MSmr%2BMFDvFMo3bhryGIfFX4Ii"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f844b85db509-OSL
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/img/logout.29f7cada.png

188.114.97.1

200 OK

15 kB

URL GET HTTP/3
memberships.garenna.id.vn/img/logout.29f7cada.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
PNG image data, 152 x 46, 8-bit/color RGBA, non-interlaced
Size
15 kB (14980 bytes)
Hash
29f7cada758df884c437be190093b10e
6a187704a2e796ac9459dabd836d113006ef7a9b
168d31d28b3aa31247135234a8adb526f3b7f64cabd3120985b462ca21c58fa9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/logout.29f7cada.png HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:26 GMT
content-type: image/png
content-length: 14980
cache-control: public, max-age=2629000
expires: Fri, 05 Apr 2024 15:42:26 GMT
last-modified: Sun, 22 Jan 2023 20:48:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmsbNKVtpCGncUlo3LffJsR80dcVHvwCp11t%2BqyAAalreMniaGriqp8DUQaFkTnDOPxhBRXhjDzk2qvOqmjek%2FYf7pPzzuI01ZQwVvoJ5BjdVjbKA0ICgOVVVTYOWKXebeJTl1MEulBQmxqb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f8449846b509-OSL
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/images/red-bg-2.png

188.114.97.1

200 OK

39 kB

URL GET HTTP/3
memberships.garenna.id.vn/images/red-bg-2.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
PNG image data, 403 x 57, 8-bit/color RGBA, non-interlaced
Size
39 kB (39362 bytes)
Hash
9975ff17da66b0c03464a24c1eef1cc3
4be0849f8b0acd81859ad16a6f78728e5abc3631
54fff3ea08a8e931d301109e72a14b34d633fa9e1de77efd49ab5fc42a2eaebc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /images/red-bg-2.png HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/app.b1f17912.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:26 GMT
content-type: image/png
content-length: 39362
cache-control: public, max-age=2629000
expires: Fri, 05 Apr 2024 15:42:26 GMT
last-modified: Sun, 22 Jan 2023 20:48:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d05w6MCW6NemAdag5NeclK%2FjziTK3G8kVdVpGEPQZkDhqPSO%2FyEGbEb87ko%2FDzyz8kPE2%2Bj3gy720AgKJ6AZH0RhMCyvWVJVphwEwVGL1a0Md3pZhFviG7refmPLMoUzYf93jOBJtmvWdkxz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f84508e1b509-OSL
alt-svc: h3=":443"; ma=86400

cdn.vn.garenanow.com/web/ff/fav.jpg

125.212.198.219

200 OK

10 kB

URL GET HTTP/1.1
cdn.vn.garenanow.com/web/ff/fav.jpg
IP
125.212.198.219:443
ASN
#38731 CHT Compamy Ltd

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerZeroSSL
Subjectcdn.vn.garenanow.com
Fingerprint78:16:5C:BF:19:AE:5A:1E:8C:7E:94:48:D4:72:0A:B7:23:01:B2:12
ValiditySat, 09 Mar 2024 00:00:00 GMT - Fri, 07 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], progressive, precision 8, 200x200, components 3
Size
10 kB (10025 bytes)
Hash
78e23e9a864c3f5c9ca4049e7ccee8cb
0a635dcf9eade4c2d41f638c7c3a5bcc44dd9f14
d4b543fbd9ec68332b9d3af5f2253e02e7f262c41f87452fea20e4cbfc7e4a68

HTTP Headers

GET /web/ff/fav.jpg HTTP/1.1
Host: cdn.vn.garenanow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 15:42:26 GMT
Content-Type: image/jpeg
Content-Length: 10025
Connection: keep-alive
Last-Modified: Fri, 04 May 2018 07:18:36 GMT
ETag: "5aec094c-2729"
X-Cache-Status: HIT
X-Handled-By: cdn-master
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

memberships.garenna.id.vn/images/dob-bg.png

188.114.97.1

200 OK

66 kB

URL GET HTTP/3
memberships.garenna.id.vn/images/dob-bg.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
PNG image data, 1079 x 852, 8-bit/color RGB, non-interlaced
Size
66 kB (65835 bytes)
Hash
ede8d79517267263b24f4629c5a20fcb
26776aaf21b2902e9088281e000a31be4a969c72
3ae09ef678cacb0fc6be8d17dc403c2b8049ffdb302e591189331ae71307b447

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /images/dob-bg.png HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/app.b1f17912.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:27 GMT
content-type: image/png
content-length: 65835
cache-control: public, max-age=2629000
expires: Fri, 05 Apr 2024 15:42:26 GMT
last-modified: Sun, 22 Jan 2023 20:48:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9YVVMuEhkBbYrGWKFaX6fO5VJC4crCYJaKbqq%2FbnerGnVfSqWd%2FaCCFma%2Bs2uAOS%2FCv6Utolm9slrCI%2F0sMF1FBs6L5DSEkr7skmBZY2I1OSZKNTm6TDesZO%2BqtRAemnk2vDe4RJw7RuWfi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f844f8d2b509-OSL
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/images/spin-bg.png

188.114.97.1

200 OK

598 kB

URL GET HTTP/3
memberships.garenna.id.vn/images/spin-bg.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
PNG image data, 1080 x 1109, 8-bit/color RGB, non-interlaced
Size
598 kB (597541 bytes)
Hash
b83bae0d44a9310bbc30b8b3f59f64fd
b6d5446495bab1d7ec2ecf9dc1177cf89886f36c
78e2ca75fcafa1dd58eefb124e508648a756f1d3c7a83e42e5d46bf8df06c26c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /images/spin-bg.png HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/app.b1f17912.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:27 GMT
content-type: image/png
content-length: 597541
cache-control: public, max-age=2629000
expires: Fri, 05 Apr 2024 15:42:26 GMT
last-modified: Sun, 22 Jan 2023 20:48:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3D7ESv8THZqre0ZsLJq7mAce9BxZKZ7ZgPydRofMVeJ4QqvzHDcrExB%2BBJO5ikaL2MrAmw2EnihoTD48Gez%2FkACQo%2BwiGoHjz66vk3yoma3AnohXhktl76HaGhCTvZvE72YHjWMwTCShxmN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f84508dfb509-OSL
alt-svc: h3=":443"; ma=86400

cdn.vn.garenanow.com/web/ff/ff_membership/item/Vip-Membership.jpg

203.162.56.72

200 OK

425 kB

URL GET HTTP/1.1
cdn.vn.garenanow.com/web/ff/ff_membership/item/Vip-Membership.jpg
IP
203.162.56.72:443
ASN
#7643 Vietnam Posts and Telecommunications VNPT

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerZeroSSL
Subjectcdn.vn.garenanow.com
Fingerprint78:16:5C:BF:19:AE:5A:1E:8C:7E:94:48:D4:72:0A:B7:23:01:B2:12
ValiditySat, 09 Mar 2024 00:00:00 GMT - Fri, 07 Jun 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1080x397, components 3
Size
425 kB (425312 bytes)
Hash
bea9fdacb877e6c636823faf682a221e
513a4e3f26a8a12f245e833101a6ab99b650049f
e71dfbb5eb4e822877c51d6b9a90610e19045f283ff0dacda0dc5c25ce91d372

HTTP Headers

GET /web/ff/ff_membership/item/Vip-Membership.jpg HTTP/1.1
Host: cdn.vn.garenanow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 29 Mar 2024 15:42:27 GMT
Content-Type: image/jpeg
Content-Length: 425312
Connection: keep-alive
Last-Modified: Wed, 09 Jan 2019 08:55:01 GMT
ETag: "5c35b6e5-67d60"
X-Cache-Status: HIT
X-Handled-By: cdn-master
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

memberships.garenna.id.vn/css/chunk-ebcca810.fc5c29f8.css

188.114.97.1

200 OK

13 kB

URL GET HTTP/3
memberships.garenna.id.vn/css/chunk-ebcca810.fc5c29f8.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
ASCII text, with no line terminators
Size
13 kB (13050 bytes)
Hash
a8187d8e21a3bb4d273f3485b6aba510
88210d3db5d964b2d8ed2c37f02bad6f4a810699
db3b82cac6603397423a91e5946fb452f8deab75f55eb23656917f0a1a2dfe83

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/chunk-ebcca810.fc5c29f8.css HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:29 GMT
content-type: text/css
cache-control: public, max-age=14400
expires: Fri, 05 Apr 2024 15:42:29 GMT
last-modified: Sun, 22 Jan 2023 20:47:58 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2FGG6baCLmx%2FXucom9S9jIQxclDs0HwqCL5KSdUlEFgQf9YL9XbNIJsSe1uXCBZLRoK7Vz39uDiAcBZ8TIJAioGhloNaxKrxl6NOE5oXR7xeds7BZWa8RD2kdl27ufQpQtDO7ugX6ZrCCJsn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0f8571b04b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/css/chunk-10a81ae2.ec7605e3.css

188.114.97.1

200 OK

130 B

URL GET HTTP/3
memberships.garenna.id.vn/css/chunk-10a81ae2.ec7605e3.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
ASCII text, with no line terminators
Size
130 B (130 bytes)
Hash
1661ce2be23160aa6611d3bb8312d94a
7ad7cbb5d82e2ea2206de59b41513e65b927ac01
2ace57a05e19c4307ccf2eab6efa1b038d24b8e725d2c22b3c896ddea6b0257c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/chunk-10a81ae2.ec7605e3.css HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:28 GMT
content-type: text/css
cache-control: public, max-age=14400
expires: Fri, 05 Apr 2024 15:42:25 GMT
last-modified: Sun, 22 Jan 2023 20:47:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CnU14pSpR3YSBrR7v1s7q9zYthS3TfL91XVhpIENEctp9P43WAvVMiOf1c2iRhf1p7wJPQNyqcgQHeNJDMHQwO5pHqNp0CRlUzVCvACveqJvwCzH%2FOGbB6yxVjIx3IoD4A2rAyDcSFa1RGMM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f8571b01b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/css/sw3.jsp/

188.114.97.1

200 OK

1.8 kB

URL User Request GET HTTP/2
memberships.garenna.id.vn/css/sw3.jsp/
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1959), with no line terminators
Size
1.8 kB (1822 bytes)
Hash
ede7ed91a74af3482f4874f2af622aa8
98f583d41dbccd9f8aa8997d4f6d5782ee696601
2222d3f360a0eab357305c31caf6ce7abcc5d3548bff412ecaadc0dde7b027c4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/sw3.jsp/ HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 29 Mar 2024 15:42:24 GMT
content-type: text/html
last-modified: Sun, 22 Jan 2023 20:48:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YUcifbwdsSJuTHX%2BRbdKm9nlBNl0izscsLiU9PT8fLxSejP3mBYr1ltKhuk2Ua86Y7r9AUPAw6XaJ%2FWnbqpIyF8S1FZQcRS%2FjFMWZ%2FXDL4y9aMGpWgLJ7ho0lw1Nx8iR10mcTbp4vMmz7tgB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0f8387adf568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

memberships.garenna.id.vn/css/sw3.jsp/login.css

188.114.97.1

200 OK

1.8 kB

URL GET HTTP/3
memberships.garenna.id.vn/css/sw3.jsp/login.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1959), with no line terminators
Size
1.8 kB (1822 bytes)
Hash
ede7ed91a74af3482f4874f2af622aa8
98f583d41dbccd9f8aa8997d4f6d5782ee696601
2222d3f360a0eab357305c31caf6ce7abcc5d3548bff412ecaadc0dde7b027c4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/sw3.jsp/login.css HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:25 GMT
content-type: text/html
last-modified: Sun, 22 Jan 2023 20:48:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1txzALyX4S5wFcnE7HMI7atQcHdk1Ikmnr%2Bm3ViC5TPMNUopmZXXIDyVbEP4f3EM6a0ITHatHJ2VJfQSs3Grvz%2BrSnknWkfIR398%2Bz4uRZHHv7yUyC%2FZLSKUhC5PCnJkf219sZpS9evwUhv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0f83d388db509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/js/chunk-10a81ae2.aad79b3d.js

188.114.97.1

200 OK

151 kB

URL GET HTTP/3
memberships.garenna.id.vn/js/chunk-10a81ae2.aad79b3d.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type

Size
151 kB (150569 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/chunk-10a81ae2.aad79b3d.js HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:25 GMT
content-type: application/javascript
cache-control: public, max-age=14400
expires: Fri, 05 Apr 2024 15:42:25 GMT
last-modified: Sun, 22 Jan 2023 20:48:04 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LIKbCNvBvuC3UbAQC4UrZ8baUTC8aSU5c%2B4jG5G8Mw3dMiLNeAfg4hiXGXpH4RS8px8ct4sfNgbjy7JQ97dQKHHqVGJusEb22hPs62kycT22TdLm25CVGPMRHaKW%2B7%2B4yVzL8OYToxC42qQ4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0f8411cb8b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/js/chunk-10a81ae2.aad79b3d.js

188.114.97.1

200 OK

151 kB

URL GET HTTP/3
memberships.garenna.id.vn/js/chunk-10a81ae2.aad79b3d.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type

Size
151 kB (150569 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/chunk-10a81ae2.aad79b3d.js HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:28 GMT
content-type: application/javascript
cache-control: public, max-age=14400
expires: Fri, 05 Apr 2024 15:42:25 GMT
last-modified: Sun, 22 Jan 2023 20:48:04 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 3
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YJ480TE%2FZrWKWQWnTFQ4dpfLkzhM23oNC9myoIp9djT7IwRS9inTxGaQaUCvKCHcaaBYSlRr7q4t3Epbng9hEyYLkqCqxfn9YRRNYsatj9ATthd0wsgRv%2BGE3z0eLnorHdGy52cFuxdTI9GS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0f8571b07b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/js/chunk-vendors.af4be1be.js

188.114.97.1

200 OK

217 kB

URL GET HTTP/3
memberships.garenna.id.vn/js/chunk-vendors.af4be1be.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type

Size
217 kB (216700 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/chunk-vendors.af4be1be.js HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:25 GMT
content-type: application/javascript
cache-control: public, max-age=14400
expires: Fri, 05 Apr 2024 15:42:25 GMT
last-modified: Sun, 22 Jan 2023 20:48:04 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mGC%2BezG7yf4XG1ZX0bg2z23DZ%2FOn2lwKFyQDG351hJsXiFwJTYUv0R2Lwlsh1fUJz14Fw4bPPF11J28tJdupZvzGGq5B%2BuErkJi2eVpbS3fZcIgp6ulB7CysKKp2UaNJGAutmBvmoI92ATYs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0f83d389cb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/images/spin-title.png

188.114.97.1

200 OK

1.8 kB

URL GET HTTP/3
memberships.garenna.id.vn/images/spin-title.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1959), with no line terminators
Size
1.8 kB (1822 bytes)
Hash
ede7ed91a74af3482f4874f2af622aa8
98f583d41dbccd9f8aa8997d4f6d5782ee696601
2222d3f360a0eab357305c31caf6ce7abcc5d3548bff412ecaadc0dde7b027c4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /images/spin-title.png HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:26 GMT
content-type: text/html
last-modified: Sun, 22 Jan 2023 20:48:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3dv6CWHiTO3UCxARQTYvojnobU05v3K0LQRJZRKXY4Q0deUeRi72EC3ctk8H4u2VKp2ZsL8gdSTRiVZ5OGfJU1g16tpu0XHXYwPFikVi7iIW8F9K9y3s4LqFWeITm8tMbRu69W4bV66GnIMg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0f844a852b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/css/sw3.jsp/images/fb_ico.png

188.114.97.1

200 OK

1.8 kB

URL GET HTTP/3
memberships.garenna.id.vn/css/sw3.jsp/images/fb_ico.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1959), with no line terminators
Size
1.8 kB (1822 bytes)
Hash
ede7ed91a74af3482f4874f2af622aa8
98f583d41dbccd9f8aa8997d4f6d5782ee696601
2222d3f360a0eab357305c31caf6ce7abcc5d3548bff412ecaadc0dde7b027c4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/sw3.jsp/images/fb_ico.png HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:26 GMT
content-type: text/html
last-modified: Sun, 22 Jan 2023 20:48:06 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qecXsBG1FtwGZ4C2fIIVaFE4Y6IlqDh6Re5e09k0dGJvNObr1zOCTJSGl8FT09Otz7o8FFXNJmauOEXglP9FAYr%2FNLnSbGFgX%2BZBIsWXizHkEwjHUrl1XWHtw1jW24ISA%2FTKGeOgSnoMECwf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0f84518fcb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/js/chunk-ebcca810.0be768b5.js

188.114.97.1

200 OK

36 kB

URL GET HTTP/3
memberships.garenna.id.vn/js/chunk-ebcca810.0be768b5.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type

Size
36 kB (36371 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/chunk-ebcca810.0be768b5.js HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:29 GMT
content-type: application/javascript
cache-control: public, max-age=14400
expires: Fri, 05 Apr 2024 15:42:29 GMT
last-modified: Sun, 22 Jan 2023 20:48:04 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E48gEkmbqC2CePlqdclLca6zogF%2FbfwRJuwtqNQVrqHd99E9hOKsFnzmt6mIwsvPDfaunNLcMUqfnoScvGwWXIcCFJDRzAAG5jNinrNDTmf20PZQz8HZFOqLljO%2FUPnlkJqZu%2FSHwqoRZZkV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0f8571b0bb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/css/chunk-vendors.737c64e5.css

188.114.97.1

200 OK

72 kB

URL GET HTTP/3
memberships.garenna.id.vn/css/chunk-vendors.737c64e5.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
ASCII text, with very long lines (65359), with CRLF line terminators
Size
72 kB (71739 bytes)
Hash
c518eb2bccb1934516a6f3eabdacc263
46f1f2231fdb1366310effce7b3e3526ca06310e
296d948524904d247a03cb0bb5712751c5ad4c6102d745124bba32437b308642

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/chunk-vendors.737c64e5.css HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:25 GMT
content-type: text/css
cache-control: public, max-age=14400
expires: Fri, 05 Apr 2024 15:42:25 GMT
last-modified: Sun, 22 Jan 2023 20:47:58 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jMjSa6qDkgecJwVSjZ2RCnitbUE6CpRVKEBEczwTh0XFzG%2BF9%2FVeidFtZROXifUnrUciXf5l2AWZ8xsNL3YaI%2FFOj5sTna2EdOGs8N51mZJ2o70hDAn4vAB2TTHzQ2kJvC0Tv%2F7hmnMQWSCP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0f83d3891b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/css/chunk-10a81ae2.ec7605e3.css

188.114.97.1

200 OK

130 B

URL GET HTTP/3
memberships.garenna.id.vn/css/chunk-10a81ae2.ec7605e3.css
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
ASCII text, with no line terminators
Size
130 B (130 bytes)
Hash
1661ce2be23160aa6611d3bb8312d94a
7ad7cbb5d82e2ea2206de59b41513e65b927ac01
2ace57a05e19c4307ccf2eab6efa1b038d24b8e725d2c22b3c896ddea6b0257c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/chunk-10a81ae2.ec7605e3.css HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:25 GMT
content-type: text/css
cache-control: public, max-age=14400
expires: Fri, 05 Apr 2024 15:42:25 GMT
last-modified: Sun, 22 Jan 2023 20:47:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FHQvmYGE%2BRwyKksfhj20Q2MZd%2FwmncAvIAmHLDQU3bDDP7ZhSmzRYmovCRhaPApp4DXb80e0w4TRC4mBuzGVIVaH21rN6Il35JjKFW73GAYTX%2BC%2BTLXqZUpNAWlrcB%2BcoOJj%2FPi9oSj%2Fvh8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86c0f8411cb6b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

memberships.garenna.id.vn/js/app.2a0a3444.js

188.114.97.1

200 OK

4.4 kB

URL GET HTTP/3
memberships.garenna.id.vn/js/app.2a0a3444.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://memberships.garenna.id.vn/css/sw3.jsp/
Certificate
IssuerGoogle Trust Services LLC
Subjectgarenna.id.vn
Fingerprint13:A2:3E:8E:92:F6:F8:53:80:3B:B9:77:2A:B5:BE:3A:39:CF:C7:20
ValidityThu, 28 Mar 2024 13:41:13 GMT - Wed, 26 Jun 2024 13:41:12 GMT

File type
JavaScript source, ASCII text, with very long lines (4646), with no line terminators
Size
4.4 kB (4446 bytes)
Hash
780fcdb821bf1532a0befbf4ccc3c642
181fcf90d7979b9f5786be5e813dd4e5590b5264
cb02646eb74a8f879640c64ce416f71c7e3288bf98f00afbc7923fb8d36dc762

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/app.2a0a3444.js HTTP/1.1
Host: memberships.garenna.id.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://memberships.garenna.id.vn/css/sw3.jsp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 29 Mar 2024 15:42:25 GMT
content-type: application/javascript
cache-control: public, max-age=14400
expires: Fri, 05 Apr 2024 15:42:25 GMT
last-modified: Sun, 22 Jan 2023 20:48:04 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h%2BfPjdDzTnmOGT2d9nSdp4THn%2FW%2B%2FM3tuQEVHHHj2YRN25%2BxkCMhXhJ%2BzxYzuuxbX5R4WbWuO%2F33zeAjfCFswBkx1pyAnVyWIB5Hs9P%2Bru2yoDraTxGL3AB8idsUshxmh3nx8ROnntiRHKGy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 86c0f83d389ab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (28)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by