| freefire-garena-promo.com.ru/freefire/ | 104.21.34.141 | 200 OK | 167 B |
URL User Request GET HTTP/3freefire-garena-promo.com.ru/freefire/ IP104.21.34.141:443
CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/ HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Tue, 07 May 2024 18:15:00 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 07 May 2024 19:15:00 GMT
Location: https://freefire-garena-promo.com.ru/freefire/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PoRd6p5YM0wVZglKnGVioDiqJSfZOq3m1MzPZCuGfFdq946MdXTG8pS8ZUhEHs4NlYoM6RgVO9TzNEIzgY3zUnWDQieC0ujOVIU96TZo%2B2ckRnacVZvcF82U%2BZKWr9vBiOHK98swhynYAvP0mxdw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8803316548320b41-OSL
alt-svc: h2=":443"; ma=60
|
|
| freefire-garena-promo.com.ru/ | 104.21.34.141 | 302 Found | 506 B |
URL User Request GET HTTP/2freefire-garena-promo.com.ru/ IP104.21.34.141:443
CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
Hash3bf47f790b161ad506260f8330f7a69e 5d001d4a7f944838667beffcc9ac6e20143edb5c 08e250128562e0d5c6e7f89577e2b886fda9b53b4cdcd120f2fe2b83c892620f
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET / HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Tue, 07 May 2024 18:15:00 GMT
content-type: text/html; charset=utf-8
location: https://freefire-garena-promo.com.ru/freefire
set-cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M5L8u2wvquXdMcE8hphfAIz3RuC40usdEfW8u150OchhsyJsd2VWQ%2Fhw9RuJQ5kALMK6p6Txa41I73Xa41ZgvzfVqJu84pt9IlXm8L88IL3I%2BP%2Be5NzJKMXjFS9fqrbihL84u8O%2Bduq%2FxAn7CXim"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8803316358487127-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| freefire-garena-promo.com.ru/freefire/js/js | 104.21.34.141 | 404 Not Found | 1.5 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/js/js IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typeHTML document, ASCII text, with very long lines (634) Hash16f9becdacae380114a1c99bb4d528e7 d7c4e5b15078c8a9ea1cf452beafba8eb45c4c95 d9cd6dfca94282619431285858508adf7a4552a70c2bb6dc4f30b0c83d9b1615
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/js/js HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Tue, 07 May 2024 18:15:01 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7lrZ2efjYkfgBtCudJB1S098q3WThTUo83vDdJCxy6SrVBGs8U7mpakgoHphLxeIyckQH0DXyNyfdvczJw3wTem2rSdSkkcMFaFN32UxaFvMYkbSU8AIIu84bnyGhzwlHyGTrFa1%2F9FkIwP85t8S"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880331699cfb5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/imgg/bg.jpg | 104.21.34.141 | 200 OK | 137 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/imgg/bg.jpg IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, progressive, precision 8, 1920x965, components 3 Size137 kB (136773 bytes) Hash57fd6fc58a09519be8012650efd9881d bf24f16e0901ebef13336a3b4a6e13263ffb6279 ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/imgg/bg.jpg HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/js/responsive.css
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: image/jpeg
content-length: 136773
last-modified: Tue, 02 May 2023 14:12:28 GMT
etag: "64511a4c-21645"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1FWZ5VW19mJIL4Nh%2B9qwKsHB7%2F5ANEXZSkqCRNUweBnX7bOAAFm6ujBhVCXYiotxJd0ULzWG8Kgrnl8kj4tdQfAzmJxcbSIQgD7PLiPZtMhahtQ9sQta7BmogxHTWbb%2Blz3X0TkF3ZPYZyKsmV%2Bd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803316a2e0c5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/imgg/vk-l.png | 104.21.34.141 | 200 OK | 9.8 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/imgg/vk-l.png IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced Hasha53bf2276aa814a0053de1eb24d48b1b 0f7bb9af7af5e9eb07998969744f9105d833e233 8ffae0974acd7014b8e30ff2510ff2c8809103dca22a9e9d252cfd525cc7eff9
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/imgg/vk-l.png HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/js/responsive.css
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: image/png
content-length: 9846
last-modified: Tue, 02 May 2023 14:12:24 GMT
etag: "64511a48-2676"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JbQbhQ8LAKC68rxbpH6m825s3v8lxv1Kmm9cg7EgYiZzqqrsXAaZmPwHRqlSNhDHvWFi8BSm4SSnJNB%2Fhvs21kJHvN%2BVsJPC3FXuq98BYlmQ8vsrsUnJpWD122JG%2BDP0qR1waBIMTkYYeltyvPG9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803316a3e1d5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/imgg/google-l.png | 104.21.34.141 | 200 OK | 6.7 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/imgg/google-l.png IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typePNG image data, 81 x 81, 8-bit/color RGBA, non-interlaced Hash5f3e71195ba86afaf49859083e74b5ce 7b5ebf2bf6387331cf90442375ff9f4af5c4fd58 5437ffaa3ad1e6a1fd8272511b2cd6c0c301a339a16f2d3e0e0c496b10a3818d
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/imgg/google-l.png HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/js/responsive.css
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: image/png
content-length: 6656
last-modified: Tue, 02 May 2023 14:12:28 GMT
etag: "64511a4c-1a00"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Efo57MeDEdQkfHAaqhGZhJD7x4F06rh9H6OoQC6Y9%2F1gm%2Bcnz%2Beq6xpvjk0SAhc%2Fs76BZ4EKgiShA2EUTeHPapedq0uxMWFuJ8zPDX2BnvRqdGIbxjpfvwjAH3TVKX5cz8uPWMuzLZtmtzzJUazH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803316a3e1e5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/imgg/logo.png | 104.21.34.141 | 200 OK | 14 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/imgg/logo.png IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typePNG image data, 426 x 104, 8-bit/color RGBA, non-interlaced Hashb3c9dc5b5bba47430a7da8301c09d45b 811aa569261ba03c88fc108d04428264046b66ba 4bb88bccc5bd610423b63fba5ca6f98516d3d8fc631d6b1b977ac669104264be
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/imgg/logo.png HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/js/responsive.css
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: image/png
content-length: 14297
last-modified: Tue, 02 May 2023 14:12:24 GMT
etag: "64511a48-37d9"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bHrJgrJOrRWOl7LY%2Fv9bz%2FSC36xbQb5DMR%2Bwir6nWBguPuzstuPQ109Vzw8hKPsIMSuWHrgJfzbvluDO%2BjnrfD2pNlPS0gy%2B%2BKG7qinRTqAqkmkzz%2FarKcRvcma9lVPvcT2DnUHRRIx6yYJ%2FbDzI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803316a2e105688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/imgg/facebook-l.png | 104.21.34.141 | 200 OK | 9.2 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/imgg/facebook-l.png IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced Hashe328a85faf3ec595e525860c98e34098 e60ea777c0f17e3091eda58a81a9b916fea47f56 94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/imgg/facebook-l.png HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/js/responsive.css
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: image/png
content-length: 9175
last-modified: Tue, 02 May 2023 14:12:24 GMT
etag: "64511a48-23d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wp%2BX8lfvwBv29RoI7nUdPvxGG6sLA9syUPpj4Hd5ADQCchovoBi7oHAcLNeyFNHvL%2BQuAzpNtS1fsDqy9Zha0ubBfTk9qitBI3Vdpk9IZ40LcCe8U1UhSIXcrYNErn8CTGAskzczjmDXEf%2F10hX9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803316a2e175688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/imgg/huawei-l.png | 104.21.34.141 | 200 OK | 5.8 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/imgg/huawei-l.png IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typePNG image data, 81 x 81, 8-bit/color RGBA, non-interlaced Hashb71500650d5d3b5fba7b2f8f8012fe13 049dac5b1bb2864de4e64f4dbb3e084efad7a14c 3149e5da337a71edbf1f389081fb4c9010748eebbf9d9a6d8442e74be2f1f261
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/imgg/huawei-l.png HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/js/responsive.css
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: image/png
content-length: 5811
last-modified: Tue, 02 May 2023 14:12:26 GMT
etag: "64511a4a-16b3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ftx8fzWLhxKvhnxlpLiMNQtLExqRg7509BjMKhM3DtdMDJpiYbxC69EFCTfI5OlcVI9%2FPomZpHUC0qZPEl%2F%2B1moddhdQHwWayqfzdGoIhu%2BOS%2FUDe7wzgfn0HZq3XdtC40HYpIPVl4gKLOLHFNGE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803316a3e255688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/imgg/apple-l.png | 104.21.34.141 | 200 OK | 9.1 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/imgg/apple-l.png IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced Hashd72825e76a981573e800cb3983bff287 89d064915f45c31853eaa77a416843cb3d3dcc81 ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/imgg/apple-l.png HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/js/responsive.css
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: image/png
content-length: 9069
last-modified: Tue, 02 May 2023 14:12:28 GMT
etag: "64511a4c-236d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4dlOcgpQcrLwfCMtX1reg6YYDPWytEsEvaBB%2Bpbv3UtOOOm3glbpxs4Pgbf8kqSyidedpgcA20DK%2BsZ8RDxcWRRxvzL1mubYtGUimScAeipCMmEZFlc8RO1feESenFM0Q2oP7MmqG7kURzEQMixR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803316a3e295688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/imgg/twitter-l.png | 104.21.34.141 | 200 OK | 9.8 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/imgg/twitter-l.png IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typePNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced Hashfac267d563f943d005abd2a01d207764 dbd45b8fae0cf4a32c3a9664443d65b4f8cb2cc3 392c6ef45dc72dc2d72c2a2d16ff5fcd5943766e78e14f1f6bb008c59cf80877
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/imgg/twitter-l.png HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/js/responsive.css
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: image/png
content-length: 9812
last-modified: Tue, 02 May 2023 14:12:28 GMT
etag: "64511a4c-2654"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AdpM%2FkCVigUqvUGEZS4gXDKCe5he0cJF9DtbviPQCe%2FQpct6CMlybjwIE%2FvsdjRQ8ohIGAcodJ14pcURXtWH%2BQEgMmpZlgOiCAEEx2y7TWIfZSlnikH6Jaa8SeulbasnqRvs0V3JYBjMjmgsmbZj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803316a3e2a5688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/imgg/logo_small_foot.jpg | 104.21.34.141 | 200 OK | 3.5 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/imgg/logo_small_foot.jpg IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typeJPEG image data, baseline, precision 8, 51x51, components 3 Hashc34038edcf4185b3e75a6b85f1cd3d4f 3aa218daacaef499d9ae080f36993228455dc814 3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/imgg/logo_small_foot.jpg HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/js/all.css
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: image/jpeg
content-length: 3522
last-modified: Tue, 02 May 2023 14:12:28 GMT
etag: "64511a4c-dc2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RKRqYDfmg52%2BvYPyrCVZQp850Ozq%2B%2BBJmi%2BiW%2FIe6W5axt%2F1j4iQgUoAV83CTRjk%2BCXsDrt8ZdDeNsd3Njxlf%2ByqlBjXUQ42OlrgniXyE%2BhNz2C0QF%2BFwwy2uK4K5MLzYD2I6V0mq0wzQtNDCvKS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803316a3e325688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/js/all.css | 104.21.34.141 | 200 OK | 6.7 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/js/all.css IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
Hash53a28e4214c4687dd52b638e275903dd 3b3eed54bd5ec449b19ef3f50ac8479b8744a677 240dd78da8182c3452c33ce404fe0f8f00d377f74ffe301a8c5c3c9846bbdada
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/js/all.css HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: text/css
last-modified: Tue, 02 May 2023 14:12:12 GMT
vary: Accept-Encoding
etag: W/"64511a3c-26b7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2n4dOP9Erer5Fk%2BlPMV6EdpU7DMd9DyqsxuN15LB5lhefaCfbZqz1Qf006dU2FrQCfddfUu9WyR5ivw%2BbMsa01DaUqZIkbEYpJLlHm5uDpDAz%2BZs3%2BOISCqx214KjiKJr1tk9zPZucO7O4PUAz7w"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880331698cdf5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/js/responsive.css | 104.21.34.141 | 200 OK | 6.2 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/js/responsive.css IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
Hash89c4665eeddefa3ae51fab7382024eba a77f83c34562350ac65da30bf3a57debf4220dd5 98dd27076c997b543c16f490765c3a78f2c739eaccd284a5e32f8662ca26a681
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/js/responsive.css HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: text/css
last-modified: Tue, 02 May 2023 14:12:14 GMT
vary: Accept-Encoding
etag: W/"64511a3e-26bb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vP2cyFw8DmurPeApB5kc9yeat0ej%2B4GBuwWYYhLoOByp9eq9PT7%2FYq6xAbOU1MmD8Mppd73ITZn%2FcPN3FnwnwOzc%2B6jcOEHa9PIJa8HFQmMgD57veSlWGgB4aJN03YWakbzcRLmOe4Ce1Vnt6Vv7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880331698cea5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire | 104.21.34.141 | 301 Moved Permanently | 9.4 kB |
URL User Request GET HTTP/3freefire-garena-promo.com.ru/freefire IP104.21.34.141:443
CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
Hash78b99f1b5eecd89bce43ae6752090b63 a2cc3cf56b7099d0786d9466cbe830b51ce07250 3ea5257b79d8f64b746b7cbdae4d1ec43f6b3d1cce227bc1746eba5db1e07b83
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 301 Moved Permanently
date: Tue, 07 May 2024 18:15:00 GMT
content-type: text/html
location: http://freefire-garena-promo.com.ru/freefire/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCCQPotxoNlHqFJSFzvVFjOH3QMuBvM6gR65aWNLDHv%2F4Ed3s832gklcuRYMUXkzbQSZk9YS1hO63mc9c44GlF93T%2FR%2BEV7H85pvVLAdOztcc8cp6DfiOVxZJoVU7AilOvs6oMMG1bfVOtRyjjzZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 88033164bb705688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=dezYZJZ4agWhisp6PSQefdIyfX8nHp3QXAz0jYdzKoGZY34L4X4Wrt5Mx5WEEsYYjuH3wOhCDDb0eBZquliLMSGqXgsIskc6KZPh-4tcf-RaV_coQ2vJyAN8m94wRxRQ
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Tue, 07 May 2024 18:14:19 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 60
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| freefiremobile-a.akamaihd.net/ffwebsite/images/freefire32-2.ico | 23.36.76.90 | 200 OK | 4.3 kB |
URL GET HTTP/1.1freefiremobile-a.akamaihd.net/ffwebsite/images/freefire32-2.ico IP23.36.76.90:443 ASN#20940 Akamai International B.V.
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel Hash0d2f0e9b2281bf40f5964f6f79fba17a 6288c3d63579f1bf3822471f946e4022fb80ce97 ca80122571d6d7aea0a3c96b926fd53e5d53f7526c23b6a1f79396420bb08990
GET /ffwebsite/images/freefire32-2.ico HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: OBS
Content-Type: image/x-icon
Content-Length: 4286
x-obs-request-id: 0000018E068173A294107DF8BFE0D5A0
Accept-Ranges: bytes
ETag: "0d2f0e9b2281bf40f5964f6f79fba17a"
Last-Modified: Thu, 04 Aug 2022 12:38:52 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSkXKNcPrqtXqf/WQKFJq279sMOFSaIO
Date: Tue, 07 May 2024 18:15:03 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
|
|
| freefire-garena-promo.com.ru/freefire/js/reset.css | 104.21.34.141 | 200 OK | 1.1 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/js/reset.css IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typeASCII text, with very long lines (1153), with no line terminators Hash2fe980b8e50df6964d3d4928ef3db3cb b85c393a01fff025a96b549bc76049f3b582e558 b91a3f3561417b40957b009fd79addc5893a633a714a06e4aa57a2311d81fe04
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/js/reset.css HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: text/css
last-modified: Tue, 02 May 2023 14:12:12 GMT
vary: Accept-Encoding
etag: W/"64511a3c-444"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ynOy1x313OjaGavkGUcVAuq%2FW2suF2bj%2F9isBIPyIpfnqv8iB1OowtXlNt0HqeHG274s4VvK9kluDmDr%2F7IptnitiPExBafb%2BoCnkjIymc9shwpkgwHtXzsUoHVupA0iAMO3kpIcjmSqoj0AmD3e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880331697cd25688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/js/analytics.js | 104.21.34.141 | 200 OK | 47 kB |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/js/analytics.js IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typeJavaScript source, ASCII text, with very long lines (1325) Hash53ee95b384d866e8692bb1aef923b763 a82812b87b667d32a8e51514c578a5175edd94b4 e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/js/analytics.js HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 02 May 2023 14:12:12 GMT
vary: Accept-Encoding
etag: W/"64511a3c-b7cb"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5VKUVpig%2FK%2BJoRMr5TCnmea7q6ghp43xZn8Z6DvtQGppgj3tpa%2BNXHlVMwwpMtF9SKG2EZrxrIXwEmxnsN5FD8SkY59TWdYB7oFkd76wZ1HXdkN62dV3WbPtjBQva9x55jr26TP3NmS2YXYWE6D%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880331698cf45688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/imgg/top_teeth-l.png | 104.21.34.141 | 200 OK | 144 B |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/imgg/top_teeth-l.png IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typePNG image data, 350 x 9, 8-bit/color RGBA, non-interlaced Hashfe98481dd3ffad514594309ceb2ef4ba 0fcc8e2afec22a1abcbf7de83624504919da9a13 42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/imgg/top_teeth-l.png HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/js/responsive.css
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: image/png
content-length: 144
last-modified: Tue, 02 May 2023 14:12:30 GMT
etag: "64511a4e-90"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aCCbr2Zq%2B6CoDwWUfULVUbzeuSXwxb3GroppV0CXhlxoM%2BSFrpXvLofbPtwL6GxcWCqSKyluefPK200AcBrAUJsr723SL12ySkLIChkcfuU8r59pbO1ddfu1Z%2BJtSkMObc7sOSIditO%2BRPN%2FmXuN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803316a1df75688-OSL
alt-svc: h3=":443"; ma=86400
|
|
| freefire-garena-promo.com.ru/freefire/js/ie10-viewport-bug-workaround.css | 104.21.34.141 | 200 OK | 433 B |
URL GET HTTP/3freefire-garena-promo.com.ru/freefire/js/ie10-viewport-bug-workaround.css IP104.21.34.141:443
Requested byhttps://freefire-garena-promo.com.ru/freefire/ CertificateIssuerLet's Encrypt Subjectfreefire-garena-promo.com.ru FingerprintEE:7C:83:05:CB:1F:D0:FD:A2:3F:25:4D:08:4D:29:DB:5C:27:20:15 ValiditySat, 06 Apr 2024 17:04:35 GMT - Fri, 05 Jul 2024 17:04:34 GMT
File typeASCII text, with very long lines (446), with no line terminators Hash70633038c1b05c2fe4facd577f7b664b b6f59e727d97bd1539eaf6d8cd826885e6cda628 95fb496fb65840b7aa68256aeb4af19747ec9b9831a6e6eede37bacfdbd64c1e
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /freefire/js/ie10-viewport-bug-workaround.css HTTP/1.1
Host: freefire-garena-promo.com.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefire-garena-promo.com.ru/freefire/
Cookie: PHPSESSID=56md0e2mktgs8sou0sn4l7l1ke
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 07 May 2024 18:15:01 GMT
content-type: text/css
last-modified: Tue, 02 May 2023 14:12:12 GMT
etag: W/"64511a3c-1b1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 20938
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bvzdf1nug%2F%2B55X21f6ne1WKQ%2F3CWnzY2%2BQC5W7%2F0KT0%2BqNkMOH9%2B0ChV31mIPyRquIrfyiqkw3WEU%2Bl%2Bt1Xh7Oygn1wwnIx5BFov1AX9ARKF9DIn1zjhKv3AOlRFFnJsbfUdqjlr5JILa5RE4D7N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880331698cda5688-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|