| rewardffcode.com/ | 172.67.158.17 | | 4.9 kB |
IP172.67.158.17:0
File typeHTML document, Unicode text, UTF-8 text, with CRLF line terminators Hash8f5d20602fe91ce546754c82c02d1df6 764696de76ab4a592cdb758692ccb2c49569f432 9665f926c214e679fdae397c1bcc0f6203d1fce3911982d7a3a6de2f802d3465
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET / HTTP/1.1
Host: rewardffcode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 18 Apr 2024 04:29:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cnPBV47M9sY6lX1lXcxOBPX05pGX1DiyCvFslQYCgvDtm1n3WWIvsHcOz8ooykvrr3rMrYA456wFngmYr%2BYnm8eSm06r63c%2FfJ6cRsv6tvHf9OlQ5cIsY1ZkcRA81oUdZPSR"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 8761ea309e3e5693-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js | 104.17.24.14 | 200 OK | 28 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js IP104.17.24.14:443
Requested byhttps://rewardffcode.com/enter.php CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rewardffcode.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Thu, 18 Apr 2024 04:29:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 27938
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "603e8adc-15d9d"
last-modified: Tue, 02 Mar 2021 18:58:36 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2940087
expires: Tue, 08 Apr 2025 04:29:40 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2kkGMKKgcQst97I4iEQmu3o2lneccU7hon5gfg5wRUEsnXhldlADX3mFfCUxB5CKOqDizXNCmshIX7sWipv8aXnnWcxya65f5m9w8iiyEghyk%2BJb%2B%2BUVpFJ5MzvU%2B%2F5l92E2KV2C"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8761ea456a3256c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| rewardffcode.com/alexFrontEnd/style-AlexHost.css | 172.67.158.17 | 200 OK | 8.8 kB |
URL GET HTTP/3rewardffcode.com/alexFrontEnd/style-AlexHost.css IP172.67.158.17:443
Requested byhttps://rewardffcode.com/enter.php CertificateIssuerLet's Encrypt Subjectrewardffcode.com FingerprintE8:2F:08:59:50:5E:F5:44:8D:A2:C4:E2:E7:07:46:0B:C1:8F:AB:C1 ValidityWed, 17 Apr 2024 01:27:11 GMT - Tue, 16 Jul 2024 01:27:10 GMT
File typeASCII text, with very long lines (537) Hashff2fb4dd92b232ba395a760148ce14c3 a12f25b0dd1ee3ee3b550890b11e8e112675c539 5d5e6cdbc4df3cd0bf116e6f2bec1b93f08023a262862a3e683fdcf0d09bd1c3
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /alexFrontEnd/style-AlexHost.css HTTP/1.1
Host: rewardffcode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rewardffcode.com/enter.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:29:40 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 25 Apr 2024 00:10:16 GMT
last-modified: Sun, 07 May 2023 14:27:11 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 15564
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lprinJbiPImt1FeRxz3uk%2FlAxx6mExDwgKjLJr1M6smEboJMvnLWRyJmxGDIIAUXvSnS1AgvjSiLmWCp96jSSolZ5DEqm2r7GFRl37w0j%2BsDw%2BCMu8TqA8SHkC%2BRDK967O9o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8761ea4549ce56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js | 142.250.74.10 | 200 OK | 31 kB |
URL GET HTTP/2ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP142.250.74.10:443
Requested byhttps://rewardffcode.com/enter.php CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hashdc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rewardffcode.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 Apr 2024 10:51:04 GMT
expires: Thu, 17 Apr 2025 10:51:04 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 63516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 | 142.250.74.131 | 200 OK | 11 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 IP142.250.74.131:443
Requested byhttps://rewardffcode.com/enter.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 10748, version 1.0 Hashece6673e477b4d7aca12f04dace5ed60 f8ff7fbe231448a58d3989d84803dd66851b9988 4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rewardffcode.com
DNT: 1
Connection: keep-alive
Referer: https://rewardffcode.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:37:12 GMT
expires: Fri, 18 Apr 2025 02:37:12 GMT
cache-control: public, max-age=31536000
age: 6748
last-modified: Mon, 16 Oct 2017 17:32:51 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 | 142.250.74.131 | 200 OK | 11 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 IP142.250.74.131:443
Requested byhttps://rewardffcode.com/enter.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 10788, version 1.0 Hash709f6f90c7d493cd16b8cd087df492ab 8fb2a4d035a6f1a5290dc14b4cba324d558f1205 b79781efede37903be212fcdf63955e41c8649e678b6b83adf824459d240a188
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rewardffcode.com
DNT: 1
Connection: keep-alive
Referer: https://rewardffcode.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10788
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:32:53 GMT
expires: Fri, 18 Apr 2025 02:32:53 GMT
cache-control: public, max-age=31536000
age: 7007
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 | 142.250.74.131 | 200 OK | 11 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 IP142.250.74.131:443
Requested byhttps://rewardffcode.com/enter.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 10764, version 1.0 Hash0b81348c81e06b7cb84c7856e13fdb4c c9f02de10e9674ca82099e10aaf812ceeb39a8cf 1be216dbc059d96e288b0c1f399a1a80ee8c65e4c1272dbc4574bd6d23cf45d9
GET /s/roboto/v18/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rewardffcode.com
DNT: 1
Connection: keep-alive
Referer: https://rewardffcode.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 10764
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 16 Apr 2024 03:05:19 GMT
expires: Wed, 16 Apr 2025 03:05:19 GMT
cache-control: public, max-age=31536000
age: 177861
last-modified: Mon, 16 Oct 2017 17:33:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/logo-new.png | 95.101.10.25 | 200 OK | 259 kB |
URL GET HTTP/2dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/logo-new.png IP95.101.10.25:443 ASN#20940 Akamai International B.V.
Requested byhttps://rewardffcode.com/enter.php CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typePNG image data, 18781 x 2663, 8-bit/color RGBA, non-interlaced Size259 kB (258949 bytes) Hash76697e9220e45c00a5fbaf78cc3d7553 8f0ef6ef5f7f23caf184e0de94cb7a4f80864f11 e5d1ff232a26bd3b8a702a52464d1bdf12992e9f166084da5cfad235d8f7b20e
GET /mgames/ffmhk/common/web_event/tweb-event/redemption/img/logo-new.png HTTP/1.1
Host: dlgarenanow-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rewardffcode.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "76697e9220e45c00a5fbaf78cc3d7553:1658219663.088581"
last-modified: Tue, 19 Jul 2022 08:34:23 GMT
server: AkamaiNetStorage
content-length: 258949
date: Thu, 18 Apr 2024 04:29:40 GMT
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/logo_small_foot.jpg | 95.101.10.25 | 200 OK | 3.5 kB |
URL GET HTTP/2dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/logo_small_foot.jpg IP95.101.10.25:443 ASN#20940 Akamai International B.V.
Requested byhttps://rewardffcode.com/enter.php CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, baseline, precision 8, 51x51, components 3 Hashc34038edcf4185b3e75a6b85f1cd3d4f 3aa218daacaef499d9ae080f36993228455dc814 3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346
GET /mgames/ffmhk/common/web_event/tweb-event/redemption/img/logo_small_foot.jpg HTTP/1.1
Host: dlgarenanow-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rewardffcode.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
etag: "c34038edcf4185b3e75a6b85f1cd3d4f:1646641687.19891"
last-modified: Mon, 07 Mar 2022 08:28:07 GMT
server: AkamaiNetStorage
content-length: 3522
date: Thu, 18 Apr 2024 04:29:40 GMT
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/bg.jpg | 95.101.10.25 | 200 OK | 137 kB |
URL GET HTTP/2dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/bg.jpg IP95.101.10.25:443 ASN#20940 Akamai International B.V.
Requested byhttps://rewardffcode.com/enter.php CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, progressive, precision 8, 1920x965, components 3 Size137 kB (136773 bytes) Hash57fd6fc58a09519be8012650efd9881d bf24f16e0901ebef13336a3b4a6e13263ffb6279 ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d
GET /mgames/ffmhk/common/web_event/tweb-event/redemption/img/bg.jpg HTTP/1.1
Host: dlgarenanow-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rewardffcode.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
etag: "57fd6fc58a09519be8012650efd9881d:1710802872.771082"
last-modified: Mon, 18 Mar 2024 23:01:12 GMT
server: AkamaiNetStorage
content-length: 136773
date: Thu, 18 Apr 2024 04:29:40 GMT
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/top_teeth-l.png | 95.101.10.25 | 200 OK | 144 B |
URL GET HTTP/2dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/top_teeth-l.png IP95.101.10.25:443 ASN#20940 Akamai International B.V.
Requested byhttps://rewardffcode.com/enter.php CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typePNG image data, 350 x 9, 8-bit/color RGBA, non-interlaced Hashfe98481dd3ffad514594309ceb2ef4ba 0fcc8e2afec22a1abcbf7de83624504919da9a13 42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae
GET /mgames/ffmhk/common/web_event/tweb-event/redemption/img/top_teeth-l.png HTTP/1.1
Host: dlgarenanow-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rewardffcode.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-length: 144
content-type: image/png
etag: "fe98481dd3ffad514594309ceb2ef4ba:1646641607.0753"
last-modified: Mon, 07 Mar 2022 08:26:47 GMT
server: AkamaiNetStorage
date: Thu, 18 Apr 2024 04:29:40 GMT
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| rewardffcode.com/favicon.ico | 172.67.158.17 | | 1.1 kB |
URL rewardffcode.com/favicon.ico IP172.67.158.17:0
File typeHTML document, ASCII text, with CRLF, LF line terminators Hash8150f458ed6fb9b1db4e5cfa57a1a281 6e5726854d28687b560d7fdcb5c782c425c7dfb9 4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
GET /favicon.ico HTTP/1.1
Host: rewardffcode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rewardffcode.com/data.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Thu, 18 Apr 2024 04:29:38 GMT
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GpQqqBDqxvDzo%2BVlobH%2BKCIyO8gacvqJYhhHryAnVryGyGdDmr1xRS6WZWN4WBhh1ejCDO%2FBOyJE29vfGnikIqeOCQ%2FApRxD9SdDDYn5F2%2Fe9TlZqPrfsD2nRF0qcdT73%2FwR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8761ea394b4256ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| freefiremobile-a.akamaihd.net/ffwebsite/images/freefire16-2.ico | 95.101.10.81 | 200 OK | 1.2 kB |
URL GET HTTP/1.1freefiremobile-a.akamaihd.net/ffwebsite/images/freefire16-2.ico IP95.101.10.81:443 ASN#20940 Akamai International B.V.
Requested byhttps://rewardffcode.com/enter.php CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel Hashce89b8118878fce7e0b65318d77f9eba c14d16d7157ba9ecb651c0afddfcd5625e3de79c 5913aad9d5853b7074edf8539d363b9b41179904289040127e1dc9b0ce6088dc
GET /ffwebsite/images/freefire16-2.ico HTTP/1.1
Host: freefiremobile-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rewardffcode.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: OBS
x-obs-request-id: 000001860D38EC529418EFEA9F1B9E12
Accept-Ranges: bytes
ETag: "ce89b8118878fce7e0b65318d77f9eba"
Last-Modified: Thu, 04 Aug 2022 12:38:52 GMT
Content-Type: image/x-icon
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSk+q9MthSXWFrx5pw4Jg2zopUCLG+qL
Content-Length: 1150
Date: Thu, 18 Apr 2024 04:29:42 GMT
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Cache-Control: public, max-age=3600
Access-Control-Allow-Origin: *
|
|
| dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/arrow.png | 95.101.10.25 | 200 OK | 449 B |
URL GET HTTP/2dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/arrow.png IP95.101.10.25:443 ASN#20940 Akamai International B.V.
Requested byhttps://rewardffcode.com/enter.php CertificateIssuerDigiCert Inc Subjecta248.e.akamai.net FingerprintA3:C7:B4:95:4E:16:BD:C5:8A:EE:85:53:5D:C1:C2:CD:43:E9:EC:B9 ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT
File typePNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced Hash3303308c2aacb531af045e92a5d7101c 4fd4dfdcb5bdca226611ef1dddfdf7f6778982fd 756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861
GET /mgames/ffmhk/common/web_event/tweb-event/redemption/img/arrow.png HTTP/1.1
Host: dlgarenanow-a.akamaihd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://rewardffcode.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
etag: "3303308c2aacb531af045e92a5d7101c:1646641610.663508"
last-modified: Mon, 07 Mar 2022 08:26:50 GMT
server: AkamaiNetStorage
content-length: 449
date: Thu, 18 Apr 2024 04:29:40 GMT
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
access-control-allow-origin: *
X-Firefox-Spdy: h2
|
|
| rewardffcode.com/enter.php | 172.67.158.17 | 200 OK | 9.1 kB |
URL User Request POST HTTP/3rewardffcode.com/enter.php IP172.67.158.17:443
CertificateIssuerLet's Encrypt Subjectrewardffcode.com FingerprintE8:2F:08:59:50:5E:F5:44:8D:A2:C4:E2:E7:07:46:0B:C1:8F:AB:C1 ValidityWed, 17 Apr 2024 01:27:11 GMT - Tue, 16 Jul 2024 01:27:10 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (9802), with no line terminators Hashc65a6fbb4b6c6382c9836aae13d8df51 1ae262d57b9d7beed62a0380da52867c9b10b3d2 947ee9c4ab2e6f2c1208dc517bb7ca72ce4508038c99b5d011062cb3b3894e56
Analyzer | Verdict | Alert | OpenPhish | phishing | Garena |
POST /enter.php HTTP/1.1
Host: rewardffcode.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 5
Origin: https://rewardffcode.com
DNT: 1
Connection: keep-alive
Referer: https://rewardffcode.com/data.php
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Thu, 18 Apr 2024 04:29:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nhSp5GPpnBY3hcUvhu35BXZTF4rHlPRczVkOAd8gZ9VDtakIZljyUip3pCgMM1ImqSiEte1la2u6vF3HfTeHRopUobW6b4%2BsTzTvTChh5Qtrf%2Bv3utK0QFhfkkWJZDcEZjbk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8761ea389ac756ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|