| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css | 104.17.25.14 | 200 OK | 5.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css IP104.17.25.14:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintA9:11:71:07:07:92:48:7E:A9:3C:E8:32:25:3F:EB:AC:7D:51:7E:8F ValidityWed, 03 Aug 2022 00:00:00 GMT - Wed, 02 Aug 2023 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashe9365fe85b7e4db79a87015e52c3db6c 2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9 dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 12:17:51 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1284508
expires: Wed, 29 May 2024 12:17:51 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t8GouH%2BzPQQgZrQPU6uBCTCrNGpFdkzABLMIW00H1Oc3A8pPX%2FFtWmT4F8H9c5lIHTk0SiVvM9Shk%2F6niXEvFKpMP90mBLm2h9DIozm0e5%2FSWpZGJ8e%2BSZx5FZmpdxfG3sAyNvip"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7d495059dfdeb500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.pubgmobile.com/en/images/nav_language.svg | 23.36.76.227 | 200 OK | 675 B |
URL GET HTTP/2www.pubgmobile.com/en/images/nav_language.svg IP23.36.76.227:443 ASN#20940 Akamai International B.V.
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint50:05:83:7A:D7:1C:3C:CA:53:85:80:2E:04:C3:47:C2:45:54:EC:6A ValiditySat, 19 Nov 2022 00:00:00 GMT - Wed, 22 Nov 2023 23:59:59 GMT
File typeSVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (1107), with no line terminators Hashd8ba211bb1be1a15bf5b0143ca1b009a 215203609a551dcaccf6e434508623f302635f86 a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6
GET /en/images/nav_language.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-45b"
accept-ranges: bytes
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
content-length: 675
date: Fri, 09 Jun 2023 12:17:51 GMT
server-timing: ak_p; desc="1686313071639_388254943_28683732_286_629_4_28_11";dur=1
X-Firefox-Spdy: h2
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6 | 172.67.151.68 | 301 Moved Permanently | 690 B |
URL User Request GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6 IP172.67.151.68:443
CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
Hash8477f8ab3cff7a784bce65b8b22a074a eed7e2202296ca78c21663a448a3ee22b4012b81 438e004e04bbf39a4f72ce0c542b43729fe47ed10a02b7742b3ce483fd9ac562
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6 HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Fri, 09 Jun 2023 12:17:51 GMT
content-type: text/html; charset=iso-8859-1
location: http://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhdR%2FSCpsF%2Bh6kSrtKpqNywtqQWjSnNFuXss9AcYYQB7m3gUIg8KQr4CyTsN9dTU%2FATv2eI1MN9U0NjGDrFM4rmB%2Fhryp%2BafeoC3k9SCLO2r8UWoad4cuoHarePCAn%2FDJrYbe0PDSo6gq1WgxBsbK69J%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d495056dcec1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | | 471 B |
IP142.250.74.3:0
Hashdf893f12f5cf31daedf4910ffcc872c8 bbd271b0e76cd11d6a00327914b74882c95655fb 134d16adfc51baecc40c9fba86cc6c2d37b489435c99878912d1948543a0337b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 12:17:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| i.postimg.cc/dtyfWFF2/login-Method2.png | 162.19.88.69 | 200 OK | 4.3 kB |
URL GET HTTP/2i.postimg.cc/dtyfWFF2/login-Method2.png IP162.19.88.69:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintF7:9A:EC:C0:0E:AB:80:A9:55:8F:DF:97:AD:BB:4B:70:07:08:F0:F0 ValidityWed, 19 Apr 2023 13:39:30 GMT - Tue, 18 Jul 2023 13:39:29 GMT
File typePNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data Hashfef946b8bba756359e2a1e87ccd915ea acc364946077b0e32b2343474ce4066ad3ee524c 1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
GET /dtyfWFF2/login-Method2.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 12:17:51 GMT
content-type: image/png
content-length: 4298
last-modified: Sun, 26 Dec 2021 01:53:00 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| i.postimg.cc/3wBVgZTz/login-Method1.png | 162.19.88.69 | 200 OK | 29 kB |
URL GET HTTP/2i.postimg.cc/3wBVgZTz/login-Method1.png IP162.19.88.69:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintF7:9A:EC:C0:0E:AB:80:A9:55:8F:DF:97:AD:BB:4B:70:07:08:F0:F0 ValidityWed, 19 Apr 2023 13:39:30 GMT - Tue, 18 Jul 2023 13:39:29 GMT
File typePNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced\012- data Hash74190b93fc4f5d88f0c8e6411ba20bd8 89ce2ecb660a90b8e6ed1b335443d7767c59f28a 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /3wBVgZTz/login-Method1.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 12:17:51 GMT
content-type: image/png
content-length: 28789
last-modified: Sun, 26 Dec 2021 01:51:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20227/01271f4d1ff8044f828510a833075744.png | 23.36.76.115 | 200 OK | 70 kB |
URL GET HTTP/1.1freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20227/01271f4d1ff8044f828510a833075744.png IP23.36.76.115:443 ASN#20940 Akamai International B.V.
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typePNG image data, 1298 x 318, 8-bit/color RGBA, non-interlaced\012- data Hashfd64d94ff578db8860caea107002c2a1 0bcc683b3532cdb92e5ca8f2149e4f31ba22df81 fc380a286f60f85c15f4e4ec566e9cbdce73b91c3f5d359765ddc73e6f4aae21
GET /common/web_event/official2.ff.garena.all/img/20227/01271f4d1ff8044f828510a833075744.png HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 00000188384D3AD3980D3A3A708E3586
x-reserved-indicator: 372
Accept-Ranges: bytes
ETag: "fd64d94ff578db8860caea107002c2a1"
Last-Modified: Thu, 04 Aug 2022 12:36:40 GMT
Content-Type: image/png
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSYl+KxDgbUiJ+5LbOPq0KZns8iDiwJu
Content-Length: 70213
Date: Fri, 09 Jun 2023 12:17:51 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
Server-Timing: ak_p; desc="1686313071637_388254831_33038808_13_566_3_25_-";dur=1
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/1.png | 172.67.151.68 | 200 OK | 191 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/1.png IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 577 x 432, 8-bit/color RGBA, non-interlaced\012- data Size191 kB (191022 bytes) Hash44195a8d87a8396b40b8fe56d66f35fe 10865b390844647c5db53bae7c78e60f2b2de446 5be5b188a771d66cad01394662c4e8d8ead34cec597e68e88a6d7e3619299a7d
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/reward/1.png HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:51 GMT
content-type: image/png
content-length: 191022
last-modified: Sat, 03 Sep 2022 08:30:31 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hvPpJcWKx95waSMqLpShVsRyOdsSUSYHclt5dpvYwaMBXWZPF7khxlf3ZE8bqdkieP0P9KZpC1kVFsrcWeIRk55XqQ1sZ7WF9l3fWR3lsfWu18hAanIvsaEZ11nWgTian8BPCBV%2Fdf3bevHYcUQ%2Fxgei2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d495059a8171bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/4.png | 172.67.151.68 | 200 OK | 51 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/4.png IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 510 x 489, 8-bit/color RGBA, non-interlaced\012- data Hash4468b6922fe76861ded0ab1782634a95 be124400616c63678f2fc2ef5619686d20c5e2f8 ceae5b99598e1d89bc175bccc1f10ffa3a015545a8bdaa59d2b8da030cdcbe2c
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/reward/4.png HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:51 GMT
content-type: image/png
content-length: 50797
last-modified: Sat, 03 Sep 2022 08:30:09 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4EY1M9GGQ5MFcBfhMspEvv7ZECWPmqbKaFpIKNc6IMQR%2FR63dmD3p9TiYOHla%2F0P6FTV6Yvs81gADwSGjppt7YPNMI10PT19aqNTMPcf3x2Ee%2BW9GSlaHRF5bvB%2F%2B4z0FBKObxdQD5YaxHbFbxwilKEKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d495059b81f1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/2.png | 172.67.151.68 | 200 OK | 76 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/2.png IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 531 x 470, 8-bit/color RGBA, non-interlaced\012- data Hash49ba4084ec211a9d213c971befb50c53 2116332baf289c4a1783bdc5a01fc1b91feadb09 34db648cf21ad021c8a46334868b86015d9bf2d945967cbf75bed375cf918dbc
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/reward/2.png HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:52 GMT
content-type: image/png
content-length: 75879
last-modified: Sat, 03 Sep 2022 08:30:26 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l94XevP2dVkqoIDv5ZZ5gOmbytHfFf5A2H7TJ0XxGLDTMRTKwY7%2F1Dzhm%2FRbgXXMFpaxzvbZIC7%2FUtoTE09rPRaU3lfxT9l6EcncZrKs8cWrOwSFG%2BLNDuW1gZ4RZO4Ve45p8VH0aK3YOr0vwQtTr5F2ew%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d495059a81b1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/3.png | 172.67.151.68 | 200 OK | 70 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/3.png IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 516 x 484, 8-bit/color RGBA, non-interlaced\012- data Hashece633abc715f1207f6d3a19a4325537 7714d2d26347485dad20911b59d2cb0103620e98 8045dd96cad8b21a3dd148fdcb36945f955a1b2e88658c498421b1798ace0688
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/reward/3.png HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:52 GMT
content-type: image/png
content-length: 70101
last-modified: Sat, 03 Sep 2022 08:30:22 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2QEnhm9LqAkdpYHFRn9wx%2F%2BLttYd1CUjdqHMWJmN%2Fiq%2BayfHwl%2BI8ESJoujye6Imt5xH6sA02fS04qsaL2GvAqCH9lkwE%2FemIi%2BfI7j38uvSd1psep%2FlBGqdScy5SESDLpRwlrST9evCgHXW9vqbH39jA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d495059a8151bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/draw.png | 172.67.151.68 | 200 OK | 107 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/draw.png IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 700 x 710, 8-bit colormap, non-interlaced\012- data Size107 kB (106627 bytes) Hashd364dbe62f597a52a12578369294a26a 956f898c5a10b8f5029677f359a262ec06634282 7fc37b0c27e8a24a1a67fbfe22af0c03a725832835ff9d507e6ca4f8a6a5d278
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/draw.png HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:52 GMT
content-type: image/png
content-length: 106627
last-modified: Fri, 22 Jul 2022 07:31:54 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bq35Q6AMVzj3oqdxonkDtKpf0VM2NqDTjnFDdwEEZ3%2BFLI1rDxEZfFQtFs%2FxeY2Njh7QjO8XAAdJOXBKyfuLJlS8eN3FkCYzvVo8ALmZGT0crj4bkNgj6d%2BkIqPzwtKZmPvHBGzE2pVJznc%2F8RnlAZQ1Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d495059a8181bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/6.png | 172.67.151.68 | 200 OK | 111 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/6.png IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 500 x 499, 8-bit/color RGBA, non-interlaced\012- data Size111 kB (110878 bytes) Hasha56a9b641f5f91488a5cb707f1edb84d cb0a14bfa15979cae13f11d102e83144aab8f158 4c81dcdeec4f21465c71b26d7d78ae581bb415f043ee2dca80980e4504ec0cb4
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/reward/6.png HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:52 GMT
content-type: image/png
content-length: 110878
last-modified: Sat, 03 Sep 2022 08:30:14 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9YV8qILi%2FS6grVLzGRji5jFlrIAtuc3%2BXza6qdFbXyxh96wTIpYEA%2Fjsdq6oLEOmv174dv4IY7Tw50uFQTfVJvPafywHiutp50JuwTA%2FXdXhOFXInmSpH%2Bj1HMDHWmQYIfyyvKlRXbK5txv8%2B0m4Dfsjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d495059b81e1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | | 471 B |
IP142.250.74.3:0
Hashdf893f12f5cf31daedf4910ffcc872c8 bbd271b0e76cd11d6a00327914b74882c95655fb 134d16adfc51baecc40c9fba86cc6c2d37b489435c99878912d1948543a0337b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 12:17:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| cdn.jsdelivr.net/gh/js-projector/ajax@main/ionicons.js | 151.101.65.229 | 200 OK | 470 B |
URL GET HTTP/2cdn.jsdelivr.net/gh/js-projector/ajax@main/ionicons.js IP151.101.65.229:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File typeASCII text, with very long lines (1012) Hash0512430a87f92666a86d9aa77e7d9790 fa403160b8b13104a87900ddf8cde75ea8d22f1e cf3bc32ff09c85c35773557a632fa3b45625074488aeec14ccacc0400cda6672
GET /gh/js-projector/ajax@main/ionicons.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"3f5-+kAxYLixMQSoeQDd+M3nXqjSLx4"
content-encoding: br
accept-ranges: bytes
date: Fri, 09 Jun 2023 12:17:52 GMT
age: 39467
x-served-by: cache-fra-eddf8230064-FRA, cache-bma1653-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 470
X-Firefox-Spdy: h2
|
|
| ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 | 104.18.20.226 | | 1.5 kB |
URL ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4 IP104.18.20.226:0
Hash6b1073982d57fd5a42b681dceb99f6b5 4c73f10e8fabc6f04293ebbb20b8c738c2668f13 66a2c7161f8cf757c32e747746812e165c1066a83bc44da84b8cebeb1826f78d
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 09 Jun 2023 12:17:52 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "14678D72088B5F27C904A3DAE3F72BFCF26D05A2"
Expires: Fri, 09 Jun 2023 23:00:00 GMT
Last-Modified: Fri, 09 Jun 2023 11:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3429
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d49505ceceab527-OSL
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/index_files/css | 172.67.151.68 | 200 OK | 62 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/index_files/css IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (1116) Hash755df17a408beddb747e36f27ae4dedc 53daa61ef477c0badec68fa8942cb5ffce0c38b0 a2db023c6c27693f044211498c952a94f002c75b80926bde95c24d5dbab187f4
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/index_files/css HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:51 GMT
content-length: 62268
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltyhP%2BDy9Fup2Xru9HntEuKNoW%2BuwXT2MGqaCX9%2FnOCzprYYLSeTAe38b7RoVzWRBweAnIVUinwCz%2FET2Bv5sQvd9V1CFZF19OE7yfnLaExEAxNAmS39vspXM9QpoqQT2V1nZFApmI8uqk%2BtX5I0SEk%2Fvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4950597fef1bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/5.png | 172.67.151.68 | 200 OK | 93 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/reward/5.png IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 528 x 472, 8-bit/color RGBA, non-interlaced\012- data Hash3093b5172680d8927c7c22418c42eaa9 0e7983d7effed747c05a1948aca7cb12b0ae2e6f 09167e83438904664d9199c8c4a495101a1da7653107f28b9c8668f8e10db484
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/reward/5.png HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:52 GMT
content-type: image/png
content-length: 93234
last-modified: Sat, 03 Sep 2022 08:30:17 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBIiyh%2BOh%2BocokRxf%2FQL4%2FRDLn23Y9WM6xXOTsyJXTd1cjNc7M6VxixSef8laALzFepfURBVL8f0sIshsbaeUdnTw1gNa4nFx1pORxokKFnRJR3WV53ZHTYjt2A72UhlscsC887DNmaTBBnEfErjXhdvFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d495059b8201bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| l.top4top.io/m_1725u5z7i1.mp3 | 65.21.235.194 | 206 Partial Content | 20 kB |
URL GET HTTP/2l.top4top.io/m_1725u5z7i1.mp3 IP65.21.235.194:443 ASN#24940 Hetzner Online GmbH
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerLet's Encrypt Subject*.top4top.co FingerprintC0:8C:41:80:4F:97:CD:08:0A:DA:AB:5F:53:B1:2E:14:8E:97:DD:10 ValidityThu, 01 Jun 2023 00:05:01 GMT - Wed, 30 Aug 2023 00:05:00 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data Hashee5b5d12064ae26f839b882edb33da62 6fa93ef00f294eec4ef05276e81813db1e95e346 4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
GET /m_1725u5z7i1.mp3 HTTP/1.1
Host: l.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
server: nginx
date: Fri, 09 Jun 2023 12:17:52 GMT
content-type: audio/mpeg
content-length: 19781
set-cookie: klj_40d147_downloads=kh51z; Max-Age=85000; Domain=.top4top.io; Path=/; Expires=Sat, 10 Jun 2023 11:54:32 GMT
last-modified: Mon, 21 Sep 2020 07:16:33 GMT
content-disposition: inline; filename="open_reward_tab.mp3"
etag: "5f685351-4d45"
expires: Fri, 09 Jun 2023 14:17:52 GMT
cache-control: max-age=7200
x-file-id: x34392023x
content-range: bytes 0-19780/19781
X-Firefox-Spdy: h2
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/icon.png | 172.67.151.68 | 200 OK | 426 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/icon.png IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 512 x 512, 8-bit/color RGB, non-interlaced\012- data Size426 kB (426306 bytes) Hashaba36f4f42954df12ba1b2f3c7a6e9d6 0e0f7333508f64170bd47e8391f506dae18c7176 07de9ca276d1e9074aa91c2b265b44316240b164155386f358da879b94c29750
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/icon.png HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:52 GMT
content-type: image/png
content-length: 426306
last-modified: Sat, 03 Sep 2022 08:09:20 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdhF%2Bp%2FttenhLkQPtJbfxVTw%2F1hxHh5UlvtHGwZdASbxfNVYgv5WELf%2BTZsg4OPkuQ7jCBWcpwlbfVS5ZO%2FeykG7whQHnsMjCJjw%2FfvJfO2RTKXyRLHtuJOh1XhVt6sJ6YOdmVgenCSnv6zVeqCpVwFe2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d495059d8521bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20228/a16df409a901ae284ec1abc78de35aa5.jpg | 23.36.76.115 | 200 OK | 227 kB |
URL GET HTTP/1.1freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20228/a16df409a901ae284ec1abc78de35aa5.jpg IP23.36.76.115:443 ASN#20940 Akamai International B.V.
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1920x1080, components 3\012- data Size227 kB (227262 bytes) Hash6b6a600ca0e88b2ed84a95bec0898975 7d59266b91ca9c5a5579586b37a2032cea3c6060 9236aeab670d5fc12cb9734a43efc68742f22f9ac8e203e28ee06d90cf9dcd8d
GET /common/web_event/official2.ff.garena.all/img/20228/a16df409a901ae284ec1abc78de35aa5.jpg HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 000001885DA5AE599142382DF2BB68F5
x-reserved-indicator: 372
Accept-Ranges: bytes
ETag: "6b6a600ca0e88b2ed84a95bec0898975"
Last-Modified: Thu, 15 Sep 2022 13:06:51 GMT
Content-Type: image/jpeg
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSHYqnMlT5M7Usd9wy/W93tx5Rj/BcVp
Content-Length: 227262
Date: Fri, 09 Jun 2023 12:17:55 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
Server-Timing: ak_p; desc="1686313075147_388254831_33038825_10_480_2_0_-";dur=1
|
|
| i.postimg.cc/02KwtTc7/footer-bg.jpg | 162.19.88.69 | 200 OK | 12 kB |
URL GET HTTP/2i.postimg.cc/02KwtTc7/footer-bg.jpg IP162.19.88.69:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintF7:9A:EC:C0:0E:AB:80:A9:55:8F:DF:97:AD:BB:4B:70:07:08:F0:F0 ValidityWed, 19 Apr 2023 13:39:30 GMT - Tue, 18 Jul 2023 13:39:29 GMT
File typeJPEG image data, progressive, precision 8, 579x800, components 3\012- data Hash27b8ceba13cb26a4ac6951cecdd4a5d3 accbec4f1b6038f0bcd2032da80c2ee342033d2e d1740f2a847c3b67a1071442fe2af27298bca56ab267e90ea8aec3d4e9b9552f
GET /02KwtTc7/footer-bg.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 09 Jun 2023 12:17:55 GMT
content-type: image/jpeg
content-length: 11651
last-modified: Wed, 23 Mar 2022 19:15:53 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/js-projector/libs.js@main/ionicons.map.js | 151.101.65.229 | 200 OK | 35 kB |
URL GET HTTP/3cdn.jsdelivr.net/gh/js-projector/libs.js@main/ionicons.map.js IP151.101.65.229:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT
File typeUnicode text, UTF-8 text, with very long lines (65534), with no line terminators Hash17249247debeb4f1c93b7203fc2dae84 9cce479599011d31284ae6522f2884c07a4170af 2f51821e42e09dbd478326b672e5e95b1019c7c9654fd315d5a4ccd3f1e3cc31
GET /gh/js-projector/libs.js@main/ionicons.map.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-length: 34956
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"1a4bc-nM5HlZkBHTEoSuZSLyiEwHpBcK8"
content-encoding: br
accept-ranges: bytes
date: Fri, 09 Jun 2023 12:17:55 GMT
age: 39202
x-served-by: cache-fra-eddf8230076-FRA, cache-bma1630-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | | 471 B |
IP142.250.74.3:0
Hashcfa2f4faaa3c178ca36297b0c4264e37 7a77047e893a983873f15a67f94b2be4b114be43 faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 12:17:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/teko/v16/LYjNdG7kmE0gfaN9pQ.woff2 | 216.58.207.227 | 200 OK | 13 kB |
URL GET HTTP/2fonts.gstatic.com/s/teko/v16/LYjNdG7kmE0gfaN9pQ.woff2 IP216.58.207.227:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintC8:5A:9A:D9:6A:F5:00:15:5B:5D:99:FE:FE:CA:1D:7C:19:4D:F8:D5 ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13324, version 1.0\012- data Hashb4082c888eefa2dca3fe2c9d46a87180 05aeb6c58175f659fe59eaca5a9d3735dd0530e3 352ad1513eeaeec51060f01d5bed32345862ec4d9c0802b81e0a47885951e4b6
GET /s/teko/v16/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freefire11160328.panellku-id.cfd
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13324
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 09 Jun 2023 11:11:11 GMT
expires: Sat, 08 Jun 2024 11:11:11 GMT
cache-control: public, max-age=31536000
age: 4004
last-modified: Tue, 02 May 2023 14:50:17 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | | 471 B |
IP142.250.74.3:0
Hashcfa2f4faaa3c178ca36297b0c4264e37 7a77047e893a983873f15a67f94b2be4b114be43 faebb1831224e4843915d60cdc5f707ea6de1fd82d1e3b9620bc5c9b611729b6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 09 Jun 2023 12:17:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js | 104.16.126.175 | 200 OK | 426 kB |
URL GET HTTP/2unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js IP104.16.126.175:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typeASCII text, with no line terminators Size426 kB (426513 bytes) Hashaecfad4a277c54f562444eb2dac6bb30 d905489fe5967c4ec6cd78176533db886fb219bb 28a06f4491def3fdc69ddefa5c850a2583ff312997aef3498e2f12e384c45115
GET /ionicons@5.0.0/dist/ionicons/ionicons.esm.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freefire11160328.panellku-id.cfd
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 12:17:55 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"106-2QVIn+WWfE7GzXgXZTPbiG+yGbs"
via: 1.1 fly.io
fly-request-id: 01GV64J46F5AGKJNCSN85ZXX9C-ams
cf-cache-status: HIT
age: 7848489
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d4950702930b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/alert-zone.js | 172.67.151.68 | 200 OK | 134 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/alert-zone.js IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (64301) Size134 kB (133883 bytes) Hash2d8819d4b15ffe076a804a074e0229da 0e76d42421e78a58d71c99e233335f39b8b47645 b49a2dab55008d7ba1277b3adbb0b5f590f9b3ee25e3e89a9d78696efd262dde
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/js-zone/alert-zone.js HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:53 GMT
content-type: application/javascript
last-modified: Fri, 22 Apr 2022 16:48:20 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2F21P3ZmWZiXxEBEUcaBNn2uLP1nySMRe7Ngs32viHkPD1oiZ2qobKKxV5oIniscofLKXNMPnqXUhFh4y3w8DlGJLjBKir%2FGLKdBTpfupjZa1rjDa8SZslRNraDnYoiyBC2dOSkzI6U2TZxHzzsDWf8MfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d49505e2ce11bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/media/spin.mp3 | 172.67.151.68 | 206 Partial Content | 133 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/media/spin.mp3 IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeAudio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 64 kbps, 44.1 kHz, Stereo\012- data Size133 kB (132739 bytes) Hash5e6ad4032df296732508803deb114b90 99d585eab4db1d9d5555b5ea4aae2542c5c635e5 9f4633ff137414c473c1477d9345c1b379b5174544f5aa22e0666d778f6f3eed
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/media/spin.mp3 HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 206 Partial Content
date: Fri, 09 Jun 2023 12:17:56 GMT
content-type: audio/mpeg
content-length: 132739
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cache-control: max-age=14400
cf-cache-status: MISS
content-range: bytes 0-132738/132739
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6KWWqRi9vtNQlh2VTtGUdTcQDDC3ZsUHZ4n9yYm5bjZQg%2FHOYhUgPCdbu5ayLl%2BO4cNrt07ZjkJQEObwJ69Lz0k7D15voIi6g2qsBAkUqe4%2FL8%2B0M%2FuOW5A1uEnVFeiNTOtHr%2BQ4Cb3tdVZRld%2FByldAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d49507068081bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/index_files/slide-zone.js.download | 172.67.151.68 | 200 OK | 2.1 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/index_files/slide-zone.js.download IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeexported SGML document, ASCII text, with very long lines (2269), with no line terminators Hash736b7a6a2d95a2e08b8402c18cb1a8bf f2d75dedc821d7648113ab0670cedc47eb2818f1 b44bd30a88c9f9c1342eedd5b3296312da8795115355bf6d9c4709775afb02cb
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/index_files/slide-zone.js.download HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:52 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HQ0fmaT%2Brh3E%2BBjLAEyonN%2Fd4bfhdrgCnLk7HIdMuyNuc1OISHxxCi18rqDLpVlFLjiPdK6t2c%2F%2BmM6ZzYge%2BaT8%2BV6k2iqtzy1EyM4WGZuiHp2n%2BJHNe%2Fw1vO%2BqKuUsWurtJa83K%2FP2L5gxSk8j2va8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d495059c83b1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/index_files/gift-zone.js | 172.67.151.68 | 200 OK | 1.7 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/index_files/gift-zone.js IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (1765), with no line terminators Hashc0be1d3124914d4e54047a06f6818c3e d18c67ea5cdf81ebbc1c63132d99cc4ce5df3eb2 897a7e49b1c734f17959fc54b7325cc577a259bcd73e8d58837d3564f35408f1
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/index_files/gift-zone.js HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:52 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADmy3RbshkK7cF77ZBPD5MR%2BMNsv0joNDsYtuTIlGVO01omGaUrUWBvPFrkPD8mlyoklrp4s8%2FbtCk6L1TyVbHWYMadJRsDMO0QfxBepWKg8Go7txHWKzrERZ8aaBnf9dAK8Fulru%2F8KG7Vvxz5d66Homw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d495059b8261bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css2?family=Teko&display=swap | 142.250.74.106 | 200 OK | 1.1 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Teko&display=swap IP142.250.74.106:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0 ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT
File typeASCII text, with very long lines (1106), with no line terminators Hash5c6516987bdea1aa17d1198614828f24 69557d00ab3831718879ab2ae051c5157bfc551b 5169c6dea5cf27fe3faa4bebcbec8b2cfa4e92b4cc5ad5859a6adc60372f03d8
GET /css2?family=Teko&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 09 Jun 2023 12:17:51 GMT
date: Fri, 09 Jun 2023 12:17:51 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| a.top4top.io/m_1725zobal2.mp3 | 0.0.0.0 | | 0 B |
URL GET a.top4top.io/m_1725zobal2.mp3 IP0.0.0.0:0
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m_1725zobal2.mp3 HTTP/1.1
Host: a.top4top.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ | 172.67.151.68 | 200 OK | 16 kB |
URL User Request GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ IP172.67.151.68:443
CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/ HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:51 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zi%2FevZNK%2BjYZRi7PjaI6aT8mymlBZ2irCeAQ20hQHIaeaj1y0XLbXIvenkZ8M3w%2BrkjWg9VGx7hYtzVtWoNS3C6BqpvEn91oAcBB7ZW8O0zIu576FBIcsp8S5m97fglCsJBVaLcfrrFq%2BJD1eFr8yadwDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d4950580e641bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 31 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.10.207:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freefire11160328.panellku-id.cfd
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 12:17:51 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 05/01/2023 15:40:29
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 722
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 5676f3d7a574e5a712ebf61b8f3692cd
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7d495059dc1bb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/facebook.css | 172.67.151.68 | 200 OK | 3.2 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/facebook.css IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (3395), with no line terminators Hash3890fafe623814bc5a9433cd7bf6cd9e 9c5f60df94661f6188fe000282491c1f0c78d0df 3bd83ac70321db89b4f5a905ef01db6d2e1d07d297afbf178a0dfd12aca0e7aa
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/css-zone/facebook.css HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:51 GMT
content-type: text/css
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhT4ynwuMBrQczJTQRyIVwiE%2FXvYZPAa4v1mZ6q2jYKoK%2Fq10uhpYWNL7sJvYUinW7iVv0fdYsY86UjQNpkDuggqUHaTc8fz7sem76wbAO78ngHkEDeHuEoKOVw3M0Rqy%2FONT3sVRPkC6wat30t39KcSmw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4950598ff11bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/slide-zone.js | 172.67.151.68 | 200 OK | 2.1 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/slide-zone.js IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeexported SGML document, ASCII text, with very long lines (2269), with no line terminators Hash736b7a6a2d95a2e08b8402c18cb1a8bf f2d75dedc821d7648113ab0670cedc47eb2818f1 b44bd30a88c9f9c1342eedd5b3296312da8795115355bf6d9c4709775afb02cb
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/js-zone/slide-zone.js HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:52 GMT
content-type: application/javascript
last-modified: Fri, 22 Apr 2022 16:48:20 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=czxw%2FaAV7GuwUuHnGhk0Fl7Ut8FF9PXZqNbjmo2yQRX3voKNU0JHfBLfz3%2FE4WCBOATkzUXw24x84gHETidUw4qYvA9fz%2BeL4QKgGfb%2FgyeFVlhhd3l69geMzLD387FWF3mRdiG%2F%2Fz1qrUWmppjfwSrL8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d495059c83c1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/zero-zone.js | 172.67.151.68 | 200 OK | 861 B |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/zero-zone.js IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeexported SGML document, ASCII text, with very long lines (1025), with no line terminators Hashf446458806c67be2e2e6f5252c61ece0 fb932433182ca4fd20ce20bb2ba1a18fc6143261 edad84eaba5daeb5a5863a08fc63ddeb3b79710d4c1e431ee182e23d6ebb6b1f
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/js-zone/zero-zone.js HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:52 GMT
content-type: application/javascript
last-modified: Fri, 22 Apr 2022 16:48:20 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r2yANx9KMO%2Fe3TF6QP432UKeVKtGl86fA%2Fd5fFhtL56MhxvRb8ZwJ1CxdNPYjzIfIzw9X6wXcydUDQ75NhnWK%2FP7pK15eIjhYkfjr1PDP6NQTpnt%2Bi686qd7rVveahsk8uPrjhzy4tDe3Q8lbTOTE6Yqbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d49505e2ce51bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/twitter.css | 172.67.151.68 | 200 OK | 2.1 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/twitter.css IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (2224), with no line terminators Hash2baac8d45b45684a4e2eaddd4b0cf268 f612020bb403f7375fe01c6e035c05c3c6284df8 de33e336bfff950e9d994e20c3a3983a44a7e12c2c559e3cd4c6d95558b28cfe
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/css-zone/twitter.css HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:52 GMT
content-type: text/css
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Shhq28ebco3cwPOaMutanqCV2mRk%2BUVRTgHKlQWLO%2Fy1KTMiU8K1zWok9PwV%2FQ3TJofXyfhH5KIFSnX5Ovq0iY%2BxXEQ12jb3AJkJOINbIyao37q%2B9oR3WW0TDV3%2B%2BpcJ897j%2BtaotBrz0dlXoNcAA%2FeqlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4950598ff31bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.pubgmobile.com/en/images/nav_menu.svg | 23.36.76.227 | 200 OK | 884 B |
URL GET HTTP/2www.pubgmobile.com/en/images/nav_menu.svg IP23.36.76.227:443 ASN#20940 Akamai International B.V.
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint50:05:83:7A:D7:1C:3C:CA:53:85:80:2E:04:C3:47:C2:45:54:EC:6A ValiditySat, 19 Nov 2022 00:00:00 GMT - Wed, 22 Nov 2023 23:59:59 GMT
File typeSVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (908), with no line terminators Hash7c2d3b689c5bb0645ebf62ea661c9fae 1a37f036eb3eb8f4a3dcf15bf7cb74e2d823bdad ff6e4ad8be14847a4490e22a1533e3100ad0bed35be9efc1fa0fc662185c74ba
GET /en/images/nav_menu.svg HTTP/1.1
Host: www.pubgmobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Mon, 21 Mar 2022 13:24:18 GMT
etag: "62387c82-374"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 426
date: Fri, 09 Jun 2023 12:17:51 GMT
server-timing: ak_p; desc="1686313071669_388254943_28683734_290_515_4_0_11";dur=1
X-Firefox-Spdy: h2
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/index_files/jquery.min.js.download | 172.67.151.68 | 200 OK | 87 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/index_files/jquery.min.js.download IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/index_files/jquery.min.js.download HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:51 GMT
content-type: application/javascript
last-modified: Tue, 21 Jun 2022 07:07:42 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUinkEUZbt45mM30iU6NE29U5EEI2gVFn1o43%2FaDTcgr6AdTnkYRkWG7rfiQl5%2B3GLAK5cB79X8g6%2BC189ZE%2FHDQgmuZ%2Fz5UWGrssDYpBB7HOyI0tqHKFXQDRSCdLtP%2Fk0usel0019xnysE5hdt%2BMLGybw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d495059b8211bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| unpkg.com/ionicons@5.0.0/dist/ionicons/p-af480238.js | 104.16.126.175 | 200 OK | 9.0 kB |
URL GET HTTP/2unpkg.com/ionicons@5.0.0/dist/ionicons/p-af480238.js IP104.16.126.175:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typeASCII text, with very long lines (9146), with no line terminators Hash82842d881e7e272ef5edd936905e3c6d e4cba7bc427d62b934dc8250ffd74a0e6c41e192 2a5ee14b060e3794311f6dd20fa2f032221e39f543c65b2a9a1b1af1722aac71
GET /ionicons@5.0.0/dist/ionicons/p-af480238.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freefire11160328.panellku-id.cfd
DNT: 1
Connection: keep-alive
Referer: https://unpkg.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 09 Jun 2023 12:17:55 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"232c-uchF0l8mHJgXmaMGCPlWLIIn3tc"
via: 1.1 fly.io
fly-request-id: 01GQ46MXKZV2GRKCGY6QV96233-fra
cf-cache-status: HIT
age: 12208377
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7d495070ba12b529-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/zero-zone.css | 172.67.151.68 | 200 OK | 5.5 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/zero-zone.css IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (6229), with no line terminators Hash28ad13da65a141b2c2e6d69d5ca40984 e6e806e3c9e5e9ef23961a4e29cde5af854d2423 796216e473ecd77fd42d3f703bb2b9f15367c7168c42b91900c230748b8325a0
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/css-zone/zero-zone.css HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:55 GMT
content-type: text/css
last-modified: Fri, 22 Jul 2022 14:18:20 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WW4uacOYFORmaCcMnf0i7lBbVvBQBG1W3YU7ifFzpv4hvsv8QdsnD%2BM%2Fy0ion4CWsU%2BzAZfbDZ8D8wwCOfXIs5yMoOJs%2FOMIVrBVWC1xQUfYBwE%2FAl8bktpaX0yV2HZwEC9sRnWEUZKhXBONWJ2VLUZOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d495067df6f1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/jquery.js | 172.67.151.68 | 200 OK | 2.3 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/jquery.js IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeexported SGML document, ASCII text, with very long lines (2718), with no line terminators Hashcc5315c4e4cc1c7a2c7c932d621fae3d a6020816245f44639ef356de06cf02b04417acf0 76780e5603b10cddbd26af14218995345fb0a8f4e8051488eab7020140690219
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/js-zone/jquery.js HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:51 GMT
content-type: application/javascript
last-modified: Fri, 22 Apr 2022 16:48:20 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F5ny6FkewDWqNQVnBDsGLiiQ2QuzJac6A6VhCBJFkM8QI%2BZ6CoHPRQfsxOtLu5%2F2Um73Pfj%2FRnawK0YBjCcSAMAZYaSKRtmHUHUrdVhxfPgLIEKILoGcbb2oR17coUDUHz76rIBtRcu19gn3AM9Iy1IghQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d4950599ffc1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/style-zone.css | 172.67.151.68 | 200 OK | 20 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/style-zone.css IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (411), with CRLF line terminators Hash40ca06b6afdfc4906499cb2b388c0f98 6b1efd22fd79556fc06c4d252fb58c3464d66803 a87aaf487b7c3ea4a7cd5cfb3faa8fbf89149e16a9157e2e9efe27341c64d38f
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/css-zone/style-zone.css HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:54 GMT
content-type: text/css
last-modified: Sat, 03 Sep 2022 11:16:09 GMT
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpgahPK3U8DqoxYPbJa8pc%2BMMNz1XCGi5rYAHQtD9f9Upe4mWho7oSTJpyEpAfcChxa6Zfl6QR9xlIYt8RkRiI1bUkRti3DgSwLdK%2FL5RDrx6Osp9TFgKZf84rlT2%2BCbMdCtmhxDW%2B6bqzFvLEo3rzUZxw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d495067df6b1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/ | 172.67.151.68 | 200 OK | 110 B |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/ IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with no line terminators Hash36be310ca4f7230ece1f2e7862d85141 dd77f02384277dfb4d1cae0c0a6125ff226990c1 dd8b0988a4d81c2063d4b020de11ab46c00382256661d505f472b9608ce89d28
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/ HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/style-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:55 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4uW9DHmDqJHZ%2F2wRDiUlj2PRt7u2B1YJnCl8SU5P23iUSOHaeH36ABoSw4aTO6OMh8XcwCYVGYl7lAm5SxvCOGkaWAz4A3Pxw6CsANWfAGCcNPz2R22c4amBojsQkmcX2Yswo2RwKVKcB%2FBrZBKLrNrwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7d49506faf6e1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/item-off.png | 172.67.151.68 | 200 OK | 114 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/img/item-off.png IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typePNG image data, 700 x 710, 8-bit colormap, non-interlaced\012- data Size114 kB (114406 bytes) Hashe22e8c64a52b9aee71d0325ad98434f5 263f3fd557ed077ffc73d579db99c4f08f856550 51c8dc27564c06b970dd2bbd406a3cd7670f3127148308e0a10729332a4f7d15
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/img/item-off.png HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/css-zone/zero-zone.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:55 GMT
content-type: image/png
content-length: 114406
last-modified: Fri, 22 Jul 2022 07:31:54 GMT
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=INc7K82Tg0wiDRBSSKoxVeW1tdR4qD12ZQ2cTkbIiZkz6XU44pSbyqrjEVeEHVrqjM9lDVNBz1LZBHvgksTNxYjL5tEYyZa9uCLcASk1x5S5qO%2BRaD3E7OjQ8GVGM%2FAQTzWYBXQuCmZr1qjUhexpZvQHyw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d49506fbf701bfe-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/myScript.js | 172.67.151.68 | 200 OK | 3.3 kB |
URL GET HTTP/3freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/js-zone/myScript.js IP172.67.151.68:443
Requested byhttps://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/ CertificateIssuerGoogle Trust Services LLC Subjectpanellku-id.cfd FingerprintA2:4B:21:78:4B:D6:A6:E4:A5:09:C8:F7:3F:39:05:B4:78:CE:3D:B5 ValiditySat, 03 Jun 2023 12:51:38 GMT - Fri, 01 Sep 2023 12:51:37 GMT
File typeASCII text, with very long lines (3662), with no line terminators Hash7c6f1f17640b335e6acd19a243626e11 db9ae6303b6576ac2a16a08320893aaa91a492fa 6413a921832ad75c9e1cbb7858fb22e88d8f18e6f58f27dee15f0150432b17b7
Analyzer | Verdict | Alert | openphish | Garena | |
GET /vhsfhqpdhdsih6/js-zone/myScript.js HTTP/1.1
Host: freefire11160328.panellku-id.cfd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire11160328.panellku-id.cfd/vhsfhqpdhdsih6/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 09 Jun 2023 12:17:52 GMT
content-type: application/javascript
last-modified: Mon, 25 Jul 2022 10:25:08 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xt%2Bd1FOqh9ZY%2B%2FNsbBB5R%2BIymB6SYE%2FGJ7J4XhomgX97HKOc4%2Bb25CjCA6n3mSY865ON3NmumNh4NaTqmPDZDgHvqaPHUennFIPcTMdQ0t66ydL0G5FlQ0oB17qCg%2Fac9mGCDGbSYW%2FcVdn235yoye3Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7d495059a80b1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|