Report - membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html

Report Overview

Submitted URL
membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
IP
103.195.237.150
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED
Submitted
2024-03-28 05:58:34
Access
public
Website Title
Garena Free Fire Membership
Final URL
membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html#/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
44

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
stackpath.bootstrapcdn.com	2467	2012-05-25	2018-06-15	2024-03-28	512 B	34 kB	104.18.10.207
docs.google.com	122	1997-09-15	2013-05-31	2024-03-27	599 B	2.1 kB	142.250.74.14
zerossl.ocsp.sectigo.com	4049	2018-08-16	2020-05-09	2024-03-28	336 B	1.2 kB	104.18.38.233
cdn.vn.garenanow.com	74387	2010-09-27	2013-11-06	2024-03-26	920 B	436 kB	45.119.240.104
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-03-28	472 B	3.9 kB	104.17.25.14
membership.freefire.garenaw.vn	unknown	unknown	2024-03-21	2024-03-23	20 kB	1.1 MB	103.195.237.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-27	medium	membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena
2024-03-26	medium	membership.freefire.garenaw.vn/	Garena

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	membership.freefire.garenaw.vn/js/chunk-10a81ae2.aad79b3d.js	149 kB	2024-03-23	2024-04-13
Pretty URL membership.freefire.garenaw.vn/js/chunk-10a81ae2.aad79b3d.js IP 103.195.237.150 ASN #140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-23 06:59:43 Last Seen2024-04-13 08:07:39 Times Seen21 Hash 2ac928c46d8787ab98a54f3f8b24aa25 fea6d948abe3017f21f0c7dcd95c563a64801a2f 253b122240afb4194196b937565d72fd65f8c5f92da687b3983f316d2da5d907 Loading...

	membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html	405 B	2023-03-10	2024-04-13
Pretty URL membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html IP 103.195.237.150 ASN #140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-10 07:26:06 Last Seen2024-04-13 08:07:39 Times Seen8 Hash 61313befe85e42dac7596c56c1ce17ff 3a68b4db07231b2c0f27b1d74dcf536af42a5faf d58dbcc6d99e798b9500e6472a2931fc47f1cfc1a4acf2275bbb336e5ac577c1 Loading...

	membership.freefire.garenaw.vn/js/chunk-vendors.af4be1be.js	467 kB	2023-03-10	2024-04-13
Pretty URL membership.freefire.garenaw.vn/js/chunk-vendors.af4be1be.js IP 103.195.237.150 ASN #140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 07:26:06 Last Seen2024-04-13 08:07:39 Times Seen182 Hash b1cc7e7265e38d52628929249b80d38c 8b19e74bdb39a22a506d14a48e85d0146a300b82 cdad3a6bbc25a0e1d4a3f2feaa607377f7eb0fb14f39b12169d66a214155ffea Loading...

	membership.freefire.garenaw.vn/js/app.2a0a3444.js	7.8 kB	2023-03-10	2024-04-13
Pretty URL membership.freefire.garenaw.vn/js/app.2a0a3444.js IP 103.195.237.150 ASN #140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 07:26:06 Last Seen2024-04-13 08:07:39 Times Seen187 Hash 609fe693c1a77d03b56f7bf153706736 81431e40c88846183773811787ee552aadc0cb5f 24596c64d4d04c684a3c2b4d6d3926d40cd6ee1f27c76a9ceddec6e25454a98a Loading...

HTTP Transactions (28)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/fancybox/3.4.1/jquery.fancybox.min.css

104.17.25.14

200 OK

2.9 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/fancybox/3.4.1/jquery.fancybox.min.css
IP
104.17.25.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (13924), with no line terminators
Size
2.9 kB (2912 bytes)
Hash
d07226345cd00a4b9ad6e83d96e583a5
4f4d7e065aee9417c7d7c428e3606fd32adf5977
a02fd0f27a964a5a756e48b71edf6044259a7b0e67ebf1cd935d074f86845f8c

HTTP Headers

GET /ajax/libs/fancybox/3.4.1/jquery.fancybox.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 05:58:05 GMT
content-type: text/css; charset=utf-8
content-length: 2912
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e58-3664"
last-modified: Mon, 04 May 2020 16:10:00 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 630128
expires: Tue, 18 Mar 2025 05:58:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G8J8J%2BVwExZlc0E19VJadKL1KIMOoFnkh752sKupBDq9nACfgZZgompSZpIs5mKp%2BHoOaybggCHm7DddeYSVq9Y1GT81XxhTV%2BKGvTyvkbKgeow8TqV2ysBto9O1qj1XM4ODhK%2FK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 86b562ebea9e56b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

membership.freefire.garenaw.vn/css/login.css

103.195.237.150

200 OK

32 kB

URL GET HTTP/2
membership.freefire.garenaw.vn/css/login.css
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
ASCII text, with very long lines (2208)
Size
32 kB (32057 bytes)
Hash
096e7f4b55241a7239d202d086e1cabf
1a438270534c521ae2ab0efc809f8c3e5f650c2c
060291a83be9a0518f6b89d574c545d48ee6105a78d662e1e2e694d5fccda61c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/login.css HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:04 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 15:38:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 32057
date: Thu, 28 Mar 2024 05:58:04 GMT
X-Firefox-Spdy: h2

membership.freefire.garenaw.vn/css/app.b1f17912.css

103.195.237.150

200 OK

14 kB

URL GET HTTP/2
membership.freefire.garenaw.vn/css/app.b1f17912.css
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
ASCII text
Size
14 kB (13987 bytes)
Hash
9115c848fcfcc4c9b4edf4eecc31e2e6
25121a3f7028fe3381a5e8207282d5ba6b1a022c
d9cedaad57e7213133b32c744d209c1e8e55c33357b95e3c0c79487302f6efbe

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/app.b1f17912.css HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:05 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 15:31:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 13987
date: Thu, 28 Mar 2024 05:58:05 GMT
X-Firefox-Spdy: h2

membership.freefire.garenaw.vn/css/chunk-vendors.737c64e5.css

103.195.237.150

200 OK

5.3 kB

URL GET HTTP/2
membership.freefire.garenaw.vn/css/chunk-vendors.737c64e5.css
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
ASCII text
Size
5.3 kB (5316 bytes)
Hash
3d5876ae1d99d02a6510d92926fbac49
9807de1810cc54a50f94924919eeee84830ab38a
08b4fd9ad05fda425046b58c390ef38abeb735eeea6fcb9790e146485ff0efd7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/chunk-vendors.737c64e5.css HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:05 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 15:31:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 5316
date: Thu, 28 Mar 2024 05:58:05 GMT
X-Firefox-Spdy: h2

membership.freefire.garenaw.vn/js/app.2a0a3444.js

103.195.237.150

200 OK

2.3 kB

URL GET HTTP/2
membership.freefire.garenaw.vn/js/app.2a0a3444.js
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
JavaScript source, ASCII text
Size
2.3 kB (2278 bytes)
Hash
609fe693c1a77d03b56f7bf153706736
81431e40c88846183773811787ee552aadc0cb5f
24596c64d4d04c684a3c2b4d6d3926d40cd6ee1f27c76a9ceddec6e25454a98a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/app.2a0a3444.js HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:05 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 15:31:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2278
date: Thu, 28 Mar 2024 05:58:05 GMT
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

104.18.10.207

200 OK

33 kB

URL GET HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
IP
104.18.10.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
ASCII text, with very long lines (65324)
Size
33 kB (32728 bytes)
Hash
04aca1f4cd3ec3c05a75a879f3be75a3
675fcf28f9fbf37139d3b2c0b676f96f601a4203
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

HTTP Headers

GET /bootstrap/4.1.3/css/bootstrap.min.css HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://membership.freefire.garenaw.vn
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 28 Mar 2024 05:58:05 GMT
content-type: text/css; charset=utf-8
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
vary: Accept-Encoding
access-control-allow-origin: *
cache-control: public, max-age=31919000
content-encoding: br
etag: W/"04aca1f4cd3ec3c05a75a879f3be75a3"
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 03/18/2024 12:28:12
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 3440f5604aaccce539549ada97fc6aa2
cdn-cache: HIT
cf-cache-status: HIT
age: 431938
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 86b562ebf97a569a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html

103.195.237.150

200 OK

36 kB

URL User Request GET HTTP/2
membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2478), with CRLF line terminators
Size
36 kB (35751 bytes)
Hash
b74ace00464b08d4e93786af7936d426
58f047f0e34de19f449d909bfce24b7ccb736ea9
cddcd8f6c71ce01d19c2e704ebdb5954d9f9ebefb25df5de1eb437b1d09a1c04

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
set-cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; path=/; secure
COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; secure
session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU; secure
content-encoding: br
vary: Accept-Encoding
date: Thu, 28 Mar 2024 05:58:04 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

membership.freefire.garenaw.vn/js/chunk-vendors.af4be1be.js

103.195.237.150

200 OK

90 kB

URL GET HTTP/2
membership.freefire.garenaw.vn/js/chunk-vendors.af4be1be.js
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (772)
Size
90 kB (90514 bytes)
Hash
b1cc7e7265e38d52628929249b80d38c
8b19e74bdb39a22a506d14a48e85d0146a300b82
cdad3a6bbc25a0e1d4a3f2feaa607377f7eb0fb14f39b12169d66a214155ffea

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/chunk-vendors.af4be1be.js HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:05 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 15:31:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 90514
date: Thu, 28 Mar 2024 05:58:05 GMT
X-Firefox-Spdy: h2

docs.google.com/forms/d/e/1FAIpQLSeFA1qo8Qro-R9b_xTBaNbN6Z4QzpOcIBtR5O16bBlqIgnVLA/formResponse

142.250.74.14

302 Found

258 B

URL POST HTTP/2
docs.google.com/forms/d/e/1FAIpQLSeFA1qo8Qro-R9b_xTBaNbN6Z4QzpOcIBtR5O16bBlqIgnVLA/formResponse
IP
142.250.74.14:443
ASN
#15169 GOOGLE

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint23:75:5E:3D:EA:9F:A0:42:86:8D:14:AE:43:04:F0:B2:91:0B:DA:CF
ValidityMon, 26 Feb 2024 08:03:58 GMT - Mon, 20 May 2024 08:03:57 GMT

File type
HTML document, ASCII text
Size
258 B (258 bytes)
Hash
b05604a9db45365085d05e2b95bb7f78
2b27b8a34281dac64f177857ca85aac692f47381
bf580ce4deae75166d1f807fd2169419d5d6513051bf030975f237461e0f9b1b

HTTP Headers

POST /forms/d/e/1FAIpQLSeFA1qo8Qro-R9b_xTBaNbN6Z4QzpOcIBtR5O16bBlqIgnVLA/formResponse HTTP/1.1
Host: docs.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 295
Origin: https://membership.freefire.garenaw.vn
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 28 Mar 2024 05:58:06 GMT
location: https://docs.google.com/forms/d/e/1FAIpQLSeFA1qo8Qro-R9b_xTBaNbN6Z4QzpOcIBtR5O16bBlqIgnVLA/closedform
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/docs-tt, base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'nonce-lYPhQLE4ndle1KfaOw1ONg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 258
server: GSE
set-cookie: S=spreadsheet_forms=RThnsSEuWvDHDqKqQD3dXAysTlTJ9YFVh4ZmYqLsAyc; Domain=.docs.google.com; Expires=Thu, 28-Mar-2024 06:58:06 GMT; Path=/forms/d/e/1FAIpQLSeFA1qo8Qro-R9b_xTBaNbN6Z4QzpOcIBtR5O16bBlqIgnVLA; Secure; HttpOnly; SameSite=none
COMPASS=spreadsheet_forms=CjIACWuJVzjPerkM8fnIyDSW9dIcKu48ber-JFu4Z8cnskwosTiPh9vX_mK-tffCqSsEGhD-qZSwBhpDAAlriVc2ylEe4cKqTKOLqpyMjIRG-3dtkHKsI2I9OWdT6hddZHb_lD-2KjVhrMgWmFODwXjl8O3lj7RybdtTFL8Raw==; Domain=.docs.google.com; Expires=Thu, 28-Mar-2024 06:58:06 GMT; Path=/forms/d/e/1FAIpQLSeFA1qo8Qro-R9b_xTBaNbN6Z4QzpOcIBtR5O16bBlqIgnVLA; Secure; HttpOnly; SameSite=none
NID=512=NNVGIWQOCuBi_GcgWb8vZFgzxT9dvWt05cDoIbV0aKNJjTn3RN82VccPcz_W05uQfYjQ7YYXT-z-GdAAlYQ5QNWEXj2-Hme_sR5N0JmKnKeXnXp3gZZtNWIOSPQHdcpDeBR0V8h-_05JO9wmqodtwDTD90t-YC5b6kCUFDbLtF4; expires=Fri, 27-Sep-2024 05:58:06 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

membership.freefire.garenaw.vn/css/chunk-10a81ae2.ec7605e3.css

103.195.237.150

200 OK

163 B

URL GET HTTP/3
membership.freefire.garenaw.vn/css/chunk-10a81ae2.ec7605e3.css
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
ASCII text
Size
163 B (163 bytes)
Hash
24a43ec9f3c8c5e4c19397158b8e97ed
e56a32285ea3de279051af1cd1e21f0d8c685025
1cf5f20201731ef6a00203de4229f28a52e9a1c3e978f1cc63fe04876936a62f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/chunk-10a81ae2.ec7605e3.css HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:05 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 15:31:58 GMT
accept-ranges: bytes
content-length: 163
date: Thu, 28 Mar 2024 05:58:05 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

membership.freefire.garenaw.vn/js/chunk-10a81ae2.aad79b3d.js

103.195.237.150

200 OK

28 kB

URL GET HTTP/3
membership.freefire.garenaw.vn/js/chunk-10a81ae2.aad79b3d.js
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2478)
Size
28 kB (27895 bytes)
Hash
2ac928c46d8787ab98a54f3f8b24aa25
fea6d948abe3017f21f0c7dcd95c563a64801a2f
253b122240afb4194196b937565d72fd65f8c5f92da687b3983f316d2da5d907

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/chunk-10a81ae2.aad79b3d.js HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:05 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 01:26:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 27895
date: Thu, 28 Mar 2024 05:58:05 GMT

membership.freefire.garenaw.vn/img/logout.29f7cada.png

103.195.237.150

200 OK

15 kB

URL GET HTTP/3
membership.freefire.garenaw.vn/img/logout.29f7cada.png
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
PNG image data, 152 x 46, 8-bit/color RGBA, non-interlaced
Size
15 kB (14980 bytes)
Hash
29f7cada758df884c437be190093b10e
6a187704a2e796ac9459dabd836d113006ef7a9b
168d31d28b3aa31247135234a8adb526f3b7f64cabd3120985b462ca21c58fa9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/logout.29f7cada.png HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:06 GMT
content-type: image/png
last-modified: Fri, 13 Aug 2021 16:52:54 GMT
accept-ranges: bytes
content-length: 14980
date: Thu, 28 Mar 2024 05:58:06 GMT

membership.freefire.garenaw.vn/images/spin-title.png

103.195.237.150

404 Not Found

708 B

URL GET HTTP/3
membership.freefire.garenaw.vn/images/spin-title.png
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
HTML document, ASCII text, with CRLF, LF line terminators
Size
708 B (708 bytes)
Hash
2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /images/spin-title.png HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Thu, 28 Mar 2024 05:58:06 GMT

membership.freefire.garenaw.vn/img/btn_history.c6c98836.png

103.195.237.150

200 OK

19 kB

URL GET HTTP/3
membership.freefire.garenaw.vn/img/btn_history.c6c98836.png
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
PNG image data, 242 x 46, 8-bit/color RGBA, non-interlaced
Size
19 kB (19334 bytes)
Hash
c6c98836a1f61eed9e1704a80fff3452
b1fb786d62d1d1e85031a82aed81819cd2ec6105
93edab30fde28fbcb7cae59fbadc3bc77b9f47c1625a17ecc2f499bbf1f5afc9

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/btn_history.c6c98836.png HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:06 GMT
content-type: image/png
last-modified: Fri, 13 Aug 2021 16:52:54 GMT
accept-ranges: bytes
content-length: 19334
date: Thu, 28 Mar 2024 05:58:06 GMT

zerossl.ocsp.sectigo.com/

104.18.38.233

727 B

URL
zerossl.ocsp.sectigo.com/
IP
104.18.38.233:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
727 B (727 bytes)
Hash
00bffbb7a6c15a0b6fc649f580f6642f
191b191cb9ea00b276d46faa8a08ff69bd6a6c07
c63f700e698b67234972e225ae47e5252dab8729faa64ad284f3fbe9edb70a36

HTTP Headers

POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 28 Mar 2024 05:58:07 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Mon, 25 Mar 2024 20:48:16 GMT
Expires: Mon, 01 Apr 2024 20:48:15 GMT
Etag: "191b191cb9ea00b276d46faa8a08ff69bd6a6c07"
Cache-Control: max-age=400036,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 86b562f63a500b61-OSL

membership.freefire.garenaw.vn/img/dob-title.b8c16371.png

103.195.237.150

200 OK

35 kB

URL GET HTTP/3
membership.freefire.garenaw.vn/img/dob-title.b8c16371.png
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
PNG image data, 394 x 54, 8-bit/color RGBA, non-interlaced
Size
35 kB (35229 bytes)
Hash
b8c163711def158bbffae4c9f9ae147e
ac4391dbe38aa12d485a64d62678ec60fd8f4010
a229865cad68073c0190603cf6b158fb90822271c33a9ab4634bd0020a46fd7c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/dob-title.b8c16371.png HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:06 GMT
content-type: image/png
last-modified: Fri, 13 Aug 2021 16:52:54 GMT
accept-ranges: bytes
content-length: 35229
date: Thu, 28 Mar 2024 05:58:06 GMT

membership.freefire.garenaw.vn/img/btn-bod-deactive.5810d0f4.png

103.195.237.150

200 OK

9.7 kB

URL GET HTTP/3
membership.freefire.garenaw.vn/img/btn-bod-deactive.5810d0f4.png
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
PNG image data, 152 x 46, 8-bit/color RGB, non-interlaced
Size
9.7 kB (9706 bytes)
Hash
5810d0f48cd4228f188de53b0b26a401
b55aae3f78329f78cee4eb01d578ee7a171e6fe5
466183461b2bcaa6068e573e538e4159243625a3fd6e59ec1b3b5e3dbbd3e542

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /img/btn-bod-deactive.5810d0f4.png HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:06 GMT
content-type: image/png
last-modified: Fri, 13 Aug 2021 16:52:54 GMT
accept-ranges: bytes
content-length: 9706
date: Thu, 28 Mar 2024 05:58:06 GMT

membership.freefire.garenaw.vn/images/dob-bg.png

103.195.237.150

200 OK

66 kB

URL GET HTTP/3
membership.freefire.garenaw.vn/images/dob-bg.png
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
PNG image data, 1079 x 852, 8-bit/color RGB, non-interlaced
Size
66 kB (65835 bytes)
Hash
ede8d79517267263b24f4629c5a20fcb
26776aaf21b2902e9088281e000a31be4a969c72
3ae09ef678cacb0fc6be8d17dc403c2b8049ffdb302e591189331ae71307b447

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /images/dob-bg.png HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/css/app.b1f17912.css
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:06 GMT
content-type: image/png
last-modified: Fri, 13 Aug 2021 16:52:54 GMT
accept-ranges: bytes
content-length: 65835
date: Thu, 28 Mar 2024 05:58:06 GMT

membership.freefire.garenaw.vn/images/spin-bg.png

103.195.237.150

200 OK

598 kB

URL GET HTTP/3
membership.freefire.garenaw.vn/images/spin-bg.png
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
PNG image data, 1080 x 1109, 8-bit/color RGB, non-interlaced
Size
598 kB (597541 bytes)
Hash
b83bae0d44a9310bbc30b8b3f59f64fd
b6d5446495bab1d7ec2ecf9dc1177cf89886f36c
78e2ca75fcafa1dd58eefb124e508648a756f1d3c7a83e42e5d46bf8df06c26c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /images/spin-bg.png HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/css/app.b1f17912.css
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:06 GMT
content-type: image/png
last-modified: Fri, 13 Aug 2021 16:52:54 GMT
accept-ranges: bytes
content-length: 597541
date: Thu, 28 Mar 2024 05:58:06 GMT

membership.freefire.garenaw.vn/images/red-bg-2.png

103.195.237.150

200 OK

39 kB

URL GET HTTP/3
membership.freefire.garenaw.vn/images/red-bg-2.png
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
PNG image data, 403 x 57, 8-bit/color RGBA, non-interlaced
Size
39 kB (39362 bytes)
Hash
9975ff17da66b0c03464a24c1eef1cc3
4be0849f8b0acd81859ad16a6f78728e5abc3631
54fff3ea08a8e931d301109e72a14b34d633fa9e1de77efd49ab5fc42a2eaebc

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /images/red-bg-2.png HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/css/app.b1f17912.css
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:06 GMT
content-type: image/png
last-modified: Fri, 13 Aug 2021 16:52:54 GMT
accept-ranges: bytes
content-length: 39362
date: Thu, 28 Mar 2024 05:58:06 GMT

membership.freefire.garenaw.vn/images/select-arr.png

103.195.237.150

200 OK

3.3 kB

URL GET HTTP/3
membership.freefire.garenaw.vn/images/select-arr.png
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
PNG image data, 30 x 23, 8-bit/color RGBA, non-interlaced
Size
3.3 kB (3333 bytes)
Hash
250baea960d1661d6109e84ad106f217
888228c160f53b6978683d5377f6892778046a06
668531f1515acd2c3e3503a7af0f9e6259ef91aef30c56f2485c0816c5648291

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /images/select-arr.png HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/css/app.b1f17912.css
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:06 GMT
content-type: image/png
last-modified: Fri, 13 Aug 2021 16:52:54 GMT
accept-ranges: bytes
content-length: 3333
date: Thu, 28 Mar 2024 05:58:06 GMT

membership.freefire.garenaw.vn/images/fb_ico.png

103.195.237.150

200 OK

14 kB

URL GET HTTP/3
membership.freefire.garenaw.vn/images/fb_ico.png
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
PNG image data, 117 x 117, 8-bit/color RGBA, non-interlaced
Size
14 kB (13498 bytes)
Hash
576aa2bf378815a2fd9e42ae6bc6e120
01f9850eb161d116a1a746918c50d16f1bffa668
4e0582cc334483c80c60f70233200a8c60999b4e9ac30beae05ab46eb49f80b1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /images/fb_ico.png HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:06 GMT
content-type: image/png
last-modified: Fri, 13 Aug 2021 16:52:54 GMT
accept-ranges: bytes
content-length: 13498
date: Thu, 28 Mar 2024 05:58:06 GMT

membership.freefire.garenaw.vn/images/yellow-bg.png

103.195.237.150

200 OK

7.5 kB

URL GET HTTP/3
membership.freefire.garenaw.vn/images/yellow-bg.png
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
PNG image data, 102 x 35, 8-bit/color RGB, non-interlaced
Size
7.5 kB (7521 bytes)
Hash
6bcd8e8f7a6d40eb79fec974ed9be56e
1d519eb77848275ce0c96349d7b4fda8a3d1f709
28e0bd6ab428b72bf9013b4423ce4fcc42bf4e894f37e1d5bb3f93ec729dbd5c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /images/yellow-bg.png HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/css/app.b1f17912.css
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:06 GMT
content-type: image/png
last-modified: Fri, 13 Aug 2021 16:52:54 GMT
accept-ranges: bytes
content-length: 7521
date: Thu, 28 Mar 2024 05:58:06 GMT

cdn.vn.garenanow.com/web/ff/ff_membership/item/Vip-Membership.jpg

45.119.240.104

200 OK

425 kB

URL GET HTTP/1.1
cdn.vn.garenanow.com/web/ff/ff_membership/item/Vip-Membership.jpg
IP
45.119.240.104:443
ASN
#131418 Vietnam Esports Development Joint Stock Company

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerZeroSSL
Subjectcdn.vn.garenanow.com
Fingerprint78:16:5C:BF:19:AE:5A:1E:8C:7E:94:48:D4:72:0A:B7:23:01:B2:12
ValiditySat, 09 Mar 2024 00:00:00 GMT - Fri, 07 Jun 2024 23:59:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1080x397, components 3
Size
425 kB (425312 bytes)
Hash
bea9fdacb877e6c636823faf682a221e
513a4e3f26a8a12f245e833101a6ab99b650049f
e71dfbb5eb4e822877c51d6b9a90610e19045f283ff0dacda0dc5c25ce91d372

HTTP Headers

GET /web/ff/ff_membership/item/Vip-Membership.jpg HTTP/1.1
Host: cdn.vn.garenanow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Mar 2024 05:58:07 GMT
Content-Type: image/jpeg
Content-Length: 425312
Connection: keep-alive
Last-Modified: Wed, 09 Jan 2019 08:55:01 GMT
ETag: "5c35b6e5-67d60"
X-Cache-Status: HIT
X-Handled-By: cdn-master
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

membership.freefire.garenaw.vn/css/chunk-ebcca810.fc5c29f8.css

103.195.237.150

200 OK

107 B

URL GET HTTP/3
membership.freefire.garenaw.vn/css/chunk-ebcca810.fc5c29f8.css
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
ASCII text, with no line terminators
Size
107 B (107 bytes)
Hash
a8187d8e21a3bb4d273f3485b6aba510
88210d3db5d964b2d8ed2c37f02bad6f4a810699
db3b82cac6603397423a91e5946fb452f8deab75f55eb23656917f0a1a2dfe83

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /css/chunk-ebcca810.fc5c29f8.css HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:08 GMT
content-type: text/css
last-modified: Sat, 30 Jul 2022 15:39:28 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 107
date: Thu, 28 Mar 2024 05:58:08 GMT

membership.freefire.garenaw.vn/js/chunk-10a81ae2.aad79b3d.js

103.195.237.150

200 OK

28 kB

URL GET HTTP/3
membership.freefire.garenaw.vn/js/chunk-10a81ae2.aad79b3d.js
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (2478)
Size
28 kB (27895 bytes)
Hash
2ac928c46d8787ab98a54f3f8b24aa25
fea6d948abe3017f21f0c7dcd95c563a64801a2f
253b122240afb4194196b937565d72fd65f8c5f92da687b3983f316d2da5d907

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/chunk-10a81ae2.aad79b3d.js HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:08 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 01:26:58 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 27895
date: Thu, 28 Mar 2024 05:58:08 GMT

membership.freefire.garenaw.vn/js/chunk-ebcca810.0be768b5.js

103.195.237.150

200 OK

12 kB

URL GET HTTP/3
membership.freefire.garenaw.vn/js/chunk-ebcca810.0be768b5.js
IP
103.195.237.150:443
ASN
#140827 AZ VIET NAM COMMUNICATIONS TECHNOLOGY COMPANY LIMITED

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerLet's Encrypt
Subjectmembership.freefire.garenaw.vn
Fingerprint60:E0:40:2D:97:5B:64:84:88:99:6F:B9:E9:57:F6:5C:36:30:98:C5
ValidityThu, 21 Mar 2024 13:28:07 GMT - Wed, 19 Jun 2024 13:28:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (36190)
Size
12 kB (12451 bytes)
Hash
a02a6bc96c2c7d18bbd04a3da9414840
39842b069c8005dfada33499a07f64b0a791b02f
6d73d037009ff7728d0a4b3ea108649f8404329b617bb4e51f9dd2556700c9a7

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET /js/chunk-ebcca810.0be768b5.js HTTP/1.1
Host: membership.freefire.garenaw.vn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Cookie: PHPSESSID=edf2d62feb9a00f77a01e75017b6df8d; COCAILON_BUG_NHE_BY_VANHIEN=QHgxaWqXey4C7mSAzvjP1ns9EVDb8U5lGN2owfdTFORL; session=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJyb2xlIjoiYWRtaW4iLCJleHAiOjE3MTE2MDU0ODR9.eAkRk3p1dqc8UAKiOMDhT6YhdFaz_ZvO4-vav0s-oDU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Thu, 04 Apr 2024 05:58:08 GMT
content-type: application/javascript
last-modified: Sat, 30 Jul 2022 15:37:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 12451
date: Thu, 28 Mar 2024 05:58:08 GMT

cdn.vn.garenanow.com/web/ff/fav.jpg

203.162.56.72

200 OK

10 kB

URL GET HTTP/1.1
cdn.vn.garenanow.com/web/ff/fav.jpg
IP
203.162.56.72:443
ASN
#7643 Vietnam Posts and Telecommunications VNPT

Requested by
https://membership.freefire.garenaw.vn/X9BOarZkuwFFI2JDq2WlyPoLfdbFZMeE53eNN27YW0h4XIJx1urZea7IVjP8GVgUKO9PSSxka95C7U8gJEB6QFClzgv8eFCywhJKATE2zUQDzBXc9znwVKSppiPA0NPeAKemW3T1s1tWMF3UVJ4Ue35mOjQtph5BI7uzBDRIlGSwIXfSQzXRovdCfU4LEZww0J97cNO0Vxy9EG3pMrPQQhs6HCjyc8w81GD.html
Certificate
IssuerZeroSSL
Subjectcdn.vn.garenanow.com
Fingerprint78:16:5C:BF:19:AE:5A:1E:8C:7E:94:48:D4:72:0A:B7:23:01:B2:12
ValiditySat, 09 Mar 2024 00:00:00 GMT - Fri, 07 Jun 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], progressive, precision 8, 200x200, components 3
Size
10 kB (10025 bytes)
Hash
78e23e9a864c3f5c9ca4049e7ccee8cb
0a635dcf9eade4c2d41f638c7c3a5bcc44dd9f14
d4b543fbd9ec68332b9d3af5f2253e02e7f262c41f87452fea20e4cbfc7e4a68

HTTP Headers

GET /web/ff/fav.jpg HTTP/1.1
Host: cdn.vn.garenanow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://membership.freefire.garenaw.vn/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 28 Mar 2024 05:58:09 GMT
Content-Type: image/jpeg
Content-Length: 10025
Connection: keep-alive
Last-Modified: Fri, 04 May 2018 07:18:36 GMT
ETag: "5aec094c-2729"
X-Cache-Status: HIT
X-Handled-By: cdn-master
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (28)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type