| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css |  104.17.24.14 | 200 OK | 10 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css IP104.17.24.14:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (59158) Hashc4af24ce595437830af0a401897698b2 06b7f92dd894a9edb0aeb9d040b489460ecff593 d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
GET /ajax/libs/font-awesome/5.15.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:21:42 GMT
content-type: text/css; charset=utf-8
content-length: 10472
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5fff7431-e7d0"
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 3100588
expires: Mon, 07 Apr 2025 16:21:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OHOyoi9ncyhRRJZlcscFp0mPr5lvwFycU6a4%2FS7HNa8%2FGBPbcbxM1%2FwlRHqj0C5MhZXdKMat5scV06W0BHwjgwv%2B0CUZLlZ9U6SV%2FlaNf7k5DUXZjZeswOSlhawFMHhfGLWddsUN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875dbfeea96d92e8-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css | 104.17.24.14 | 200 OK | 5.8 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css IP104.17.24.14:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashe9365fe85b7e4db79a87015e52c3db6c 2e2b5eb6e08f0f3d11fe0ada97c962a23ba6a0d9 dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
GET /ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:21:42 GMT
content-type: text/css; charset=utf-8
content-length: 5845
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ed9-1149f"
last-modified: Mon, 04 May 2020 16:12:09 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 171106
expires: Mon, 07 Apr 2025 16:21:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FqiU6AxyZqcqleniStBpc4E%2FS%2FD7J0PwddGsy8WfZe3s9TMo12ccwFww8qaldPgEeHJjMlatIiHSgW4RMw7gLJZ2EjeScimmiX8mrHIufo8PmwFvQHu%2B1meyjsokzgfCzEQL6%2Fs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875dbfeea97592e8-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css | 104.16.89.20 | 200 OK | 11 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css IP104.16.89.20:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintDD:2E:D1:50:F1:3B:79:16:36:22:E7:0A:FD:E6:E7:35:C7:1A:42:6E ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
Hash79877fb82de8ca50845081e3c9a201c5 4f6ea69c0e03431ffa1a097a45453b5b3b246d8b af35cc6aba34e5005de77099dfa72d4c1a7715d28ddcec343f48031dc8cb08bc
GET /npm/bootstrap-icons@1.8.1/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:21:42 GMT
content-type: text/css; charset=utf-8
content-length: 10883
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"13a7e-T26mnA4DQx/6Ggl6RUU7WzskbYs"
content-encoding: br
x-served-by: cache-fra-etou8220090-FRA, cache-lga21925-LGA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 258656
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HY5OHH36Ju8jiZ4Kf%2FTFH52E33Fv3RubOM3ufNGWhB5QkAgpKEVIBi%2Fb%2BOMpe5ku2pqPj5L51Yc%2B%2B8qndN83QlUjxaZajP6aTG8b9DgMHrpDnq9lEAPSdJRYTPdjbNMP8hg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbfeeaab59304-CPH
X-Firefox-Spdy: h2
|
|
| rawcdn.githack.com/AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css | 104.21.234.231 | 404 Not Found | 14 B |
URL GET HTTP/2rawcdn.githack.com/AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css IP104.21.234.231:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgithack.com FingerprintA4:13:2F:80:0A:C6:7C:8B:08:12:12:22:60:76:15:7D:40:80:70:54 ValidityFri, 01 Mar 2024 13:12:36 GMT - Thu, 30 May 2024 13:12:35 GMT
File typeASCII text, with no line terminators Hash3be7b8b182ccd96e48989b4e57311193 78fb38f212fa49029aff24c669a39648d9b4e68b d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 17 Apr 2024 16:21:42 GMT
content-length: 14
x-github-request-id: 3EC4:2F56E9:3B9C099:3EFE120:661FF5A5
via: 1.1 varnish
x-served-by: cache-hel1410032-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713370533.233360,VS0,VE192
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 2e16d2c1bf116ed01eeb43bbf4bb01977543a600
source-age: 0
cache-control: max-age=60, public
x-githack-cache-status: STALE
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OGfkTWKTalBd%2B1VxfnN9NUGolWRYVXMBT5YjvHtd8bVW12p9AecBCvAqUgHpyglr58yHieItHYr8jRJFYd2Etf4AciDSeZ8JeHawauW6eCM1n5mrPZFLnKHSdJEDO4KNy6zxZyU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbfee99bb9515-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/alex-facebook.css | 104.21.234.231 | 404 Not Found | 14 B |
URL GET HTTP/2rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/alex-facebook.css IP104.21.234.231:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgithack.com FingerprintA4:13:2F:80:0A:C6:7C:8B:08:12:12:22:60:76:15:7D:40:80:70:54 ValidityFri, 01 Mar 2024 13:12:36 GMT - Thu, 30 May 2024 13:12:35 GMT
File typeASCII text, with no line terminators Hash3be7b8b182ccd96e48989b4e57311193 78fb38f212fa49029aff24c669a39648d9b4e68b d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/alex-facebook.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 17 Apr 2024 16:21:42 GMT
content-length: 14
x-github-request-id: 6056:2E5566:271CDCA:2965D2E:661FF654
via: 1.1 varnish
x-served-by: cache-hel1410032-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713370709.725902,VS0,VE153
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 0f05f8411c9bbd18a2a3d5c2d33afc7c59ee460b
source-age: 0
cache-control: max-age=60, public
x-githack-cache-status: HIT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ifGwQCKwS9Nst%2BUuhS9wL1zYBW8I1EPRbpwaKyplcQmfzPmPqEl4DYBnWm9t1h9ZOVtJUgWVdAamXp%2BGqL1jUTUNtxQbPV0cS18EvA5oSjTTCJndd5Dc3l%2ByFC8dXcixlkL1Uw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbfeea9d29515-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rawcdn.githack.com/AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css | 104.21.234.231 | 404 Not Found | 14 B |
URL GET HTTP/2rawcdn.githack.com/AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css IP104.21.234.231:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgithack.com FingerprintA4:13:2F:80:0A:C6:7C:8B:08:12:12:22:60:76:15:7D:40:80:70:54 ValidityFri, 01 Mar 2024 13:12:36 GMT - Thu, 30 May 2024 13:12:35 GMT
File typeASCII text, with no line terminators Hash3be7b8b182ccd96e48989b4e57311193 78fb38f212fa49029aff24c669a39648d9b4e68b d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 17 Apr 2024 16:21:42 GMT
content-length: 14
x-github-request-id: 7364:2B2B57:D4F226:DF7551:661FF5C8
via: 1.1 varnish
x-served-by: cache-hel1410025-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713370569.783949,VS0,VE172
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 753bb5d82bb44ee029c36f665d5f0d6c64bb1f1f
source-age: 0
cache-control: max-age=60, public
x-githack-cache-status: HIT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fOpSVeJxYxlimxVrFnWXYBD%2FJlZQ%2Bm%2BmAIujz%2Fcqwzo%2FH74pJxR59LvsXEfAcL%2BLH8LJzVYK8iw01NQ36v%2FkHJeP%2FeYtzxbL8fl6NavSgvnZxABppPg6Hh5YjSYDg2QxyOSmlyY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbfeeb9e09515-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css | 104.21.234.231 | 404 Not Found | 14 B |
URL GET HTTP/2rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css IP104.21.234.231:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgithack.com FingerprintA4:13:2F:80:0A:C6:7C:8B:08:12:12:22:60:76:15:7D:40:80:70:54 ValidityFri, 01 Mar 2024 13:12:36 GMT - Thu, 30 May 2024 13:12:35 GMT
File typeASCII text, with no line terminators Hash3be7b8b182ccd96e48989b4e57311193 78fb38f212fa49029aff24c669a39648d9b4e68b d5558cd419c8d46bdc958064cb97f963d1ea793866414c025906ec15033512ed
GET /AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css HTTP/1.1
Host: rawcdn.githack.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Wed, 17 Apr 2024 16:21:43 GMT
content-length: 14
x-github-request-id: A034:1B1FB1:945DA2:9C4CCB:661FF5C8
via: 1.1 varnish
x-served-by: cache-hel1410020-HEL
x-cache: MISS
x-cache-hits: 0
x-timer: S1713370569.211271,VS0,VE161
vary: Authorization,Accept-Encoding,Origin
cross-origin-resource-policy: cross-origin
x-fastly-request-id: 3b76178f32d8c300873bae86d0665199c9d1d10b
source-age: 0
cache-control: max-age=60, public
x-githack-cache-status: HIT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FbVYDMQtt3zTvL3vTm2JjjurZDlqHGrK1JFm3g696vDa%2FZUOWIQ3PgeK1UQ0fms0uW%2FQ1kxfcNId2DUMfg0gojVxyrOINIaO3fRHKc5eVMLuk0ig7x%2FKocM7xigDuFQN4X8ivaA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbfeea9c59515-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png |  152.195.133.221 | 200 OK | 8.3 kB |
URL GET HTTP/2dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png IP152.195.133.221:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerDigiCert Inc Subjectgarenanow.com Fingerprint65:54:F1:4C:20:75:FB:11:D3:A9:95:B8:F9:AE:05:C7:77:EF:78:58 ValidityFri, 23 Feb 2024 00:00:00 GMT - Thu, 30 May 2024 23:59:59 GMT
File typePNG image data, 616 x 90, 8-bit/color RGBA, non-interlaced Hashc632e6bfd0076695e56477bdb3f7232c 5b4212f029814b5dfda946ac5e5a6ba97857feb9 86ccbc1dbeb58af3e6bce5ee52f86a47399da998ad34a0fd2ce9b0b539d92f6c
GET /common/web_event/official2/dist/client/img/full_logo.969f536.png HTTP/1.1
Host: dl.dir.freefiremobile.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
age: 705
cache-control: public, max-age=3600
content-md5: xjLmv9AHZpXlZHe9s/cjLA==
content-type: image/png
date: Wed, 17 Apr 2024 16:21:43 GMT
ec-version: v6.05
etag: "c632e6bfd0076695e56477bdb3f7232c"
expires: Wed, 17 Apr 2024 17:21:43 GMT
last-modified: Wed, 10 Apr 2024 03:54:58 GMT
server: ECAcc (ska/F692)
via: 1.1 41ee0215556e0543d529d912519eb46a.cloudfront.net (CloudFront)
x-amz-cf-id: ci9vaawv5n8EsgdIGWpNJn9YJTH9xwmXkss-YxWoZRl2WvWOA9P8eQ==
x-amz-cf-pop: ARN53-P1
x-cache: HIT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSaZzlBIXwKnuJycH41E0QepQoa5K6je
x-obs-replication-status: REPLICA
x-obs-request-id: 0000018EECD271C79410FE7BB7B4A26E
content-length: 8314
X-Firefox-Spdy: h2
|
|
| filebagasarya.com/img/border/borderatasorange.png |  188.114.96.1 | 200 OK | 82 kB |
URL GET HTTP/2filebagasarya.com/img/border/borderatasorange.png IP188.114.96.1:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfilebagasarya.com FingerprintF8:10:79:DD:D9:42:FF:FD:E3:35:9B:09:62:4F:9B:40:07:DD:BA:85 ValidityMon, 26 Feb 2024 19:06:41 GMT - Sun, 26 May 2024 19:06:40 GMT
File typePNG image data, 979 x 578, 8-bit/color RGBA, non-interlaced Hash06868c2454d9d8c0a17e49c915f6aca3 d4584aac766db94d6617cbc4494cd42b44b9a24a 4923c888864d76243b116d6ac21e4e24049b195098809f6e0540aabb38ef9a88
GET /img/border/borderatasorange.png HTTP/1.1
Host: filebagasarya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/png
content-length: 82404
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Thu, 04 May 2023 03:26:42 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 57742
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5VkJwDv8tT9NvKCCXizImg2oYdX5MyPrd1EfkCVh7AgeSTNImSIURXKVyUX7IGZLQHogfV6WUjp58mLHzgeR3mrJpDqicBqvnpOccb8hUAJ4JYj675%2FfNsnznzHMqusBPWXYqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff02e7792f2-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/logo.png | 104.16.89.20 | 404 Not Found | 53 B |
URL GET HTTP/2cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/logo.png IP104.16.89.20:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintDD:2E:D1:50:F1:3B:79:16:36:22:E7:0A:FD:E6:E7:35:C7:1A:42:6E ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashcb71d2b197dd6af21b39e0261fb1497c 9ab080da6e72161e565846ba4fe9a3279f8f9acf a3abb1833e1a60b26006a99e3ca8c8aefff91c61003548a8f34fc6c92d62acd7
GET /gh/AlexHostX/mlbb@main/old/logo.png HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: text/plain; charset=utf-8
content-length: 53
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=600, s-maxage=600
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: W/"30-mrCA2m5yFh5WWEa6T+mjJ5+Pms8"
content-encoding: br
x-served-by: cache-fra-eddf8230118-FRA, cache-lga21975-LGA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lEq8ODlA8QXaBeCi4RIvoGS4GNFvvL8y6qeuQ4s2MOFwGAoUop%2BsqpvrV9SsgpmZduowyaCMHuoh1BQLUhAKVcsZfbF%2FRegXmG7g2og%2FHd4DH9Oyh8Ymw9X0A61ezGwxLDI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbfeeaab99304-CPH
X-Firefox-Spdy: h2
|
|
| freefiree.1i1.my.id/bagas/css/facebook.css | 188.114.96.4 | 200 OK | 6.9 kB |
URL GET HTTP/3freefiree.1i1.my.id/bagas/css/facebook.css IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeASCII text, with CRLF line terminators Hashae8f5eac80c514b6ccffce75de1d2d70 eff4b0347b7c8ea58833f35c07e177f80fd28ad2 a9510c5b947eedfa3d84fef078a623ebb72cd26a8acf9855a15521dffc430d62
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /bagas/css/facebook.css HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: text/css
last-modified: Mon, 06 Nov 2023 16:44:36 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kd0TW1oryHIMLlbw%2B0MrMRop7XgvBL%2BS6%2FwhNRAeCUvQG6x6ph4GMZExw9mGHZhDmuwbCXUvBqv%2F3a7gi6aFb3QoD%2Fd0r4x1ANOHdJt%2BnVWnWGxs680VSq5QL6j5he1JcTW9hGAW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbfee2be192a3-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.youtube.com/s/player/03dc2242/www-player.css | 216.58.207.238 | 200 OK | 48 kB |
URL GET HTTP/3www.youtube.com/s/player/03dc2242/www-player.css IP216.58.207.238:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hasheff7afac8f7ac0ed881f37ffd3eebcbe 21acf841f4603dbfaed62decef15175b5d68f20f ff1235e0e6c896931d1f31f618b35e68a469befd8c90d7a0da22f1d988b0bbc2
GET /s/player/03dc2242/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48137
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 07:20:26 GMT
expires: Tue, 15 Apr 2025 07:20:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 04:14:42 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 205277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/03dc2242/www-embed-player.vflset/www-embed-player.js | 216.58.207.238 | 200 OK | 98 kB |
URL GET HTTP/3www.youtube.com/s/player/03dc2242/www-embed-player.vflset/www-embed-player.js IP216.58.207.238:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (682) Hashb1882b5e3edaca0885f674750fe7bd88 b1c29c838ece05563e2ef1eb10cf7a986c588301 5a1b22f96bab9384df7827c7710b6477229500a6d2c0f6d8f9cff3d33d428894
GET /s/player/03dc2242/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97847
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 07:20:26 GMT
expires: Tue, 15 Apr 2025 07:20:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 04:14:42 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 205277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js | 104.17.24.14 | 200 OK | 28 kB |
URL GET HTTP/3cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP104.17.24.14:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://freefiree.1i1.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 170372
expires: Mon, 07 Apr 2025 16:21:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CfF8qcIiNnEVfL0uVWZVVs0dQeOOq3PAVQCbbRiHWeUYwTCFgAfR1jczCT%2BBP0Eip15kkbtqz96pFxrwS0TyFpEd5OF6Jjmu%2BuAvHswkluoSOfe1pv8TtmSm6TEOtdcp6rxLsD1Y"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 875dbff31ac892b5-CPH
alt-svc: h3=":443"; ma=86400
|
|
| filebagasarya.com/img/border/claimepepgold.jpg | 188.114.96.1 | 200 OK | 17 kB |
URL GET HTTP/3filebagasarya.com/img/border/claimepepgold.jpg IP188.114.96.1:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectfilebagasarya.com FingerprintF8:10:79:DD:D9:42:FF:FD:E3:35:9B:09:62:4F:9B:40:07:DD:BA:85 ValidityMon, 26 Feb 2024 19:06:41 GMT - Sun, 26 May 2024 19:06:40 GMT
File typePNG image data, 193 x 59, 8-bit/color RGBA, non-interlaced Hashc61321f52aeff74693795602cf069eae 835e9f7d87c963a4f443130277f6a8074b1abc71 ac8a111bd0d029a03e1301abdec8d372b71c7e021f62c34c9050455f07b76995
GET /img/border/claimepepgold.jpg HTTP/1.1
Host: filebagasarya.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/jpeg
content-length: 16891
cache-control: public, max-age=604800
expires: Wed, 24 Apr 2024 00:19:21 GMT
last-modified: Wed, 03 May 2023 01:21:06 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 57742
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FzUQpwGlNNdIhdSgYR242xl57qBlvuR6DbtyVTwT1dlaZSrAEnWBce8DfUCp3JVcnaQUToo52OW8klzklyIsYvPF%2B6ITXQH2c8RBb6ILakH%2FvvxYGUldAdBGYdchiy335lkC5A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff30f2cbe58-CPH
alt-svc: h3=":443"; ma=86400
|
|
| www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com | 216.58.207.238 | 200 OK | 40 kB |
URL GET HTTP/2www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com IP216.58.207.238:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (58088) Hash0c99a6318752b755d0c0020c75236bf8 ddbb8b2623cdf6187c917abf0c92ccbc977de343 acf80445eddfe589da2923f4d8cffa62e68997f0a2866430311772c718b2db7b
GET /embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 17 Apr 2024 16:21:42 GMT
strict-transport-security: max-age=31536000
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=BdbPvFGiruY; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=dG_DBOfwPmI; Domain=.youtube.com; Expires=Mon, 14-Oct-2024 16:21:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIIEgQSAgsMIGE%3D; Domain=.youtube.com; Expires=Mon, 14-Oct-2024 16:21:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| freefiree.1i1.my.id/img/senjata/2.jpg | 188.114.96.4 | 200 OK | 49 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/2.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 544x540, components 3 Hashb5a6d62277ce3509c4486c03278f5baa e0876453362058b662d85bc96b79d3e272f4b6e0 0e32e347f1375a0869711eb1589ecc0420c2e44ccaa19acaf2b625086a63e560
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/2.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/jpeg
content-length: 48611
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I4YxJztlOTo9yhA02%2FChvxolFIgDXsA%2Fvcg9FU92PtKsaV3dK5YUuTZRZSi1eArSTwpYFKgjgrLqcrbhuKDlNTp7oBN3k4bMSC%2Ftk8f6A%2BrHy74%2B0TKQpOcP5RgShp7f%2Fde7oZLk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1aa3192a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 17:25:07 GMT
expires: Fri, 11 Apr 2025 17:25:07 GMT
cache-control: public, max-age=31536000
age: 514596
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg | 104.16.89.20 | 404 Not Found | 53 B |
URL GET HTTP/3cdn.jsdelivr.net/gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg IP104.16.89.20:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintDD:2E:D1:50:F1:3B:79:16:36:22:E7:0A:FD:E6:E7:35:C7:1A:42:6E ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hashcb71d2b197dd6af21b39e0261fb1497c 9ab080da6e72161e565846ba4fe9a3279f8f9acf a3abb1833e1a60b26006a99e3ca8c8aefff91c61003548a8f34fc6c92d62acd7
GET /gh/AlexHostX/mlbb@main/old/IMG-20220417-184327.jpg HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: text/plain; charset=utf-8
content-length: 53
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=600, s-maxage=600
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
etag: W/"30-mrCA2m5yFh5WWEa6T+mjJ5+Pms8"
content-encoding: br
x-served-by: cache-fra-eddf8230046-FRA, cache-lga21947-LGA
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0W%2FcCZx%2F7wB8xxy1o05OarcA9vBROvA1jncZkx4SxX%2FbHic2KLvPOTAMs5sfwX2kO9BQ9BohTEr9%2B1XTjrIFA2RoCvAvmjxeLVAnbS2vZWV1vIdaQj%2FALCHq%2F5LyBRASMA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbff2fae58f5d-CPH
|
|
| fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 IP216.58.207.227:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15044, version 1.0 Hash4806226b885b3b3d0ae52142f6bfb3af 2ea5cc6d5e4adb874989a2b74bda062296fb1ad3 714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
GET /s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://freefiree.1i1.my.id
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15044
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 20:39:40 GMT
expires: Tue, 15 Apr 2025 20:39:40 GMT
cache-control: public, max-age=31536000
age: 157323
last-modified: Thu, 24 Aug 2023 21:55:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 11 Apr 2024 02:43:03 GMT
expires: Fri, 11 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 567520
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| freefiree.1i1.my.id/img/senjata/t2.jpg | 188.114.96.4 | 200 OK | 120 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/t2.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1080, components 3 Size120 kB (119615 bytes) Hash390c51eba9889a3f8602c0c8a0d1fade 6a0574718588d909e19270dc76251fcf02ad4645 eedf5cf21bc0196270343c98473488a81bdfd5280abe8415bde3fbd046ff1e52
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/t2.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/jpeg
content-length: 119615
last-modified: Mon, 22 May 2023 07:35:53 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GFHyQgtrvIJGsZWnjZRTS%2B%2FAH2hL35%2FY8UJ9UbcpiUyQbT5pEzWgUwNDCWAYaR%2FCS3FFe0Y9SP3iIdDjJ05ccYL29iWENFi%2F4qfrsjBGRBD%2BhuuF7nJA2tgRPJsEsydHXHcdX2K9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1aa2392a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| www.youtube.com/s/player/03dc2242/player_ias.vflset/en_US/base.js | 216.58.207.238 | 200 OK | 808 kB |
URL GET HTTP/3www.youtube.com/s/player/03dc2242/player_ias.vflset/en_US/base.js IP216.58.207.238:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (555) Size808 kB (808471 bytes) Hash277db9b3e1103b9cbc8d235e0a2d90f0 48afe203acbfb1bc1a056add488dcb2821018960 a9e803a861a3efdacc5e6f1069962b11f9e1a022917732041a632366fa390bc8
GET /s/player/03dc2242/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 808471
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 07:28:11 GMT
expires: Tue, 15 Apr 2025 07:28:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 04:14:42 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 204812
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| freefiree.1i1.my.id/img/senjata/t3.jpg | 188.114.96.4 | 200 OK | 186 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/t3.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1080, components 3 Size186 kB (185559 bytes) Hash1dd0e73b90ad26acb8d339a91e074e9c 6cb645ec8c8456146c81583abd133d5a633b3b68 de7e078ab4de666a20400e6fd1fcd815a6fe893ca77042b133f38a57de2bf556
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/t3.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/jpeg
content-length: 185559
last-modified: Mon, 22 May 2023 11:57:10 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XKQnAkohBu6fvyfHGFbxMatDrPFFGVWe1TW12c88s7jtMr5mITnoDua%2FX2dGXcyaAl9SuOc81i3yLwTrYMM4hBazForWAfCjzWHL7YvA32ESi6xaZlhthiFXy9b8ZuLgF%2FUlvdFr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1aa2992a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/senjata/3.jpg | 188.114.96.4 | 200 OK | 78 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/3.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 997x1024, components 3 Hash22481399131d102cfd8f0a54a7cc2477 6d3d8b0ee6b75e568dc105596cd65b788a2d62a9 a932647f3f142202bc341dd50cb0c949fb4cca3f2dc39b6cc3aa749902946893
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/3.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/jpeg
content-length: 77540
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Kt1Nfwtx2BNglAIp9q2wSTKxbwJVxMHPZLsXXdpGHAiuMGHsNx9BDTd3Ge4akkgI90PARvSXEnKKONVgp5oGL%2FJAkB4a8wZbUrIZ7lY10P1mZ9Utwb6d%2B3lDF5cBvv5cLQnpWzBD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1aa3792a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| site-assets.fontawesome.com/releases/v6.1.1/css/all.css | 172.64.147.188 | 200 OK | 165 kB |
URL GET HTTP/2site-assets.fontawesome.com/releases/v6.1.1/css/all.css IP172.64.147.188:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerDigiCert Inc Subject*.fontawesome.com Fingerprint93:F9:69:8C:73:B0:08:60:65:F3:39:41:39:66:D3:2B:78:3A:6E:3D ValidityMon, 04 Dec 2023 00:00:00 GMT - Fri, 03 Jan 2025 23:59:59 GMT
File typegzip compressed data, from Unix Size165 kB (164777 bytes) Hashe833ee644574b9f8ad73954286116639 8bcd2d3d74f06fed4454245381d1465938a8f8ab fb9b1472b30445a5df2567ab017f9c1fbb4d4dcc1750187a09960ba0e70b4a95
GET /releases/v6.1.1/css/all.css HTTP/1.1
Host: site-assets.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:21:42 GMT
content-type: text/css
x-amz-id-2: Y1TmNuBPJ2aktX68kJThHqHYS+UBzLzvigLuxqSKGropAjQHJXqctJ8cMj8EZaj3hWZqBw7vjseo/ptPWK0rIs/nC5bnGezhyLprTTXGcJA=
x-amz-request-id: 9ZNBHYHZ9G1WY9FS
last-modified: Tue, 22 Mar 2022 15:39:41 GMT
etag: W/"325672b036bab9b57f6873aed5eccc43"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 12666588
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbfeefd18be44-CPH
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| freefiree.1i1.my.id/img/senjata/10.jpg | 188.114.96.4 | 200 OK | 83 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/10.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 796x1052, components 3 Hash3cccee9d57d94fdbf74c48a850f0f98e 98c88f308741de8229882af1cbd8f2a6baf4d4de 5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/10.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/jpeg
content-length: 83104
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OIGWwluZYUHdEP6GFIhNNHiFxVBg8ysTwv2SsG1XleMby53Fs%2B0eu8ha50VzuiR8UCdJA%2B3D%2B2Km%2FG85IdeFxXGrPIdVIez1e8B9P2urb9SBNNUPgSw7Q9yBDrFRMetPLtB%2BlGLF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ba5992a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/senjata/11.jpg | 188.114.96.4 | 200 OK | 47 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/11.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 560x740, components 3 Hashdae76322741301f8aa1384636c9a0b15 d1a9b81837d1660dd92b0fe3cc3439c4ece67cd0 516ec8f5074cc7e52bfc102e42923b36d36729496cc69aa6a84a1ecbd4bc44fd
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/11.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/jpeg
content-length: 47405
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NjwxOvrpic%2BkJWoBuX3TcIKadpBE3yc5p7YJ5lxWhSgA83dWFc0tuXYJD6z%2FhxywzppM%2F6DkUn5guchIW7JpZvEO7bbBIcuqpptJ4KjnVEazykdE8pbNTiIu4g%2FmXMAs8BD5GeiA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ba5b92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| i.postimg.cc/nVkV8M0W/FfMaxx.jpg |  162.19.88.69 | 200 OK | 37 kB |
URL GET HTTP/2i.postimg.cc/nVkV8M0W/FfMaxx.jpg IP162.19.88.69:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerLet's Encrypt Subjectpostimg.cc FingerprintF9:1B:A9:B2:AB:2D:30:75:4E:44:3F:7A:6F:40:77:77:39:CE:1B:13 ValidityWed, 21 Feb 2024 07:13:33 GMT - Tue, 21 May 2024 07:13:32 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 512x512, components 3 Hash61aa45bf291755caa8f0664e4e8b91e9 33f6c6304486ce8004d9d459f08aa6b95982f0ba 323b5ffc0bc7f906cf266b1622e4de3f8dfddcb3f38c460e58b468906d51ebf3
GET /nVkV8M0W/FfMaxx.jpg HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/jpeg
content-length: 37166
last-modified: Sat, 04 Mar 2023 14:21:43 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| freefiree.1i1.my.id/img/old/1.jpg | 188.114.96.4 | 200 OK | 59 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/old/1.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hashd0c711d1ab95b03a1a1f733a60ba8984 eceaead218d602337bdd89ba90fdc31bd70f0156 8e50767bd0edcca88b3b611cd905e3d05b34b04447076fcf6a3567cf55f3bb20
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/1.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/jpeg
content-length: 58745
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MJOylfRItm0dKW7JEvLWdoOKLhbEbEPcrFSpPhSJ56nYlzP4F%2BNFtdVqlm1njjJXX08go3K4c54eo6NG3jUK4lQUHZ9317HybntuS4RHVHf3Qlu1TbHzHGVekGUsyyrHwAIPcpjO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ba5e92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/facebook_white.png | 104.16.89.20 | 200 OK | 29 kB |
URL GET HTTP/3cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/facebook_white.png IP104.16.89.20:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintDD:2E:D1:50:F1:3B:79:16:36:22:E7:0A:FD:E6:E7:35:C7:1A:42:6E ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typePNG image data, 604 x 158, 8-bit/color RGBA, non-interlaced Hash74190b93fc4f5d88f0c8e6411ba20bd8 89ce2ecb660a90b8e6ed1b335443d7767c59f28a 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
GET /gh/gowebid/assets@main/go_login/facebook_white.png HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/png
content-length: 28789
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"7075-ic4uy2YKkLjm7RszVEPXdnxZ8oo"
x-served-by: cache-fra-etou8220127-FRA, cache-lga21938-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZKLhPdUC%2Fpfsa4KOdQ8QMtSHtBiLfC8T8BYlOhIYSKptfDdeg8r5oSj0V2saAJEyu3xjp%2B2%2Fet1aAzPo5F8Ga%2BbHNrdYDVnxbtLGcIptuu0iWGFqzayZx0Gl4zcax0KDbb4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbff2ba618f5d-CPH
|
|
| www.youtube.com/s/player/03dc2242/player_ias.vflset/en_US/embed.js | 216.58.207.238 | 200 OK | 18 kB |
URL GET HTTP/3www.youtube.com/s/player/03dc2242/player_ias.vflset/en_US/embed.js IP216.58.207.238:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (3391) Hash73bed7d387f3099c72820dd9b42e2fe5 03f89760ea2b453def769dbb9f36a3e6f93b8516 a073311bd2d09cd43447d4c1863115036e5ed1208ca38d51a3ff725c44399c00
GET /s/player/03dc2242/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18139
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 07:28:11 GMT
expires: Tue, 15 Apr 2025 07:28:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 04:14:42 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 204813
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 216.58.211.10 | 200 OK | 0 B |
URL OPTIONS HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP216.58.211.10:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 17 Apr 2024 16:21:44 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google.com/js/th/3qr7gha742YnmAUpItQqIAu3HrTIDIaDXS3XkPEq5AU.js | 142.250.74.164 | 200 OK | 20 kB |
URL GET HTTP/2www.google.com/js/th/3qr7gha742YnmAUpItQqIAu3HrTIDIaDXS3XkPEq5AU.js IP142.250.74.164:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCC:CC:99:46:65:6C:77:0B:C8:AA:AD:5E:58:B6:2D:19:B2:C7:0B:06 ValidityMon, 04 Mar 2024 07:19:07 GMT - Mon, 27 May 2024 07:19:06 GMT
File typeJavaScript source, ASCII text, with very long lines (52156) Hashe72bebc20c294cb7e62bbccd15c94b1b a83fff70fe780fcbb8738f3d1cf4a7e309879dc6 deaafb8216bbe3662798052922d42a200bb71eb4c80c86835d2dd790f12ae405
GET /js/th/3qr7gha742YnmAUpItQqIAu3HrTIDIaDXS3XkPEq5AU.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 20514
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 05:04:22 GMT
expires: Thu, 17 Apr 2025 05:04:22 GMT
cache-control: public, max-age=31536000
age: 40642
last-modified: Thu, 04 Apr 2024 18:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 216.58.211.10 | 200 OK | 42 kB |
URL OPTIONS HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP216.58.211.10:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash9e843a342d9797a19012235ad9ce999d e2a173b38c30121b429190654436f52c0cce118c fb977d27ea92186af564d541652df2f73a91f3f1e8af3125de34ebc1673be02b
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 17 Apr 2024 16:21:44 GMT
server: ESF
cache-control: private
content-length: 42123
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/youtubei/v1/player?prettyPrint=false | 216.58.207.238 | 200 OK | 31 kB |
URL POST HTTP/3www.youtube.com/youtubei/v1/player?prettyPrint=false IP216.58.207.238:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hash78791d4ab1bbdcd40b2e720642851846 39e1ca95503a19f15320437c55d54a7f7336b1fe 9a309b783d91dd515532d1ffe21e1b5ff9fae7cd600cf04a56e17d59fcfd4f96
POST /youtubei/v1/player?prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Goog-Visitor-Id: CgtkR19EQk9md1BtSSiW7v-wBjIOCgJOTxIIEgQSAgsMIGE%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240414.00.00
Content-Length: 3058
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 17 Apr 2024 16:21:44 GMT
server: scaffolding on HTTPServer2
content-length: 30595
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| yt3.ggpht.com/Pwnw9qWQuKgdKS72XPcRYHnZ4yIIyryaBkn_6IF9yR7jugDpwcGNqOCbAa5paa3ddEY31MHuOCM=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 4.6 kB |
URL GET HTTP/2yt3.ggpht.com/Pwnw9qWQuKgdKS72XPcRYHnZ4yIIyryaBkn_6IF9yR7jugDpwcGNqOCbAa5paa3ddEY31MHuOCM=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3 Hashbc57ab4f932a6079d620bddcedebfb98 64a2dd45f35a54ada4e2cd3d2fecce7742847e08 aa83c68bd76b28466287ab4f1d12527fa8f305192e89060106f509768188a304
GET /Pwnw9qWQuKgdKS72XPcRYHnZ4yIIyryaBkn_6IF9yR7jugDpwcGNqOCbAa5paa3ddEY31MHuOCM=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 4564
x-xss-protection: 0
date: Wed, 17 Apr 2024 15:57:18 GMT
expires: Thu, 18 Apr 2024 15:57:18 GMT
cache-control: public, max-age=86400, no-transform
age: 1466
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| freefiree.1i1.my.id/img/old/8.jpg | 188.114.96.4 | 200 OK | 85 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/old/8.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3 Hash5b988ca12f0928c882f7ff50a32ffe01 a44b37e7bb7ecbbe76d47b084cd94effd6e9f552 0eb6a14eeb1c27e7c3c471db0f10c25eea89a65df20b2dbeea6c9ee3ccc0c78f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/8.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:44 GMT
content-type: image/jpeg
content-length: 85199
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rTUG5%2BPyRAinTKlIAmiRH4v4RJaPUGgA8f3ovA%2BO%2BLAbbSpY8o35SMNnQ%2BO3uf2HmtpUTXs3wv5XJWNryoYfloQ8vEt%2B10rVmNQOHjgGOsCGhFV7fDdWh9rje%2BxhT%2FjrgKxGnOFG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ba6f92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/diamond/1.png | 188.114.96.4 | 200 OK | 2.8 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/diamond/1.png IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hashbd1e125844fffc6d3485bcf93c224f9d 2782371542228b448959c8610cf3790b662185cc b8f4fec91600d5be6d465792f7f7fab635d01019e148fe8b6f7bf59f717041de
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/1.png HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:44 GMT
content-type: image/png
content-length: 2814
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ADMe00PFCD%2FEThGaOHPBiVlkMSuwi6JnKdJydkOlJRVm9pTlrxsSHm0OcwDLC0Ygky8uK%2B0IHFeamQoCvKWM3yLnH2IEDJ4AlipdD1p8eJG3Guc2lJAXGTNfTokNLactvIV0We%2BC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ca7e92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| www.youtube.com/generate_204?VOUmhg | 216.58.207.238 | 204 No Content | 0 B |
URL GET HTTP/3www.youtube.com/generate_204?VOUmhg IP216.58.207.238:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?VOUmhg HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Wed, 17 Apr 2024 16:21:44 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 216.58.211.10 | 200 OK | 0 B |
URL POST HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP216.58.211.10:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 17 Apr 2024 16:21:44 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 216.58.211.10 | 200 OK | 114 B |
URL POST HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP216.58.211.10:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
Hash93ed152df94797c13bac25dec060b502 98fc2d50cfa3aad1e5049aab9e4337e261505858 6390b4dca4d38f6f58c2fc6a8b3d9761b8780fe7973953fbab5306e0d76220c0
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1262
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 17 Apr 2024 16:21:44 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/api/stats/qoe?fmt=396&cpn=SopElQtbAqL3F7nM&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C84737%2C19571%2C16747%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C2007%2C9072%2C12518%2C593%2C6964%2C643%2C8433%2C531%2C376%2C443%2C1614%2C9229%2C1102&cl=624802652&seq=1&docid=4hIMRUTqARM&ei=GPcfZsKvIJW00u8P7KyB0A8&event=streamingstats&plid=AAYWTUAjLRRNP7V3&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4hIMRUTqARM%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBTb3BFbFF0YkFxTDNGN25NEAE&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240414.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.025:B,0.500:B,0.500:B&cat=streaming&cmt=0.025:0.000,0.500:0.000&vfs=0.500:396:396::r&view=0.500:390:190&bwe=0.500:130000&vis=0.500:0&bh=0.500:0.000 | 216.58.207.238 | 204 No Content | 0 B |
URL POST HTTP/3www.youtube.com/api/stats/qoe?fmt=396&cpn=SopElQtbAqL3F7nM&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C84737%2C19571%2C16747%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C2007%2C9072%2C12518%2C593%2C6964%2C643%2C8433%2C531%2C376%2C443%2C1614%2C9229%2C1102&cl=624802652&seq=1&docid=4hIMRUTqARM&ei=GPcfZsKvIJW00u8P7KyB0A8&event=streamingstats&plid=AAYWTUAjLRRNP7V3&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4hIMRUTqARM%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBTb3BFbFF0YkFxTDNGN25NEAE&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240414.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.025:B,0.500:B,0.500:B&cat=streaming&cmt=0.025:0.000,0.500:0.000&vfs=0.500:396:396::r&view=0.500:390:190&bwe=0.500:130000&vis=0.500:0&bh=0.500:0.000 IP216.58.207.238:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/qoe?fmt=396&cpn=SopElQtbAqL3F7nM&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C84737%2C19571%2C16747%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C2007%2C9072%2C12518%2C593%2C6964%2C643%2C8433%2C531%2C376%2C443%2C1614%2C9229%2C1102&cl=624802652&seq=1&docid=4hIMRUTqARM&ei=GPcfZsKvIJW00u8P7KyB0A8&event=streamingstats&plid=AAYWTUAjLRRNP7V3&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4hIMRUTqARM%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBTb3BFbFF0YkFxTDNGN25NEAE&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240414.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&vps=0.000:N,0.025:B,0.500:B,0.500:B&cat=streaming&cmt=0.025:0.000,0.500:0.000&vfs=0.500:396:396::r&view=0.500:390:190&bwe=0.500:130000&vis=0.500:0&bh=0.500:0.000 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgtkR19EQk9md1BtSSiW7v-wBjIOCgJOTxIIEgQSAgsMIGE%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240414.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713370904312&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 16:21:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/03dc2242/player_ias.vflset/en_US/annotations_module.js | 216.58.207.238 | 200 OK | 19 kB |
URL GET HTTP/3www.youtube.com/s/player/03dc2242/player_ias.vflset/en_US/annotations_module.js IP216.58.207.238:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (1115) Hashe5d1ee5fb0a0e1a7a3d171e7c4c0b560 1e2218fd8b1b0025bfc84dc25af031a12055a1d7 36fc5838e117fb869c705ffcad49ec21736dc4a8a450070adf38cedded183f61
GET /s/player/03dc2242/player_ias.vflset/en_US/annotations_module.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18887
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 07:47:11 GMT
expires: Tue, 15 Apr 2025 07:47:11 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 04:14:42 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 203674
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/03dc2242/player_ias.vflset/en_US/endscreen.js | 216.58.207.238 | 200 OK | 8.4 kB |
URL GET HTTP/3www.youtube.com/s/player/03dc2242/player_ias.vflset/en_US/endscreen.js IP216.58.207.238:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (607) Hashe3d239b1603e7ff33bb7911a32c9b559 475c67f1b973f798d6cc21f95a9bbc6f5848f03c 1248bd9a26af223d1a831bb5e990f850e3d3dd371b8b28ba8d5503e168967c4d
GET /s/player/03dc2242/player_ias.vflset/en_US/endscreen.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 8392
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 07:30:40 GMT
expires: Tue, 15 Apr 2025 07:30:40 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 04:14:42 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 204665
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/03dc2242/player_ias.vflset/en_US/captions.js | 216.58.207.238 | 200 OK | 24 kB |
URL GET HTTP/3www.youtube.com/s/player/03dc2242/player_ias.vflset/en_US/captions.js IP216.58.207.238:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
File typeJavaScript source, ASCII text, with very long lines (546) Hashc8595932229bcf4d4e98dfb8ad35828f 74c52e50f4ece5dc331264fb7c3fe0786970988a 2149c9403ed5e55828a52581e17626ddc199be755ad67721cecb415a3390a7a3
GET /s/player/03dc2242/player_ias.vflset/en_US/captions.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 24396
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 10:51:03 GMT
expires: Thu, 17 Apr 2025 10:51:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Apr 2024 04:14:42 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 19842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2256250&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&mt=1713370617&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIhAMu3_cUsjE_vsxf6oCYjGP5CAg4OVAamDkrMuXkEDgg_AiAr0Z2h1YMs6kH5zIAcKfBdyWCK-xGkvZo135mcImh40g%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&range=0-84349&rn=1&rbuf=0&pot=IjrFKsUsozUyMoZNsUGXG_xvlEH8R6Ebh16Weax98lzoXYdAjGWGTY9lkVKMY4BNlHmETbZnjG2AD_Zu&ump=1&srfvp=1 |  91.90.45.173 | 200 OK | 1.5 kB |
URL POST HTTP/1.1rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2256250&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&mt=1713370617&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIhAMu3_cUsjE_vsxf6oCYjGP5CAg4OVAamDkrMuXkEDgg_AiAr0Z2h1YMs6kH5zIAcKfBdyWCK-xGkvZo135mcImh40g%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&range=0-84349&rn=1&rbuf=0&pot=IjrFKsUsozUyMoZNsUGXG_xvlEH8R6Ebh16Weax98lzoXYdAjGWGTY9lkVKMY4BNlHmETbZnjG2AD_Zu&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Hash5e8aa228837a7c9fa00d7464c041022d d82ae8b02801d5692e0f0dce7416192286286e0d d2ff99e2dee0d7461257116f6ff32dea504ad5ae1ec098b7047442dbdd3165fc
POST /videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2256250&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&mt=1713370617&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIhAMu3_cUsjE_vsxf6oCYjGP5CAg4OVAamDkrMuXkEDgg_AiAr0Z2h1YMs6kH5zIAcKfBdyWCK-xGkvZo135mcImh40g%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&range=0-84349&rn=1&rbuf=0&pot=IjrFKsUsozUyMoZNsUGXG_xvlEH8R6Ebh16Weax98lzoXYdAjGWGTY9lkVKMY4BNlHmETbZnjG2AD_Zu&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 17 Apr 2024 16:21:45 GMT
Expires: Wed, 17 Apr 2024 16:21:45 GMT
Cache-Control: private, max-age=21299
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2256250&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713370617&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIhAMu3_cUsjE_vsxf6oCYjGP5CAg4OVAamDkrMuXkEDgg_AiAr0Z2h1YMs6kH5zIAcKfBdyWCK-xGkvZo135mcImh40g%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&range=0-65900&rn=2&rbuf=0&pot=Ijr0E_QVkgwDCrd0gHimIs1WpXjNfpAitmenQJ1Ew2XZZLZ5vVy3dL5coGu9WrF0pUC1dIdevVSxNsdX&ump=1&srfvp=1 | 91.90.45.173 | 200 OK | 1.3 kB |
URL POST HTTP/1.1rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2256250&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713370617&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIhAMu3_cUsjE_vsxf6oCYjGP5CAg4OVAamDkrMuXkEDgg_AiAr0Z2h1YMs6kH5zIAcKfBdyWCK-xGkvZo135mcImh40g%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&range=0-65900&rn=2&rbuf=0&pot=Ijr0E_QVkgwDCrd0gHimIs1WpXjNfpAitmenQJ1Ew2XZZLZ5vVy3dL5coGu9WrF0pUC1dIdevVSxNsdX&ump=1&srfvp=1 IP91.90.45.173:443 ASN#50304 Blix Solutions AS
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googlevideo.com Fingerprint05:65:DE:5B:B7:CF:9A:4A:22:AF:57:DB:9B:EC:B9:BD:E5:B0:57:E2 ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Hash66805aa8486cbb7339544ab82e5dd80b 46f1e52f3fba37e29ac28d1af01281769d1f83e5 3ea8c84a102647db1b1fb58bc3137abd1afc84e97cedecb6f753ddcbcadf6b37
POST /videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&mh=fM&mm=31%2C29&mn=sn-capm-vnae%2Csn-5go7ynl6&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2256250&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&mt=1713370617&fvip=3&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=ALClDIEwRQIhAMu3_cUsjE_vsxf6oCYjGP5CAg4OVAamDkrMuXkEDgg_AiAr0Z2h1YMs6kH5zIAcKfBdyWCK-xGkvZo135mcImh40g%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&range=0-65900&rn=2&rbuf=0&pot=Ijr0E_QVkgwDCrd0gHimIs1WpXjNfpAitmenQJ1Ew2XZZLZ5vVy3dL5coGu9WrF0pUC1dIdevVSxNsdX&ump=1&srfvp=1 HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Wed, 17 Apr 2024 16:21:45 GMT
Expires: Wed, 17 Apr 2024 16:21:45 GMT
Cache-Control: private, max-age=21299
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| i.ytimg.com/vi/4hIMRUTqARM/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-DoACuAiKAgwIABABGHIgRCg0MA8=&rs=AOn4CLDmkIQtr7VBGEWd49tclJs4Rocw9Q | 142.251.9.119 | 200 OK | 26 kB |
URL GET HTTP/2i.ytimg.com/vi/4hIMRUTqARM/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-DoACuAiKAgwIABABGHIgRCg0MA8=&rs=AOn4CLDmkIQtr7VBGEWd49tclJs4Rocw9Q IP142.251.9.119:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subjectedgestatic.com Fingerprint78:1A:D9:37:F2:33:3C:A9:0F:4C:4A:E8:40:9E:55:8E:02:75:1E:15 ValidityMon, 04 Mar 2024 06:35:07 GMT - Mon, 27 May 2024 06:35:06 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3 Hashcc85d6cc54c5003dee041117e5aed1d9 bd70735bd30376af98a8abc455633928bd5defbf 0c66f7ec0695b90aacd63bde4b84f7c97392cd92189ee42fb810d6a214c177a3
GET /vi/4hIMRUTqARM/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-DoACuAiKAgwIABABGHIgRCg0MA8=&rs=AOn4CLDmkIQtr7VBGEWd49tclJs4Rocw9Q HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 26512
date: Wed, 17 Apr 2024 16:21:45 GMT
expires: Wed, 17 Apr 2024 18:21:45 GMT
cache-control: public, max-age=7200
etag: "1705996351"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRgIhANCQcIlDdkN3yV5221slaIJNRW19lAHbumVxOeIUgYlWAiEAou3tSmQYQlDCE_A9HwZr33mjDFKCqvuOKc-K_NkQHUs%3D&range=0-84349&rn=3&rbuf=0&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 | 74.125.111.40 | 200 OK | 84 kB |
URL POST HTTP/1.1rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRgIhANCQcIlDdkN3yV5221slaIJNRW19lAHbumVxOeIUgYlWAiEAou3tSmQYQlDCE_A9HwZr33mjDFKCqvuOKc-K_NkQHUs%3D&range=0-84349&rn=3&rbuf=0&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 IP74.125.111.40:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com Fingerprint6D:7D:79:1B:2A:53:90:00:60:42:78:46:75:80:C3:2A:F8:BF:1E:BB ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Hashf7dc5c74173b342887b03e86dc303804 2d18f71b55246cb647122a27be22e1c5a7663a37 66f6e0b789ba82948cfbbc464821f8341bdb4f21b3a1072741036503adfcb76b
POST /videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRgIhANCQcIlDdkN3yV5221slaIJNRW19lAHbumVxOeIUgYlWAiEAou3tSmQYQlDCE_A9HwZr33mjDFKCqvuOKc-K_NkQHUs%3D&range=0-84349&rn=3&rbuf=0&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Wed, 03 Apr 2024 11:15:08 GMT
Content-Type: application/vnd.yt-ump
Date: Wed, 17 Apr 2024 16:21:45 GMT
Expires: Wed, 17 Apr 2024 16:21:45 GMT
Cache-Control: private, max-age=21299
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=0-65900&rn=4&rbuf=0&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 | 74.125.111.40 | 200 OK | 66 kB |
URL POST HTTP/1.1rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=0-65900&rn=4&rbuf=0&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 IP74.125.111.40:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com Fingerprint6D:7D:79:1B:2A:53:90:00:60:42:78:46:75:80:C3:2A:F8:BF:1E:BB ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Hash1cc212aa97fc69d07790f0a17b6a36bd 43b44c6e8c14ef5a83f8956f52de9dcfbba3ae30 9c87a2aab6fc1e6e5596700c8eeddfca07fc703ce1c853d19929c207465d3101
POST /videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=0-65900&rn=4&rbuf=0&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Tue, 02 Apr 2024 22:02:53 GMT
Content-Type: application/vnd.yt-ump
Date: Wed, 17 Apr 2024 16:21:45 GMT
Expires: Wed, 17 Apr 2024 16:21:45 GMT
Cache-Control: private, max-age=21299
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=65901-131580&rn=5&rbuf=3943&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 | 74.125.111.40 | 200 OK | 66 kB |
URL POST HTTP/1.1rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=65901-131580&rn=5&rbuf=3943&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 IP74.125.111.40:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com Fingerprint6D:7D:79:1B:2A:53:90:00:60:42:78:46:75:80:C3:2A:F8:BF:1E:BB ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Hashd904eebbe6303ecb00b21e4137d7c63f fc8b35ea2c8ff9e04b21b48da715a13556f244de e6e1e26016bc96b825bdb36cef126ff574619071e578c5751599526977df5c4d
POST /videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=65901-131580&rn=5&rbuf=3943&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Last-Modified: Tue, 02 Apr 2024 22:02:53 GMT
Content-Type: application/vnd.yt-ump
Date: Wed, 17 Apr 2024 16:21:45 GMT
Expires: Wed, 17 Apr 2024 16:21:45 GMT
Cache-Control: private, max-age=21299
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 216.58.207.238 | 200 OK | 31 B |
URL POST HTTP/3www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP216.58.207.238:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1713370905540
Content-Type: application/json
X-Goog-Visitor-Id: CgtkR19EQk9md1BtSSiW7v-wBjIOCgJOTxIIEgQSAgsMIGE%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240414.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713370904312&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Length: 16727
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 17 Apr 2024 16:21:45 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/youtubei/v1/next?prettyPrint=false | 216.58.207.238 | 200 OK | 1.8 kB |
URL POST HTTP/3www.youtube.com/youtubei/v1/next?prettyPrint=false IP216.58.207.238:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hash6e943683a8cbd6fbd6b012e7098071b6 e3765bb98acf9c2f285d3e6cd4e147c26a572e54 43a42c52f78ca430caddb686db0c7a78781d614d59055054759b444ca7ad1bd3
POST /youtubei/v1/next?prettyPrint=false HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Goog-Visitor-Id: CgtkR19EQk9md1BtSSiW7v-wBjIOCgJOTxIIEgQSAgsMIGE%3D
X-Youtube-Bootstrap-Logged-In: false
X-Youtube-Client-Name: 56
X-Youtube-Client-Version: 1.20240414.00.00
Content-Length: 2669
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 17 Apr 2024 16:21:45 GMT
server: scaffolding on HTTPServer2
content-length: 1819
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRgIhANCQcIlDdkN3yV5221slaIJNRW19lAHbumVxOeIUgYlWAiEAou3tSmQYQlDCE_A9HwZr33mjDFKCqvuOKc-K_NkQHUs%3D&range=84350-278133&rn=6&rbuf=6110&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 | 74.125.111.40 | 200 OK | 200 kB |
URL POST HTTP/3rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRgIhANCQcIlDdkN3yV5221slaIJNRW19lAHbumVxOeIUgYlWAiEAou3tSmQYQlDCE_A9HwZr33mjDFKCqvuOKc-K_NkQHUs%3D&range=84350-278133&rn=6&rbuf=6110&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 IP74.125.111.40:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com Fingerprint6D:7D:79:1B:2A:53:90:00:60:42:78:46:75:80:C3:2A:F8:BF:1E:BB ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size200 kB (200091 bytes) Hash668d0e201d9f59e39a1c15e2fbda9e42 6e6d827a89bcebc492863eb55fc862c990f7a352 53818903dc1241274dc440ffca38d350016dd413f73549a71ad220df6989582c
POST /videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRgIhANCQcIlDdkN3yV5221slaIJNRW19lAHbumVxOeIUgYlWAiEAou3tSmQYQlDCE_A9HwZr33mjDFKCqvuOKc-K_NkQHUs%3D&range=84350-278133&rn=6&rbuf=6110&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
last-modified: Wed, 03 Apr 2024 11:15:08 GMT
content-type: application/vnd.yt-ump
date: Wed, 17 Apr 2024 16:21:45 GMT
expires: Wed, 17 Apr 2024 16:21:45 GMT
cache-control: private, max-age=21299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0
|
|
| freefiree.1i1.my.id/img/senjata/8.jpg | 188.114.96.4 | 200 OK | 26 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/8.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 335x354, components 3 Hash042df6ae6e2a48458b94a41111fce6da 7785d4cd7f9ab767f3ab8495e94c1888e29f0542 7b8542123bfc06f37312a1756361916d7e3f7a1af974877a63da2b2ff8dd03ab
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/8.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:45 GMT
content-type: image/jpeg
content-length: 25821
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8DpI7GAsjlx8nl8u0qmtUjeK%2BUDaf%2F1x60bqMhdoe5f5R8i5FQioNihwoGpMgmC6eydFt%2BMOi3bCMfQlW50NL6w6WVGH2J24VN8qromnJzxg0dYll9%2F5qTZOuW7NkP3Gstnk4J74"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ba5192a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| | 188.114.96.4 | 200 OK | 52 kB |
URL User Request GET HTTP/2IP188.114.96.4:443
CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (1979), with CRLF line terminators Hashbe2e047697981b2693f3667fd11eac67 3495eb01a3b5e1b28c8204d7576285fd02174758 1601b6d576b02daa75accf8b5dc1a6368c845853e9fa9a8c23a13e12626a28c0
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET / HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:21:42 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RxG0Prd6bOyEL7LciPs4hosFWwC92Qt7fIrGg7oMfk3EpElH1t7vXp5axxeWgRxaref6RjjEtCKqj2aZ1MUMUOhT7NERkeMbpW9twyjR%2BEmokxmhxzmIkGY%2BOs2w7fAQlQtDLWsG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbfe90f518f5d-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css2?family=Teko:wght@300;400;500;600;700&display=swap | 142.250.74.106 | 200 OK | 119 kB |
URL GET HTTP/2fonts.googleapis.com/css2?family=Teko:wght@300;400;500;600;700&display=swap IP142.250.74.106:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Size119 kB (119401 bytes) Hash5ac9b0fc4b0a10f566875fc6c12d04d6 7c070df0184fdfe04d355792ff37ca3283f8097b ac7c5e603d45612c6068030aec21e35e201aa816e757f92393783a77a0059543
GET /css2?family=Teko:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 17 Apr 2024 16:21:42 GMT
date: Wed, 17 Apr 2024 16:21:42 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| freefiree.1i1.my.id/img/diamond/3.png | 188.114.96.4 | 200 OK | 2.9 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/diamond/3.png IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hashdf5bfc626761a05e26222598f27cdf15 ed37075f86574bdeb39a5608384d722f8347df03 762fe8a43c859633d41642dd93c10478d3dacf62ff1310ddcefa17db5fa61f29
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/3.png HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:45 GMT
content-type: image/png
content-length: 2875
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ixys48sUWWRlzuUrn3APk91IWZkBjDnT3IqDxDds%2B037MGLVfqg%2Bqj4Q1soJL%2BBMgCDcvy%2FGH4eIzp%2BsFI%2B0PK68Mti5XxSPP7foc73%2BjVBjr84DpkBv8BSy%2FOZv12o2R8BRJ%2FVE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ca8592a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/diamond/7.png | 188.114.96.4 | 200 OK | 12 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/diamond/7.png IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x290, components 3 Hash31c0214a044bb8cc98cab002fdf9bb94 c2b483949f3267aa679d364ce059d1babc3e8f93 585cf192d586d254d46a7a066980137a06e5a23592e66dfc4b54bd6c4b63e088
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/7.png HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:46 GMT
content-type: image/png
content-length: 11823
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=s%2BhFMXoNJPp9kNSo1btM%2BkBZ%2FQFISmv9%2F5FTzVLw1m4v1T5AbCRYHtr0%2BN1VYMby6zd41i5WhyR57xF4iNpKCc4OvkSE1BlMsp%2BRqMrB%2B43bYCcaDqgqC4ULL5pT0HXFbAeuNTn2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1da9292a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/old/10.jpg | 188.114.96.4 | 200 OK | 39 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/old/10.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 684x916, components 3 Hashbf58fb6f6463a1720fb1d0e0f58a3896 e0b9c0a61b1c60fe8748c7d007b981a3b7056489 de9e872524b79699ce8b0624de9bba409dd246d16dd48f171e4ed1072c00cfeb
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/10.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:46 GMT
content-type: image/jpeg
content-length: 39371
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gP%2FNNdlZJu0Jec%2B6rjGXKWzpUSuArJ26byDoiUevARiBzLgYceRabjD8xjLylaDsBOwi7iThw5UTa7GHs9jwjjBbtOUnKo78NDyDOZ10Ax9VhDQs85LFfDUXYlIrfdGgCdOVZrhD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ca7792a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=131581-263084&rn=7&rbuf=7895&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 | 74.125.111.40 | 200 OK | 132 kB |
URL POST HTTP/3rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=131581-263084&rn=7&rbuf=7895&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 IP74.125.111.40:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com Fingerprint6D:7D:79:1B:2A:53:90:00:60:42:78:46:75:80:C3:2A:F8:BF:1E:BB ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size132 kB (131598 bytes) Hash3cd5c2b5d7fa64805a6945b4f95238f3 109921ad45293ba81a514106cb27f235d1a7140b 646d6959379efad6eb83a04356b2728355793c12f57af2958a956a110eb479ec
POST /videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=131581-263084&rn=7&rbuf=7895&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
last-modified: Tue, 02 Apr 2024 22:02:53 GMT
content-type: application/vnd.yt-ump
date: Wed, 17 Apr 2024 16:21:45 GMT
expires: Wed, 17 Apr 2024 16:21:45 GMT
cache-control: private, max-age=21299
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
|
|
| freefiree.1i1.my.id/img/incubator/5.jpg | 188.114.96.4 | 200 OK | 56 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/5.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 568x568, components 3 Hash5e7b7e726f0f5182f4268a38b3a5ceab 6495856bce9af91b8e9d728e0e3625189e7e452b a04ed1b5cf22b5ae79a1bbca52ee14f9ca03a83a36c6ce16e7ecb870e95aab55
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/5.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:47 GMT
content-type: image/jpeg
content-length: 55457
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m96HT5M8zs2aOKsg7dObXGVHZhNC7vrMkyx9yPen3pSlpuejSyafgtqlWktGyYdMtdOQ63xMz%2Fi2wQI3BPlKBePXmxISxNXL4xT%2BQ8WimtCrqxr2l4i3Hk3KHM5MY2YSFImHZ%2BxU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1daab92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/diamond/5.png | 188.114.96.4 | 200 OK | 2.8 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/diamond/5.png IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hashf7fe1bdb99bdc8d0685e5f4bb5bf4e4c 965db0214225f37399495346a972e83c83f3fcdd e436ac38500431763697f5bd387d494324f320b76b25c97e29938d90bd7b1557
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/5.png HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:47 GMT
content-type: image/png
content-length: 2779
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P9EdjkKJnq%2FXcEZU5ilpdmzA2UQEDa3C5RNMePiitZiwNgr1vd4Fwffv84o6fEGo5YsGGydHVg085LZ6w4VHgwYCLAvUgTxi91Fpdp%2BwCZeAXZzuwdHwamlwkL%2BEFi2YWtGani7T"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ca8b92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/old/11.jpg | 188.114.96.4 | 200 OK | 46 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/old/11.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 940x1052, components 3 Hash0a4bc07510a030baffb2ec9ef5870aea 453b316a4e3fa4d955e1395280d506761156a06c 908c3acad2bff2c347166113be45b73a35869eed538a900acca3fedd81ff5183
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/11.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:47 GMT
content-type: image/jpeg
content-length: 46471
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9RETzFajrvMhxt%2BKmqIuRcvC1XwP5fSIXMv5HtT%2FxhpWmZeUTHjXbF9BckVDVMa%2FZj6u%2Fm7d%2FzE%2FvMaR3880elTJQ018NJN09gI%2BlkM893d3srcBoErs0d2SsRNjx3AJwZkqeUab"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ca7a92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/4.jpg | 188.114.96.4 | 200 OK | 64 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/4.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 575x575, components 3 Hashb5204e496f3122192acd17b2b186b45f 7150bc610c3e4104dd5b101654c9f37406aa04a4 f95ed204614a3599b0bb6ffdcceecb74cd5dc7a60e26ca4e235f1a2a82c5c518
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/4.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:47 GMT
content-type: image/jpeg
content-length: 63944
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h8EctfIFlqV%2BGUtRYz9QjoLhALyMa5Nha%2FsXin7Zrmc%2BVHAHm%2Fp9FYrPjFVm%2B6H5eQOAM3BsJPnFGMQFfXIxJBLKhjieOZRTSkvNG7vCTHQUhSp%2FxFEiwboIvlrUBbVLZ21ELVGA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1daaa92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/n1.jpeg | 188.114.96.4 | 200 OK | 100 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/n1.jpeg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 582x773, components 3 Hashdb1fa213e1d17d31fe863149c067eb65 feb589647e77221e77477f577d3c1c8ba6a75477 d2973dde5839f76cfa57932df4f4813939a0061a89376edb063f6bde3b0047b5
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/n1.jpeg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:47 GMT
content-type: image/jpeg
content-length: 99696
last-modified: Mon, 19 Feb 2024 01:49:40 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qZKBhBHgyRfCUQn3J2dLJOBK%2FvTtHI9vgaNv23PXaShAaGxNUXpKmfzzvhoTEEOx7Ju80799n9M%2BtZfQTcG2RXL2RncHnO%2Brpxphn5WIqPLKbfbdDnu26NqLrt41QwikLVttqS51"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1da9792a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/2.jpg | 188.114.96.4 | 200 OK | 60 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/2.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 565x565, components 3 Hashcaa25bdeee31b9bf65b0558ee9ba03d8 7fda495e1ba5939dacaa87e1231a72e40111e600 35d68e25f22f6688e3a8f7cb2f354cd45b09c8523ba6d4ff53c7ca64d3c9e1bd
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/2.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:47 GMT
content-type: image/jpeg
content-length: 59531
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MG3Qg7Nu20Fq%2Boaou5Wtce%2B9Yb8r%2FwdJ5PUpruQ1WOEkAfp9d%2BLueyWbwYQcJpGFMjTd%2BZYwDs6WC4YByhUpZ%2BfzPmHWXTdhL662Payp969p5LMBlI9fIyx0tNGi7QxjahCraI%2Fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1da9f92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/diamond/2.png | 188.114.96.4 | 200 OK | 2.9 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/diamond/2.png IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hash63344bf9eaf1a509a9f8a749a06a36e1 0ff516d19ef2ff1b9a44ab20e3eb9579a8894654 788c47722a4dc77173ab620f196bfc24a2d8668bcf08f9fd296574545cf700f1
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/2.png HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:47 GMT
content-type: image/png
content-length: 2878
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VvWUG0gP08jG%2B8j%2Bhk8Hi67xq5lYdHSM3uTZFrXc1TqElwqRa9Fx3ER7LYgWWoN3V7OwV7V8ro07IXjbbd5yx4z6Bz7x8MX8mquITaK07KZOSWSpNkFv3r8qW1n%2Bfk4imX2sVWM7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ca8092a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/old/2.jpg | 188.114.96.4 | 200 OK | 43 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/old/2.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hashd90e22f880ff0e9cc33ce41a6bb541b2 a4f08fe678a177545600ba36b25c83a8daf5fd16 10bc32127a5ceb3f33fc38029145931334f6f49bd7274b62697036fd59be2f65
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/2.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:47 GMT
content-type: image/jpeg
content-length: 42687
last-modified: Wed, 05 Apr 2023 14:32:56 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oUxcVoDBR8yhLfqY0i8UFCsWyRki7paXI9VC69jB3tJ6IYwAR2UeopRuTZ6IjyLk0DsGmSkWW4nT4H%2FPUBh%2BvkRNw7tkDDmJOFoC0KckLch031eR9QCCBDLZ3ZjJY30cMgZl2edX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ba6192a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/bagas/css/moonton.css | 188.114.96.4 | 200 OK | 92 kB |
URL GET HTTP/3freefiree.1i1.my.id/bagas/css/moonton.css IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeASCII text, with CRLF line terminators Hash99598fad1f5706054ad5d6cb3fc793de a6cf0678494edf9ece7918fc32f97a43c7724418 5e9973f789c6b11b44992b8f3232427c4b2c05099db3179f6bab1aee75faba2d
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /bagas/css/moonton.css HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: text/css
last-modified: Mon, 06 Nov 2023 17:15:52 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sei%2Fx1RyICLgQ0XDLI4PXCUmjurngU7zb%2BhONNKp63cwOMDdpLPA2YR7IRDOV9qOBKZTjaHaZpgblxbu%2Bg3SUccXgmfc%2FFLu6plaYgxEjGSyqDVgdV2o5qLSsoTc5eIwT4j9qfXW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbfee2bdd92a3-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/n3.jpeg | 188.114.96.4 | 200 OK | 63 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/n3.jpeg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 540x663, components 3 Hash3ba15ab32066f05ac8ae42e77a723e85 116021696ee50fb51cb0c44f683cde855c59a291 f83b1564472584afdac9157172bf634ef3ccd4bcfd947987c1a059395627a387
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/n3.jpeg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 63129
last-modified: Mon, 19 Feb 2024 01:49:44 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GxMzO4cMMeeHLfAeErbW5i7fFrYUB32XurGLkZ8%2BhJrA2HSMisKYdVPFqUwffwvKKZR2W7PNMBbaVzOZImSDOhPqV6RGMwYToWaSuYvGkVG4uon6sTfQ74KdsPDlHbMmrOirbU1p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1da9b92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/diamond/6.png | 188.114.96.4 | 200 OK | 2.8 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/diamond/6.png IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hash2230594c80150378fe318c774eb216a4 918a13f5861c368c3b19c75cf8ca362b0b29a48c 43de460f27a0d3e43b13b5e75ac00da6ea6b54fb468afc4cffbd53709ee556b4
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/6.png HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/png
content-length: 2781
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dfxcGaxQutxHowTmQwZ0aOcINKAR3bKMpprwIp6ZnC5tuPD9tpm1i1bK2c3GsLZ2q5NY6nN05CtTffFyCcaUGqN%2FbPg8%2FO5vxp4IEot2l%2BBf10JI%2FyLR3h7Agf0vGhb035rxJLEj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ca8e92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/old/3.jpg | 188.114.96.4 | 200 OK | 58 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/old/3.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hash316dfba4d81ad853bef7088dbe9737ca 38c7bdbdb9b227c060d6f5474ba807a0cdaff4a7 258a47a929eb483613c81aae8432b705d949ac9facf5a5c02d7d8d4a3db823af
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/3.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 58510
last-modified: Wed, 05 Apr 2023 14:32:56 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vnEAA494x%2F%2F1DsY8K7dHeELHKag5JE7MuvCaB5hmHEAtLWufRyVfxyMp3jBMGWd%2F9ToFhNp7G8XMDVQnfYd%2Fy%2FkdK7N5VBspp%2B0gy0%2BaOj%2FvCc8nNCGpShIPYq9DcNEvzIPhD6gz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ba6492a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/tittle2.png | 188.114.96.4 | 200 OK | 24 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/tittle2.png IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typePNG image data, 151 x 45, 8-bit/color RGBA, non-interlaced Hash43b12100b99f0747a7d74c5eadd7f559 f2ee9778c4fc202120720817037040fc479825c8 10247b341cbfb00357771f67d54e8650b15a776829b91a1d8a6cd80418eee50c
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/tittle2.png HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/png
content-length: 24103
last-modified: Sat, 17 Feb 2024 06:14:04 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CX6nPQe7x6FGpyIHm5YP13oqVOR7bJKdcJc4AG%2FPqyYuJFxatCOg0%2FuKqcJWQKGO320T89svBFjJfPnNlVeu2wRbFdaHnkTiKllvsM5WaeQuhuGks58KqqodWkwajbX5jCVJMmc%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff19a1492a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/3.jpg | 188.114.96.4 | 200 OK | 59 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/3.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 562x562, components 3 Hash979aa3e91bf0371884c91706db7a98c1 658497a52d5551d138d3401210ddf2ecacfb20fd f451a298d4843315ecb7bf2500d946295ecd6776aaf12cb69574bde1aa1f395c
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/3.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 58631
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQaGj9Foxfb5LjxZ5fs9%2BYAU6LYpC7jTSb%2BNx0feFmaYn5umGSgCLB%2FtCQUBbh%2B%2B7CdkLf0ZnfQ3TK4oPzCKb%2BLLxSJLOeL34ohwBT6aWYv9paRgX%2BLBpmQqHjE7aMNSxi2xJF0d"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1daa692a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/old/7.jpg | 188.114.96.4 | 200 OK | 75 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/old/7.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hash473caf5f238322583e04e7aeee46c2a7 e56ebd24f2179527c21ab1262180ca834b6c5d24 622b5322352025505e01c71ff1d6520e62ce1f1211fc11efb3ede9d24a110c75
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/7.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 75427
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RKtRs76gis7zeQoHuDtQEb2OW5HTwxUyUqfzkcrvGp4b9Jdlc3w0F3QNjMVdILNTokaR8rJXu6FQppOX7YsiCbH8b8kw%2BG2Cem3fVi0OXUEFwSpQEjCJdku2o%2Baoo9c4CQBNipc0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ba6e92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/bingkai.gif | 188.114.96.4 | 200 OK | 121 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/bingkai.gif IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeGIF image data, version 89a, 224 x 224 Size121 kB (120915 bytes) Hash127c4202ac37e7b0f72463cebc557b0c 84284b34dd377dbd4feb444aabeb959ac3e2b217 630f7fcbba5df4d44b11d2b9afb87d9ab75ba06f203485650f0fa26b2ca9db43
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/bingkai.gif HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/gif
content-length: 120915
last-modified: Mon, 19 Feb 2024 18:07:54 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HrNUFnvIaQiw3EN2X1jigwz1lnxUSIfjtiFIaf6i3Q%2B6zCCxWnf9Fpi4y%2FBqugFAHEzU9D7jdvqQySeRRNiB0%2B7NknYUrXFscVf%2BwHzc4XXRs9j5Z4Hj1Q%2BUXL2XA66CKS4t6dih"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff19a1c92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/senjata/6.jpg | 188.114.96.4 | 200 OK | 84 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/6.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7], baseline, precision 8, 560x740, components 3 Hash6eed7fb4cf035039f3bba04778cc5db3 a8e6952294e705c92a86db9394874062958f8f47 9e42ff7e13eeea40c241c5406255e8efd322128dba76cfffbfa71263b41b1b8a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/6.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 83638
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N5of3L%2BYWMYtB0XN2ZnTM%2FzrgnO6JgA0HfaQi2EYa6Cko756NlpiN4UJnmYnkVrAVzpy9ZjqizJ0sYhTh5VwwWzNUGGxn2bKexw5H7o5cnBRGCMfN0Un1L%2Fk5oQa1XM1TJjk0uSK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1aa4092a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css | 104.18.10.207 | 200 OK | 94 kB |
URL GET HTTP/2stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css IP104.18.10.207:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectbootstrapcdn.com Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63 ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT
File typeASCII text, with very long lines (30837) Hash269550530cc127b6aa5a35925a7de6ce 512c7d79033e3028a9be61b540cf1a6870c896f8 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:21:42 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"269550530cc127b6aa5a35925a7de6ce"
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1078
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9e01696f4dd85a48838a9ea9ee82ef4a
cdn-cache: HIT
cf-cache-status: HIT
age: 564992
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 875dbfeea8551d16-CPH
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| freefiree.1i1.my.id/img/old/6.jpg | 188.114.96.4 | 200 OK | 79 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/old/6.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hashe53f2f3d3d1abe0ab8119b8a87dc27c4 d702efd2b2011beaa297d87b9a93ad7b48fc20eb 51646465be1a3b745191c5cb6dceda47fb9be8a1c859beb345660fca8291e824
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/6.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 78581
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q4E2mjfABsCOny2Uxxz3ymnVg4%2BEq5uFst2IUcZ4LZPUiOZUGM8YhywpTnman%2F086RrwnHNEbn2S2ZNezBnEDbA2dY0shdR%2BK0KXrfQSKSirJ%2B9%2B9pGeBSQTjUcIzVkZq0magDMa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ba6a92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/old/12.jpg | 188.114.96.4 | 200 OK | 17 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/old/12.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 540x688, components 3 Hashf8351c5498cd1e97e3db1dc2e21f6cef 1b831a0dc34a8bf15ba6a10ee8b02bc010f59016 b9b545590950ff252a5b53bfc9b3d64ed373aee3ae94dec68033d0c857e8b3d8
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/12.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 17081
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m8Jov1%2FlSqha%2BwOdPlxiDqLzD81Z7ac6R2lR3f61tsl0N28VVLLEnhg%2FyB2%2BAw14oIxA18yNgC7kqUpbRtMmjGRhrlyGY7B7ssRuy2Wmg1Z8QE2fqhqMk8J0URgpgtWzxixLG7t9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ca7c92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/senjata/h1.jpeg | 188.114.96.4 | 200 OK | 49 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/h1.jpeg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 519x361, components 3 Hasha6a1ae291b8991edac5e40faa81ea050 b20a09ff8c6440b26ec9bab11df366f3fa11f9dd 4d9f7f3da20bb0794c6354e101e1d33b3c5a25b924a41e9479f1e7b4ada764f1
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/h1.jpeg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 49433
last-modified: Sat, 17 Feb 2024 07:46:44 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7r4idVVbqZ%2F%2FEGrQ2yTMm8E2Oio3LV3i%2F0WhH40QkocTMsQf4on75lfNIY7AEp9HYpi4A%2B1Cxy41KznmyOCTuDRanMroY2f8YyG62e1yi8ZJqr0bqz4O5jzCjklYX3zfUm9B4o3J"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff19a1e92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/diamond/4.png | 188.114.96.4 | 200 OK | 2.8 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/diamond/4.png IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 130x162, components 3 Hash9322979ec6bc2f29f5f0215487d1be4b 17302260777757a2a811b76ad1d0e96a86781df7 6cc42f3ad3aa5606237a601793c1fb42458386d888adab6cf9077d23887eefed
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/4.png HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/png
content-length: 2761
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=g75gj%2BbPmTnO6plT4DESHo5rdb%2BNZ4U3lhVabpPIBtpO%2BR0uZ%2BOUI4V%2Bi%2FLLxqvhR7CyRPElzc2baX48CPq%2FpFWvdM7JuXKacQoYEVNQk2WmTv1pNaTSmp9jfBAGvXDLyHCuZ85P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ca8892a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/diamond/8.png | 188.114.96.4 | 200 OK | 13 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/diamond/8.png IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 233x290, components 3 Hash18d7331b2312b85b1bfba110763c7574 9186a2527194478a524ffe4b7ceb5e61410bdd42 6afcc18ffa172755862f5c6dc3f20d9c3d6ee6f5f399df00e8568bf747e1cdb9
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/diamond/8.png HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/png
content-length: 13341
last-modified: Wed, 05 Apr 2023 14:30:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tXzhWjBWN%2FkcmiZQbrIh6nPmbIax%2FxliEo1Yra1VpC8J%2Fx%2BZ49CCfrZnhrRsJeUzqv86QeMMvAr%2F6oTDUN7c848X1lIeqJaDU%2B2uqWhNIVT3Vym68sfmM%2FRs47ogitGyqjlnjrPy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1da9392a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/6.jpg | 188.114.96.4 | 200 OK | 58 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/6.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 568x568, components 3 Hash933113087a731f60a1b1612d67f969cd db40cd025a4738ef85cf2c514f00e69b5d817df3 54fad0de66506819441abb12f48b499596b374f441fe0aaa7a6e9d7ec0668a5e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/6.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 57623
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VWpupxF%2FNjrygjyJAapp%2BesAf1%2F%2FWKKjV9XhOlthjpfs9LfhyNJQCld%2FzCIj%2FQglivn7qzUU6N3UjdvnzpThU53weF7meGWnDpzr7qXOvIao2Il0a4vNYroC15%2BLC4687E7381Hs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1daaf92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/senjata/12.jpg | 188.114.96.4 | 200 OK | 47 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/12.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 233x290, components 3 Hashda8902b3f1e8f5dbce0873022fe55ae5 b1956d7420881884baecf03d9739f8c82f857d1a 480e24cce7e7d225ffb50dc58b21a81bc99006e0894f0ef52a01203774495050
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/12.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 47259
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ivCo2P0oR7m0UkOWD53bRPxBds2jW5MQuiqvhRdGT8vczH1xrZ44jKPWx0KmW3YizzS24D2VqTInaKZ9LldnhqZynjeczojrs1IsIh42m%2F2JDXvilWtar%2FTJR6L7lHbJpQwaIEmE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ba5c92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/senjata/t1.jpg | 188.114.96.4 | 200 OK | 108 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/t1.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1080x1080, components 3 Size108 kB (107539 bytes) Hash3aa21e6dc07731eee8b81185daab135c 64fe84d381e69c370b271a64c4d7ea11fc5415aa bdd298959f024ab47802ce7092bc9e295f9b1de0993190e4e6fbc377cefc6564
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/t1.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 107539
last-modified: Mon, 22 May 2023 07:35:55 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4Lcw8u%2B1YyZ5muiAfRmcCKjmC8z1pLEKH3xWjci0Bvi69nT49I0GWrSfKZIwiWPw72U7dCX3BL%2B%2F2WWHMTbnjWjqajziNDUEp5LwDiokvttRF%2FoFGnBu4tqxY3IJdLfem9lDa7AO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff19a2192a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/9.jpg | 188.114.96.4 | 200 OK | 18 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/9.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 202x273, components 3 Hash324fa71ceab25917b1b39275f0510c34 b15a87ed1e0d8915f9bbddcc634e5c19cb9c09c7 37e9b832341a9e17a95ef5f3d8d1175cc4d72cb67847b8a2eea9025ffe0570c9
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/9.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 17945
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N2MxoUglELxbxD%2FZMuan7YMuJzg9yn9rF2KvTUawM%2BHbYN0T8mWRYLY7pI0%2FICvwpp0pQHA1qlqw1KG29I32jVupSN3EYGm%2Fg0DQu5%2Bmclvp5weqMPoK4xR%2F1VIG0mwd6jeoq4XS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff2bc6192a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/senjata/4.jpg | 188.114.96.4 | 200 OK | 73 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/4.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1029x1280, components 3 Hashd078a634bb85179223fad3b606aa4cef ea158abcf539ce182bad1da6595b89951dae57a6 2876317ed4d3b97531299a3282da4ef8119cc0a6e653560adb827430fc59991e
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/4.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 72574
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F%2FGJyk6t3pRiT%2BKwR9pI8yCATQoXLiKLhS2p1MA4i1QrMCL72tfU%2B7Q0%2BQRSIJ%2B3JLCXwNII%2B8IY3GCM76su%2B3jQZ03ytQ2os4nmOpO3egY5%2F9WJdQSAzbhaEkDQwM5mgIVYvkWc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1aa3b92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/8.jpg | 188.114.96.4 | 200 OK | 17 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/8.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 201x272, components 3 Hashbb4c22bbf88632acaf74735969c09661 06ec1ada0909e6a314640ea32195f77a6ea832b9 46a89f72eddd4c6b4447622c23bdde5e861bb7afd8a4d1edef030841d373093a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/8.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 16726
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vF9TFjv95j5Xdei1uCpfqnjjS9OUgmpKJsoZjSSWesLSNXY%2FjH6cY8Phd8zbr%2FouDF91FTOOKtXVQZkwO3n%2F6Fcf5AlD8SauvMCg90soDD5uc%2BJLyzCaEko4dGQlZ7FbZPolh7v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff2bc5c92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/old/4.jpg | 188.114.96.4 | 200 OK | 78 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/old/4.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hash47bacaf7d9e42c0551f43472624e0b33 f069dea9f1f7c86358e1a5529ccac2f7e3b7369d 1a91aa8dc8c721db22e66f1f0911319aed59816a8c7e709970fbe9ca6b0c9773
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/4.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 77706
last-modified: Wed, 05 Apr 2023 14:32:56 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ASYy2Ph6q2skZFfyDKnWAZ%2BsHAWxiFi77CSeKQMfqT8G%2Fr7oJLaeBWx2WCycZZgrN34NhLUp4JpSvfgHExhpYR5TNLY9zbgkw7MKqed3YXaNa8JCS3YwNB1ut1uGIHzty8ulCsfy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ba6692a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/senjata/1.jpg | 188.114.96.4 | 200 OK | 78 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/1.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 999x1024, components 3 Hash5b9bd06824081f3370d369a3bae652e7 d6e93b6128cede7828fbc922c6c55ca8a257b303 355c5fb2f6587040eb783d3348ff54ca3ee3939c0bdee1d508a7275cfd9c2ab4
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/1.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 78490
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M1Jpu9Vgq%2BL6o8E09eLgXUWlNLv2B4mNo6mvIsWqMoMFH1Urn7MrilLMB6cCjamhEljQD68dSPu02R5grara83b9wLTO3Ga02TTEyVH5GBjMxneISnJi7xqmElbRd9XBwBgUoQtF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1aa2d92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/10.jpg | 188.114.96.4 | 200 OK | 15 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/10.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 205x270, components 3 Hash6662119a701a284803239bd63e60a9f1 331dcad42c43585899aef4049ee759c48b47a464 7dad6721e95be42ff263df89e177b04725f23b7b37a2e7ab7f97e35e5fd02b16
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/10.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 15353
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ItQC7mlYpJbbglVY%2F4o8raqxaJZPeMIl2lho%2BlxF54O7pvMT6qJ55OD42GSUa09a%2BTJHV1PviP7emjJ9G9Hcl%2BONMtRG9ExeHK6PVrtBr2XrhIXvuak4Ngo%2FLH91EXZ3IaFrVIL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff2bc6792a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/11.jpg | 188.114.96.4 | 200 OK | 17 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/11.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 201x269, components 3 Hashff130cc7c9b4f2b0b8da9df733b6e46c 7552f1af69a3fe64f388d89efc0c2afccbeba941 a738fedb10c230981aea2faeb99e56ba0f4b80d576559bbe99bc569abc28967f
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/11.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:49 GMT
content-type: image/jpeg
content-length: 16631
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77i7sDKx9cuJ4v7UgtpLjwc96Km5%2FuPXCRhVM94eBx9%2B6U2nedSDCWSikeky6U7XPq67%2BQgVM%2FXs2kXgnnuSvTyHB31Cx3EF31K9bfLi8w0U%2FAN3gg8sdhMc1Ro7KjprjXVm3GAw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff2bc7192a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/n2.jpeg | 188.114.96.4 | 200 OK | 16 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/n2.jpeg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 242x323, components 3 Hashf666661cf0db48fd27b6beeeac106697 f051aad9f454044593fde4caddff97f5ae1ec247 81b9c32b27f445fb1bbacbefd4bdeece209f23838d9e7e4f4e392faca2f82080
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/n2.jpeg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:49 GMT
content-type: image/jpeg
content-length: 15570
last-modified: Mon, 19 Feb 2024 01:49:36 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uoH%2FF0L1u5onopwpE2LSA%2FyreFbUVyDGMWGkDU2ClnWGjfksL14voxJNgXdfazCCUP5%2BSZT2ejY8Q9nyb1x05%2ByLfsqsEwcQ9bo6IbUYKaqyt04kepU%2FhYeyql5isdZYAc4zLO8q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1da9a92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/1.jpg | 188.114.96.4 | 200 OK | 64 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/1.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 559x559, components 3 Hash7c17b4a223a7baf1931ddf915972a1d7 49fa779105da34bc66ef240ed71719d837f1813e 7eb51057deb30db7c6c2900040a45178726b5a63c262f50ff58fdcf876cfa463
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/1.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:49 GMT
content-type: image/jpeg
content-length: 63579
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JFb%2FKkj16Ks7A8QT4GzTzjoUofhr%2BXFSekf9ZackCXee5gQvPY7RyH%2F54vftkHYoU%2BOFyBs7o3gFMnSTPuzrH1aVIJiONKO1pzgOD6qbIRWqamjoQt6%2FrzVlEcdfrPrlAT9SFrC4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1da9c92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/7.jpg | 188.114.96.4 | 200 OK | 18 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/7.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 203x273, components 3 Hash2e1e3735e5def5bccf44e87f9ae76a95 f3b503d9632acd9e0cb700f7f5d3712da6fc8eb6 f3c3093e4cc9c4988c843918b523d35b42ea7d5ebca79ea89c04c0e661def0cd
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/7.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:49 GMT
content-type: image/jpeg
content-length: 17868
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tLLXEyQt0i5AVM%2FjP%2B1lH2SS9vzBtmHs6jqbpyAf9Vk%2FCcbG2yiJMvfdZC62bsZyc%2BD95v0azfTkhIU3F2aeTm9dbo%2F8yxypFoJvpnyBBIw6m7xrqphyYbHHenPwVkiF%2FhWTYnPP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1dab192a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/back3.jpg | 188.114.96.4 | 200 OK | 37 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/back3.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 675x1280, components 3 Hashd49a9d65d02c88f1d08a2d529c3ce262 a48830b010894c7ff4f8b0755b45c0529258564b 6127febdf5ed95db07f069979e91266e2f68c9d4eb09e161e906052cb850023a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/back3.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:49 GMT
content-type: image/jpeg
content-length: 37092
last-modified: Sat, 17 Feb 2024 01:07:56 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ClG6ZqRhckUDCPs3UHziLoXi%2FLDvQHZytTI%2BQb3cXJUA%2FPi5Jan31Aj87csXfW%2BNTNxX4s7XrL%2BoP0Rb8xIiFlffxis%2F169bnQeQZQJuP%2BHQVsJtCNrPbo095NZQ9AQXg2XjSYAY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff2ecd492a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/incubator/12.jpg | 188.114.96.4 | 200 OK | 17 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/incubator/12.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 203x273, components 3 Hash89bf879f77e2c739090f65670e1d543e 10a037660ba66df86c1e1dfdc309425a5b81a691 da57aa220b2f676a0dfe336fa5410675c9801312cbd50ccb59f81028e6cb4213
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/incubator/12.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:49 GMT
content-type: image/jpeg
content-length: 16838
last-modified: Wed, 05 Apr 2023 14:31:48 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qh7m2IIbdDPY6D0dZdkB4S1u3A6dawwWDpKHMMtkw4bDCZ%2FAJN7GWLNb8T5DWMO4NX2pS95etJOsdSnyjCVQQgZizg0owj5yEXQHgllFDVIW93d08H7GXojUg09Ak8Xwrw8%2Bb7%2FE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff2bc7592a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| ka-f.fontawesome.com/releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803 | 104.21.26.223 | 200 OK | 38 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803 IP104.21.26.223:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (608) Hashe8ee688b3310772b65f39c69b76f4720 d57c6b7957aabb07762d473ea0b4bd3462f1175e 0e751f751587617116614deaf11f087ea82f7644196c1d0571f71fd549b556b5
GET /releases/v6.0.0/css/free-v5-font-face.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freefiree.1i1.my.id/
Origin: https://freefiree.1i1.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:21:44 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"e8ee688b3310772b65f39c69b76f4720"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 f7f1719c64317516d32371652f736e6a.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: W4ZTgvDjt1AvyaPegRRz8AHd1S5wa5RjYC0PheIexiI865IbDgEv-w==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tqLFQUSvihsvfpIcjmAvujdCJc10Y7HU%2F1M3atB8vh6ELKD%2BBkYCzBgNGUDntKfk1%2Fgu60GReGbvzAoaCczJ4MAoXCeE8lcOaEhEc4gYf%2B8hMO1iiTzPclDuPcmx2igiGwIHn19zA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff9bb2e92d9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.youtube.com/api/stats/qoe?fmt=396&afmt=251&cpn=SopElQtbAqL3F7nM&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C84737%2C19571%2C16747%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C2007%2C9072%2C12518%2C593%2C6964%2C643%2C8433%2C531%2C376%2C443%2C1614%2C9229%2C1102&cl=624802652&seq=2&docid=4hIMRUTqARM&ei=GPcfZsKvIJW00u8P7KyB0A8&event=streamingstats&plid=AAYWTUAjLRRNP7V3&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4hIMRUTqARM%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBTb3BFbFF0YkFxTDNGN25NEAI&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240414.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.505:251::i&cmt=0.536:0.000,10.002:0.000&vps=0.536:N&ctmp=dompaused:t.538;r.promise;m.NotAllowedError&bwm=10.002:544327:1.121&bwe=10.002:1671567&bh=10.002:12.583 | 216.58.207.238 | 204 No Content | 0 B |
URL POST HTTP/3www.youtube.com/api/stats/qoe?fmt=396&afmt=251&cpn=SopElQtbAqL3F7nM&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C84737%2C19571%2C16747%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C2007%2C9072%2C12518%2C593%2C6964%2C643%2C8433%2C531%2C376%2C443%2C1614%2C9229%2C1102&cl=624802652&seq=2&docid=4hIMRUTqARM&ei=GPcfZsKvIJW00u8P7KyB0A8&event=streamingstats&plid=AAYWTUAjLRRNP7V3&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4hIMRUTqARM%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBTb3BFbFF0YkFxTDNGN25NEAI&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240414.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.505:251::i&cmt=0.536:0.000,10.002:0.000&vps=0.536:N&ctmp=dompaused:t.538;r.promise;m.NotAllowedError&bwm=10.002:544327:1.121&bwe=10.002:1671567&bh=10.002:12.583 IP216.58.207.238:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint02:6C:2F:38:A0:8A:95:AC:E8:2B:67:AA:69:A4:34:6E:15:99:F5:1D ValidityMon, 04 Mar 2024 06:35:50 GMT - Mon, 27 May 2024 06:35:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/stats/qoe?fmt=396&afmt=251&cpn=SopElQtbAqL3F7nM&el=embedded&ns=yt&fexp=v1%2C23983296%2C21348%2C76094%2C54572%2C304051%2C84737%2C19571%2C16747%2C6271%2C26443548%2C7111%2C36343%2C9954%2C1192%2C26496%2C6966%2C2%2C6689%2C2007%2C9072%2C12518%2C593%2C6964%2C643%2C8433%2C531%2C376%2C443%2C1614%2C9229%2C1102&cl=624802652&seq=2&docid=4hIMRUTqARM&ei=GPcfZsKvIJW00u8P7KyB0A8&event=streamingstats&plid=AAYWTUAjLRRNP7V3&referrer=https%3A%2F%2Fwww.youtube.com%2Fembed%2F4hIMRUTqARM%3Fcontrols%3D0%26loop%3D1%26autoplay%3D1%26fs%3D1%26iv_load_policy%3D3%26showinfo%3D0%26rel%3D0%26cc_load_policy%3D0%26start%3D0%26end%3D0%26origin%3Dhttps%3A%2F%2Fyoutubeembedcode.com&qclc=ChBTb3BFbFF0YkFxTDNGN25NEAI&embargoed=0&cbr=Firefox&cbrver=96.0&c=WEB_EMBEDDED_PLAYER&cver=1.20240414.00.00&cplayer=UNIPLAYER&cos=X11&cplatform=DESKTOP&afs=0.505:251::i&cmt=0.536:0.000,10.002:0.000&vps=0.536:N&ctmp=dompaused:t.538;r.promise;m.NotAllowedError&bwm=10.002:544327:1.121&bwe=10.002:1671567&bh=10.002:12.583 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Visitor-Id: CgtkR19EQk9md1BtSSiW7v-wBjIOCgJOTxIIEgQSAgsMIGE%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240414.00.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713370904312&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C390%2C190&vis=1&wgl=true&ca_type=image
Content-Type: application/x-www-form-urlencoded
Content-Length: 226
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 16:21:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
x-content-type-options: nosniff
server: Video Stats Server
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=263085-481395&rn=9&rbuf=16158&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 | 74.125.111.40 | 200 OK | 218 kB |
URL POST HTTP/3rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=263085-481395&rn=9&rbuf=16158&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 IP74.125.111.40:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com Fingerprint6D:7D:79:1B:2A:53:90:00:60:42:78:46:75:80:C3:2A:F8:BF:1E:BB ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size218 kB (218405 bytes) Hash0140d8b29f9329cbc881901952fd9c1c 669d48113e6d77d66a370ad066460bbbb7a36c34 cc903b9d4d3fdf34425b81555c5631ddd5b693396c41aeaed7645ade00312ec8
POST /videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=263085-481395&rn=9&rbuf=16158&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
last-modified: Tue, 02 Apr 2024 22:02:53 GMT
content-type: application/vnd.yt-ump
date: Wed, 17 Apr 2024 16:21:55 GMT
expires: Wed, 17 Apr 2024 16:21:55 GMT
cache-control: private, max-age=21289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
|
|
| freefiree.1i1.my.id/img/old/5.jpg | 188.114.96.4 | 200 OK | 87 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/old/5.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x1280, components 3 Hashbd612732360a5da1efb70d2f26b795bc 02d5ede707c6313e2335e7ff7a9164b5ee7ec877 9e5329360a8a2ef8a4ab0ce77f3230be443c093a3a3f02a007641e3f6fca5f5a
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/5.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 87053
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BfJPTuHvxYnqpvjrLtNDudA5b7HMtze2fM1V3Pg%2B1jwhpLsAI4o%2B76YH2ifnkJxzWLQZFmSIh8VA9RhOv%2BDSvpkfEo%2Fqx0qCy8u4J7zvxrZEtEGzVYojXWvPND6MdaLCipL1Mv32"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ba6892a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/vk.webp | 104.16.89.20 | 200 OK | 1.6 kB |
URL GET HTTP/3cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/vk.webp IP104.16.89.20:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintDD:2E:D1:50:F1:3B:79:16:36:22:E7:0A:FD:E6:E7:35:C7:1A:42:6E ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash8e2c62ec296ece5f6a69e2cfd1133310 a6ae37e62d2f201d0e783df0890df55bc11d52e0 ac250ff6fe61157727de9e17fedeb5c162452fc1aa031c4c1fe2f8eb3290ed98
GET /gh/gowebid/assets@main/go_login/vk.webp HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/webp
content-length: 1594
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"63a-pq435i0vIB0OeD3wiQ31W8EdUuA"
x-served-by: cache-fra-eddf8230049-FRA, cache-lga21930-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j%2FDh0PbsVLr2I2szX3%2BPM5%2Bzf9QssGHXhfCBAEOg1uLYQkBkX6lAKpuzgNJl7e%2FV5cU7%2FXM9VvI8l5A79GSXgaG%2FJy532Kp2StWGdYm3CdQzgUveFVXH8P6O%2FzMfydMzYmk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbff2ca748f5d-CPH
|
|
| freefiree.1i1.my.id/alexFrontEnd/tiktok.png | 188.114.96.4 | 404 Not Found | 315 B |
URL GET HTTP/3freefiree.1i1.my.id/alexFrontEnd/tiktok.png IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeHTML document, ASCII text, with very long lines (326), with no line terminators Hash97ef40509b73c101d6815511c3adf98d a4242322497ea630ea72e26ba297a95a2bbe5ccd 322c1f60d9d454c801f7cff3173ef16b61cf9963a64e09a4d9e21d36218b56be
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /alexFrontEnd/tiktok.png HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Wed, 17 Apr 2024 16:21:49 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RdQGpqdf%2F2FeKpzwly0VbyzI7f2eNIroqBQ%2BzM1ln8UjRv8kSw32QxFk7wkp%2BAlEjDrDVd60d5roQVwsXnwfvjnCAq9YYm0ARv5305mPOMyKVabtUGkPh8NawNo6ifCWMzBEsymX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff2cc8892a3-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803 | 104.21.26.223 | 200 OK | 1.8 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803 IP104.21.26.223:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (1817), with no line terminators Hash3dedc00973400e03c5ede855beb3e8b5 c72d245eb6fa18840821a7d53634a4f8ac5119d0 a45344d4b89aadfcddc80ff5e6de83bcbb2799a2af99a046e1cea1dd6fe0f28c
GET /releases/v6.0.0/css/free-v4-font-face.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freefiree.1i1.my.id/
Origin: https://freefiree.1i1.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:21:44 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"369cbeaee8e26da69cc5b0a0700cd62c"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0561454d7fe07544e19cf11609a0f13a.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: nFcpPNTIQCByn2qm0leFXs2TKQG0dSTp3LUDTOmXrsWhLt5l-jv3og==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LygDodWtNrWwcBbI9dZBJUp6jvHcA%2FfMRYqhFZkM1T%2BohBStbJfYxfDE9iJyzuYzg04bnlolnWxEztRxS4N%2F2uktfWNn5iBL4pRaF9EKsC1Hf8qxblevB1zCZtMoDPRarxQlBZwJRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbff9bb2f92d9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| freefiree.1i1.my.id/img/senjata/5.jpg | 188.114.96.4 | 200 OK | 83 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/5.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 796x1052, components 3 Hash3cccee9d57d94fdbf74c48a850f0f98e 98c88f308741de8229882af1cbd8f2a6baf4d4de 5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/5.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/jpeg
content-length: 83104
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=b5mhD3YoVYz9bfr1xbvag2rJilja6wRo9Duc4lO6nqCjLzciecTfe7aCyiw681VsVbBYcIBdyQiQ2Dr9EAcvw6lSN3HcVFofL0bFB71U3HJO%2B8zp9PAKx7LXWCIdUzPgoVOVgAem"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1aa3e92a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| ka-f.fontawesome.com/releases/v6.0.0/css/free.min.css?token=869e25b803 | 104.21.26.223 | 200 OK | 90 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.0.0/css/free.min.css?token=869e25b803 IP104.21.26.223:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (65321) Hash345f5ecc270c94968998574a2d37e31a 4b1937ca073a8376a07161bc40549585493ffa3d efad9b46d0c00f2562eb53236717ff21ebd474f8d68f69b45f92c424bfd87e9c
GET /releases/v6.0.0/css/free.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freefiree.1i1.my.id/
Origin: https://freefiree.1i1.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:21:44 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"345f5ecc270c94968998574a2d37e31a"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 387d417a3f5a5743442b1fcff6eeff24.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: saIiwJmWTxZzSvXabOE-EJqrcfJyJcpiivNCSNFh5fMr2kH4Q4E99g==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mw06TfT0%2FuDHgrkTO4%2FZC1vx%2BXF2zzbvDOW3iyn2WzENO9%2B9rQG7uiT1keK7BT4eAfXx2ojkxCKtRR%2FXZ4nuIiNKrKS07JAoqahELTYq5TxbDlyr%2FJDFnGTXDairq4hpKd%2FzVWEiBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbff99b0292d9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| yt3.ggpht.com/Pwnw9qWQuKgdKS72XPcRYHnZ4yIIyryaBkn_6IF9yR7jugDpwcGNqOCbAa5paa3ddEY31MHuOCM=s88-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 6.2 kB |
URL GET HTTP/3yt3.ggpht.com/Pwnw9qWQuKgdKS72XPcRYHnZ4yIIyryaBkn_6IF9yR7jugDpwcGNqOCbAa5paa3ddEY31MHuOCM=s88-c-k-c0x00ffffff-no-rj IP142.250.74.161:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com FingerprintE0:0C:38:A4:4D:4F:CB:42:05:30:9A:C4:60:B3:64:3F:EF:43:D1:2F ValidityMon, 04 Mar 2024 07:14:32 GMT - Mon, 27 May 2024 07:14:31 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 88x88, components 3 Hash9f092f0c78bcebf9e84d404501b93b8c 4f05c7e0d4c5d9ebd11eb86124a49fe89f82c26a 4d981d6f52640ccfa70a557943339d5daaf64d139d925304309472eb037319bd
GET /Pwnw9qWQuKgdKS72XPcRYHnZ4yIIyryaBkn_6IF9yR7jugDpwcGNqOCbAa5paa3ddEY31MHuOCM=s88-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
server: fife
content-length: 6244
x-xss-protection: 0
date: Wed, 17 Apr 2024 13:22:52 GMT
expires: Thu, 18 Apr 2024 13:22:52 GMT
cache-control: public, max-age=86400, no-transform
age: 10733
etag: "v1"
content-type: image/jpeg
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRgIhANCQcIlDdkN3yV5221slaIJNRW19lAHbumVxOeIUgYlWAiEAou3tSmQYQlDCE_A9HwZr33mjDFKCqvuOKc-K_NkQHUs%3D&range=670585-1485299&rn=10&rbuf=22375&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 | 74.125.111.40 | 200 OK | 815 kB |
URL POST HTTP/3rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRgIhANCQcIlDdkN3yV5221slaIJNRW19lAHbumVxOeIUgYlWAiEAou3tSmQYQlDCE_A9HwZr33mjDFKCqvuOKc-K_NkQHUs%3D&range=670585-1485299&rn=10&rbuf=22375&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 IP74.125.111.40:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com Fingerprint6D:7D:79:1B:2A:53:90:00:60:42:78:46:75:80:C3:2A:F8:BF:1E:BB ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size815 kB (814778 bytes) Hashad949997fa7b2d7effd7b4f962d71888 1eec891131eff9a5d69781319adfa066dc639c0a dd5d3b554d10f78cd34ab29887a34fc9c3b37c54709c05de5d9261fe5d9189e0
POST /videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRgIhANCQcIlDdkN3yV5221slaIJNRW19lAHbumVxOeIUgYlWAiEAou3tSmQYQlDCE_A9HwZr33mjDFKCqvuOKc-K_NkQHUs%3D&range=670585-1485299&rn=10&rbuf=22375&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Wed, 03 Apr 2024 11:15:08 GMT
content-type: application/vnd.yt-ump
date: Wed, 17 Apr 2024 16:22:05 GMT
expires: Wed, 17 Apr 2024 16:22:05 GMT
cache-control: private, max-age=21279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0
|
|
| rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRgIhANCQcIlDdkN3yV5221slaIJNRW19lAHbumVxOeIUgYlWAiEAou3tSmQYQlDCE_A9HwZr33mjDFKCqvuOKc-K_NkQHUs%3D&range=278134-670584&rn=8&rbuf=12583&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 | 74.125.111.40 | 200 OK | 392 kB |
URL POST HTTP/3rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRgIhANCQcIlDdkN3yV5221slaIJNRW19lAHbumVxOeIUgYlWAiEAou3tSmQYQlDCE_A9HwZr33mjDFKCqvuOKc-K_NkQHUs%3D&range=278134-670584&rn=8&rbuf=12583&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 IP74.125.111.40:443
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com Fingerprint6D:7D:79:1B:2A:53:90:00:60:42:78:46:75:80:C3:2A:F8:BF:1E:BB ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size392 kB (392514 bytes) Hash485c2d37a34548003914e9ef423c099c c0fc3150c7ac5b820207e6c96f590233f63a275d bbee47da50e003961c229c3b0e9ee9ac31ac68dc4482b09c65ca88d6ad52f70e
POST /videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=396&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C278%2C394%2C395%2C396%2C397%2C398%2C399&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=video%2Fmp4&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=2160384&dur=59.791&lmt=1712142908082106&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=553C434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRgIhALMCZV4w5H36vaikEt0Utg8f5IdMXsfN2AITCQlhE5SsAiEAv5fsy-bH2_fUYAPK6nI5QYeKajZMJP6IBxBwdQQaSO8%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRgIhANCQcIlDdkN3yV5221slaIJNRW19lAHbumVxOeIUgYlWAiEAou3tSmQYQlDCE_A9HwZr33mjDFKCqvuOKc-K_NkQHUs%3D&range=278134-670584&rn=8&rbuf=12583&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Wed, 03 Apr 2024 11:15:08 GMT
content-type: application/vnd.yt-ump
date: Wed, 17 Apr 2024 16:21:55 GMT
expires: Wed, 17 Apr 2024 16:21:55 GMT
cache-control: private, max-age=21289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-restrict-formats-hint: None
x-content-type-options: nosniff
server: gvs 1.0
|
|
| freefiree.1i1.my.id/img/senjata/9.jpg | 188.114.96.4 | 200 OK | 119 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/9.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 962x961, components 3 Size119 kB (118900 bytes) Hash1daecd6000bc56f1faf1d9cdffb67dd7 a0b0f2fcbb75bbaa84ec7857101cf93d39f3cdeb 3a124f7c8781af398764ba316b3fa7bad44e83520f78a90521b0cbb3012a783b
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/9.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:45 GMT
content-type: image/jpeg
content-length: 118900
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aH0c718nR7HX%2FtitAxQ66ctqVNwfXGU0xC9w4rR33uBVSp6X1Y7TqZVtrnWH%2Bpp8OFR8xXeYlfjzwiDgzISSImQrt7AbF5eXcVR65il%2BEdMLJBxZsirwoTSB7sdyqPPYRA2Jq6f8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ba5692a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| freefiree.1i1.my.id/img/old/9.jpg | 188.114.96.4 | 200 OK | 92 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/old/9.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1000x1000, components 3 Hashd3fa373bbd9a288f7162ffc76c179ebd 1add685f2def7f1c8d359fafe5f2ed3761e0188f 63fbe80d8ea4766ecc80faddd1387ef9681cb2ec2b4ad45164f4b36ffb4e2e43
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/old/9.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:48 GMT
content-type: image/jpeg
content-length: 91553
last-modified: Wed, 05 Apr 2023 14:32:58 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oeP2HuQXUlRUeoarCXVAJe5ZhIAhH1M%2FxJGw%2Fhc6qXpoZBJ9otrxlOnhpoOV%2BF5RmZN4SnGQ%2FeGocx7jM09%2Bd5npa0I5wbNoFMHP1JLLD3I%2B0EdEegE1C530eMz99Sm7w94quy9W"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1ca7392a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=481396-946204&rn=11&rbuf=30001&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 | 0.0.0.0 | | 465 kB |
URL POST rr3---sn-5go7ynl6.googlevideo.com/videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=481396-946204&rn=11&rbuf=30001&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 IP0.0.0.0:0
Requested byhttps://www.youtube.com/embed/4hIMRUTqARM?controls=0&loop=1&autoplay=1&fs=1&iv_load_policy=3&showinfo=0&rel=0&cc_load_policy=0&start=0&end=0&origin=https://youtubeembedcode.com CertificateIssuerGoogle Trust Services LLC Subject*.c.docs.google.com Fingerprint6D:7D:79:1B:2A:53:90:00:60:42:78:46:75:80:C3:2A:F8:BF:1E:BB ValidityTue, 09 Apr 2024 14:31:07 GMT - Tue, 18 Jun 2024 14:31:06 GMT
Size465 kB (464872 bytes) Hashfcbc5319cc290d0f2e2467713da807db e155f7a2cd3c2908efdea996bdeb8beaeda5b4e2 fe601e3bd63948241aa22d05862923ad8becb6a0296c2b6a7c088dda16c0af1b
POST /videoplayback?expire=1713392504&ei=GPcfZsKvIJW00u8P7KyB0A8&ip=91.90.42.154&id=o-AEmwtcH3Al0eK_EkhYxtFgK3ufQtF6dlPCVbck4jfXU9&itag=251&source=youtube&requiressl=yes&xpc=EgVo2aDSNQ%3D%3D&bui=AaUN6a0FM-Bjt1Qm0Osg5vqQZtJbnQ-NQWMyrN-K3wz5itMz8YSK7yhPe_9wxmxsYHHcaIHOUQUCtEle&spc=UWF9f0S7t1c2U6r4ubmsE1L1OLe7Q9dmSMfNOVwuO3oSuzUgjpSYJZ0W3w&vprv=1&svpuc=1&mime=audio%2Fwebm&ns=BuWMXu8uaMxFWfoRQnKJCCcQ&gir=yes&clen=946205&dur=59.821&lmt=1712095373244492&keepalive=yes&c=WEB_EMBEDDED_PLAYER&sefc=1&txp=5532434&n=ITbXLuA4Xu63_g&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cxpc%2Cbui%2Cspc%2Cvprv%2Csvpuc%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AJfQdSswRQIhALOL7TzLpKKXuCOYaFfFH3aXycOfCNMMyP4SkEn_CsAlAiA_S-FSK-jc78l0g4TH40mwIeQJQXDwr28VOX-_qQVb8A%3D%3D&alr=yes&cpn=SopElQtbAqL3F7nM&cver=1.20240414.00.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&fexp=24350264,24350295,24350324,24350328,24350330,24350379,24350386,24350410,24350412,24350424&cms_redirect=yes&cmsv=e&mh=fM&mm=29&mn=sn-5go7ynl6&ms=rdu&mt=1713370614&mv=m&mvi=3&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=ALClDIEwRAIgS68JGO0G8nUwVqqOWuPFRbR-bix8-XKHF_ljpiMKuoICIGSg15ljw8w88siCj_J7yB0cEuVHem_oB5bO2iXaaB1C&range=481396-946204&rn=11&rbuf=30001&pot=Mnlhp7MW5eg8omGcsi0VbwUh3dHCnwNoAdLW3S6HYJXt87xfNZgX_3_RANy50_ZXt7ZaPHZfuvC6HV19tfvPUYfKHlkf-S8NOGzFcnKOZOIwy8-7n6IdA7cgllq48Y7xcUXCax8S88Y83ouwssPKiDLDAas58-_zW4gZ&ump=1&srfvp=1 HTTP/1.1
Host: rr3---sn-5go7ynl6.googlevideo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.youtube.com/
Content-Length: 2
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
last-modified: Tue, 02 Apr 2024 22:02:53 GMT
content-type: application/vnd.yt-ump
date: Wed, 17 Apr 2024 16:22:05 GMT
expires: Wed, 17 Apr 2024 16:22:05 GMT
cache-control: private, max-age=21279
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
client-protocol: quic
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
vary: Origin
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
server: gvs 1.0
|
|
| freefiree.1i1.my.id/img/senjata/7.jpg | 188.114.96.4 | 200 OK | 44 kB |
URL GET HTTP/3freefiree.1i1.my.id/img/senjata/7.jpg IP188.114.96.4:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subject1i1.my.id Fingerprint96:4C:FC:59:0F:C4:2A:68:97:93:D4:3F:0B:66:EA:05:8D:76:76:60 ValidityTue, 27 Feb 2024 12:50:06 GMT - Mon, 27 May 2024 12:50:05 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 233x290, components 3 Hash3a2c83793835b5368b13d958c26b8490 3602414a07ac93f56d0a069352f1096803feaa21 cb529b14d072c791be4cb6c352e3fe0efae788e759034ebfd547c71a3f0d9bfe
| Analyzer | Verdict | Alert |
|---|
| OpenPhish | phishing | Garena |
GET /img/senjata/7.jpg HTTP/1.1
Host: freefiree.1i1.my.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:45 GMT
content-type: image/jpeg
content-length: 43744
last-modified: Mon, 17 Jan 2022 19:33:16 GMT
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r9n0mbb%2Bmc7O5itykV3CBn%2BWnkzWY7TlQOj76W6jBe4rBiRlsJJnN3K5rndYwx8OkJb7Xxh%2BKcpYZnGtxYXEPx7kR0QQP5Hczsv2JI%2BqKelm5BqEgscfeX9FEUrwn4MdRtCO08Z6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 875dbff1aa4792a3-CPH
alt-svc: h3=":443"; ma=86400
|
|
| ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803 | 104.21.26.223 | 200 OK | 26 kB |
URL GET HTTP/2ka-f.fontawesome.com/releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803 IP104.21.26.223:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectka-f.fontawesome.com Fingerprint8D:43:33:42:48:C0:F5:34:71:EC:49:69:9C:62:01:4A:6F:41:11:98 ValidityTue, 05 Mar 2024 09:23:28 GMT - Mon, 03 Jun 2024 09:23:27 GMT
File typeASCII text, with very long lines (26019) Hashc32e971c7d11c2407f847b61c515f1e2 85ac47a05e49f01cd62301ee121a2ca0dfdc0f83 a7fb3a26d569bec0139baaae950e43c1e10b0afbcf6e9d7654aa1181a8319759
GET /releases/v6.0.0/css/free-v4-shims.min.css?token=869e25b803 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://freefiree.1i1.my.id/
Origin: https://freefiree.1i1.my.id
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:21:44 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 07 Feb 2022 20:11:39 GMT
etag: W/"c32e971c7d11c2407f847b61c515f1e2"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 82777fa0f27d9abf367ed3f40e63e5a8.cloudfront.net (CloudFront)
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: rnndB4gbBBoqX00xCSlmAsWiDi3zrkrxCGnjG6whjorrH2V6mv7l-w==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=erXQIatJG6dMUGYKKl%2Fh5m5Uwz4nGsn%2FsHGi6dqkRFjYQMJfp4lmDsQ23nTehgaDgHRQn6ukPlFN9%2BxQR%2BCoKIufLiYOAAOIIsHviJI5G0MTehHDGVr02mXwuIqgIWap8S5Na90I8w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbff9bb2c92d9-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/google.svg | 104.16.89.20 | 200 OK | 2.0 kB |
URL GET HTTP/3cdn.jsdelivr.net/gh/gowebid/assets@main/go_login/google.svg IP104.16.89.20:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintDD:2E:D1:50:F1:3B:79:16:36:22:E7:0A:FD:E6:E7:35:C7:1A:42:6E ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash04bd4294dca76334eebeb182b1aa97c3 d4eee41c5b747bd811978e6be92106cc59feb637 ea6597c3a169f78e4020fcd6147f6c8e2de74d200b6acc298941421ffbdc963f
GET /gh/gowebid/assets@main/go_login/google.svg HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: main
x-jsd-version-type: branch
etag: W/"7ea-l2/BYZ4UntYWHYNNXjw757eVdmk"
x-served-by: cache-fra-eddf8230119-FRA, cache-lga21953-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1hcE9rXi0ETUbwhU6%2BYL8lGY%2F0%2BYcIGq%2BNPADpsFZ5l4UzU0pKgeLeTzcE9Y2sNDx81IZsRmnjdQRGeMKbjUfkWCJDmEjRWIv9RXdwSsvCCJ7ulr0i76s00UKugMC69I1w4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbff2ca778f5d-CPH
content-encoding: br
|
|
| file.gifan.id/fontawesome.js | 104.21.234.34 | 200 OK | 11 kB |
URL GET HTTP/2file.gifan.id/fontawesome.js IP104.21.234.34:443
Requested byhttps://freefiree.1i1.my.id/ CertificateIssuerGoogle Trust Services LLC Subjectgifan.id Fingerprint65:21:CF:78:C6:F3:9C:82:42:72:2D:29:CC:E1:28:F9:68:C7:DA:50 ValidityTue, 26 Mar 2024 02:33:24 GMT - Mon, 24 Jun 2024 02:33:23 GMT
File typeJavaScript source, ASCII text, with very long lines (10594), with CRLF line terminators Hash7653d4719abf98a98d6e9412e33976e6 0b4414adc9da488b97830ce789a79994ba55aa23 051afcaea280590a5c6a5c472ad0852783d794a8923c4d26e388656fc9dcd791
GET /fontawesome.js HTTP/1.1
Host: file.gifan.id
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://freefiree.1i1.my.id/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 16:21:43 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 19 Apr 2024 22:28:02 GMT
last-modified: Tue, 03 Jan 2023 12:39:32 GMT
vary: Accept-Encoding,User-Agent
x-powered-by: Niagahoster
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 410021
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BPX0xLFlC5zR4KVCqYuEHJtJfbWaQ%2FI5WhxJK3qtUZwaEgQNgry5ulMA0OwrTOuRuTzvZpUlAWIIr2PktFw7Rx0aOUucfJ4mfezFt6099A0TT7dFcMaJfBL7jmp4CFkJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 875dbff468de948e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|