nwgspq.officiall-on.my.id Open in urlscan Pro
2606:4700:3034::6815:2f63 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://nwgspq.officiall-on.my.id/login2.php
Submission: On March 19 via api (March 19th 2024, 6:02:08 am UTC) from BY — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3034::6815:2f63, located in United States and belongs to CLOUDFLARENET, US. The main domain is nwgspq.officiall-on.my.id.

This is the only time nwgspq.officiall-on.my.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Instagram (Social Network)

Domain & IP information

	IP Address		AS Autonomous System
11	2606:4700:303... 2606:4700:3034::6815:2f63		13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	1

11 2606:4700:3034::6815:2f63 (United States)

ASN13335 (CLOUDFLARENET, US)

nwgspq.officiall-on.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	officiall-on.my.id nwgspq.officiall-on.my.id	350 KB
11	1

	Domain	Requested by
11	nwgspq.officiall-on.my.id	nwgspq.officiall-on.my.id
11	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://nwgspq.officiall-on.my.id/login2.php
Frame ID: F0B81E1481D14B116BDD8F3FE75E3233
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Instagram Blue verification badge

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

11
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

350 kB
Transfer

467 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request login2.php Show response nwgspq.officiall-on.my.id/	6 KB 2 KB	507ms 466ms	Document text/html	2606:4700:3034::6815:2f63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nwgspq.officiall-on.my.id/login2.php Protocol HTTP/1.1 Server 2606:4700:3034::6815:2f63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1ce000805c53dbb2f72c2785acb12d9f6b421a8d4967a95831b2d70b09f604da` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 866b405a9baf2bad-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 19 Mar 2024 06:02:03 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k6Vvs2NMcpYkoWc58%2FQeZJfkqdEuXx4C0tWxblnTUkUUtuCPO%2FSzmCQ2QC%2BVv0UsjuQb%2FKpMqhSp2mSUWgMDGdwjMqZLqgOEl3JsQXnzalK6F6S9W6gfSsCE3rYMZicHXN2ByyOt7u738Jgcx2PhX17zUV2CwLX9"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400 vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H/1.1	200 OK	app.css nwgspq.officiall-on.my.id/file/css/	134 KB 17 KB	36ms 36ms	Stylesheet text/css	2606:4700:3034::6815:2f63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nwgspq.officiall-on.my.id/file/css/app.css Requested by Host: nwgspq.officiall-on.my.id URL: http://nwgspq.officiall-on.my.id/login2.php Protocol HTTP/1.1 Server 2606:4700:3034::6815:2f63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f653dfdb5b23d4cd46dc7809a32a6b11ed4179755c9872c6c04193b77a962aa8` Request headers accept-language de-DE,de;q=0.9 Referer http://nwgspq.officiall-on.my.id/login2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Tue, 19 Mar 2024 06:02:03 GMT content-encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 246386 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 16602 last-modified Tue, 30 May 2023 03:14:45 GMT Server cloudflare vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m%2Bppun4ZHD5gaHjZJdg4iW%2BYWkXbTowUatRpa1kE%2BGNz1Fy8raSRn7jIZibsm6lMH%2FhoVuLvDQ%2F8rFZEHkIX4dqo0i282hJo4fwQU1pfWEbq9lozUAGiACqlWkZ42JzD8EJnS9HVHfArXm09Byn1sYiQbzN4NyUI"}],"group":"cf-nel","max_age":604800} Content-Type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 866b405d7df22bad-FRA expires Sat, 23 Mar 2024 09:35:37 GMT
GET H/1.1	200 OK	ehe.jpg nwgspq.officiall-on.my.id/file/images/	15 KB 15 KB	61ms 38ms	Image image/jpeg	2606:4700:3034::6815:2f63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nwgspq.officiall-on.my.id/file/images/ehe.jpg Requested by Host: nwgspq.officiall-on.my.id URL: http://nwgspq.officiall-on.my.id/login2.php Protocol HTTP/1.1 Server 2606:4700:3034::6815:2f63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fb09b146ace6c742a7e536be388a9b3105a46a39cb3bd3edd8770e0206053a7b` Request headers accept-language de-DE,de;q=0.9 Referer http://nwgspq.officiall-on.my.id/login2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Tue, 19 Mar 2024 06:02:03 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 249254 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 14903 last-modified Tue, 05 Sep 2023 23:43:25 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pIuzQyRrc2Evy3XC56AXWbM5%2BDvyVj8svCV0%2BsvxvSFiVd3RJ7qSDcWKBA%2FJUkVK%2FlbbTpaZ7URmaSjZpAp%2BOEBNtoanZwj%2Fy0zrPrNXGKPJZK2tulmLtQW3lz6iJ%2FR5vltNpxuwlnJEnXhT43shykWnm0TT9KyK"}],"group":"cf-nel","max_age":604800} Content-Type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 866b405daea19171-FRA expires Sat, 23 Mar 2024 08:47:48 GMT
GET H/1.1	404 Not Found	logo-white.svg nwgspq.officiall-on.my.id/file/fonts/	1 KB 1 KB	445ms 422ms	Image text/html	2606:4700:3034::6815:2f63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nwgspq.officiall-on.my.id/file/fonts/logo-white.svg Requested by Host: nwgspq.officiall-on.my.id URL: http://nwgspq.officiall-on.my.id/login2.php Protocol HTTP/1.1 Server 2606:4700:3034::6815:2f63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896` Request headers accept-language de-DE,de;q=0.9 Referer http://nwgspq.officiall-on.my.id/login2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache Date Tue, 19 Mar 2024 06:02:04 GMT Content-Encoding gzip CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l9Wtoai9BYBs6d%2B7alKGx6xlH8EeAagfiw5LvHs9B8Mqu%2BvUiINFmEmpascLaREUeMgcef6VO06sQde2X2ujYuAUaeHaBj3e3lbX3RZFvozZrbkYyGhXrtmM8iq1jcY4D6%2FiB7YWEkhsZCq2QNfjlBcsnJs9Ww7i"}],"group":"cf-nel","max_age":604800} Content-Type text/html Vary Accept-Encoding cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed Connection keep-alive CF-RAY 866b405dad1d30f9-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	bg-header.png nwgspq.officiall-on.my.id/file/images/	1 KB 1 KB	1473ms 1445ms	Image text/html	2606:4700:3034::6815:2f63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nwgspq.officiall-on.my.id/file/images/bg-header.png Requested by Host: nwgspq.officiall-on.my.id URL: http://nwgspq.officiall-on.my.id/login2.php Protocol HTTP/1.1 Server 2606:4700:3034::6815:2f63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896` Request headers accept-language de-DE,de;q=0.9 Referer http://nwgspq.officiall-on.my.id/login2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache Date Tue, 19 Mar 2024 06:02:05 GMT Content-Encoding gzip CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vzn10BcTCCgKxsuRSYJyxQMAF2pb%2BbkBl9aa%2BgUo4sUAUO5qs%2BSeOBAhQfQWH4lctMp%2Fg5DzveKArIq3RamPPHRcxQ3uNmDP12WGCRVA4n4tbbkWVMEoA%2Fa3CH7XbEvEi69UJJABOZFV1DG8cZZabhKMZAglCnnY"}],"group":"cf-nel","max_age":604800} Content-Type text/html Vary Accept-Encoding cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed Connection keep-alive CF-RAY 866b405daf9c036e-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	200 OK	myt.png nwgspq.officiall-on.my.id/file/images/	167 KB 168 KB	68ms 31ms	Image image/png	2606:4700:3034::6815:2f63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nwgspq.officiall-on.my.id/file/images/myt.png Requested by Host: nwgspq.officiall-on.my.id URL: http://nwgspq.officiall-on.my.id/login2.php Protocol HTTP/1.1 Server 2606:4700:3034::6815:2f63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f0839d462f8f476c0ec2176a6cccbd5944d72ae2d65d9f7e8cef3c7766bc8021` Request headers accept-language de-DE,de;q=0.9 Referer http://nwgspq.officiall-on.my.id/login2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Tue, 19 Mar 2024 06:02:03 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 246386 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 171244 last-modified Tue, 05 Sep 2023 23:43:36 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h7%2FDV9mDax5BUpZTVxf8xCAHY5lWxIK%2B5hSLzJMXRQhXCKIbOaWe7e9Yt9WRt73NjflBPg8eOehaXO21%2B56rZqhsq9wDuqsPZhjc%2FDXpu4N8oxnhfOuMGS3o0aP4Co9XMrZr%2B5vbrPy2rsL6T%2F7AlpAZvpOfFJUY"}],"group":"cf-nel","max_age":604800} Content-Type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 866b405dbe202bad-FRA expires Sat, 23 Mar 2024 09:35:37 GMT
GET H/1.1	200 OK	igx.png nwgspq.officiall-on.my.id/file/images/	122 KB 123 KB	97ms 36ms	Image image/png	2606:4700:3034::6815:2f63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nwgspq.officiall-on.my.id/file/images/igx.png Requested by Host: nwgspq.officiall-on.my.id URL: http://nwgspq.officiall-on.my.id/login2.php Protocol HTTP/1.1 Server 2606:4700:3034::6815:2f63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `92116074b655ddf5166b94584275c36741d0b50d6eec56b0b19fffda36fe1aaf` Request headers accept-language de-DE,de;q=0.9 Referer http://nwgspq.officiall-on.my.id/login2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Tue, 19 Mar 2024 06:02:03 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 246383 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 124647 last-modified Tue, 05 Sep 2023 23:43:28 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4nhXVMklO690yPviE0yfuX%2FKakWe9lgwTKmySRED00uF9DWPOs%2FztEkKVjiWVan8A4C9infDLz8gJHcX1swaQx59s%2B3hAhrwQI2s1Eo%2FJD4FMofVsuJiIl6Y1rx0BLGWYtrI%2FIm9N2hSKv%2Fn0Sclb3jr8c0x8%2FLp"}],"group":"cf-nel","max_age":604800} Content-Type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 866b405dec6d71b5-FRA expires Sat, 23 Mar 2024 09:35:40 GMT
GET H/1.1	200 OK	mt.png nwgspq.officiall-on.my.id/file/images/	21 KB 22 KB	33ms 33ms	Image image/png	2606:4700:3034::6815:2f63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://nwgspq.officiall-on.my.id/file/images/mt.png Requested by Host: nwgspq.officiall-on.my.id URL: http://nwgspq.officiall-on.my.id/login2.php Protocol HTTP/1.1 Server 2606:4700:3034::6815:2f63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c5dfdfc564c4ffcff3bf39bfe09b13c67eae0a1e262b8539bab309972393b0c9` Request headers accept-language de-DE,de;q=0.9 Referer http://nwgspq.officiall-on.my.id/login2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Tue, 19 Mar 2024 06:02:03 GMT CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 246384 Connection keep-alive alt-svc h3=":443"; ma=86400 Content-Length 21533 last-modified Tue, 05 Sep 2023 23:43:32 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F4S774fl%2Fx4XzP39H7r6%2FjOFidE0FO9clFmNWvIYxO91pGvDRem3R7WhlK5LMMLZif6mjmj7b4as81zsOwA8RxXU83xJKEkXCQTr7ixoyEcczkkSrmxYQGGM4wwEDDtyzgRchvScwi%2Fn%2FJlD752T4fdxCHybmiVr"}],"group":"cf-nel","max_age":604800} Content-Type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed Accept-Ranges bytes CF-RAY 866b405deeed9171-FRA expires Sat, 23 Mar 2024 09:35:39 GMT
GET H/1.1	200 OK	watermark.css nwgspq.officiall-on.my.id/file/css/	104 B 913 B	60ms 39ms	Stylesheet text/css	2606:4700:3034::6815:2f63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nwgspq.officiall-on.my.id/file/css/watermark.css Requested by Host: nwgspq.officiall-on.my.id URL: http://nwgspq.officiall-on.my.id/login2.php Protocol HTTP/1.1 Server 2606:4700:3034::6815:2f63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8fd70332a89fc34c404227205d65a96908fdb027d1c4dadedf3acc1411ec6c64` Request headers accept-language de-DE,de;q=0.9 Referer http://nwgspq.officiall-on.my.id/login2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers Date Tue, 19 Mar 2024 06:02:03 GMT Content-Encoding gzip CF-Cache-Status HIT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Age 246386 Transfer-Encoding chunked Connection keep-alive alt-svc h3=":443"; ma=86400 last-modified Sun, 16 Jul 2023 00:13:47 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fhFNYrqdEOLDoXOgupNFqAzbT%2BNJcJixoIcqqRgqvEidNqWMcNyp7N%2B5SAUOkqJHBXXVLcPxzsdjuHI%2B2qXZRrGFD2su0HD1WzzvtVkx9Te1DfuVEk2AhFJvE%2FyXqrz5GygDZ0VK6oc39nJWeAdi4dvGFVNGGSG6"}],"group":"cf-nel","max_age":604800} Content-Type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed CF-RAY 866b405dac3471b5-FRA expires Sat, 23 Mar 2024 09:35:37 GMT
GET H/1.1	404 Not Found	sprite.svg nwgspq.officiall-on.my.id/file/fonts/	0 0	416ms 416ms	Other text/html	2606:4700:3034::6815:2f63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nwgspq.officiall-on.my.id/file/fonts/sprite.svg Requested by Host: nwgspq.officiall-on.my.id URL: http://nwgspq.officiall-on.my.id/login2.php Protocol HTTP/1.1 Server 2606:4700:3034::6815:2f63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://nwgspq.officiall-on.my.id/login2.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache Date Tue, 19 Mar 2024 06:02:04 GMT Content-Encoding gzip CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QgXBBgNs%2ByacEkhAWlo0LnOZ2Bu%2FHJ1vKHdlUclF77pKyyFzOv8tmQzz2EjWusO5n4VBGI%2FrvxCPaQEy1y1gyHBS0JBnsd7CtyjhoY0Y8POgkEFsqwB6by1tlIqiVY9J0aISslm1mhStAdRLBC1ixvEjK7SfwEdC"}],"group":"cf-nel","max_age":604800} Content-Type text/html Vary Accept-Encoding cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed Connection keep-alive CF-RAY 866b405e1e662bad-FRA alt-svc h3=":443"; ma=86400
GET H/1.1	404 Not Found	external.html nwgspq.officiall-on.my.id/	0 0	470ms 468ms	Stylesheet text/html	2606:4700:3034::6815:2f63 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://nwgspq.officiall-on.my.id/external.html?link=https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap Requested by Host: nwgspq.officiall-on.my.id URL: http://nwgspq.officiall-on.my.id/file/css/app.css Protocol HTTP/1.1 Server 2606:4700:3034::6815:2f63 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://nwgspq.officiall-on.my.id/file/css/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36 Response headers pragma no-cache Date Tue, 19 Mar 2024 06:02:04 GMT Content-Encoding gzip CF-Cache-Status DYNAMIC NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JKIY0CZNzNb%2B9Nw00P3HDTrErGx6oIVkhK4yfxPG32ssaTBjOccNBW7rN5yOhK218%2F6pV25%2Ff6Kr4CYG7ebiYsfFtPT1ZoegpJvO8egrOGgRgLV4Le7mv%2FkSDDaHgZTLHz6OwGml5P8yXRWAF9R0APf4%2BDkJbl31"}],"group":"cf-nel","max_age":604800} Content-Type text/html cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed Connection keep-alive CF-RAY 866b405dbd2bbb71-FRA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Instagram (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://nwgspq.officiall-on.my.id/file/fonts/logo-white.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://nwgspq.officiall-on.my.id/external.html?link=https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600;700&display=swap Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://nwgspq.officiall-on.my.id/file/fonts/sprite.svg#icon-profile Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://nwgspq.officiall-on.my.id/file/images/bg-header.png Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

nwgspq.officiall-on.my.id
2606:4700:3034::6815:2f63
1ce000805c53dbb2f72c2785acb12d9f6b421a8d4967a95831b2d70b09f604da
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
8fd70332a89fc34c404227205d65a96908fdb027d1c4dadedf3acc1411ec6c64
92116074b655ddf5166b94584275c36741d0b50d6eec56b0b19fffda36fe1aaf
c5dfdfc564c4ffcff3bf39bfe09b13c67eae0a1e262b8539bab309972393b0c9
f0839d462f8f476c0ec2176a6cccbd5944d72ae2d65d9f7e8cef3c7766bc8021
f653dfdb5b23d4cd46dc7809a32a6b11ed4179755c9872c6c04193b77a962aa8
fb09b146ace6c742a7e536be388a9b3105a46a39cb3bd3edd8770e0206053a7b

nwgspq.officiall-on.my.id Open in urlscan Pro 2606:4700:3034::6815:2f63 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

0 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

350 kBTransfer

467 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

4 Console Messages

Indicators

nwgspq.officiall-on.my.id Open in urlscan Pro
2606:4700:3034::6815:2f63 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

350 kB
Transfer

467 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!