Report - freefire11155068.panellku-id.cfd/

Report Overview

Submitted URL
freefire11155068.panellku-id.cfd/
IP
104.21.0.159
ASN
#13335 CLOUDFLARENET
Submitted
2023-06-09 12:17:50
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
4
Threat Detection Systems
54

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
l.top4top.io	926491	2019-11-19	2020-01-15	2023-06-08	516 B	20 kB	65.21.235.194
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-06-09	533 B	14 kB	216.58.207.227
unpkg.com	11693	2016-01-06	2016-01-08	2023-06-09	967 B	10 kB	104.16.125.175
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-06-09	459 B	1.7 kB	142.250.74.106
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2023-06-09	511 B	6.9 kB	104.17.25.14
i.postimg.cc	23840	2016-06-11	2018-04-11	2023-06-09	1.4 kB	46 kB	162.19.88.69
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-06-09	915 B	37 kB	151.101.1.229
freefire11155068.panellku-id.cfd	unknown	2023-06-03	2023-06-08	2023-06-09	14 kB	2.3 MB	104.21.0.159
a.top4top.io	588496	2019-11-19	2019-12-05	2023-06-08	518 B	0 B	0.0.0.0
www.pubgmobile.com	21653	2017-10-18	2018-04-27	2023-06-08	914 B	1.8 kB	23.36.76.250
freefiremobile-a.akamaihd.net	20326	2009-09-14	2017-11-25	2023-06-07	1.1 kB	299 kB	23.36.76.115
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2023-06-09	526 B	32 kB	104.18.11.207

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-06-09 12:17:31	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-09 12:17:31	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-09 12:17:31	medium	Client IP	Internal IP	ET DNS Query for .cc TLD
2023-06-09 12:17:36	medium	Client IP	Internal IP	ET DNS Query for .cc TLD

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/
2023-06-08	medium	freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/slide-zone.js.download	2.1 kB	2023-03-07	2024-04-08
Pretty URL freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/slide-zone.js.download IP 104.21.0.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:42 Last Seen2024-04-08 18:58:01 Times Seen1575 Hash 290d1a9d8c436b4815b9f543e3a302de fda5d1f65e6b1eb4d929ea77de3b911ee208a27a 5decabf43c201e0f9e058461dd0d8a8bc744e4174583ef39971abc226bf2ca08 Loading...

	freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/myScript.js	3.3 kB	2023-03-07	2024-04-08
Pretty URL freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/myScript.js IP 104.21.0.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:05:54 Last Seen2024-04-08 18:58:01 Times Seen1008 Hash 54246270e94743dfdf4bdb3f00358bb3 e65dff95000872c0ce2dd9a9ef65558ebfd72733 8df5d539a88041c00f09427cbcfca766a1a02fc0f63f606c4245dc01a22f019c Loading...

	freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/alert-zone.js	121 kB	2023-03-07	2024-04-19
Pretty URL freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/alert-zone.js IP 104.21.0.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:45 Last Seen2024-04-19 06:50:27 Times Seen2418 Hash 2d8819d4b15ffe076a804a074e0229da 0e76d42421e78a58d71c99e233335f39b8b47645 b49a2dab55008d7ba1277b3adbb0b5f590f9b3ee25e3e89a9d78696efd262dde Loading...

	freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/zero-zone.js	861 B	2023-03-07	2024-04-19
Pretty URL freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/zero-zone.js IP 104.21.0.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-19 06:50:27 Times Seen1763 Hash e2fa33d030064bc3c6e44da71cf39659 4907034831c9244c5bce315c3aabbbbdf06cd687 b6b1475306c19ac27e78c3483123346379ea4a356ad9bf0d01319cee2b8f30c6 Loading...

	unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js	262 B	2023-03-07	2024-04-17
Pretty URL unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js IP 104.16.125.175 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:52 Last Seen2024-04-17 12:22:06 Times Seen476 Hash aecfad4a277c54f562444eb2dac6bb30 d905489fe5967c4ec6cd78176533db886fb219bb 28a06f4491def3fdc69ddefa5c850a2583ff312997aef3498e2f12e384c45115 Loading...

	freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/	22 B	2023-03-07	2024-04-19
Pretty URL freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ IP 104.21.0.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-19 06:50:26 Times Seen1302 Hash 6757da209489d96df42a614bf285cf75 f8397e6774f88545c26e5d21b3cf694ac0aa7867 d28cdc76319fa01ac711c9605b84d7cac08c39a52d83ca192aa0acf388bfba51 Loading...

	unknown	40 B	2023-04-14	2024-04-08
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-14 20:45:22 Last Seen2024-04-08 18:58:01 Times Seen784 Hash 633122f171195fae2c1e261e941bc23e 7b66933566fe16650cd1d4d7b2311c94ebf5482e 2c07da25b01ab009ba31c8be3916fc0fcaa99cebe36acc1b5a224f4700b59597 Loading...

	freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/gift-zone.js	1.7 kB	2023-03-07	2024-04-08
Pretty URL freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/gift-zone.js IP 104.21.0.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-08 18:58:01 Times Seen1403 Hash ac813cbf4df0e7e8ab2319c43dd8a680 cbe244000f9036173f55c9a31b5dcafecc8747b3 af0366a50b0afc180e60714817feffac0a5da579117e48aaa04a01746829bd2d Loading...

	unpkg.com/ionicons@5.0.0/dist/ionicons/p-af480238.js	9.0 kB	2023-03-07	2024-04-17
Pretty URL unpkg.com/ionicons@5.0.0/dist/ionicons/p-af480238.js IP 104.16.125.175 ASN #13335 CLOUDFLARENET Introduced by importedModule Embedded in HTML false Observations First Seen2023-03-07 12:05:52 Last Seen2024-04-17 12:22:06 Times Seen496 Hash b8191d4f5513334cde384df08f8429bf b9c845d25f261c981799a30608f9562c8227ded7 35a79935107f53fa3b2f923363b50be53bd42e446f64f457c5e74a526bfa29b9 Loading...

	cdn.jsdelivr.net/gh/js-projector/libs.js@main/ionicons.map.js	108 kB	2023-03-11	2024-03-06
Pretty URL cdn.jsdelivr.net/gh/js-projector/libs.js@main/ionicons.map.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:28:31 Last Seen2024-03-06 05:05:41 Times Seen202 Hash 17249247debeb4f1c93b7203fc2dae84 9cce479599011d31284ae6522f2884c07a4170af 2f51821e42e09dbd478326b672e5e95b1019c7c9654fd315d5a4ccd3f1e3cc31 Loading...

	unknown	65 B	2023-06-09	2023-06-09
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-06-09 14:17:51 Last Seen2023-06-09 14:17:51 Times Seen1 Hash af80b9becfad576ae723044a8a21c230 5230d3dfb4579a470ec7f01d632a6a1492377f6e 29d5867c52778f7b5eaf0c90b9beb19e496352bafb5f5cd7b3274571e8beb171 Loading...

	freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/jquery.js	2.3 kB	2023-03-07	2024-04-19
Pretty URL freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/jquery.js IP 104.21.0.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-19 06:50:26 Times Seen1692 Hash 27335de838e10bf2a4b4d5999c517d76 83b660b19244c170d715f4da30013cf57284682b e654612977b4226247e6dacd00df39e20942b906c9aed2fe405da0de47af6e91 Loading...

	freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/jquery.min.js.download	87 kB	2023-03-07	2024-04-24
Pretty URL freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/jquery.min.js.download IP 104.21.0.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 10:53:58 Times Seen105837 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/	225 B	2023-03-07	2024-04-09
Pretty URL freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ IP 104.21.0.159 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:40:11 Last Seen2024-04-09 19:05:21 Times Seen789 Hash 51e7fb764facc4c7fedbc68804609b22 7998540ea0ad4e72605cdaddd198ff75a2b7c19c 687e2e85636147a830bc12ef38740c78ac4b94221ee99a6be3c471b6b6ee3b36 Loading...

	cdn.jsdelivr.net/gh/js-projector/ajax@main/ionicons.js	1.0 kB	2023-03-11	2024-03-06
Pretty URL cdn.jsdelivr.net/gh/js-projector/ajax@main/ionicons.js IP 151.101.1.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:28:31 Last Seen2024-03-06 05:05:41 Times Seen212 Hash 0512430a87f92666a86d9aa77e7d9790 fa403160b8b13104a87900ddf8cde75ea8d22f1e cf3bc32ff09c85c35773557a632fa3b45625074488aeec14ccacc0400cda6672 Loading...

		Size	First Seen	Last Seen
	#1 Write - d7d45230746aadb587b5421834758994	171 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-19 06:50:27 Times Seen1306 Hash d7d45230746aadb587b5421834758994 65480c14ebd56b32288f937a0a51867362c530ae 06d287bc821986c6d2cea4631dc0329b9cd9e15ca19737eb1479e118526bc3e9 Loading...

	#2 Write - bcac842be7f8998e3880a54fae737f5c	140 B	2023-03-07	2024-04-19
Pretty Observations First Seen2023-03-07 01:03:42 Last Seen2024-04-19 06:50:27 Times Seen1298 Hash bcac842be7f8998e3880a54fae737f5c c4a801e5013546c703ba5cba5c176e7d525aadc9 69db51683da9aaff997d8865c60e37445e2bc99d451ec64029183b375779df4d Loading...

HTTP Transactions (44)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

104.17.25.14

200 OK

5.8 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F
ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
5.8 kB (5845 bytes)
Hash
e9365fe85b7e4db79a87015e52c3db6c
2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

HTTP Headers

GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1284489
expires: Wed, 29 May 2024 12:17:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTvV4STl65BjAuJNwlyFHSr2T4%2F4fjKVkkqDDLYTPrg80IIpAMzzOGCpoXZE%2BaJItBoCgT2VcSDgvWalPgwnm9eHVYL6NIbK%2Fsw5ZdE3iZ4jSj%2FbGAsgr6FOm%2BKPjyln6Rru8wh1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d494fe0bdc4b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.postimg.cc/3wBVgZTz/login-Method1.png

162.19.88.69

200 OK

29 kB

URL GET HTTP/2
i.postimg.cc/3wBVgZTz/login-Method1.png
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF7:9A:EC:C0:0E:AB:80:A9:55:8F:DF:97:AD:BB:4B:70:07:08:F0:F0
ValidityWed, 19 Apr 2023 13:39:30 GMT - Tue, 18 Jul 2023 13:39:29 GMT

File type
PNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data
Size
29 kB (28789 bytes)
Hash
74190b93fc4f5d88f0c8e6411ba20bd8
89ce2ecb660a90b8e6ed1b335443d7767c59f28a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

HTTP Headers

GET /3wBVgZTz/login-Method1.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: image/png
content-length: 28789
last-modified: Sun, 26 Dec 2021 01:51:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

i.postimg.cc/dtyfWFF2/login-Method2.png

162.19.88.69

200 OK

4.3 kB

URL GET HTTP/2
i.postimg.cc/dtyfWFF2/login-Method2.png
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF7:9A:EC:C0:0E:AB:80:A9:55:8F:DF:97:AD:BB:4B:70:07:08:F0:F0
ValidityWed, 19 Apr 2023 13:39:30 GMT - Tue, 18 Jul 2023 13:39:29 GMT

File type
PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Size
4.3 kB (4298 bytes)
Hash
fef946b8bba756359e2a1e87ccd915ea
acc364946077b0e32b2343474ce4066ad3ee524c
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

HTTP Headers

GET /dtyfWFF2/login-Method2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: image/png
content-length: 4298
last-modified: Sun, 26 Dec 2021 01:53:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/js-projector/ajax@main/ionicons.js

151.101.1.229

200 OK

470 B

URL GET HTTP/2
cdn.jsdelivr.net/gh/js-projector/ajax@main/ionicons.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (1012)
Size
470 B (470 bytes)
Hash
0512430a87f92666a86d9aa77e7d9790
fa403160b8b13104a87900ddf8cde75ea8d22f1e
cf3bc32ff09c85c35773557a632fa3b45625074488aeec14ccacc0400cda6672

HTTP Headers

GET /gh/js-projector/ajax@main/ionicons.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"3f5-+kAxYLixMQSoeQDd+M3nXqjSLx4"
content-encoding: br
accept-ranges: bytes
date: Fri, 09 Jun 2023 12:17:32 GMT
age: 39447
x-served-by: cache-fra-eddf8230064-FRA, cache-bma1668-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 470
X-Firefox-Spdy: h2

www.pubgmobile.com/en/images/nav_language.svg

23.36.76.250

200 OK

675 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_language.svg
IP
23.36.76.250:443
ASN
#20940 Akamai International B.V.

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint50:05:83:7A:D7:1C:3C:CA:53:85:80:2E:04:C3:47:C2:45:54:EC:6A
ValiditySat, 19 Nov 2022 00:00:00 GMT - Wed, 22 Nov 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators
Size
675 B (675 bytes)
Hash
d8ba211bb1be1a15bf5b0143ca1b009a
215203609a551dcaccf6e434508623f302635f86
a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6

HTTP Headers

GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
content-length: 675
date: Fri, 09 Jun 2023 12:17:32 GMT
server-timing: ak_p; desc="1686313052635_388254966_107470674_30926_787_2_0_11";dur=1
X-Firefox-Spdy: h2

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/2.png

104.21.0.159

200 OK

76 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/2.png
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
PNG image data, 531 x 470, 8-bit/color RGBA, non-interlaced\012- data
Size
76 kB (75879 bytes)
Hash
49ba4084ec211a9d213c971befb50c53
2116332baf289c4a1783bdc5a01fc1b91feadb09
34db648cf21ad021c8a46334868b86015d9bf2d945967cbf75bed375cf918dbc

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/img/reward/2.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: image/png
content-length: 75879
last-modified: Sat, 03 Sep 2022 08:30:26 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kqwx55sC4VBxjbkGBt1X%2FGpQD74DYR84airsO3kMNpW9Wz%2BOJELYUx5ZP6h39StSgOgglXQrtOM5imQv2%2Ft5vstJydiZlqMRazUxwnVbqkF6W4KEo7DUYs%2FCy3HiU4pVnhRUrBjwySNrdGBTvdf%2FDy2TNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0bf82b511-OSL
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/4.png

104.21.0.159

200 OK

51 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/4.png
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
PNG image data, 510 x 489, 8-bit/color RGBA, non-interlaced\012- data
Size
51 kB (50797 bytes)
Hash
4468b6922fe76861ded0ab1782634a95
be124400616c63678f2fc2ef5619686d20c5e2f8
ceae5b99598e1d89bc175bccc1f10ffa3a015545a8bdaa59d2b8da030cdcbe2c

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/img/reward/4.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: image/png
content-length: 50797
last-modified: Sat, 03 Sep 2022 08:30:09 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6DYRy6VQ5agLi%2BYduhs%2BtYlLDpMeuUHxwlsvAsrMmd9UJaIVM1kwqa%2FPGRJCO1vCQ3Jv3w0yZEk79yLvZtpBVYT7vlrXOOqymbIw3S3W2F5ij86qFnTlyfGwHuaifDPprjkYEK3MSeuDT%2BqQI3Zs92k9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0bf87b511-OSL
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/css

104.21.0.159

200 OK

62 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/css
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
ASCII text, with very long lines (1116)
Size
62 kB (62268 bytes)
Hash
755df17a408beddb747e36f27ae4dedc
53daa61ef477c0badec68fa8942cb5ffce0c38b0
a2db023c6c27693f044211498c952a94f002c75b80926bde95c24d5dbab187f4

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/index_files/css HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-length: 62268
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVV1C4wmgyd2ogkeMe0%2BE2HWMwC0UfJnyRSOt%2B4JzAokxtTkedxHfsCak28%2Bkr7%2FkTvngOhL3XqJRbDZbYwTr58xckjWK5rtgHdS2qTd3Qb95Mij795%2FEeuq1R2mlsSxmp4%2BacsOpppQdcojlEpBtqU4HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d494fe09f58b511-OSL
alt-svc: h3=":443"; ma=86400

freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20227/01271f4d1ff8044f828510a833075744.png

23.36.76.115

200 OK

70 kB

URL GET HTTP/1.1
freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20227/01271f4d1ff8044f828510a833075744.png
IP
23.36.76.115:443
ASN
#20940 Akamai International B.V.

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
PNG image data, 1298 x 318, 8-bit/color RGBA, non-interlaced\012- data
Size
70 kB (70213 bytes)
Hash
fd64d94ff578db8860caea107002c2a1
0bcc683b3532cdb92e5ca8f2149e4f31ba22df81
fc380a286f60f85c15f4e4ec566e9cbdce73b91c3f5d359765ddc73e6f4aae21

HTTP Headers

GET /common/web_event/official2.ff.garena.all/img/20227/01271f4d1ff8044f828510a833075744.png HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 00000188384D3AD3980D3A3A708E3586
x-reserved-indicator: 372
Accept-Ranges: bytes
ETag: "fd64d94ff578db8860caea107002c2a1"
Last-Modified: Thu, 04 Aug 2022 12:36:40 GMT
Content-Type: image/png
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSYl+KxDgbUiJ+5LbOPq0KZns8iDiwJu
Content-Length: 70213
Date: Fri, 09 Jun 2023 12:17:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
Server-Timing: ak_p; desc="1686313052380_388254831_33036324_83529_681_7_18_-";dur=1

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/1.png

104.21.0.159

200 OK

191 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/1.png
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
PNG image data, 577 x 432, 8-bit/color RGBA, non-interlaced\012- data
Size
191 kB (191022 bytes)
Hash
44195a8d87a8396b40b8fe56d66f35fe
10865b390844647c5db53bae7c78e60f2b2de446
5be5b188a771d66cad01394662c4e8d8ead34cec597e68e88a6d7e3619299a7d

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/img/reward/1.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:33 GMT
content-type: image/png
content-length: 191022
last-modified: Sat, 03 Sep 2022 08:30:31 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQurGmI4RbGF06D9aWR54MkrL%2BrsjyFOeTxB7GwVn1%2Fr7BDgnu%2Bb%2FDOj2usAkqvuA0ZFEEzE71q7G3Z%2FSKNm8vApRJ7mXI9hjXab%2BcMWxVHU2%2F5wh0F4N6Uv78CkJtG4%2BsI2Ydi4ZvAzG9qfdX0c%2F%2FjsRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0af6fb511-OSL
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/3.png

104.21.0.159

200 OK

70 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/3.png
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
PNG image data, 516 x 484, 8-bit/color RGBA, non-interlaced\012- data
Size
70 kB (70101 bytes)
Hash
ece633abc715f1207f6d3a19a4325537
7714d2d26347485dad20911b59d2cb0103620e98
8045dd96cad8b21a3dd148fdcb36945f955a1b2e88658c498421b1798ace0688

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/img/reward/3.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:33 GMT
content-type: image/png
content-length: 70101
last-modified: Sat, 03 Sep 2022 08:30:22 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRV1ZJOhptMcnDLoG19uQUrenMEBRf%2BhiJWlroT0Zk5UTSiPfKZ98LdTpp3HFmuMR%2FdaiD5QHtK%2Bm1oPpyBkdYIAhexwnEkMkJMZGt74PjSY2NKfAvRhde5b8mI9pGViMA9ZPT2RGobOnTpjMli23JV%2BYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0bf86b511-OSL
alt-svc: h3=":443"; ma=86400

www.pubgmobile.com/en/images/nav_menu.svg

23.36.76.250

200 OK

426 B

URL GET HTTP/2
www.pubgmobile.com/en/images/nav_menu.svg
IP
23.36.76.250:443
ASN
#20940 Akamai International B.V.

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerDigiCert Inc
Subjectwetv.acc.qq.com
Fingerprint50:05:83:7A:D7:1C:3C:CA:53:85:80:2E:04:C3:47:C2:45:54:EC:6A
ValiditySat, 19 Nov 2022 00:00:00 GMT - Wed, 22 Nov 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators
Size
426 B (426 bytes)
Hash
a1f09c4f5c87271dbccf8cb05885ad42
18bbacc9c372dcb6bc77c2475595e058c1ad1594
b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a

HTTP Headers

GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 426
date: Fri, 09 Jun 2023 12:17:33 GMT
server-timing: ak_p; desc="1686313052665_388254966_107470675_95536_1127_2_29_11";dur=1
X-Firefox-Spdy: h2

l.top4top.io/m_1725u5z7i1.mp3

65.21.235.194

206 Partial Content

20 kB

URL GET HTTP/2
l.top4top.io/m_1725u5z7i1.mp3
IP
65.21.235.194:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerLet's Encrypt
Subject*.top4top.co
FingerprintC0:8C:41:80:4F:97:CD:08:0A:DA:AB:5F:53:B1:2E:14:8E:97:DD:10
ValidityThu, 01 Jun 2023 00:05:01 GMT - Wed, 30 Aug 2023 00:05:00 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Size
20 kB (19781 bytes)
Hash
ee5b5d12064ae26f839b882edb33da62
6fa93ef00f294eec4ef05276e81813db1e95e346
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

HTTP Headers

GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 206 Partial Content
server: nginx
date: Fri, 09 Jun 2023 12:17:33 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sat, 10 Jun 2023 11:54:13 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Fri, 09 Jun 2023 14:17:33 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6

104.21.0.159

301 Moved Permanently

107 kB

URL User Request GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
data
Size
107 kB (106891 bytes)
Hash
258c8dd3629ed22ca0e75e8ebdcfde8a
ff3fcbeca6f8bf7cb7077fc21c2cb0293b4659a5
dea2ed9d07665074d7ce0254211174fa6d465c8fd60ed1b3890a5436024453a7

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6 HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Fri, 09 Jun 2023 12:17:31 GMT
content-type: text/html; charset=iso-8859-1
location: http://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViwpkmlLtx%2BdS8IWbcc7rHWWHIqcbjdNfhq%2BokmpIpStX7vtDDqEyhZF49Jh8uQPiPL2cX5VcZ%2FnakJngDmoqJoCElmBFiIM%2BmJeksbZCTHYS%2BJqPnQDUOW0sR86Em2iC%2FEge02qv4EJ3K99kPnBfNL%2FcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d494fdc68b1b511-OSL
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/5.png

104.21.0.159

200 OK

93 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/5.png
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
PNG image data, 528 x 472, 8-bit/color RGBA, non-interlaced\012- data
Size
93 kB (93234 bytes)
Hash
3093b5172680d8927c7c22418c42eaa9
0e7983d7effed747c05a1948aca7cb12b0ae2e6f
09167e83438904664d9199c8c4a495101a1da7653107f28b9c8668f8e10db484

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/img/reward/5.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:34 GMT
content-type: image/png
content-length: 93234
last-modified: Sat, 03 Sep 2022 08:30:17 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n38m9ESL6%2Bu%2FWLbI8HRa8zQHD8Dg9P%2FhdqSy3T5ryqTXgZF8HBc51OTlZplUlIgdikffxa8KW60Pi1FM25hlI%2FaJbnasyPivPwh9X1diIxXKSoakf3yzZSvzT2mdVL95fAIv%2Bv51gVyIE9q%2FcfeuAG0Jaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0bf93b511-OSL
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/6.png

104.21.0.159

200 OK

111 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/6.png
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
PNG image data, 500 x 499, 8-bit/color RGBA, non-interlaced\012- data
Size
111 kB (110878 bytes)
Hash
a56a9b641f5f91488a5cb707f1edb84d
cb0a14bfa15979cae13f11d102e83144aab8f158
4c81dcdeec4f21465c71b26d7d78ae581bb415f043ee2dca80980e4504ec0cb4

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/img/reward/6.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:36 GMT
content-type: image/png
content-length: 110878
last-modified: Sat, 03 Sep 2022 08:30:14 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPEVFDWjISHHzD%2F2nw608DLkwEey6KQl9rL41jZpwgoj5i6NFMUgK8RIxj8ysn6QS0UoC%2FIKo1sJTeETI%2FWfr7qZA14XgcUXmFsAhSHMdWgjKXvUasemtd1NO4DlFul6mxFoouvNFa7m9KdFpzH8q1HsmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0cf98b511-OSL
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/icon.png

104.21.0.159

200 OK

426 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/icon.png
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced\012- data
Size
426 kB (426306 bytes)
Hash
aba36f4f42954df12ba1b2f3c7a6e9d6
0e0f7333508f64170bd47e8391f506dae18c7176
07de9ca276d1e9074aa91c2b265b44316240b164155386f358da879b94c29750

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/img/icon.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:36 GMT
content-type: image/png
content-length: 426306
last-modified: Sat, 03 Sep 2022 08:09:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNLEf%2B1fyhgTVCRzxnzwXZR7aG88BRYuPkV5oTPpf7hpyet7HHLTzT2oqgObV4rmXVng9EYv%2FN%2BQsh7uJKMT9GzmgQ52lZI23uNLzo2kiIgw8Y6M7lwlxU4d%2BTSObL2NFozcWmCgoA4ef3I8xFC1bPk01w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0efc9b511-OSL
alt-svc: h3=":443"; ma=86400

i.postimg.cc/02KwtTc7/footer-bg.jpg

162.19.88.69

200 OK

12 kB

URL GET HTTP/2
i.postimg.cc/02KwtTc7/footer-bg.jpg
IP
162.19.88.69:443
ASN
#16276 OVH SAS

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
FingerprintF7:9A:EC:C0:0E:AB:80:A9:55:8F:DF:97:AD:BB:4B:70:07:08:F0:F0
ValidityWed, 19 Apr 2023 13:39:30 GMT - Tue, 18 Jul 2023 13:39:29 GMT

File type
JPEG image data, progressive, precision 8, 579x800, components 3\012- data
Size
12 kB (11651 bytes)
Hash
27b8ceba13cb26a4ac6951cecdd4a5d3
accbec4f1b6038f0bcd2032da80c2ee342033d2e
d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f

HTTP Headers

GET /02KwtTc7/footer-bg.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: image/jpeg
content-length: 11651
last-modified: Wed, 23 Mar 2022 19:15:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/teko/v16/LYjNdG7kmE0gfaN9pQ.woff2

216.58.207.227

200 OK

13 kB

URL GET HTTP/2
fonts.gstatic.com/s/teko/v16/LYjNdG7kmE0gfaN9pQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data
Size
13 kB (13324 bytes)
Hash
b4082c888eefa2dca3fe2c9d46a87180
05aeb6c58175f659fe59eaca5a9d3735dd0530e3
352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6

HTTP Headers

GET /s/teko/v16/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freefire11155068.panellku-id.cfd
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Jun 2023 11:11:11 GMT
expires: Sat, 08 Jun 2024 11:11:11 GMT
cache-control: public, max-age=31536000
age: 3986
last-modified: Tue, 02 May 2023 14:50:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/js-projector/libs.js@main/ionicons.map.js

151.101.1.229

200 OK

35 kB

URL GET HTTP/3
cdn.jsdelivr.net/gh/js-projector/libs.js@main/ionicons.map.js
IP
151.101.1.229:443
ASN
#54113 FASTLY

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
35 kB (34956 bytes)
Hash
17249247debeb4f1c93b7203fc2dae84
9cce479599011d31284ae6522f2884c07a4170af
2f51821e42e09dbd478326b672e5e95b1019c7c9654fd315d5a4ccd3f1e3cc31

HTTP Headers

GET /gh/js-projector/libs.js@main/ionicons.map.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 34956
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"1a4bc-nM5HlZkBHTEoSuZSLyiEwHpBcK8"
content-encoding: br
accept-ranges: bytes
date: Fri, 09 Jun 2023 12:17:37 GMT
age: 39184
x-served-by: cache-fra-eddf8230076-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/icon.png

104.21.0.159

200 OK

426 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/icon.png
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced\012- data
Size
426 kB (426306 bytes)
Hash
aba36f4f42954df12ba1b2f3c7a6e9d6
0e0f7333508f64170bd47e8391f506dae18c7176
07de9ca276d1e9074aa91c2b265b44316240b164155386f358da879b94c29750

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/img/icon.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: image/png
content-length: 426306
last-modified: Sat, 03 Sep 2022 08:09:20 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCQul8KG8qQOJrF8Ay3IYAyENz9g22AX7swU7Ng7gBtHmZG9uWYnhIsJIcyTF0PSIA5Pv79Tp8bev1E1VdGLlBms1PADB1u2Cg5gupvrk%2FluCNQe7MudCzfGlpMYyYa00Q9P0I%2FqZKt%2FsGDjeEUDTFI7fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d49500418f9b511-OSL
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/alert-zone.js

104.21.0.159

200 OK

137 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/alert-zone.js
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
ASCII text, with very long lines (64301)
Size
137 kB (137222 bytes)
Hash
2d8819d4b15ffe076a804a074e0229da
0e76d42421e78a58d71c99e233335f39b8b47645
b49a2dab55008d7ba1277b3adbb0b5f590f9b3ee25e3e89a9d78696efd262dde

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/js-zone/alert-zone.js HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:36 GMT
content-type: application/javascript
last-modified: Fri, 22 Apr 2022 16:48:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0yu%2F9nSQdyhL40Gd3jmEKG%2BIzuojcefMUUMNXOd3T4cXk2UwSudf2M3YEvt2Nn9CtMX%2B3cxEsg8UvqefrOM7oZlII%2BKeMzl0rpLk2krHzffPia2BreGvM6lJJlRFXEU2qrqslv1IiSLD06pXxI40LGInQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe90c62b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/media/spin.mp3

104.21.0.159

206 Partial Content

133 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/media/spin.mp3
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Stereo\012- data
Size
133 kB (132739 bytes)
Hash
5e6ad4032df296732508803deb114b90
99d585eab4db1d9d5555b5ea4aae2542c5c635e5
9f4633ff137414c473c1477d9345c1b379b5174544f5aa22e0666d778f6f3eed

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/media/spin.mp3 HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Fri, 09 Jun 2023 12:17:38 GMT
content-type: audio/mpeg
content-length: 132739
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-132738/132739
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwCPDhq3MQ%2FwlItWGs%2FachbTHbEG%2B7ReucMJsT%2BumCk%2B6P5m%2B%2BAO9vRPi9JN9Rit3RxmHK%2F4jWdEcGW2bwb5fVsr50v7DEDN1sDy83wOJnHv7OhDoNc8E2VJz7dgJgezOvumXRF862%2BW2mq6Rjy87KF0eA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4950010d57b511-OSL
alt-svc: h3=":443"; ma=86400

freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20228/a16df409a901ae284ec1abc78de35aa5.jpg

23.36.76.115

200 OK

227 kB

URL GET HTTP/1.1
freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20228/a16df409a901ae284ec1abc78de35aa5.jpg
IP
23.36.76.115:443
ASN
#20940 Akamai International B.V.

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerDigiCert Inc
Subjecta248.e.akamai.net
FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data
Size
227 kB (227262 bytes)
Hash
6b6a600ca0e88b2ed84a95bec0898975
7d59266b91ca9c5a5579586b37a2032cea3c6060
9236aeab670d5fc12cb9734a43efc68742f22f9ac8e203e28ee06d90cf9dcd8d

HTTP Headers

GET /common/web_event/official2.ff.garena.all/img/20228/a16df409a901ae284ec1abc78de35aa5.jpg HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 000001885DA5AE599142382DF2BB68F5
x-reserved-indicator: 372
Accept-Ranges: bytes
ETag: "6b6a600ca0e88b2ed84a95bec0898975"
Last-Modified: Thu, 15 Sep 2022 13:06:51 GMT
Content-Type: image/jpeg
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSHYqnMlT5M7Usd9wy/W93tx5Rj/BcVp
Content-Length: 227262
Date: Fri, 09 Jun 2023 12:17:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
Server-Timing: ak_p; desc="1686313057321_388254831_33036417_136175_629_0_0_-";dur=1

unpkg.com/ionicons@5.0.0/dist/ionicons/p-af480238.js

104.16.125.175

200 OK

9.0 kB

URL GET HTTP/2
unpkg.com/ionicons@5.0.0/dist/ionicons/p-af480238.js
IP
104.16.125.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9146), with no line terminators
Size
9.0 kB (9004 bytes)
Hash
82842d881e7e272ef5edd936905e3c6d
e4cba7bc427d62b934dc8250ffd74a0e6c41e192
2a5ee14b060e3794311f6dd20fa2f032221e39f543c65b2a9a1b1af1722aac71

HTTP Headers

GET /ionicons@5.0.0/dist/ionicons/p-af480238.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freefire11155068.panellku-id.cfd
DNT: 1
Connection: keep-alive
Referer: https://unpkg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"232c-uchF0l8mHJgXmaMGCPlWLIIn3tc"
via: 1.1 fly.io
fly-request-id: 01GQ46MXKZV2GRKCGY6QV96233-fra
cf-cache-status: HIT
age: 12208359
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d4950016e341c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/slide-zone.js.download

104.21.0.159

200 OK

2.1 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/slide-zone.js.download
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
exported SGML document, ASCII text, with very long lines (2269), with no line terminators
Size
2.1 kB (2054 bytes)
Hash
736b7a6a2d95a2e08b8402c18cb1a8bf
f2d75dedc821d7648113ab0670cedc47eb2818f1
b44bd30a88c9f9c1342eedd5b3296312da8795115355bf6d9c4709775afb02cb

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/index_files/slide-zone.js.download HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:34 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcU8wca4h40%2B8Ys0cX7obzFmoUg4QBh5slHqrkzbUE2HgOEpS5XEvL0QgaDwW6TYV71xetgxYIdC06edA1PNnaFKbJkaDN6QMyf3NBCkMn5OmoCEdxm0%2BW98vjGCXLAV1fRnQiv2KaBMx%2FcBzFJjiq%2BmFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d494fe0cf9fb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/jquery.js

104.21.0.159

200 OK

2.3 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/jquery.js
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
exported SGML document, ASCII text, with very long lines (2718), with no line terminators
Size
2.3 kB (2253 bytes)
Hash
cc5315c4e4cc1c7a2c7c932d621fae3d
a6020816245f44639ef356de06cf02b04417acf0
76780e5603b10cddbd26af14218995345fb0a8f4e8051488eab7020140690219

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/js-zone/jquery.js HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:33 GMT
content-type: application/javascript
last-modified: Fri, 22 Apr 2022 16:48:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEX49mWIw5g4cIOX7vgT04aXxsZVL0vJ%2BwIb%2FGK3PomSrNFmnlWv9zJ1YKtaCHTso4cV5swho2L0J4YETPGRwovsfC2pOmR5dxhrrq%2BkBi%2F%2FAqtk0ziCML%2B5ixzPB8nbmBoztMsx40y3HWqysftLO559rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0af67b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/slide-zone.js

104.21.0.159

200 OK

2.1 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/slide-zone.js
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
exported SGML document, ASCII text, with very long lines (2269), with no line terminators
Size
2.1 kB (2054 bytes)
Hash
736b7a6a2d95a2e08b8402c18cb1a8bf
f2d75dedc821d7648113ab0670cedc47eb2818f1
b44bd30a88c9f9c1342eedd5b3296312da8795115355bf6d9c4709775afb02cb

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/js-zone/slide-zone.js HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:34 GMT
content-type: application/javascript
last-modified: Fri, 22 Apr 2022 16:48:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IW34MU52C9DFpLVEQAJVTjgzG7IBDOOjEgql3DmOMPtvCoeK4MI%2Fkqg1o9V4PJPhyeZ%2FxRt2KwvJyAjJ7EjAC%2F1l7ka3LTpfkNYDJfb%2FOkN5%2BqZVCGZ%2FlZPTHboN4AtsG2gr7Z5BfmWlAqhOurNIou870A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0cf9eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/style-zone.css

104.21.0.159

200 OK

20 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/style-zone.css
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
ASCII text, with very long lines (411), with CRLF line terminators
Size
20 kB (20471 bytes)
Hash
40ca06b6afdfc4906499cb2b388c0f98
6b1efd22fd79556fc06c4d252fb58c3464d66803
a87aaf487b7c3ea4a7cd5cfb3faa8fbf89149e16a9157e2e9efe27341c64d38f

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/css-zone/style-zone.css HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 11:16:09 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qA%2B35%2FCAXXXVgGerHvscsdJpf3BxWm%2FMZb8t%2BVLDZWhDfEj22TeC78mGz5qwPmX4EuTYucwRYS3%2B7WygXjLhDOL3ZLn05A6%2Bwt8%2BX7kSuQwfyu0MzjdPyOu4xKj9En80zIVTK9d2m7%2BpxgncuKOIQJdrJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494ffc8f29b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js

104.16.125.175

200 OK

262 B

URL GET HTTP/2
unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js
IP
104.16.125.175:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
262 B (262 bytes)
Hash
359fc4968e2e50af8cb25764d9da823e
00b859c5808691ba0b9a8841561564bfc712e2d0
b4cf908fe4eace24f08af06a44c8548257090c3c57219db02ea6922aa594bc1b

HTTP Headers

GET /ionicons@5.0.0/dist/ionicons/ionicons.esm.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freefire11155068.panellku-id.cfd
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"106-2QVIn+WWfE7GzXgXZTPbiG+yGbs"
via: 1.1 fly.io
fly-request-id: 01GV64J46F5AGKJNCSN85ZXX9C-ams
cf-cache-status: HIT
age: 7848471
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d4950011de41c12-OSL
content-encoding: br
X-Firefox-Spdy: h2

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/zero-zone.js

104.21.0.159

200 OK

861 B

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/zero-zone.js
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
exported SGML document, ASCII text, with very long lines (1025), with no line terminators
Size
861 B (861 bytes)
Hash
f446458806c67be2e2e6f5252c61ece0
fb932433182ca4fd20ce20bb2ba1a18fc6143261
edad84eaba5daeb5a5863a08fc63ddeb3b79710d4c1e431ee182e23d6ebb6b1f

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/js-zone/zero-zone.js HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:36 GMT
content-type: application/javascript
last-modified: Fri, 22 Apr 2022 16:48:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ko9nIfiUXbWki%2BrD%2BlRh2niM2MbxmG4u0c4cCwHsjHSlfiNFzBl2nDUGIMfrT%2BodlDi%2BKXh5F0Uu7N9j9V0KSgBWdnkmnVfYEaM39POJ%2BZCtjvTsGWgoP69kJGMKuujMe0FJGDeWnUF4NiXgauuqCKiXBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe90c65b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/draw.png

104.21.0.159

200 OK

107 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/draw.png
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
PNG image data, 700 x 710, 8-bit colormap, non-interlaced\012- data
Size
107 kB (106627 bytes)
Hash
d364dbe62f597a52a12578369294a26a
956f898c5a10b8f5029677f359a262ec06634282
7fc37b0c27e8a24a1a67fbfe22af0c03a725832835ff9d507e6ca4f8a6a5d278

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/img/draw.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:34 GMT
content-type: image/png
content-length: 106627
last-modified: Fri, 22 Jul 2022 07:31:54 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPg%2FoMUutuEW4WkgepVafQG2IIdV7a%2FaAhLjQ68BbKGBJqwi7iJrbLROkWe4BHzoEkksSIaMNfoPtDtQXNKlrOk1jZ%2BrFrN384NrkHXldIBnJ3Vml8YruzBCihyOOYrJlMlfALKImeRO0REVQeShLdE4ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0bf84b511-OSL
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/myScript.js

104.21.0.159

200 OK

3.3 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/myScript.js
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
ASCII text, with very long lines (3662), with no line terminators
Size
3.3 kB (3307 bytes)
Hash
7c6f1f17640b335e6acd19a243626e11
db9ae6303b6576ac2a16a08320893aaa91a492fa
6413a921832ad75c9e1cbb7858fb22e88d8f18e6f58f27dee15f0150432b17b7

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/js-zone/myScript.js HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: application/javascript
last-modified: Mon, 25 Jul 2022 10:25:08 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciwbH%2BH%2FTqX4jtasGc%2BHaiyvADh0OXFOckisgCXbQZBrAF4B2eI%2BI56ix6KUEPjFp1eP2wA6dfY2c%2FEmR8wORm7%2Fr6fDZstHC4hTBPkWh%2FJZou2Y6ll6E7rPTb6OmoZbJOxuC4RHcAxS0kSppTdkCC6O1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0af6db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/gift-zone.js

104.21.0.159

200 OK

1.7 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/gift-zone.js
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
ASCII text, with very long lines (1765), with no line terminators
Size
1.7 kB (1685 bytes)
Hash
c0be1d3124914d4e54047a06f6818c3e
d18c67ea5cdf81ebbc1c63132d99cc4ce5df3eb2
897a7e49b1c734f17959fc54b7325cc577a259bcd73e8d58837d3564f35408f1

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/index_files/gift-zone.js HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:35 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2Bu0pax4Sf0qTI%2BWXi7pzVamQbgfx5RkntWiiL0TaIJRnrAYdXRGGGgLG2Y%2FuxGwoxiOreJUo5YDqX72TqsXl12Xe9CkSWDWm3Dihs04hycskJaXwksyArDG%2FjpSarXSdM0MHWsDrMvZbR7P97IdZB0YeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0cf9ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/item-off.png

104.21.0.159

200 OK

114 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/item-off.png
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
PNG image data, 700 x 710, 8-bit colormap, non-interlaced\012- data
Size
114 kB (114406 bytes)
Hash
e22e8c64a52b9aee71d0325ad98434f5
263f3fd557ed077ffc73d579db99c4f08f856550
51c8dc27564c06b970dd2bbd406a3cd7670f3127148308e0a10729332a4f7d15

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/img/item-off.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/zero-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:38 GMT
content-type: image/png
content-length: 114406
last-modified: Fri, 22 Jul 2022 07:31:54 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2P%2FzsaF8QaqInVl73uvRRxhYUVPyJH%2F8nmhUR66yW2%2BP8aJpPvm1U4uQ5ZcnJaUwpVgeXuHDXPLUH2vnCWayptQhLGLfHP9c%2FK5E1q9SqNVG9QadFcw2yZ8s7KIr%2FcphiR5Dvn40csV%2FnJKhXAAQOcPvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4950004c4ab511-OSL
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/twitter.css

104.21.0.159

200 OK

2.1 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/twitter.css
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
ASCII text, with very long lines (2224), with no line terminators
Size
2.1 kB (2078 bytes)
Hash
2baac8d45b45684a4e2eaddd4b0cf268
f612020bb403f7375fe01c6e035c05c3c6284df8
de33e336bfff950e9d994e20c3a3983a44a7e12c2c559e3cd4c6d95558b28cfe

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/css-zone/twitter.css HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: text/css
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYJh1LIpPkHvhvyxofzOo54TKAyfqd9frfqssoMg3hWfMNwogUAmm%2BKMZe42hkbcWAN%2B6imHWq1zLYKNA57WipILFMtpjt7LaXwebFNj9XI99U%2Ba7rIOY0VKSz0IiADW4LPYvCfiZe732cvA8Ko6BaNi4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe09f5fb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/zero-zone.css

104.21.0.159

200 OK

5.5 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/zero-zone.css
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
ASCII text, with very long lines (6229), with no line terminators
Size
5.5 kB (5487 bytes)
Hash
28ad13da65a141b2c2e6d69d5ca40984
e6e806e3c9e5e9ef23961a4e29cde5af854d2423
796216e473ecd77fd42d3f703bb2b9f15367c7168c42b91900c230748b8325a0

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/css-zone/zero-zone.css HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: text/css
last-modified: Fri, 22 Jul 2022 14:18:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Py1mbZjebZSDcaDrum3uep6FNUvHIhP1dSa53zaaRx4z7i0ILVPCHF%2BzGjMH%2Fu321Uht7Ao3hUCz4roiyo7SKsSXgUgHyW2y6AskBCGg6lTw6VOT23O5Q30QVRaPWXhhloxc32dXdoGMi2L2%2FYkzZhXeKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494ffc8f2ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/facebook.css

104.21.0.159

200 OK

3.2 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/facebook.css
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
ASCII text, with very long lines (3395), with no line terminators
Size
3.2 kB (3188 bytes)
Hash
3890fafe623814bc5a9433cd7bf6cd9e
9c5f60df94661f6188fe000282491c1f0c78d0df
3bd83ac70321db89b4f5a905ef01db6d2e1d07d297afbf178a0dfd12aca0e7aa

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/css-zone/facebook.css HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: text/css
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pco0aa5C6JrmBDzSCpJTYQK0k3bAS5IMlgdjHNpdB14XioUdprWaDkk2pHfQYB14WIFyXld2BKt1MIklPIwxkBV6aRUms1kqXRNOPROmCVuSvd%2FhqHezdB2HDQ1QJA3i2wow928fZsEMl6a0EFcc8lZMyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe09f5db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Teko&display=swap

142.250.74.106

200 OK

1.1 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Teko&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
ASCII text, with very long lines (1106), with no line terminators
Size
1.1 kB (1079 bytes)
Hash
5c6516987bdea1aa17d1198614828f24
69557d00ab3831718879ab2ae051c5157bfc551b
5169c6dea5cf27fe3faa4bebcbec8b2cfa4e92b4cc5ad5859a6adc60372f03d8

HTTP Headers

GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Jun 2023 12:17:32 GMT
date: Fri, 09 Jun 2023 12:17:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

104.18.11.207

200 OK

31 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (30837)
Size
31 kB (31000 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freefire11155068.panellku-id.cfd
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 05/01/2023 15:40:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e06e015bb28ebfdebbe5f5de216fd80d
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d494fe0fbeb0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

a.top4top.io/m_1725zobal2.mp3

0.0.0.0

0 B

URL GET
a.top4top.io/m_1725zobal2.mp3
IP
0.0.0.0:0
ASN
#0

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/jquery.min.js.download

104.21.0.159

200 OK

87 kB

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/jquery.min.js.download
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
ASCII text, with very long lines (65451)
Size
87 kB (86927 bytes)
Hash
a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/index_files/jquery.min.js.download HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:34 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osbaii64UNnotRu0mgzJKdK8kII%2Bx6RFkmiEK96ERl6cGf%2FNnieuHjwOtrg9hLsVL7revlyX%2Fr0vtQ11puTsaZ%2FhuFDquHYRvibxjv2SN%2BuyDh%2FrqTt7Tn1ubKBDb1KhKxMSJuMkOtAseLPISDFwj2Xyog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d494fe0cf99b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/

104.21.0.159

200 OK

110 B

URL GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Requested by
https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type
ASCII text, with no line terminators
Size
110 B (110 bytes)
Hash
36be310ca4f7230ece1f2e7862d85141
dd77f02384277dfb4d1cae0c0a6125ff226990c1
dd8b0988a4d81c2063d4b020de11ab46c00382256661d505f472b9608ce89d28

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/img/ HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/style-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Jriv2E4CAy9%2Fh6v7Btne2ymi0Ke0Zkr4%2B0m14kBMKTIKx017joKIMj5a%2FlqVUSUGGcCRLPEQbyrjNMd4ndMwWDNOKMmSeYBD5YVAIObqZXwC%2BRxUXkFFYJ5w6j5WH90G65AVRpacU2lNmuFrq7JBo2N6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4950004c4bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/

104.21.0.159

200 OK

16 kB

URL User Request GET HTTP/3
freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
IP
104.21.0.159:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectpanellku-id.cfd
FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5
ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT

File type

Size
16 kB (16311 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Garena

HTTP Headers

GET /vhsfhqpdhdsih6/ HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aGtUM0UI%2BWUS%2BoVtGuLIu56IsKZH0001SnbfizTGvO4av7SpyTR5cmg%2FvDcpf0g7rdwbmmdSism%2BrSJyhkRhWQ8308SShGvvlJ%2BKSSmwm6do%2FuAAJ%2FyRGJgEhlGvOMso9KiqkkwYgEq29ID5pF1nFSYvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d494fdefd2bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL