| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css | 104.17.25.14 | 200 OK | 5.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css IP104.17.25.14:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashe9365fe85b7e4db79a87015e52c3db6c 2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9 dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1284489
expires: Wed, 29 May 2024 12:17:32 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTvV4STl65BjAuJNwlyFHSr2T4%2F4fjKVkkqDDLYTPrg80IIpAMzzOGCpoXZE%2BaJItBoCgT2VcSDgvWalPgwnm9eHVYL6NIbK%2Fsw5ZdE3iZ4jSj%2FbGAsgr6FOm%2BKPjyln6Rru8wh1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d494fe0bdc4b4f4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| i.postimg.cc/3wBVgZTz/login-Method1.png | 162.19.88.69 | 200 OK | 29 kB |
URL GET HTTP/2i.postimg.cc/3wBVgZTz/login-Method1.png IP162.19.88.69:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintF7:9A:EC:C0:0E:AB:80:A9:55:8F:DF:97:AD:BB:4B:70:07:08:F0:F0 ValidityWed, 19 Apr 2023 13:39:30 GMT - Tue, 18 Jul 2023 13:39:29 GMT
File typePNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data Hash74190b93fc4f5d88f0c8e6411ba20bd8 89ce2ecb660a90b8e6ed1b335443d7767c59f28a 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /3wBVgZTz/login-Method1.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: image/png
content-length: 28789
last-modified: Sun, 26 Dec 2021 01:51:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| i.postimg.cc/dtyfWFF2/login-Method2.png | 162.19.88.69 | 200 OK | 4.3 kB |
URL GET HTTP/2i.postimg.cc/dtyfWFF2/login-Method2.png IP162.19.88.69:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintF7:9A:EC:C0:0E:AB:80:A9:55:8F:DF:97:AD:BB:4B:70:07:08:F0:F0 ValidityWed, 19 Apr 2023 13:39:30 GMT - Tue, 18 Jul 2023 13:39:29 GMT
File typePNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data Hashfef946b8bba756359e2a1e87ccd915ea acc364946077b0e32b2343474ce4066ad3ee524c 1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /dtyfWFF2/login-Method2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: image/png
content-length: 4298
last-modified: Sun, 26 Dec 2021 01:53:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/js-projector/ajax@main/ionicons.js | 151.101.1.229 | 200 OK | 470 B |
URL GET HTTP/2cdn.jsdelivr.net/gh/js-projector/ajax@main/ionicons.js IP151.101.1.229:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File typeASCII text, with very long lines (1012) Hash0512430a87f92666a86d9aa77e7d9790 fa403160b8b13104a87900ddf8cde75ea8d22f1e cf3bc32ff09c85c35773557a632fa3b45625074488aeec14ccacc0400cda6672
GET /gh/js-projector/ajax@main/ionicons.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"3f5-+kAxYLixMQSoeQDd+M3nXqjSLx4"
content-encoding: br
accept-ranges: bytes
date: Fri, 09 Jun 2023 12:17:32 GMT
age: 39447
x-served-by: cache-fra-eddf8230064-FRA, cache-bma1668-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 470
X-Firefox-Spdy: h2
|
|
| www.pubgmobile.com/en/images/nav_language.svg | 23.36.76.250 | 200 OK | 675 B |
URL GET HTTP/2www.pubgmobile.com/en/images/nav_language.svg IP23.36.76.250:443 ASN#20940 Akamai International B.V.
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint50:05:83:7A:D7:1C:3C:CA:53:85:80:2E:04:C3:47:C2:45:54:EC:6A ValiditySat, 19 Nov 2022 00:00:00 GMT - Wed, 22 Nov 2023 23:59:59 GMT
File typeSVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators Hashd8ba211bb1be1a15bf5b0143ca1b009a 215203609a551dcaccf6e434508623f302635f86 a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6
GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
content-length: 675
date: Fri, 09 Jun 2023 12:17:32 GMT
server-timing: ak_p; desc="1686313052635_388254966_107470674_30926_787_2_0_11";dur=1
X-Firefox-Spdy: h2
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/2.png | 104.21.0.159 | 200 OK | 76 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/2.png IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 531 x 470, 8-bit/color RGBA, non-interlaced\012- data Hash49ba4084ec211a9d213c971befb50c53 2116332baf289c4a1783bdc5a01fc1b91feadb09 34db648cf21ad021c8a46334868b86015d9bf2d945967cbf75bed375cf918dbc
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/reward/2.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: image/png
content-length: 75879
last-modified: Sat, 03 Sep 2022 08:30:26 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kqwx55sC4VBxjbkGBt1X%2FGpQD74DYR84airsO3kMNpW9Wz%2BOJELYUx5ZP6h39StSgOgglXQrtOM5imQv2%2Ft5vstJydiZlqMRazUxwnVbqkF6W4KEo7DUYs%2FCy3HiU4pVnhRUrBjwySNrdGBTvdf%2FDy2TNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0bf82b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/4.png | 104.21.0.159 | 200 OK | 51 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/4.png IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 510 x 489, 8-bit/color RGBA, non-interlaced\012- data Hash4468b6922fe76861ded0ab1782634a95 be124400616c63678f2fc2ef5619686d20c5e2f8 ceae5b99598e1d89bc175bccc1f10ffa3a015545a8bdaa59d2b8da030cdcbe2c
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/reward/4.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: image/png
content-length: 50797
last-modified: Sat, 03 Sep 2022 08:30:09 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s6DYRy6VQ5agLi%2BYduhs%2BtYlLDpMeuUHxwlsvAsrMmd9UJaIVM1kwqa%2FPGRJCO1vCQ3Jv3w0yZEk79yLvZtpBVYT7vlrXOOqymbIw3S3W2F5ij86qFnTlyfGwHuaifDPprjkYEK3MSeuDT%2BqQI3Zs92k9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0bf87b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/css | 104.21.0.159 | 200 OK | 62 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/css IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (1116) Hash755df17a408beddb747e36f27ae4dedc 53daa61ef477c0badec68fa8942cb5ffce0c38b0 a2db023c6c27693f044211498c952a94f002c75b80926bde95c24d5dbab187f4
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/index_files/css HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-length: 62268
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVV1C4wmgyd2ogkeMe0%2BE2HWMwC0UfJnyRSOt%2B4JzAokxtTkedxHfsCak28%2Bkr7%2FkTvngOhL3XqJRbDZbYwTr58xckjWK5rtgHdS2qTd3Qb95Mij795%2FEeuq1R2mlsSxmp4%2BacsOpppQdcojlEpBtqU4HA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d494fe09f58b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20227/01271f4d1ff8044f828510a833075744.png | 23.36.76.115 | 200 OK | 70 kB |
URL GET HTTP/1.1freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20227/01271f4d1ff8044f828510a833075744.png IP23.36.76.115:443 ASN#20940 Akamai International B.V.
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typePNG image data, 1298 x 318, 8-bit/color RGBA, non-interlaced\012- data Hashfd64d94ff578db8860caea107002c2a1 0bcc683b3532cdb92e5ca8f2149e4f31ba22df81 fc380a286f60f85c15f4e4ec566e9cbdce73b91c3f5d359765ddc73e6f4aae21
GET /common/web_event/official2.ff.garena.all/img/20227/01271f4d1ff8044f828510a833075744.png HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 00000188384D3AD3980D3A3A708E3586
x-reserved-indicator: 372
Accept-Ranges: bytes
ETag: "fd64d94ff578db8860caea107002c2a1"
Last-Modified: Thu, 04 Aug 2022 12:36:40 GMT
Content-Type: image/png
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSYl+KxDgbUiJ+5LbOPq0KZns8iDiwJu
Content-Length: 70213
Date: Fri, 09 Jun 2023 12:17:33 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
Server-Timing: ak_p; desc="1686313052380_388254831_33036324_83529_681_7_18_-";dur=1
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/1.png | 104.21.0.159 | 200 OK | 191 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/1.png IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 577 x 432, 8-bit/color RGBA, non-interlaced\012- data Size191 kB (191022 bytes) Hash44195a8d87a8396b40b8fe56d66f35fe 10865b390844647c5db53bae7c78e60f2b2de446 5be5b188a771d66cad01394662c4e8d8ead34cec597e68e88a6d7e3619299a7d
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/reward/1.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:33 GMT
content-type: image/png
content-length: 191022
last-modified: Sat, 03 Sep 2022 08:30:31 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQurGmI4RbGF06D9aWR54MkrL%2BrsjyFOeTxB7GwVn1%2Fr7BDgnu%2Bb%2FDOj2usAkqvuA0ZFEEzE71q7G3Z%2FSKNm8vApRJ7mXI9hjXab%2BcMWxVHU2%2F5wh0F4N6Uv78CkJtG4%2BsI2Ydi4ZvAzG9qfdX0c%2F%2FjsRg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0af6fb511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/3.png | 104.21.0.159 | 200 OK | 70 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/3.png IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 516 x 484, 8-bit/color RGBA, non-interlaced\012- data Hashece633abc715f1207f6d3a19a4325537 7714d2d26347485dad20911b59d2cb0103620e98 8045dd96cad8b21a3dd148fdcb36945f955a1b2e88658c498421b1798ace0688
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/reward/3.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:33 GMT
content-type: image/png
content-length: 70101
last-modified: Sat, 03 Sep 2022 08:30:22 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LRV1ZJOhptMcnDLoG19uQUrenMEBRf%2BhiJWlroT0Zk5UTSiPfKZ98LdTpp3HFmuMR%2FdaiD5QHtK%2Bm1oPpyBkdYIAhexwnEkMkJMZGt74PjSY2NKfAvRhde5b8mI9pGViMA9ZPT2RGobOnTpjMli23JV%2BYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0bf86b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| www.pubgmobile.com/en/images/nav_menu.svg | 23.36.76.250 | 200 OK | 426 B |
URL GET HTTP/2www.pubgmobile.com/en/images/nav_menu.svg IP23.36.76.250:443 ASN#20940 Akamai International B.V.
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint50:05:83:7A:D7:1C:3C:CA:53:85:80:2E:04:C3:47:C2:45:54:EC:6A ValiditySat, 19 Nov 2022 00:00:00 GMT - Wed, 22 Nov 2023 23:59:59 GMT
File typeSVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (876), with no line terminators Hasha1f09c4f5c87271dbccf8cb05885ad42 18bbacc9c372dcb6bc77c2475595e058c1ad1594 b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a
GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 426
date: Fri, 09 Jun 2023 12:17:33 GMT
server-timing: ak_p; desc="1686313052665_388254966_107470675_95536_1127_2_29_11";dur=1
X-Firefox-Spdy: h2
|
|
| l.top4top.io/m_1725u5z7i1.mp3 | 65.21.235.194 | 206 Partial Content | 20 kB |
URL GET HTTP/2l.top4top.io/m_1725u5z7i1.mp3 IP65.21.235.194:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerLet's Encrypt Subject*.top4top.co FingerprintC0:8C:41:80:4F:97:CD:08:0A:DA:AB:5F:53:B1:2E:14:8E:97:DD:10 ValidityThu, 01 Jun 2023 00:05:01 GMT - Wed, 30 Aug 2023 00:05:00 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data Hashee5b5d12064ae26f839b882edb33da62 6fa93ef00f294eec4ef05276e81813db1e95e346 4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Fri, 09 Jun 2023 12:17:33 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sat, 10 Jun 2023 11:54:13 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Fri, 09 Jun 2023 14:17:33 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6 | 104.21.0.159 | 301 Moved Permanently | 107 kB |
URL User Request GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6 IP104.21.0.159:443
CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
Size107 kB (106891 bytes) Hash258c8dd3629ed22ca0e75e8ebdcfde8a ff3fcbeca6f8bf7cb7077fc21c2cb0293b4659a5 dea2ed9d07665074d7ce0254211174fa6d465c8fd60ed1b3890a5436024453a7
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6 HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Fri, 09 Jun 2023 12:17:31 GMT
content-type: text/html; charset=iso-8859-1
location: http://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViwpkmlLtx%2BdS8IWbcc7rHWWHIqcbjdNfhq%2BokmpIpStX7vtDDqEyhZF49Jh8uQPiPL2cX5VcZ%2FnakJngDmoqJoCElmBFiIM%2BmJeksbZCTHYS%2BJqPnQDUOW0sR86Em2iC%2FEge02qv4EJ3K99kPnBfNL%2FcA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d494fdc68b1b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/5.png | 104.21.0.159 | 200 OK | 93 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/5.png IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 528 x 472, 8-bit/color RGBA, non-interlaced\012- data Hash3093b5172680d8927c7c22418c42eaa9 0e7983d7effed747c05a1948aca7cb12b0ae2e6f 09167e83438904664d9199c8c4a495101a1da7653107f28b9c8668f8e10db484
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/reward/5.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:34 GMT
content-type: image/png
content-length: 93234
last-modified: Sat, 03 Sep 2022 08:30:17 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n38m9ESL6%2Bu%2FWLbI8HRa8zQHD8Dg9P%2FhdqSy3T5ryqTXgZF8HBc51OTlZplUlIgdikffxa8KW60Pi1FM25hlI%2FaJbnasyPivPwh9X1diIxXKSoakf3yzZSvzT2mdVL95fAIv%2Bv51gVyIE9q%2FcfeuAG0Jaw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0bf93b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/6.png | 104.21.0.159 | 200 OK | 111 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/6.png IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 500 x 499, 8-bit/color RGBA, non-interlaced\012- data Size111 kB (110878 bytes) Hasha56a9b641f5f91488a5cb707f1edb84d cb0a14bfa15979cae13f11d102e83144aab8f158 4c81dcdeec4f21465c71b26d7d78ae581bb415f043ee2dca80980e4504ec0cb4
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/reward/6.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:36 GMT
content-type: image/png
content-length: 110878
last-modified: Sat, 03 Sep 2022 08:30:14 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPEVFDWjISHHzD%2F2nw608DLkwEey6KQl9rL41jZpwgoj5i6NFMUgK8RIxj8ysn6QS0UoC%2FIKo1sJTeETI%2FWfr7qZA14XgcUXmFsAhSHMdWgjKXvUasemtd1NO4DlFul6mxFoouvNFa7m9KdFpzH8q1HsmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0cf98b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/icon.png | 104.21.0.159 | 200 OK | 426 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/icon.png IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 512 x 512, 8-bit/color RGB, non-interlaced\012- data Size426 kB (426306 bytes) Hashaba36f4f42954df12ba1b2f3c7a6e9d6 0e0f7333508f64170bd47e8391f506dae18c7176 07de9ca276d1e9074aa91c2b265b44316240b164155386f358da879b94c29750
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/icon.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:36 GMT
content-type: image/png
content-length: 426306
last-modified: Sat, 03 Sep 2022 08:09:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNLEf%2B1fyhgTVCRzxnzwXZR7aG88BRYuPkV5oTPpf7hpyet7HHLTzT2oqgObV4rmXVng9EYv%2FN%2BQsh7uJKMT9GzmgQ52lZI23uNLzo2kiIgw8Y6M7lwlxU4d%2BTSObL2NFozcWmCgoA4ef3I8xFC1bPk01w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0efc9b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| i.postimg.cc/02KwtTc7/footer-bg.jpg | 162.19.88.69 | 200 OK | 12 kB |
URL GET HTTP/2i.postimg.cc/02KwtTc7/footer-bg.jpg IP162.19.88.69:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintF7:9A:EC:C0:0E:AB:80:A9:55:8F:DF:97:AD:BB:4B:70:07:08:F0:F0 ValidityWed, 19 Apr 2023 13:39:30 GMT - Tue, 18 Jul 2023 13:39:29 GMT
File typeJPEG image data, progressive, precision 8, 579x800, components 3\012- data Hash27b8ceba13cb26a4ac6951cecdd4a5d3 accbec4f1b6038f0bcd2032da80c2ee342033d2e d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f
GET /02KwtTc7/footer-bg.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: image/jpeg
content-length: 11651
last-modified: Wed, 23 Mar 2022 19:15:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/teko/v16/LYjNdG7kmE0gfaN9pQ.woff2 | 216.58.207.227 | 200 OK | 13 kB |
URL GET HTTP/2fonts.gstatic.com/s/teko/v16/LYjNdG7kmE0gfaN9pQ.woff2 IP216.58.207.227:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5 ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data Hashb4082c888eefa2dca3fe2c9d46a87180 05aeb6c58175f659fe59eaca5a9d3735dd0530e3 352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v16/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freefire11155068.panellku-id.cfd
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Jun 2023 11:11:11 GMT
expires: Sat, 08 Jun 2024 11:11:11 GMT
cache-control: public, max-age=31536000
age: 3986
last-modified: Tue, 02 May 2023 14:50:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/js-projector/libs.js@main/ionicons.map.js | 151.101.1.229 | 200 OK | 35 kB |
URL GET HTTP/3cdn.jsdelivr.net/gh/js-projector/libs.js@main/ionicons.map.js IP151.101.1.229:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File typeUnicode text, UTF-8 text, with very long lines (65534), with no line terminators Hash17249247debeb4f1c93b7203fc2dae84 9cce479599011d31284ae6522f2884c07a4170af 2f51821e42e09dbd478326b672e5e95b1019c7c9654fd315d5a4ccd3f1e3cc31
GET /gh/js-projector/libs.js@main/ionicons.map.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 34956
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"1a4bc-nM5HlZkBHTEoSuZSLyiEwHpBcK8"
content-encoding: br
accept-ranges: bytes
date: Fri, 09 Jun 2023 12:17:37 GMT
age: 39184
x-served-by: cache-fra-eddf8230076-FRA, cache-bma1674-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/icon.png | 104.21.0.159 | 200 OK | 426 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/icon.png IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 512 x 512, 8-bit/color RGB, non-interlaced\012- data Size426 kB (426306 bytes) Hashaba36f4f42954df12ba1b2f3c7a6e9d6 0e0f7333508f64170bd47e8391f506dae18c7176 07de9ca276d1e9074aa91c2b265b44316240b164155386f358da879b94c29750
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/icon.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: image/png
content-length: 426306
last-modified: Sat, 03 Sep 2022 08:09:20 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCQul8KG8qQOJrF8Ay3IYAyENz9g22AX7swU7Ng7gBtHmZG9uWYnhIsJIcyTF0PSIA5Pv79Tp8bev1E1VdGLlBms1PADB1u2Cg5gupvrk%2FluCNQe7MudCzfGlpMYyYa00Q9P0I%2FqZKt%2FsGDjeEUDTFI7fA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d49500418f9b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/alert-zone.js | 104.21.0.159 | 200 OK | 137 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/alert-zone.js IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (64301) Size137 kB (137222 bytes) Hash2d8819d4b15ffe076a804a074e0229da 0e76d42421e78a58d71c99e233335f39b8b47645 b49a2dab55008d7ba1277b3adbb0b5f590f9b3ee25e3e89a9d78696efd262dde
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/js-zone/alert-zone.js HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:36 GMT
content-type: application/javascript
last-modified: Fri, 22 Apr 2022 16:48:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0yu%2F9nSQdyhL40Gd3jmEKG%2BIzuojcefMUUMNXOd3T4cXk2UwSudf2M3YEvt2Nn9CtMX%2B3cxEsg8UvqefrOM7oZlII%2BKeMzl0rpLk2krHzffPia2BreGvM6lJJlRFXEU2qrqslv1IiSLD06pXxI40LGInQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe90c62b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/media/spin.mp3 | 104.21.0.159 | 206 Partial Content | 133 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/media/spin.mp3 IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Stereo\012- data Size133 kB (132739 bytes) Hash5e6ad4032df296732508803deb114b90 99d585eab4db1d9d5555b5ea4aae2542c5c635e5 9f4633ff137414c473c1477d9345c1b379b5174544f5aa22e0666d778f6f3eed
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/media/spin.mp3 HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Fri, 09 Jun 2023 12:17:38 GMT
content-type: audio/mpeg
content-length: 132739
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-132738/132739
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwCPDhq3MQ%2FwlItWGs%2FachbTHbEG%2B7ReucMJsT%2BumCk%2B6P5m%2B%2BAO9vRPi9JN9Rit3RxmHK%2F4jWdEcGW2bwb5fVsr50v7DEDN1sDy83wOJnHv7OhDoNc8E2VJz7dgJgezOvumXRF862%2BW2mq6Rjy87KF0eA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4950010d57b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20228/a16df409a901ae284ec1abc78de35aa5.jpg | 23.36.76.115 | 200 OK | 227 kB |
URL GET HTTP/1.1freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20228/a16df409a901ae284ec1abc78de35aa5.jpg IP23.36.76.115:443 ASN#20940 Akamai International B.V.
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data Size227 kB (227262 bytes) Hash6b6a600ca0e88b2ed84a95bec0898975 7d59266b91ca9c5a5579586b37a2032cea3c6060 9236aeab670d5fc12cb9734a43efc68742f22f9ac8e203e28ee06d90cf9dcd8d
GET /common/web_event/official2.ff.garena.all/img/20228/a16df409a901ae284ec1abc78de35aa5.jpg HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 000001885DA5AE599142382DF2BB68F5
x-reserved-indicator: 372
Accept-Ranges: bytes
ETag: "6b6a600ca0e88b2ed84a95bec0898975"
Last-Modified: Thu, 15 Sep 2022 13:06:51 GMT
Content-Type: image/jpeg
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSHYqnMlT5M7Usd9wy/W93tx5Rj/BcVp
Content-Length: 227262
Date: Fri, 09 Jun 2023 12:17:38 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
Server-Timing: ak_p; desc="1686313057321_388254831_33036417_136175_629_0_0_-";dur=1
|
|
| unpkg.com/ionicons@5.0.0/dist/ionicons/p-af480238.js | 104.16.125.175 | 200 OK | 9.0 kB |
URL GET HTTP/2unpkg.com/ionicons@5.0.0/dist/ionicons/p-af480238.js IP104.16.125.175:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (9146), with no line terminators Hash82842d881e7e272ef5edd936905e3c6d e4cba7bc427d62b934dc8250ffd74a0e6c41e192 2a5ee14b060e3794311f6dd20fa2f032221e39f543c65b2a9a1b1af1722aac71
GET /ionicons@5.0.0/dist/ionicons/p-af480238.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freefire11155068.panellku-id.cfd
DNT: 1
Connection: keep-alive
Referer: https://unpkg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"232c-uchF0l8mHJgXmaMGCPlWLIIn3tc"
via: 1.1 fly.io
fly-request-id: 01GQ46MXKZV2GRKCGY6QV96233-fra
cf-cache-status: HIT
age: 12208359
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d4950016e341c12-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/slide-zone.js.download | 104.21.0.159 | 200 OK | 2.1 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/slide-zone.js.download IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeexported SGML document, ASCII text, with very long lines (2269), with no line terminators Hash736b7a6a2d95a2e08b8402c18cb1a8bf f2d75dedc821d7648113ab0670cedc47eb2818f1 b44bd30a88c9f9c1342eedd5b3296312da8795115355bf6d9c4709775afb02cb
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/index_files/slide-zone.js.download HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:34 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcU8wca4h40%2B8Ys0cX7obzFmoUg4QBh5slHqrkzbUE2HgOEpS5XEvL0QgaDwW6TYV71xetgxYIdC06edA1PNnaFKbJkaDN6QMyf3NBCkMn5OmoCEdxm0%2BW98vjGCXLAV1fRnQiv2KaBMx%2FcBzFJjiq%2BmFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d494fe0cf9fb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/jquery.js | 104.21.0.159 | 200 OK | 2.3 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/jquery.js IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeexported SGML document, ASCII text, with very long lines (2718), with no line terminators Hashcc5315c4e4cc1c7a2c7c932d621fae3d a6020816245f44639ef356de06cf02b04417acf0 76780e5603b10cddbd26af14218995345fb0a8f4e8051488eab7020140690219
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/js-zone/jquery.js HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:33 GMT
content-type: application/javascript
last-modified: Fri, 22 Apr 2022 16:48:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AEX49mWIw5g4cIOX7vgT04aXxsZVL0vJ%2BwIb%2FGK3PomSrNFmnlWv9zJ1YKtaCHTso4cV5swho2L0J4YETPGRwovsfC2pOmR5dxhrrq%2BkBi%2F%2FAqtk0ziCML%2B5ixzPB8nbmBoztMsx40y3HWqysftLO559rQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0af67b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/slide-zone.js | 104.21.0.159 | 200 OK | 2.1 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/slide-zone.js IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeexported SGML document, ASCII text, with very long lines (2269), with no line terminators Hash736b7a6a2d95a2e08b8402c18cb1a8bf f2d75dedc821d7648113ab0670cedc47eb2818f1 b44bd30a88c9f9c1342eedd5b3296312da8795115355bf6d9c4709775afb02cb
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/js-zone/slide-zone.js HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:34 GMT
content-type: application/javascript
last-modified: Fri, 22 Apr 2022 16:48:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IW34MU52C9DFpLVEQAJVTjgzG7IBDOOjEgql3DmOMPtvCoeK4MI%2Fkqg1o9V4PJPhyeZ%2FxRt2KwvJyAjJ7EjAC%2F1l7ka3LTpfkNYDJfb%2FOkN5%2BqZVCGZ%2FlZPTHboN4AtsG2gr7Z5BfmWlAqhOurNIou870A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0cf9eb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/style-zone.css | 104.21.0.159 | 200 OK | 20 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/style-zone.css IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (411), with CRLF line terminators Hash40ca06b6afdfc4906499cb2b388c0f98 6b1efd22fd79556fc06c4d252fb58c3464d66803 a87aaf487b7c3ea4a7cd5cfb3faa8fbf89149e16a9157e2e9efe27341c64d38f
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/css-zone/style-zone.css HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 11:16:09 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qA%2B35%2FCAXXXVgGerHvscsdJpf3BxWm%2FMZb8t%2BVLDZWhDfEj22TeC78mGz5qwPmX4EuTYucwRYS3%2B7WygXjLhDOL3ZLn05A6%2Bwt8%2BX7kSuQwfyu0MzjdPyOu4xKj9En80zIVTK9d2m7%2BpxgncuKOIQJdrJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494ffc8f29b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js | 104.16.125.175 | 200 OK | 262 B |
URL GET HTTP/2unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js IP104.16.125.175:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash359fc4968e2e50af8cb25764d9da823e 00b859c5808691ba0b9a8841561564bfc712e2d0 b4cf908fe4eace24f08af06a44c8548257090c3c57219db02ea6922aa594bc1b
GET /ionicons@5.0.0/dist/ionicons/ionicons.esm.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freefire11155068.panellku-id.cfd
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"106-2QVIn+WWfE7GzXgXZTPbiG+yGbs"
via: 1.1 fly.io
fly-request-id: 01GV64J46F5AGKJNCSN85ZXX9C-ams
cf-cache-status: HIT
age: 7848471
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d4950011de41c12-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/zero-zone.js | 104.21.0.159 | 200 OK | 861 B |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/zero-zone.js IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeexported SGML document, ASCII text, with very long lines (1025), with no line terminators Hashf446458806c67be2e2e6f5252c61ece0 fb932433182ca4fd20ce20bb2ba1a18fc6143261 edad84eaba5daeb5a5863a08fc63ddeb3b79710d4c1e431ee182e23d6ebb6b1f
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/js-zone/zero-zone.js HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:36 GMT
content-type: application/javascript
last-modified: Fri, 22 Apr 2022 16:48:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ko9nIfiUXbWki%2BrD%2BlRh2niM2MbxmG4u0c4cCwHsjHSlfiNFzBl2nDUGIMfrT%2BodlDi%2BKXh5F0Uu7N9j9V0KSgBWdnkmnVfYEaM39POJ%2BZCtjvTsGWgoP69kJGMKuujMe0FJGDeWnUF4NiXgauuqCKiXBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe90c65b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/draw.png | 104.21.0.159 | 200 OK | 107 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/draw.png IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 700 x 710, 8-bit colormap, non-interlaced\012- data Size107 kB (106627 bytes) Hashd364dbe62f597a52a12578369294a26a 956f898c5a10b8f5029677f359a262ec06634282 7fc37b0c27e8a24a1a67fbfe22af0c03a725832835ff9d507e6ca4f8a6a5d278
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/draw.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:34 GMT
content-type: image/png
content-length: 106627
last-modified: Fri, 22 Jul 2022 07:31:54 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPg%2FoMUutuEW4WkgepVafQG2IIdV7a%2FaAhLjQ68BbKGBJqwi7iJrbLROkWe4BHzoEkksSIaMNfoPtDtQXNKlrOk1jZ%2BrFrN384NrkHXldIBnJ3Vml8YruzBCihyOOYrJlMlfALKImeRO0REVQeShLdE4ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0bf84b511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/myScript.js | 104.21.0.159 | 200 OK | 3.3 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/myScript.js IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (3662), with no line terminators Hash7c6f1f17640b335e6acd19a243626e11 db9ae6303b6576ac2a16a08320893aaa91a492fa 6413a921832ad75c9e1cbb7858fb22e88d8f18e6f58f27dee15f0150432b17b7
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/js-zone/myScript.js HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: application/javascript
last-modified: Mon, 25 Jul 2022 10:25:08 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciwbH%2BH%2FTqX4jtasGc%2BHaiyvADh0OXFOckisgCXbQZBrAF4B2eI%2BI56ix6KUEPjFp1eP2wA6dfY2c%2FEmR8wORm7%2Fr6fDZstHC4hTBPkWh%2FJZou2Y6ll6E7rPTb6OmoZbJOxuC4RHcAxS0kSppTdkCC6O1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0af6db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/gift-zone.js | 104.21.0.159 | 200 OK | 1.7 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/gift-zone.js IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (1765), with no line terminators Hashc0be1d3124914d4e54047a06f6818c3e d18c67ea5cdf81ebbc1c63132d99cc4ce5df3eb2 897a7e49b1c734f17959fc54b7325cc577a259bcd73e8d58837d3564f35408f1
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/index_files/gift-zone.js HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:35 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2Bu0pax4Sf0qTI%2BWXi7pzVamQbgfx5RkntWiiL0TaIJRnrAYdXRGGGgLG2Y%2FuxGwoxiOreJUo5YDqX72TqsXl12Xe9CkSWDWm3Dihs04hycskJaXwksyArDG%2FjpSarXSdM0MHWsDrMvZbR7P97IdZB0YeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe0cf9ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/item-off.png | 104.21.0.159 | 200 OK | 114 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/item-off.png IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 700 x 710, 8-bit colormap, non-interlaced\012- data Size114 kB (114406 bytes) Hashe22e8c64a52b9aee71d0325ad98434f5 263f3fd557ed077ffc73d579db99c4f08f856550 51c8dc27564c06b970dd2bbd406a3cd7670f3127148308e0a10729332a4f7d15
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/item-off.png HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/zero-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:38 GMT
content-type: image/png
content-length: 114406
last-modified: Fri, 22 Jul 2022 07:31:54 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2P%2FzsaF8QaqInVl73uvRRxhYUVPyJH%2F8nmhUR66yW2%2BP8aJpPvm1U4uQ5ZcnJaUwpVgeXuHDXPLUH2vnCWayptQhLGLfHP9c%2FK5E1q9SqNVG9QadFcw2yZ8s7KIr%2FcphiR5Dvn40csV%2FnJKhXAAQOcPvA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4950004c4ab511-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/twitter.css | 104.21.0.159 | 200 OK | 2.1 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/twitter.css IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (2224), with no line terminators Hash2baac8d45b45684a4e2eaddd4b0cf268 f612020bb403f7375fe01c6e035c05c3c6284df8 de33e336bfff950e9d994e20c3a3983a44a7e12c2c559e3cd4c6d95558b28cfe
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/css-zone/twitter.css HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: text/css
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYJh1LIpPkHvhvyxofzOo54TKAyfqd9frfqssoMg3hWfMNwogUAmm%2BKMZe42hkbcWAN%2B6imHWq1zLYKNA57WipILFMtpjt7LaXwebFNj9XI99U%2Ba7rIOY0VKSz0IiADW4LPYvCfiZe732cvA8Ko6BaNi4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe09f5fb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/zero-zone.css | 104.21.0.159 | 200 OK | 5.5 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/zero-zone.css IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (6229), with no line terminators Hash28ad13da65a141b2c2e6d69d5ca40984 e6e806e3c9e5e9ef23961a4e29cde5af854d2423 796216e473ecd77fd42d3f703bb2b9f15367c7168c42b91900c230748b8325a0
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/css-zone/zero-zone.css HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: text/css
last-modified: Fri, 22 Jul 2022 14:18:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Py1mbZjebZSDcaDrum3uep6FNUvHIhP1dSa53zaaRx4z7i0ILVPCHF%2BzGjMH%2Fu321Uht7Ao3hUCz4roiyo7SKsSXgUgHyW2y6AskBCGg6lTw6VOT23O5Q30QVRaPWXhhloxc32dXdoGMi2L2%2FYkzZhXeKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494ffc8f2ab511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/facebook.css | 104.21.0.159 | 200 OK | 3.2 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/facebook.css IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (3395), with no line terminators Hash3890fafe623814bc5a9433cd7bf6cd9e 9c5f60df94661f6188fe000282491c1f0c78d0df 3bd83ac70321db89b4f5a905ef01db6d2e1d07d297afbf178a0dfd12aca0e7aa
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/css-zone/facebook.css HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: text/css
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pco0aa5C6JrmBDzSCpJTYQK0k3bAS5IMlgdjHNpdB14XioUdprWaDkk2pHfQYB14WIFyXld2BKt1MIklPIwxkBV6aRUms1kqXRNOPROmCVuSvd%2FhqHezdB2HDQ1QJA3i2wow928fZsEMl6a0EFcc8lZMyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d494fe09f5db511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Teko&display=swap | 142.250.74.106 | 200 OK | 1.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Teko&display=swap IP142.250.74.106:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0 ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File typeASCII text, with very long lines (1106), with no line terminators Hash5c6516987bdea1aa17d1198614828f24 69557d00ab3831718879ab2ae051c5157bfc551b 5169c6dea5cf27fe3faa4bebcbec8b2cfa4e92b4cc5ad5859a6adc60372f03d8
GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Jun 2023 12:17:32 GMT
date: Fri, 09 Jun 2023 12:17:32 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.11.207 | 200 OK | 31 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.11.207:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freefire11155068.panellku-id.cfd
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 05/01/2023 15:40:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: e06e015bb28ebfdebbe5f5de216fd80d
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d494fe0fbeb0afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| a.top4top.io/m_1725zobal2.mp3 | 0.0.0.0 | | 0 B |
URL GET a.top4top.io/m_1725zobal2.mp3 IP0.0.0.0:0
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/jquery.min.js.download | 104.21.0.159 | 200 OK | 87 kB |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/index_files/jquery.min.js.download IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/index_files/jquery.min.js.download HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:34 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osbaii64UNnotRu0mgzJKdK8kII%2Bx6RFkmiEK96ERl6cGf%2FNnieuHjwOtrg9hLsVL7revlyX%2Fr0vtQ11puTsaZ%2FhuFDquHYRvibxjv2SN%2BuyDh%2FrqTt7Tn1ubKBDb1KhKxMSJuMkOtAseLPISDFwj2Xyog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d494fe0cf99b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/ | 104.21.0.159 | 200 OK | 110 B |
URL GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/img/ IP104.21.0.159:443
Requested byhttps://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with no line terminators Hash36be310ca4f7230ece1f2e7862d85141 dd77f02384277dfb4d1cae0c0a6125ff226990c1 dd8b0988a4d81c2063d4b020de11ab46c00382256661d505f472b9608ce89d28
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/ HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/style-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:37 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Jriv2E4CAy9%2Fh6v7Btne2ymi0Ke0Zkr4%2B0m14kBMKTIKx017joKIMj5a%2FlqVUSUGGcCRLPEQbyrjNMd4ndMwWDNOKMmSeYBD5YVAIObqZXwC%2BRxUXkFFYJ5w6j5WH90G65AVRpacU2lNmuFrq7JBo2N6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4950004c4bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ | 104.21.0.159 | 200 OK | 16 kB |
URL User Request GET HTTP/3freefire11155068.panellku-id.cfd/vhsfhqpdhdsih6/ IP104.21.0.159:443
CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/ HTTP/1.1
Host: freefire11155068.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:32 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1aGtUM0UI%2BWUS%2BoVtGuLIu56IsKZH0001SnbfizTGvO4av7SpyTR5cmg%2FvDcpf0g7rdwbmmdSism%2BrSJyhkRhWQ8308SShGvvlJ%2BKSSmwm6do%2FuAAJ%2FyRGJgEhlGvOMso9KiqkkwYgEq29ID5pF1nFSYvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d494fdefd2bb511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|