firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 20:15:06 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 6RAiflWM6h8B0KdXyqam2GhLonJOFFO3zgXwyN3clO1Ie-YO3d14AA==
Age: 1721
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6938
Expires: Sun, 25 Sep 2022 22:39:25 GMT
Date: Sun, 25 Sep 2022 20:43:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 25 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pckQlPjHhYJDXXJoPj1ZS5P_Hs03FrLcXRZUzUCSRmP1vCiXaJqkoQ==
age: 58113
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 20:43:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
200 OK 863 B URL HTTP/1.1 ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash d0f8d6d684d0a1f428039c244d396fa6
5144bf8057485b5174de3367726415e0fc2823e6
af3768f0f9b7e29293e37d5cc9947a60719f0459fa2f23cb34384565de6fd07c
Analyzer Verdict Alert openphish Garena
fortinet Phishing
GET /cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:47 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Ng8yXN6WL%2FVC7DdWybUU0uqBQHRarP9IWLnlPOlW4nVhXwxWNTe%2BmXlyqey8gx55Pz9Pfh3ErW5P3VWQgen8MiKRWSWII3l1z1Z8wDZS8WelFTSvXQEVHoJCKQ1Ge7s62Ed4aeNbYM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 750698140898b4ff-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/login.css
200 OK 33 kB URL HTTP/1.1 ff.member.garenen.com/login.css
IP
File type ASCII text, with very long lines (2209)
Hash 0e58795f7d574f6acab9d7b1f8c7c742
06024f47599bb30b8a8c70b6632fc3d560df227e
01012fdc3bcb1d0aab881018eff895c2d9bf46af6b5fb9101eab086f4d24dfe8
Analyzer Verdict Alert openphish Garena
GET /login.css HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:47 GMT
Content-Type: text/css
Content-Length: 33119
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:28 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ilvG1pp3PMf41b5nG7%2F8iqcgwuXnxHALImydSfOrjTwAwq1uypN0fET3tbsxNSUuVBf%2BBbOHr9CDrD0oF4s1LfdII2Np2zqoNhghRRxBAK5QlKUTdngP0vO4OFIatuFH39%2BhoJzU%2FWM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 750698176d4ab4ff-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/css/chunk-vendors.737c64e5.css
200 OK 5.3 kB URL HTTP/1.1 ff.member.garenen.com/css/chunk-vendors.737c64e5.css
IP
File type ASCII text, with very long lines (65365)
Hash 67053bcc8911d4ee9062c4e794b4bfb8
b26b92a2857650359859b438ffa4b2975da24b67
4314701e57cb8191d8665cde208b0ad7b2f537ec4aa7085ea33bd073754ab730
Analyzer Verdict Alert openphish Garena
GET /css/chunk-vendors.737c64e5.css HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:47 GMT
Content-Type: text/css
Content-Length: 5269
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:27 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BugmjTqBNobowZqtxY183hSuemnFfOxStQLLaj4k%2FR3Yp0eCTbIoCjjQ7kCp34PU7dpgvpX4dOGN%2BvA9gOqIXiHzZSe%2FWhfZciNZvB1%2FqcGj9NyOLrE5TNjglF%2FywUt3IWitx2O80w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 750698177a4a0b65-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/css/app.b1f17912.css
200 OK 14 kB URL HTTP/1.1 ff.member.garenen.com/css/app.b1f17912.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4f903fca425c873a380f1e172cd07847
dea9ed4f9c23ef5ca4b8b891a621b610fbd36878
cd0dd0cc5032a2e91efb669378109be6e8014d23aa95b230f0d446c64e56bf30
Analyzer Verdict Alert openphish Garena
GET /css/app.b1f17912.css HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:47 GMT
Content-Type: text/css
Content-Length: 14126
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:27 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 500
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6PkIx1mG0YLRVpdkuXi%2FKH0waBSKfO%2Bmzk3hBZmhjPRQLiHgx7FYgDKiqe%2FuotpAxENA2KrvX%2F1XaBzUYHaohhIIIttiRu%2FVOZjpIUdo8LEoVjixmVRECT%2FWS2hTp%2FVEUfhVEAdMods%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7506981779fdb4ee-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/js/app.2a0a3444.js
200 OK 2.0 kB URL HTTP/1.1 ff.member.garenen.com/js/app.2a0a3444.js
IP
File type ASCII text, with very long lines (4404)
Hash 29016d831006ee3227eff3a4719b6ec2
7972bb9e9a25632e7a0a94335db9689c4ee1417a
f3bbd28f2077bdbe68158f7fdefccf6385bf8be6506c9a86bdb6e0b348d3aac7
Analyzer Verdict Alert openphish Garena
fortinet Phishing
GET /js/app.2a0a3444.js HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:47 GMT
Content-Type: application/javascript
Content-Length: 2009
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:27 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dL3jtVv4ILKJpIlb4CeOJzs2rwq6i2NHNpnwxaTTixqG6826UPlr89itkfJV2fhbds7yyT%2BAuAGu2MRMYvmloCEsDGAotnkY97ak%2F3CyT0Gq4HGNMTQi327uWVToqScgwO50HcMkRqs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 750698177fcd1c0a-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/js/chunk-vendors.af4be1be.js
200 OK 75 kB URL HTTP/1.1 ff.member.garenen.com/js/chunk-vendors.af4be1be.js
IP
File type Unicode text, UTF-8 text, with very long lines (60216)
Hash 7e082ed03263b2ef11d518205f64f686
173d5df5414d25002fe24067886e76382ecf2b39
0e744ea621323782370a2b68a4f2f3291fa4ce7d450017e4b4f35141720a9251
Analyzer Verdict Alert openphish Garena
fortinet Phishing
GET /js/chunk-vendors.af4be1be.js HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:47 GMT
Content-Type: application/javascript
Content-Length: 75440
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:28 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3B1JotXWiRccoXX%2BoraFTAa%2F3D3bFnRFs6Y1vUA4hsaSwH3N%2B%2BNOJSVWrZq4g%2Fgtww0LKq2yoaCg0L%2F9YwsY4TuDVxY2vq6j3ai9hfUhoD5WMBUOB%2FLBa3%2B4LJyn%2FhkHpMyUN04sFVg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 750698178d6eb4ff-OSL
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/fancybox/3.4.1/jquery.fancybox.min.css
200 OK 2.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/fancybox/3.4.1/jquery.fancybox.min.css
IP
File type ASCII text, with very long lines (13924), with no line terminators
Hash 27daf735c38d95825ce6e7d0b769138a
01ac6d62bcd90b54563ba515e81c96b270105c4e
a36d7bd033243c51990e02057c8daecb640107c0240f5f5105cdf60272e5b5ea
GET /ajax/libs/fancybox/3.4.1/jquery.fancybox.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ff.member.garenen.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:43:47 GMT
content-type: text/css; charset=utf-8
content-length: 2912
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e58-3664"
last-modified: Mon, 04 May 2020 16:10:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 9318784
expires: Fri, 15 Sep 2023 20:43:47 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m82fuwabqeR4OSnv4Ml%2B1cY0Gvgpz6ujxTdFtfONzHUoUeZ5baz0H%2BUUjHSJgH5tdtFkM5A%2Fu8FoITWF5z3xP%2FVWZhQYZhS%2FSG3auGL7LANId8N7%2BtN4fzHo3Z5PV0iM8HCNUWbB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 750698179cab0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 650b6e71248092b05b7f35e8703da4fb
a675c71ea7c50c6a3576eb9626630b0445016d32
122a0ec921f9b9a6b845d4f75df0a4d950f2ce3c34a79cecc67d80962255c1ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4700
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 20:43:47 GMT
Last-Modified: Sun, 25 Sep 2022 19:25:27 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
ff.member.garenen.com/css/chunk-10a81ae2.ec7605e3.css
200 OK 119 B URL HTTP/1.1 ff.member.garenen.com/css/chunk-10a81ae2.ec7605e3.css
IP
File type ASCII text, with no line terminators
Hash 1cb5ab727a8c0c3c64609c7897af3674
bc94444b98f145ed8ddf39f2ae2195f7d0cc2a92
559feeea85bc33d426b92cfbaccf12ab52b0c9c3798cb84218ebfa49e8effb99
Analyzer Verdict Alert openphish Garena
GET /css/chunk-10a81ae2.ec7605e3.css HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 12:18:25 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
CF-Cache-Status: HIT
Age: 30323
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xz5vNgAmtj1XMcSSSBBD1cb%2FsVuc5wKQuuRB4iKwaPh3Qd84zGIraSoRbEF1Ri6DO%2FAqMO3H1qrlKWCD%2Fnixaa95Ys2CGLTlfKZHokWBQFMdq69GYO3S7Ij%2FQpw6Tz2KEFmoxMBLFII%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750698196cf2b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/js/chunk-10a81ae2.aad79b3d.js
200 OK 26 kB URL HTTP/1.1 ff.member.garenen.com/js/chunk-10a81ae2.aad79b3d.js
IP
File type Unicode text, UTF-8 text, with very long lines (64856)
Hash b604295083774e329d22fee1f0bcb2a5
0f5e1124d8617b641ac6f609074046486ef73225
170b9bde04730026d9aa417981824096f5edc75984820da3e3cf2c6e8a6882ea
Analyzer Verdict Alert openphish Garena
fortinet Phishing
GET /js/chunk-10a81ae2.aad79b3d.js HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: application/javascript
Content-Length: 26387
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 12:18:28 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 30320
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LybTBwQp9m9kZ%2BeJwJUpJlW6QmnkfsxK7%2FM5uQtYC3V0pdhrmfnRQKN2VAcEyYm26x98Pb6VxiIf7krsLshlggOCX9Pup%2F76M6qdx7MIw8himcb4ysLCOF8Jng0KrycqxNI%2F8ZomtHs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 750698198d310b65-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 25 Sep 2022 20:04:17 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Sun, 25 Sep 2022 20:18:52 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KOGUSrJmBK9i_YyhWspUJHLYbkNYylB1aX0gRQCNkXnHtaZO5e-eQg==
Age: 2371
ff.member.garenen.com/img/logout.29f7cada.png
200 OK 15 kB URL HTTP/1.1 ff.member.garenen.com/img/logout.29f7cada.png
IP
File type PNG image data, 152 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 29f7cada758df884c437be190093b10e
6a187704a2e796ac9459dabd836d113006ef7a9b
168d31d28b3aa31247135234a8adb526f3b7f64cabd3120985b462ca21c58fa9
Analyzer Verdict Alert openphish Garena
GET /img/logout.29f7cada.png HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: image/png
Content-Length: 14980
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:29 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUMtjdc%2FN1SU4HTFxO1aUdwrCZF5dfh%2Bz2Q4VUeN48Um3eNl2%2FZ1q5fZQOIa5OVgkKK08wfh0F6D3hKdVMxOR5thkD2DsB8AnKEUBhqJBdcKtVf2xGkeVEVHTGq64ElF5rg1DaBHapk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75069819ed980b65-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/images/spin-title.png
200 OK 863 B URL HTTP/1.1 ff.member.garenen.com/images/spin-title.png
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash d0f8d6d684d0a1f428039c244d396fa6
5144bf8057485b5174de3367726415e0fc2823e6
af3768f0f9b7e29293e37d5cc9947a60719f0459fa2f23cb34384565de6fd07c
Analyzer Verdict Alert openphish Garena
GET /images/spin-title.png HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
Vary: Accept-Encoding
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 499
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C9YQN6TmnAhjAhzMM2cmZ6H5QP4dr2Ut6iyt3Tsa3oeoAMMVgWgsCWoAf7NsaEblEsU5W56%2Frt2WYUCcn29xY519nmv3eXvFiB7LLSwo6So%2F9ngA0K%2FN2EB3UrNqeQl%2BVqNbrnqK96w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 75069819fdc0b4ee-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/img/btn_history.c6c98836.png
200 OK 19 kB URL HTTP/1.1 ff.member.garenen.com/img/btn_history.c6c98836.png
IP
File type PNG image data, 242 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash c6c98836a1f61eed9e1704a80fff3452
b1fb786d62d1d1e85031a82aed81819cd2ec6105
93edab30fde28fbcb7cae59fbadc3bc77b9f47c1625a17ecc2f499bbf1f5afc9
Analyzer Verdict Alert openphish Garena
GET /img/btn_history.c6c98836.png HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: image/png
Content-Length: 19334
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:29 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7suaeZ7NkmVV5ishq1pKQl8GNOVNNh7ivaRYMSOoVTRMnKwvhAFfBcyJt8cFl7xD8ynuO6izfZ%2F3UcL9Fo8PAg4JWtfGFDn%2BX1aIvgoYAIbAFKXLc8FHslX0Dn7LPO%2BfszVTJo8bCf0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75069819fa9c1c0a-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/img/dob-title.b8c16371.png
200 OK 35 kB URL HTTP/1.1 ff.member.garenen.com/img/dob-title.b8c16371.png
IP
File type PNG image data, 394 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash b8c163711def158bbffae4c9f9ae147e
ac4391dbe38aa12d485a64d62678ec60fd8f4010
a229865cad68073c0190603cf6b158fb90822271c33a9ab4634bd0020a46fd7c
Analyzer Verdict Alert openphish Garena
GET /img/dob-title.b8c16371.png HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: image/png
Content-Length: 35229
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:29 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CvQ9c1cF1mqK402l89%2BWtDXBMBQ0MQKmU8JT7C%2B7K%2Fk2OHgj3FiNnTtMIvnQg54irHSZA1%2FkVz2LRi2%2FEAxE8qHw7EX9ayr5Oo2v0tjvbXTsralgl%2BUWlQDsASFdwePhOQ4p%2B3%2FM7A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75069819f927b4ff-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/img/btn-bod-deactive.5810d0f4.png
200 OK 9.7 kB URL HTTP/1.1 ff.member.garenen.com/img/btn-bod-deactive.5810d0f4.png
IP
File type PNG image data, 152 x 46, 8-bit/color RGB, non-interlaced\012- data
Hash 5810d0f48cd4228f188de53b0b26a401
b55aae3f78329f78cee4eb01d578ee7a171e6fe5
466183461b2bcaa6068e573e538e4159243625a3fd6e59ec1b3b5e3dbbd3e542
Analyzer Verdict Alert openphish Garena
GET /img/btn-bod-deactive.5810d0f4.png HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: image/png
Content-Length: 9706
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:29 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
CF-Cache-Status: HIT
Age: 498
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kp2jXJiOtUJl0dLWAlV8vu1jmsCfs4Qs1Oev4sxtXg9Krs30ReQ5XT5jMuvHS%2FgC9Y8q%2Bi9%2BcJ8Tw31QAq3%2Bv1c%2F1Uv9XUP24PFAUNZ48G6lk%2BcNXC7ouLK0K1UwEde18hctqANmMT8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75069819ff84b50c-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/images/dob-bg.png
200 OK 66 kB URL HTTP/1.1 ff.member.garenen.com/images/dob-bg.png
IP
File type PNG image data, 1079 x 852, 8-bit/color RGB, non-interlaced\012- data
Hash ede8d79517267263b24f4629c5a20fcb
26776aaf21b2902e9088281e000a31be4a969c72
3ae09ef678cacb0fc6be8d17dc403c2b8049ffdb302e591189331ae71307b447
Analyzer Verdict Alert openphish Garena
GET /images/dob-bg.png HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/css/app.b1f17912.css
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: image/png
Content-Length: 65835
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:28 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaHc7QT9jr2RcPSpg3Lfvq7NT%2BsdcyCC4mO2T03IsOWMmEQQ1T5d6dood6aRsQHxWgIXshVWLcG6ktP%2F7270l%2B5zqSDpGAROmaYVp4xO39lKgwHK2D%2FgV4lKC7s2ld6W2AwKgIpJG%2B4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7506981a4e280b65-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/images/spin-bg.png
200 OK 598 kB URL HTTP/1.1 ff.member.garenen.com/images/spin-bg.png
IP
File type PNG image data, 1080 x 1109, 8-bit/color RGB, non-interlaced\012- data
Size 598 kB (597541 bytes)
Hash b83bae0d44a9310bbc30b8b3f59f64fd
b6d5446495bab1d7ec2ecf9dc1177cf89886f36c
78e2ca75fcafa1dd58eefb124e508648a756f1d3c7a83e42e5d46bf8df06c26c
Analyzer Verdict Alert openphish Garena
GET /images/spin-bg.png HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/css/app.b1f17912.css
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: image/png
Content-Length: 597541
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:28 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ia%2Bl4hy0YbTK2nG%2FkLuEjfHpiSt5criFL5S38TDDxA6W3I3cZguNP%2Fy6CCUyLl5JOGFC1%2FOP2tKX5hNvtv%2FZ5nqGE9rJ2Plcp%2FFUFMPOdWVG%2BDUBqCF%2FwdccR2LCkinLBYYPOZxVPHE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7506981a4aff1c0a-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/images/red-bg-2.png
200 OK 39 kB URL HTTP/1.1 ff.member.garenen.com/images/red-bg-2.png
IP
File type PNG image data, 403 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 9975ff17da66b0c03464a24c1eef1cc3
4be0849f8b0acd81859ad16a6f78728e5abc3631
54fff3ea08a8e931d301109e72a14b34d633fa9e1de77efd49ab5fc42a2eaebc
Analyzer Verdict Alert openphish Garena
GET /images/red-bg-2.png HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/css/app.b1f17912.css
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: image/png
Content-Length: 39362
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:28 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
CF-Cache-Status: HIT
Age: 500
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OieBgVd3V9WVIOBdeTJu5yv3NyIcXMoNzmW4MCDd80IZPESxiXrLVZgeFMdvlai%2BhDBJVpXN2Lj5bcG68jxLhLkIzFjHzkfbAq84ul6XEL7dF0VKj%2F17khviXeSFWxo2D%2BI67jcxSaU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7506981a5e39b4ee-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/images/select-arr.png
200 OK 3.3 kB URL HTTP/1.1 ff.member.garenen.com/images/select-arr.png
IP
File type PNG image data, 30 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 250baea960d1661d6109e84ad106f217
888228c160f53b6978683d5377f6892778046a06
668531f1515acd2c3e3503a7af0f9e6259ef91aef30c56f2485c0816c5648291
Analyzer Verdict Alert openphish Garena
GET /images/select-arr.png HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/css/app.b1f17912.css
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: image/png
Content-Length: 3333
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:28 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BF6glqz%2Fx6irj7Nz9WgpBvNL8zNJOAOM0QTQmY8kvO0hLg%2BVW%2BcuJpsp4lNStDCfg96ii3LI%2BFTgRBGGtg2LtZxhM3UH8LNHvOICut8V1s98720RpKnOyLRuSBVNnnYFNMh1lfwTPQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7506981a5839b50c-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/images/fb_ico.png
200 OK 14 kB URL HTTP/1.1 ff.member.garenen.com/images/fb_ico.png
IP
File type PNG image data, 117 x 117, 8-bit/color RGBA, non-interlaced\012- data
Hash 576aa2bf378815a2fd9e42ae6bc6e120
01f9850eb161d116a1a746918c50d16f1bffa668
4e0582cc334483c80c60f70233200a8c60999b4e9ac30beae05ab46eb49f80b1
Analyzer Verdict Alert openphish Garena
GET /images/fb_ico.png HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: image/png
Content-Length: 13498
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:29 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yw2cpTxX5Xy%2BMvvoVlQRJ09%2B3XWizy7Jh%2BXl8TwzHCMdCNeOaY%2BQiIlMRVbrq%2BHghKxWkPiURoukV7yroEzvq3PAfutjSNbWuYiNNOQy0e0veKibw6fPcbZeFkzMZ4vyiSfGOAU9iqg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7506981a59c2b4ff-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/images/yellow-bg.png
200 OK 7.5 kB URL HTTP/1.1 ff.member.garenen.com/images/yellow-bg.png
IP
File type PNG image data, 102 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash 6bcd8e8f7a6d40eb79fec974ed9be56e
1d519eb77848275ce0c96349d7b4fda8a3d1f709
28e0bd6ab428b72bf9013b4423ce4fcc42bf4e894f37e1d5bb3f93ec729dbd5c
Analyzer Verdict Alert openphish Garena
GET /images/yellow-bg.png HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ff.member.garenen.com/css/app.b1f17912.css
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: image/png
Content-Length: 7521
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:28 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
CF-Cache-Status: HIT
Age: 499
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2B9vB%2F%2B%2BNBGoaccaxCovHC7bC24LTSX4B%2FXZTdQHRdt67ZgWnKkH7WxwgGvzFOFveYCxlelPEm9MgvIowS2rWWZ3GMth%2BJh53Rsu%2BvaIcTahyw8rqOHeTS5LT9fDeZd2kI%2FmRWB6h08%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7506981a6e440b65-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 471 B IP
Hash fd3b36dc2b620b48de491a8d9ba00fc0
be67ba7db5215dcb7c9225876e35a5e0a5005c9e
28205ee62c77b1caad6cc24c1ce98ddb92d26f67d41270f7d5278208a907c62f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5641
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 20:43:48 GMT
Last-Modified: Sun, 25 Sep 2022 19:09:47 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /VLVDKkl7pj0oyYJiCW64w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NiFXZM7X4lf2bUQIvQMzMVGvCHg=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18540
Expires: Mon, 26 Sep 2022 01:52:48 GMT
Date: Sun, 25 Sep 2022 20:43:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18540
Expires: Mon, 26 Sep 2022 01:52:48 GMT
Date: Sun, 25 Sep 2022 20:43:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18540
Expires: Mon, 26 Sep 2022 01:52:48 GMT
Date: Sun, 25 Sep 2022 20:43:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a89e7161745036637a66e8ab5b7efdf9
79c83cc27996b2339bd63764dbb2ae9744db6d70
13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IVWTWArqWNBCHmVFP9mQm4bAi4f5pq7wJX2ve-ksyx2xmNqHz5pX8A==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 05:31:50 GMT
age: 54718
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa150280eb113504d61a25935c0f0127
ed04f74fbb4c77b21e2babc51a82857f5e23d169
07df17fffb391aa82efb09e30d97e88fa4dbe6df00e37bb90304f69179f4848e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd719f7db-20e1-4834-9525-3117f1824f36.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10032
x-amzn-requestid: 521c4012-9834-4100-a7ed-30093502f1a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7sPBHGYoAMFh-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e272c-77b03c321240d76a572d603a;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:37:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lAQOV9_fZ2RFvhRKMtDOeRTWJc-Jo1u-DrtJshcQuCSOUXVbNMjhaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:57:02 GMT
age: 82006
etag: "ed04f74fbb4c77b21e2babc51a82857f5e23d169"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
age: 83202
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 714af732a9aa1db2b13ffb62810fd532
358e74de395352a9529ff1c17856daf8900888c5
1d2035cfcd283560ebe8494f9438e52f8d96cd092dd41cb0eb899a3f905c1e05
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F254286e1-1c63-4609-9dfb-0eb4b9096238.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6199
x-amzn-requestid: d26f22d9-4e9b-4764-8c96-2e1c7ce36340
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--OKHowoAMFbQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7727-7adb7c4925e6e50e13889544;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3_xkH-s3Fzz3CRHux4j3hergFHWBmOFF9vMBCoN1rJrjrCkeSEp0qQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:01:16 GMT
age: 81752
etag: "358e74de395352a9529ff1c17856daf8900888c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 83176
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9773faaac4deac40b96cd0802e974f36
db601663fa6ee5564eddaf8d3d84c7b04bf3871c
40e7a573f510ff29db04b3fbfacde2ad6ecd67b4c0be30034e057654c86408a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1730b63d-9494-4330-acb8-7cb387a0cf08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5305
x-amzn-requestid: df7ba218-d20c-4389-8895-affd870ad15f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JqKGtHoAMFcJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d230d-1854a5420f7091316aa4f211;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JgS9UxuYxMmnN6Op-LDeWN7tpeQYRosQp5Jo4-2jf8uEMUIHa6j-SQ==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 05:04:13 GMT
age: 56375
etag: "db601663fa6ee5564eddaf8d3d84c7b04bf3871c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsps.ssl.com/
200 OK 1.9 kB IP
Hash 57a4ae0a06e0a8a2758b866facc5cf94
3bbf4d07279101019a1050417d5159afa1ea7575
e3bb1aec0ed097f22ded930bb98d2e63b34f31b44f8100b817f3fbada75bcccf
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1883
Connection: keep-alive
Expires: Sun, 02 Oct 2022 02:28:54 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "3bbf4d07279101019a1050417d5159afa1ea7575"
Last-Modified: Sun, 25 Sep 2022 02:28:55 GMT
X-Proxy-Cache: HIT
ocsps.ssl.com/
200 OK 1.9 kB IP
Hash f62c7a706232d42e692879eeeb6f0487
7cf8d80ce94340f47a0736c936d31888e8960660
3603e56fae4c2ed18a6d55271cb6e4fe783b0c659c9b51e9ba739cbda9049c64
POST / HTTP/1.1
Host: ocsps.ssl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: application/ocsp-response
Content-Length: 1883
Connection: keep-alive
Expires: Sun, 02 Oct 2022 01:31:02 GMT
Cache-Control: max-age=86400,public,no-transform,must-revalidate
ETag: "7cf8d80ce94340f47a0736c936d31888e8960660"
Last-Modified: Sun, 25 Sep 2022 01:31:03 GMT
X-Proxy-Cache: HIT
cdn.vn.garenanow.com/web/ff/fav.jpg
200 OK 10 kB URL HTTP/1.1 cdn.vn.garenanow.com/web/ff/fav.jpg
IP
ASN #7643 Vietnam Posts and Telecommunications VNPT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], progressive, precision 8, 200x200, components 3\012- data
Hash 78e23e9a864c3f5c9ca4049e7ccee8cb
0a635dcf9eade4c2d41f638c7c3a5bcc44dd9f14
d4b543fbd9ec68332b9d3af5f2253e02e7f262c41f87452fea20e4cbfc7e4a68
GET /web/ff/fav.jpg HTTP/1.1
Host: cdn.vn.garenanow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ff.member.garenen.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: image/jpeg
Content-Length: 10025
Connection: keep-alive
Last-Modified: Fri, 04 May 2018 07:18:36 GMT
ETag: "5aec094c-2729"
X-Cache-Status: HIT
X-Handled-By: cdn-master
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
cdn.vn.garenanow.com/web/ff/ff_membership/item/Vip-Membership.jpg
200 OK 425 kB URL HTTP/1.1 cdn.vn.garenanow.com/web/ff/ff_membership/item/Vip-Membership.jpg
IP
ASN #7643 Vietnam Posts and Telecommunications VNPT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1080x397, components 3\012- data
Size 425 kB (425312 bytes)
Hash bea9fdacb877e6c636823faf682a221e
513a4e3f26a8a12f245e833101a6ab99b650049f
e71dfbb5eb4e822877c51d6b9a90610e19045f283ff0dacda0dc5c25ce91d372
GET /web/ff/ff_membership/item/Vip-Membership.jpg HTTP/1.1
Host: cdn.vn.garenanow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ff.member.garenen.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 25 Sep 2022 20:43:48 GMT
Content-Type: image/jpeg
Content-Length: 425312
Connection: keep-alive
Last-Modified: Wed, 09 Jan 2019 08:55:01 GMT
ETag: "5c35b6e5-67d60"
X-Cache-Status: REVALIDATED
X-Handled-By: cdn-master
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ff.member.garenen.com/css/chunk-ebcca810.fc5c29f8.css
200 OK 150 B URL HTTP/1.1 ff.member.garenen.com/css/chunk-ebcca810.fc5c29f8.css
IP
File type ASCII text, with no line terminators
Hash 7bc307c2c9b3cb0274402c6b21c7940a
be7ebb8c813e71788161548706f4ad4c3f37c148
39d164bb32b98b49044d82ced704cc7f643a74041d08e3e8d57eb32ba9a3f49c
Analyzer Verdict Alert openphish Garena
GET /css/chunk-ebcca810.fc5c29f8.css HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:50 GMT
Content-Type: text/css
Content-Length: 150
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:28 GMT
Last-Modified: Sat, 04 Sep 2021 01:30:58 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 502
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RPfp4gxZ1eCPSTCL3AZ37ntdiFo0KVh2%2BKrf6P2j99pdEYVQ6xRlShlffRGXRSoWq%2BMeOt%2F34kh%2F1vNUKdGM0jypa1CaKpbcT4V58IfpRY0cvYoABVKBIKwJJ9y9W8EETnYKHMvD00Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 750698271a781c0a-OSL
alt-svc: h2=":443"; ma=60
ff.member.garenen.com/js/chunk-ebcca810.0be768b5.js
200 OK 13 kB URL HTTP/1.1 ff.member.garenen.com/js/chunk-ebcca810.0be768b5.js
IP
File type Unicode text, UTF-8 text, with very long lines (36219)
Hash c2e7603086caad6ccfc2ba0287461d0b
6a198f0c00337266e67c5377f83380b7dbdd67c5
8ee96bf5bf7bee53dd6b1aaad804a792a23dc1c0a5b4e4f8cf67072207a3f126
Analyzer Verdict Alert openphish Garena
fortinet Phishing
GET /js/chunk-ebcca810.0be768b5.js HTTP/1.1
Host: ff.member.garenen.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://ff.member.garenen.com/cc4cselnd5px4uuvhvxahynhmfd1xuatmnotbypwne1gokva4ornazyelmaf5a0uukjujneebuig0tnsqkwih4ksiffdip2jgxyf_index
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 20:43:50 GMT
Content-Type: application/javascript
Content-Length: 13010
Connection: keep-alive
Cache-Control: public, max-age=604800
Expires: Sun, 02 Oct 2022 20:35:28 GMT
Last-Modified: Tue, 26 Jul 2022 04:17:14 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 502
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mfAF6g7dyayqXw4Ve7R3Qrq26zC7EroBa8flqrsu30avP3Ty1aK%2BoZLXQ7AEwMDzyVs5Fy0TlBLAAMXdByRkERmd5ngAw23VmP4c3f20YROVHbimxNn1B1pCxb5OfLyok05kSLapctQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 750698272f420b65-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc313594-ca24-4e62-bba0-99a0475817bf.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc313594-ca24-4e62-bba0-99a0475817bf.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed165f50993660657ba10cdebdb895b3
0241ca5908ca229c2528a3c84177488cc2c08c13
b13c7b9ce6ae5d4295467977258ab19da8329b0f1db39e38f11d16d905d742cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc313594-ca24-4e62-bba0-99a0475817bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14237
x-amzn-requestid: ebac6624-ee74-4911-b34d-f12abd8524e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y7ruIG08oAMF6bQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e265a-1119098a051db3235b3a0674;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 21:34:18 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PuRSMM1YJ_03oGNhk2W-FwfPRkhU_TDcvyi-31NspF3s8U7erzx6_A==
via: 1.1 1949caaabae48a894fcd770a3e1384f6.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 22:01:32 GMT
age: 81743
etag: "0241ca5908ca229c2528a3c84177488cc2c08c13"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff440191a-84ee-43b5-bafa-0bb36c962f39.jpeg
200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff440191a-84ee-43b5-bafa-0bb36c962f39.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b156552f4d76fd964b279ebcf8cd1f8e
6a02487368bbe41b87feeef1f70f7320392d72a3
ceddf1a515c64d0071a4d90c26de60a27ee2bf2af341bf1572fb05743d2cc644
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff440191a-84ee-43b5-bafa-0bb36c962f39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5293
x-amzn-requestid: a35423bc-9112-48da-85e0-93ac41794d29
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y--PkGehoAMF1pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7730-450fad077885fae416572443;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:31:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IAon_ZYxu87A9OB775Q1unI4sdLHdE-Ij9QNYaB2mqftP0IoAsgnvQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:39:22 GMT
age: 83074
etag: "6a02487368bbe41b87feeef1f70f7320392d72a3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
200 OK 0 B URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
IP
GET /bootstrap/4.1.3/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ff.member.garenen.com
Connection: keep-alive
Referer: http://ff.member.garenen.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 20:43:47 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 08/20/2022 02:32:49
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 756
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: dbee91974a117a68a1fd360fe4ea7495
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 75069817fe12b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
104.21.25.114
143.204.55.35
23.36.77.32
93.184.220.29
203.162.56.72
104.17.24.14