{"report_id":"c2b7ccd8-bb4f-4bcb-a1f7-8eace4a80e52","version":6,"status":"done","tags":[],"date":"2026-03-18T10:57:15Z","url":{"schema":"http","addr":"promociongarena.online","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":0,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"final":{"url":{"schema":"https","addr":"promociongarena.online/","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"title":"Garena's Blog","dom":{"size":224588,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (23104)","md5":"b0dd94ac0e07405f333f97661fa9e260","sha1":"f0fe4c015024e616dcf88b2b48843613a2338af2","sha256":"173026a8cff5bebf448c070a5c021b349808abd440e1aded4609eb35f3528e05","sha512":"6a66d806d990ce393dea84f831b41c0c05d624828991a4fa1f0f976850ccb2901c946e200e429716941d49642b450246fdf9b5963d4ab51f0cc2b783e4b02f6e","ssdeep":"6144:kDkIDhZEQdzHNnm5sEQdo+psHa+y7EF9/lllxJ:XOcxJ","tlshash":"cf24b30aa4a750792c27b1b897de626d7239f087cd2edd647ecd01048f923f86ce6b54","dom_hash":"domhash78b71be5b550787f1436fe43b42128a8","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"promociongarena.online","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":0,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-22T10:57:15Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":1}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-18T10:56:51Z","timestamp":1773831411,"ip_dst":{"addr":"104.26.12.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"ip_src":{"addr":"Client IP","port":37832,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI","source":"{\"timestamp\":\"2026-03-18T10:56:51.246321+0000\",\"flow_id\":1566492767516234,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.18\",\"src_port\":37832,\"dest_ip\":\"104.26.12.205\",\"dest_port\":443,\"proto\":\"TCP\",\"tx_id\":0,\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2047703,\"rev\":1,\"signature\":\"ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"affected_product\":[\"Any\"],\"attack_target\":[\"Client_and_Server\"],\"confidence\":[\"High\"],\"created_at\":[\"2023_08_22\"],\"deployment\":[\"Perimeter\"],\"performance_impact\":[\"Low\"],\"reviewed_at\":[\"2023_08_22\"],\"signature_severity\":[\"Informational\"],\"tag\":[\"External_IP_Lookup\"],\"updated_at\":[\"2023_08_22\"]}},\"tls\":{\"sni\":\"api.ipify.org\",\"version\":\"TLS 1.3\",\"ja3\":{\"hash\":\"650c82854aed91a22996035b295a0c3e\",\"string\":\"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49171-49172-156-157-47-53,0-23-65281-10-11-16-5-34-51-43-13-28-21,29-23-24-25-256-257,0\"},\"ja3s\":{\"hash\":\"eb1d94daa7e0344597e756a1fb6e7054\",\"string\":\"771,4865,51-43\"}},\"app_proto\":\"tls\",\"flow\":{\"pkts_toserver\":4,\"pkts_toclient\":5,\"bytes_toserver\":789,\"bytes_toclient\":3435,\"start\":\"2026-03-18T10:56:51.226890+0000\"}}"}],"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"promociongarena.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null},"summary":[{"fqdn":"tracking.utmify.com.br","ip":{"addr":"104.26.10.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2023-11-07","domain_rank":1674326,"first_seen":"2024-08-31T10:04:06Z","last_seen":"2026-03-13T22:02:24.246071Z","alert_count":0,"request_count":4,"received_data":5368,"sent_data":2170,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"promociongarena.online","ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"domain_registered":"2026-03-09","domain_rank":0,"first_seen":"2026-03-18T10:57:17.277136Z","last_seen":"2026-03-18T10:57:17.277137Z","alert_count":10,"request_count":10,"received_data":2897162,"sent_data":4572,"comment":"","tags":null,"fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}]},{"fqdn":"api.ipify.org","ip":{"addr":"104.26.12.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":8166,"first_seen":"2014-10-06T12:38:43Z","last_seen":"2026-03-16T11:13:37.707576Z","alert_count":0,"request_count":1,"received_data":269,"sent_data":457,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"api6.ipify.org","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2014-01-05","domain_rank":226847,"first_seen":"2019-05-13T11:53:14Z","last_seen":"2026-03-13T21:43:52.137582Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":458,"comment":"","tags":null,"fingerprints":null},{"fqdn":"app.promogarenas.online","ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"domain_registered":"2026-03-03","domain_rank":0,"first_seen":"2026-03-18T10:57:17.278778Z","last_seen":"2026-03-18T10:57:17.278778Z","alert_count":0,"request_count":1,"received_data":682,"sent_data":556,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"promociongarena.online/assets/utms.js","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":false,"md5":"403c6289c489b7b92122ba85137f9f38","sha1":"30c1de7cc8f66406350bc5732088cada1b96fb2a","sha256":"f519ddaf3cae8f8960a20c5db243244d6fee24d853f87a1ad449bc291badea84","sha512":"b625a762c48038cb0299adae77075f993ba1b57d818e9b0772e2874a620fdc0894576a89318b59d99e95eed3c090474097d5e34f11c25378a86aceb5f19310cb","ssdeep":"384:HxLnHlQ9sUVqEal0wAbqKkDDcOXBKZPKTz:RTlQ9Lw0wYqKUwOxKZyv","tlshash":"29e24e93a6944ca9057382b59b63c170f52dab1b62848703397c8d481f37b6663f2f9f","size":33504,"data":"","first_seen":"2026-03-18T10:57:22.566851Z","last_seen":"2026-03-18T10:57:22.566851Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":true,"md5":"557b130ed92f9e5fbaf9524df639d725","sha1":"6df2bb81fed0603ab98ad041b747552ddc421a1b","sha256":"9014f860a97f7d4743c3a26a08001716e2fb8b37d63d53300b8ca65d930ab776","sha512":"5fb68ad8b7e910ebb3ac1f7f94f9d84e16454fd13b47159b158070c8699fbbed658f83a7ce505ed412d2afb303ef332a47ce4cf320fa61e01b28a6bc5c004b7c","ssdeep":"","tlshash":"46d06c61e018fc0715e860a4bf22a609506a12ba402082023cab53ed5f2e55fceee6c3","size":235,"data":"","first_seen":"2026-03-18T10:57:22.571516Z","last_seen":"2026-03-18T10:57:22.571516Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":true,"md5":"a01dec5ae33e65189a037b88284cfe78","sha1":"f2d6dcdf331dbd594a59a0fcebba34aba7896d7e","sha256":"4ab78de9b5dbc8a952b346dcd15603aa736a1e3131ff5b721bafe2f9bb917698","sha512":"29db6d7373dc00db1082fd3c0ea9f8194e8efca0b4c43c8be9182001d13eb32ff7ea23fc7aa4fec8d3bd95092839568cfe4630b69e7a1d2945075e9a11d83ecb","ssdeep":"","tlshash":"4521571252b322a63d4bb0bd5fbae84d763a400b98096454788ea18c6f74b2509f37cc","size":1387,"data":"","first_seen":"2026-02-13T01:02:38.922696Z","last_seen":"2026-03-18T10:57:22.572529Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":true,"md5":"88a494a195110b3c91da65742cf5daa4","sha1":"26b69be8b46b5e0b50e51aee36a44624bd3ec747","sha256":"331ec7377fe7b93f877e7cf7d6c7084d230c5b4f69215b44f74366ce0454c3c8","sha512":"ef8d2318b1ea2193fc8ca08d7b82807b07c470323d6783378af599c5560a510f74184eda8e21552e18e07c2914406c85e04bedf513ba6ef0709bc42d7cc44215","ssdeep":"48:EENuYzd6QPPfFy1tnn0H3PQS679uQwApm5psd6M72rqJ7VvVEL0lpBeh98ygJYKj:XNoQvu179NB4M6WJ7oKvtaKrdcDx6","tlshash":"43a1221dabfb1669a45221a68fdb700592a090271907dc5db90de3c48fe6838066dff8","size":4635,"data":"","first_seen":"2026-03-18T10:57:22.573975Z","last_seen":"2026-03-18T10:57:22.573975Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/assets/index-pUMqBSix.js","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":false,"md5":"443264ef7f95337fa6d2e81b18def83f","sha1":"25ead91cd900be4d01a218ee7f62d3b1241236c3","sha256":"33e6dd357913c5e96ea3cfdb351adc28d8c2ed52d4fc37d8bcc5130f63b7f2ae","sha512":"b02bac8a5c4a7ffe0754aa33c9c4b284700bc802fbf21f69eaaaa7dd4aece753c3844e48830167f8c0df7f6b32c2e1173a7edbb34686a5ae00cf63a7e57055ac","ssdeep":"12288:l+M3LSFIbe0QKFPkZLjGO3khPMaAxLUJ5OtBSq:4QSFIbe0QKFPkZLjGO3khPMaAxLUJ5Op","tlshash":"1c45914aa6f724315223b0394f2fd4097626980f1e59fd183a9c82645f4c52ea7f6fec","size":1229125,"data":"","first_seen":"2026-03-18T10:57:22.575217Z","last_seen":"2026-03-18T10:57:22.575217Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":true,"md5":"79bbb9a694ee54546ecdaf617164afa7","sha1":"4a7c8c50b409b3158adf09364601938fc2213851","sha256":"40f1557dc7356b9037710b65979375c10b4db27b6922bdf5fee01da4df515ca2","sha512":"5cf2689b88680a70b1c0cb5f5f8f23981ca512701642a8a8601dc852cbb1610337b852f7bce4847b75b08ddea6f1a974a801fb04c52df943f362e5b9a52a47a4","ssdeep":"","tlshash":"3cf0811e9c510ab0bf7b86796e7da5001cf4e0131015c501344eb18c3f8401c33399d9","size":540,"data":"","first_seen":"2026-03-18T10:57:22.576207Z","last_seen":"2026-03-18T10:57:22.576207Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":true,"md5":"833eabbf108b16ebd77ee1ab257b8b92","sha1":"dd6eeb56d969e0f9616e0da1e3866a962d2be64e","sha256":"350c50d5370bb9659c3b9e0b42e9eb3939becab5d13ca6ebe49e631ee6b15e99","sha512":"f5929a3ad6e0e4d94781e2a2c8a10fceae2955d1ffb5564bd99e986c1459b06e4f505be560384a2551a9d1c08cc7dc34c517b5771f2e1b245294b32021583f0a","ssdeep":"","tlshash":"5ec0806f6b6105300cfb75a9065f6345347300d30484d4097d5cc5505f14f6e405bbc9","size":164,"data":"","first_seen":"2026-03-18T10:57:22.577146Z","last_seen":"2026-03-18T10:57:22.577146Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/assets/flock.js","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":false,"md5":"e4564a6ed800246fa3bba979b421de73","sha1":"610b9b7da633f6c8b5df41b27e356822f659fddf","sha256":"34b344c7670011914a0e8e6016a9bd6143abc28517eb3b909a1f14518ad33240","sha512":"04c84455054e85e74476ed78dc69c2b59429efced130766f69b68944a70a0343d1b6a5d39ff8f89bcc5a838b078784ab45340a4f70b21f52bd29cff8b9b8b1ea","ssdeep":"768:Cd6d8gVjuQnVgK7HVP8GRs4le/3a/I0fik4LuMNo:Cd6d8gg+1ftleNo","tlshash":"03f2ff27d6520c2772b792622e0aa78af626e72f51c14e473d3c1e4c4f73d60a371e99","size":37378,"data":"","first_seen":"2026-03-18T10:57:22.561833Z","last_seen":"2026-03-18T10:57:22.561833Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/assets/pixel.js","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"introduction_type":"scriptElement","is_inline":false,"md5":"9364a2a2b20323865fbcb0102e76c923","sha1":"0b60a8a019b83b24e561305298c5a6761620bf76","sha256":"86603d220f5da211e0d50adc7db864e168aff7ede1ceb284719e128e2412c1e7","sha512":"e45ac8bfbb0c49edbb5dfc6f43ce4e7a9b59e3bd7460cde85f7db6f4f86fff1f1954126e575a867809494054f7670678b4c687720c20ce4af3e6f5807b6a8931","ssdeep":"1536:QeVO7V2RAcBEVOZV232cqvjrto+2paeV2UNsR8kW4iV2GOdVOhV2p:3aHFI3FvjCL9OgA","tlshash":"13931147e6846c650273e37acb278070f9296b2f12594a037e7d89590f3372563b1fae","size":91014,"data":"","first_seen":"2026-03-18T10:57:22.569449Z","last_seen":"2026-03-18T10:57:22.569449Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"tracking.utmify.com.br/tracking/v1/events","fqdn":"tracking.utmify.com.br","domain":"utmify.com.br","tld":"com.br"},"ip":{"addr":"104.26.10.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:51.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"utmify.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 06:48:55 GMT","end":"Tue, 02 Jun 2026 07:48:45 GMT"},"fingerprint":{"sha1":"F8:30:69:9D:8C:D1:D7:C9:68:98:97:88:32:3A:35:87:4C:D1:22:3E","sha256":"74:13:AD:B5:2D:EB:6F:7A:30:17:34:1B:79:03:D5:94:2C:C0:0C:EA:C7:B0:61:84:27:72:77:CB:D4:4F:87:DC"}}},"request":{"raw":"POST /tracking/v1/events HTTP/1.1\r\nHost: tracking.utmify.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://promociongarena.online/\r\nContent-Type: application/json\r\nContent-Length: 379\r\nOrigin: https://promociongarena.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":379,"data":"{\"type\":\"PageView\",\"lead\":{\"pixelId\":\"\",\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"ip\":\"91.90.42.154\",\"parameters\":\"\",\"icTextMatch\":null,\"icCSSMatch\":null,\"icURLMatch\":null,\"leadTextMatch\":null,\"addToCartTextMatch\":null},\"event\":{\"sourceUrl\":\"https://promociongarena.online\",\"pageTitle\":\"Garena's Blog\"},\"tikTokPageInfo\":null}"}},"response":{"raw":"HTTP/2 400 Bad Request\r\ndate: Wed, 18 Mar 2026 10:56:51 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 29\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\netag: W/\"1d-gdTZfwuBWxq/u4GoxroS/dywjI4\"\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=ZAq0Sw1dJQW4os81WyzaF6gD1PntD6DL6U4WcGf0yZDupykfPxG9WrUlGAS56cep0w2%2BhGmVqVHFqQcXhkdW4ZuWDf2sL%2BNVPiufgZZ8Gr5TSZYibQ%3D%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9de3b6935a8eadee-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":29,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d4e15012bc96b38ec319b70ac34fda7e","sha1":"81d4d97f0b815b1abfbb81a8c6ba12fddcb08c8e","sha256":"c65d6d92273e3717b0bcf4c7650ddebc66ad6f7c1dd1de051cebf5560f86720a","sha512":"f9acb7344063e40b6843429fb139622fb056ad40b49b5b1ecec2235cfba127d91b52e827449fbac4dcea556dac1b99387144a5448b5cb5706d8ecfa180097080","ssdeep":"","tlshash":"6080041544015051145000f53741444101f0055c5110045431004700d055cc1147c440","first_seen":"2025-09-15T21:23:39.876679Z","last_seen":"2026-05-09T14:31:45.355713Z","times_seen":22,"resource_available":false,"data":null}},"time_used":177,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":177,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-18T10:56:50.391Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"promociongarena.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Mar 2026 18:30:39 GMT","end":"Sun, 07 Jun 2026 18:30:38 GMT"},"fingerprint":{"sha1":"06:CA:78:CA:9C:61:A5:DE:27:C0:A5:8C:7C:23:B1:8B:51:60:37:BE","sha256":"93:88:54:12:70:FD:AA:41:FA:92:A3:8B:27:AB:B6:FC:E9:EB:A1:9B:2E:29:6C:87:78:CE:29:8E:C4:CB:2A:D4"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: promociongarena.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/html\r\nlast-modified: Tue, 10 Mar 2026 00:19:56 GMT\r\netag: \"d890a-69af63ac-1c71d5292d66ebe6;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 496846\r\ndate: Wed, 18 Mar 2026 10:56:50 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\nretry-after: 60\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":887050,"size_decoded":0,"mime_type":"text/html","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22931), with CRLF line terminators","md5":"3c85e5d6de75e2518c378fd229c8e05e","sha1":"31162090360dfd2b1d7de37107d37419a788a89f","sha256":"3d946e607b8cece7cc14f76b81ac7dad0f5423299f03716d95ffd47339d3b1b4","sha512":"49870f15181c06495114b5d51577da126e3da0322026358f3474d74cc50dabc87151a8d60e0e614ee1afe1910245c920450e4b055132fdcd97c4f0a284950189","ssdeep":"24576:9d9czWvczWDnJMFNTvuMuMLtfeP1zktg4O:9dtCFd5LpM","tlshash":"dc159d2a580c66ae3d33aabdcb97243efd1620dfd51481cf7dce61e58fb21a04859d60","first_seen":"2026-03-18T10:57:22.560779Z","last_seen":"2026-03-18T10:57:22.560779Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1380,"timings":{"blocked":376,"dns":157,"connect":102,"send":0,"wait":106,"receive":521,"ssl":113},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"promociongarena.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/assets/flock.js","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:51.035Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"promociongarena.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Mar 2026 18:30:39 GMT","end":"Sun, 07 Jun 2026 18:30:38 GMT"},"fingerprint":{"sha1":"06:CA:78:CA:9C:61:A5:DE:27:C0:A5:8C:7C:23:B1:8B:51:60:37:BE","sha256":"93:88:54:12:70:FD:AA:41:FA:92:A3:8B:27:AB:B6:FC:E9:EB:A1:9B:2E:29:6C:87:78:CE:29:8E:C4:CB:2A:D4"}}},"request":{"raw":"GET /assets/flock.js HTTP/1.1\r\nHost: promociongarena.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promociongarena.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 25 Mar 2026 10:56:51 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Tue, 10 Mar 2026 00:19:56 GMT\r\netag: \"9202-69af63ac-b27b69ff4c4da6fc;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 9316\r\ndate: Wed, 18 Mar 2026 10:56:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":37378,"size_decoded":0,"mime_type":"application/x-javascript","magic":"ASCII text, with CRLF line terminators","md5":"e4564a6ed800246fa3bba979b421de73","sha1":"610b9b7da633f6c8b5df41b27e356822f659fddf","sha256":"34b344c7670011914a0e8e6016a9bd6143abc28517eb3b909a1f14518ad33240","sha512":"04c84455054e85e74476ed78dc69c2b59429efced130766f69b68944a70a0343d1b6a5d39ff8f89bcc5a838b078784ab45340a4f70b21f52bd29cff8b9b8b1ea","ssdeep":"768:Cd6d8gVjuQnVgK7HVP8GRs4le/3a/I0fik4LuMNo:Cd6d8gg+1ftleNo","tlshash":"03f2ff27d6520c2772b792622e0aa78af626e72f51c14e473d3c1e4c4f73d60a371e99","first_seen":"2026-03-18T10:57:22.561833Z","last_seen":"2026-03-18T10:57:22.561833Z","times_seen":1,"resource_available":true,"data":null}},"time_used":398,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":397,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"promociongarena.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tracking.utmify.com.br/tracking/v1/events","fqdn":"tracking.utmify.com.br","domain":"utmify.com.br","tld":"com.br"},"ip":{"addr":"104.26.10.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:51.490Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"utmify.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 06:48:55 GMT","end":"Tue, 02 Jun 2026 07:48:45 GMT"},"fingerprint":{"sha1":"F8:30:69:9D:8C:D1:D7:C9:68:98:97:88:32:3A:35:87:4C:D1:22:3E","sha256":"74:13:AD:B5:2D:EB:6F:7A:30:17:34:1B:79:03:D5:94:2C:C0:0C:EA:C7:B0:61:84:27:72:77:CB:D4:4F:87:DC"}}},"request":{"raw":"OPTIONS /tracking/v1/events HTTP/1.1\r\nHost: tracking.utmify.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://promociongarena.online/\r\nOrigin: https://promociongarena.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Wed, 18 Mar 2026 10:56:51 GMT\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\nvary: Access-Control-Request-Headers\r\naccess-control-allow-headers: content-type\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=a6wQEcrpUUbDJ%2FLzOKdM71WTR81CCm4IgL0ddiFfgTKbyI3tK1YFzzq9NL4vxTEMVy7Fu1YjKjYYgAZ1a3ZzfXhwwDIjGndvbMjZ%2BADPAc6wwZzmoQ%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9de3b6923fafadee-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"resource_available":true,"data":null}},"time_used":293,"timings":{"blocked":51,"dns":15,"connect":10,"send":0,"wait":184,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/assets/freefire-logo-new-BWycHUJQ.png","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:51.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"promociongarena.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Mar 2026 18:30:39 GMT","end":"Sun, 07 Jun 2026 18:30:38 GMT"},"fingerprint":{"sha1":"06:CA:78:CA:9C:61:A5:DE:27:C0:A5:8C:7C:23:B1:8B:51:60:37:BE","sha256":"93:88:54:12:70:FD:AA:41:FA:92:A3:8B:27:AB:B6:FC:E9:EB:A1:9B:2E:29:6C:87:78:CE:29:8E:C4:CB:2A:D4"}}},"request":{"raw":"GET /assets/freefire-logo-new-BWycHUJQ.png HTTP/1.1\r\nHost: promociongarena.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promociongarena.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 25 Mar 2026 10:56:51 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 10 Mar 2026 00:19:56 GMT\r\netag: \"5b86a-69af63ac-af010ca66b219d88;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 374890\r\ndate: Wed, 18 Mar 2026 10:56:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":374890,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1920 x 479, 8-bit/color RGBA, non-interlaced","md5":"2f066079eae07194a6f3226cca3ee883","sha1":"219ce1168e539c45d0141f8953fb8138acc02892","sha256":"0c65983da9ee21cdba72fda7989595accfdfca9326dab5a6790e1496a662f241","sha512":"fbd14d25b4d83837d3a8ae39c6a01d2bc91f0b01d6a51b8ad2aad85401158a9da1c7f359ee7504d1c9134917c258634355a2eb8b7accbae33e34f8d2e7fad275","ssdeep":"6144:+Rbjv4j99ampoC1guGjjoH59co2sGbikwi/oMTcC2cgVmuWPLrGTHW:gfgj/aPtTjsHWbf/oRcgVm7z6HW","tlshash":"4f8423dbe43ded17c192979261fa1e7b45625a7903cec4a6c8c003fd4ec6c4cad90daa","first_seen":"2026-03-18T10:57:22.563662Z","last_seen":"2026-03-18T10:57:22.563662Z","times_seen":1,"resource_available":false,"data":null}},"time_used":301,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":104,"receive":197,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"promociongarena.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/assets/q2-CM_6vL28.jpg","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:51.911Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"promociongarena.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Mar 2026 18:30:39 GMT","end":"Sun, 07 Jun 2026 18:30:38 GMT"},"fingerprint":{"sha1":"06:CA:78:CA:9C:61:A5:DE:27:C0:A5:8C:7C:23:B1:8B:51:60:37:BE","sha256":"93:88:54:12:70:FD:AA:41:FA:92:A3:8B:27:AB:B6:FC:E9:EB:A1:9B:2E:29:6C:87:78:CE:29:8E:C4:CB:2A:D4"}}},"request":{"raw":"GET /assets/q2-CM_6vL28.jpg HTTP/1.1\r\nHost: promociongarena.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promociongarena.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 25 Mar 2026 10:56:51 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 10 Mar 2026 00:19:56 GMT\r\netag: \"f25f-69af63ac-99b34c0395f906c2;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 62047\r\ndate: Wed, 18 Mar 2026 10:56:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":62047,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x512, components 3","md5":"585ee389f0ed811309560f045c93c62a","sha1":"a1bc8f2b0c54c14e13d3fc023e8728ff83776a76","sha256":"31f3337009a54f8897d50a28f7b362ac03a8fa3b3ccbad523d48c54b5f4c9b11","sha512":"2f7e58f7a8650a7fa82a13368850032776b7ba9a7308e8e4908a72e79bd748abb2a1cb9fe4ae3c5d9de4a32dc7851bfa024f1ce25a95ab298e9dfe6cc43c0b38","ssdeep":"1536:hzFr1qVqmzOwzPi+1qRilXZz7fhiR99DUwhuRavevKUief+UIydhbT:qPpiWqRiVZz7Zi/dqseWUNdhbT","tlshash":"255302571b536f329bd49fe85c49bc8428b727851fb1fc7a6122418e22209f2f914b38","first_seen":"2026-03-18T10:57:22.564796Z","last_seen":"2026-03-18T10:57:22.564796Z","times_seen":1,"resource_available":false,"data":null}},"time_used":170,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":153,"receive":17,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"promociongarena.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/assets/q3-Cb4k91U-.jpg","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:51.913Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"promociongarena.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Mar 2026 18:30:39 GMT","end":"Sun, 07 Jun 2026 18:30:38 GMT"},"fingerprint":{"sha1":"06:CA:78:CA:9C:61:A5:DE:27:C0:A5:8C:7C:23:B1:8B:51:60:37:BE","sha256":"93:88:54:12:70:FD:AA:41:FA:92:A3:8B:27:AB:B6:FC:E9:EB:A1:9B:2E:29:6C:87:78:CE:29:8E:C4:CB:2A:D4"}}},"request":{"raw":"GET /assets/q3-Cb4k91U-.jpg HTTP/1.1\r\nHost: promociongarena.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promociongarena.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 25 Mar 2026 10:56:51 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 10 Mar 2026 00:19:56 GMT\r\netag: \"1aafc-69af63ac-6eac797c05beaa05;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 109308\r\ndate: Wed, 18 Mar 2026 10:56:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]},{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]}],"data":{"size":109308,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x512, components 3","md5":"25f9632d5906c1c862a792eb273e49f2","sha1":"bf691e3166c7419d759b4d7e7d34a8a34d686c0d","sha256":"d4104451090f959ab7753f0bbdea84a5406f935d4845aaac74df04bcddb282c1","sha512":"803c1630066b7dde5deccc67c4026eab6da4e0677c717eb81e42f70ce22a354cbd440625cab2a75ea3f8d7ca2d63f31ebc9fe908ef5f3ffda20188ad00fae7a5","ssdeep":"3072:lsFbj1ytiS3Rm2JztAXltwPOMR3l/fir+Xo8u:lsFtyM+AiztrPR3BPXJu","tlshash":"ffb3120f4f40eb005b47ba1881977e766282ea3f6576197e4633730a0cb3c71e6959be","first_seen":"2026-03-18T10:57:22.565882Z","last_seen":"2026-03-18T10:57:22.565882Z","times_seen":1,"resource_available":false,"data":null}},"time_used":290,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":120,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"promociongarena.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"tracking.utmify.com.br/tracking/v1/events","fqdn":"tracking.utmify.com.br","domain":"utmify.com.br","tld":"com.br"},"ip":{"addr":"104.26.10.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:59.430Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"utmify.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 06:48:55 GMT","end":"Tue, 02 Jun 2026 07:48:45 GMT"},"fingerprint":{"sha1":"F8:30:69:9D:8C:D1:D7:C9:68:98:97:88:32:3A:35:87:4C:D1:22:3E","sha256":"74:13:AD:B5:2D:EB:6F:7A:30:17:34:1B:79:03:D5:94:2C:C0:0C:EA:C7:B0:61:84:27:72:77:CB:D4:4F:87:DC"}}},"request":{"raw":"OPTIONS /tracking/v1/events HTTP/1.1\r\nHost: tracking.utmify.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://promociongarena.online/\r\nOrigin: https://promociongarena.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 204 No Content\r\ndate: Wed, 18 Mar 2026 10:56:59 GMT\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE\r\nvary: Access-Control-Request-Headers\r\naccess-control-allow-headers: content-type\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lrCGLDjZy2r7tJJ2Owu9F7Lpl1o0jncJJrJNnArmJhv%2BtmSonHdUEWF21MwS6xwkhCNpPs1QOwt%2Byfvi2q35LEs5lP4Q4wBli8M%2BmRg4GJcuXDkAKA%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\ncf-ray: 9de3b6c37d46adee-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"resource_available":true,"data":null}},"time_used":171,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":170,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"tracking.utmify.com.br/tracking/v1/events","fqdn":"tracking.utmify.com.br","domain":"utmify.com.br","tld":"com.br"},"ip":{"addr":"104.26.10.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:59.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"utmify.com.br","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Wed, 04 Mar 2026 06:48:55 GMT","end":"Tue, 02 Jun 2026 07:48:45 GMT"},"fingerprint":{"sha1":"F8:30:69:9D:8C:D1:D7:C9:68:98:97:88:32:3A:35:87:4C:D1:22:3E","sha256":"74:13:AD:B5:2D:EB:6F:7A:30:17:34:1B:79:03:D5:94:2C:C0:0C:EA:C7:B0:61:84:27:72:77:CB:D4:4F:87:DC"}}},"request":{"raw":"POST /tracking/v1/events HTTP/1.1\r\nHost: tracking.utmify.com.br\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://promociongarena.online/\r\nContent-Type: application/json\r\nContent-Length: 382\r\nOrigin: https://promociongarena.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":382,"data":"{\"type\":\"ViewContent\",\"lead\":{\"pixelId\":\"\",\"userAgent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\",\"ip\":\"91.90.42.154\",\"parameters\":\"\",\"icTextMatch\":null,\"icCSSMatch\":null,\"icURLMatch\":null,\"leadTextMatch\":null,\"addToCartTextMatch\":null},\"event\":{\"sourceUrl\":\"https://promociongarena.online\",\"pageTitle\":\"Garena's Blog\"},\"tikTokPageInfo\":null}"}},"response":{"raw":"HTTP/2 400 Bad Request\r\ndate: Wed, 18 Mar 2026 10:56:59 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-length: 29\r\ncontent-security-policy: default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests\r\ncross-origin-opener-policy: same-origin\r\ncross-origin-resource-policy: same-origin\r\norigin-agent-cluster: ?1\r\nreferrer-policy: no-referrer\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nx-content-type-options: nosniff\r\nx-dns-prefetch-control: off\r\nx-download-options: noopen\r\nx-frame-options: SAMEORIGIN\r\nx-permitted-cross-domain-policies: none\r\nx-xss-protection: 0\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\netag: W/\"1d-gdTZfwuBWxq/u4GoxroS/dywjI4\"\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=MJs4pJET8STHm6feMpzd48PwhpE4qLMq7R9YPV1bAp7EuzbNg972aqslU4oaPNLlQcODQtJzlZVFEcGHc6QgGL%2BagaQncYPCbtiUtp4V6XetIGBZ%2BA%3D%3D\"}]}\r\nserver: cloudflare\r\ncf-ray: 9de3b6c48fd4adee-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"400","status_text":"Bad Request","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":29,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"d4e15012bc96b38ec319b70ac34fda7e","sha1":"81d4d97f0b815b1abfbb81a8c6ba12fddcb08c8e","sha256":"c65d6d92273e3717b0bcf4c7650ddebc66ad6f7c1dd1de051cebf5560f86720a","sha512":"f9acb7344063e40b6843429fb139622fb056ad40b49b5b1ecec2235cfba127d91b52e827449fbac4dcea556dac1b99387144a5448b5cb5706d8ecfa180097080","ssdeep":"","tlshash":"6080041544015051145000f53741444101f0055c5110045431004700d055cc1147c440","first_seen":"2025-09-15T21:23:39.876679Z","last_seen":"2026-05-09T14:31:45.355713Z","times_seen":22,"resource_available":false,"data":null}},"time_used":179,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":179,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/assets/utms.js","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:51.031Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"promociongarena.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Mar 2026 18:30:39 GMT","end":"Sun, 07 Jun 2026 18:30:38 GMT"},"fingerprint":{"sha1":"06:CA:78:CA:9C:61:A5:DE:27:C0:A5:8C:7C:23:B1:8B:51:60:37:BE","sha256":"93:88:54:12:70:FD:AA:41:FA:92:A3:8B:27:AB:B6:FC:E9:EB:A1:9B:2E:29:6C:87:78:CE:29:8E:C4:CB:2A:D4"}}},"request":{"raw":"GET /assets/utms.js HTTP/1.1\r\nHost: promociongarena.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promociongarena.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 25 Mar 2026 10:56:51 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Tue, 10 Mar 2026 00:19:56 GMT\r\netag: \"82e0-69af63ac-bcba616c32bbb6c4;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 6656\r\ndate: Wed, 18 Mar 2026 10:56:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\nalt-svc: h3=\":443\"; ma=2592000, h3-29=\":443\"; ma=2592000, h3-Q050=\":443\"; ma=2592000, h3-Q046=\":443\"; ma=2592000, h3-Q043=\":443\"; ma=2592000, quic=\":443\"; ma=2592000; v=\"43,46\"\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":33504,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"403c6289c489b7b92122ba85137f9f38","sha1":"30c1de7cc8f66406350bc5732088cada1b96fb2a","sha256":"f519ddaf3cae8f8960a20c5db243244d6fee24d853f87a1ad449bc291badea84","sha512":"b625a762c48038cb0299adae77075f993ba1b57d818e9b0772e2874a620fdc0894576a89318b59d99e95eed3c090474097d5e34f11c25378a86aceb5f19310cb","ssdeep":"384:HxLnHlQ9sUVqEal0wAbqKkDDcOXBKZPKTz:RTlQ9Lw0wYqKUwOxKZyv","tlshash":"29e24e93a6944ca9057382b59b63c170f52dab1b62848703397c8d481f37b6663f2f9f","first_seen":"2026-03-18T10:57:22.566851Z","last_seen":"2026-03-18T10:57:22.566851Z","times_seen":1,"resource_available":true,"data":null}},"time_used":103,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":102,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"promociongarena.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"api.ipify.org/?format=json","fqdn":"api.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"104.26.12.205","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:51.216Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ipify.org","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Sun, 01 Mar 2026 16:45:18 GMT","end":"Sat, 30 May 2026 17:45:14 GMT"},"fingerprint":{"sha1":"EF:8D:ED:C7:B3:46:8A:91:47:71:92:F2:D9:B0:67:EA:C1:FC:5B:89","sha256":"01:CA:DB:EB:79:61:2D:B3:FE:2B:09:FE:44:84:EA:5B:6E:C1:3B:81:A1:0F:8C:9F:DE:2E:16:1E:59:45:06:D9"}}},"request":{"raw":"GET /?format=json HTTP/1.1\r\nHost: api.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://promociongarena.online/\r\nOrigin: https://promociongarena.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 10:56:51 GMT\r\ncontent-type: application/json\r\ncontent-length: 21\r\nserver: cloudflare\r\naccess-control-allow-origin: *\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\ncf-ray: 9de3b6906ac9fb58-ARN\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":21,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"7d69c71af0f191e9a72db6153f8018d1","sha1":"f67c5f2887bc05654b47f76e9621e53a4091aed1","sha256":"5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65","sha512":"fdf43a8f3d843fe9008949d6709c8e2a5cd640f6101522319745f0a829f21dc8f4bd4d70ff3e2f6e1fd53ca0d2dd872bf3588c593a403071102ab28763cbdba5","ssdeep":"","tlshash":"b8700022000000208c80800eca0a032223a0000ac20a00088e800b2288a0b380282032","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-05-15T15:23:05.353049Z","times_seen":90188,"resource_available":true,"data":null}},"time_used":202,"timings":{"blocked":45,"dns":12,"connect":8,"send":0,"wait":109,"receive":1,"ssl":24},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api6.ipify.org/?format=json","fqdn":"api6.ipify.org","domain":"ipify.org","tld":"org"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:51.218Z","timestamp":0,"http_version":"","security_state":"insecure","security_info":null,"request":{"raw":"GET /?format=json HTTP/1.1\r\nHost: api6.ipify.org\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://promociongarena.online/\r\nOrigin: https://promociongarena.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/assets/freefire-logo-new-BWycHUJQ.png","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:51.876Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"promociongarena.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Mar 2026 18:30:39 GMT","end":"Sun, 07 Jun 2026 18:30:38 GMT"},"fingerprint":{"sha1":"06:CA:78:CA:9C:61:A5:DE:27:C0:A5:8C:7C:23:B1:8B:51:60:37:BE","sha256":"93:88:54:12:70:FD:AA:41:FA:92:A3:8B:27:AB:B6:FC:E9:EB:A1:9B:2E:29:6C:87:78:CE:29:8E:C4:CB:2A:D4"}}},"request":{"raw":"GET /assets/freefire-logo-new-BWycHUJQ.png HTTP/1.1\r\nHost: promociongarena.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promociongarena.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"promociongarena.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/assets/q1-xs2wBzmH.jpg","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:51.909Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"promociongarena.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Mar 2026 18:30:39 GMT","end":"Sun, 07 Jun 2026 18:30:38 GMT"},"fingerprint":{"sha1":"06:CA:78:CA:9C:61:A5:DE:27:C0:A5:8C:7C:23:B1:8B:51:60:37:BE","sha256":"93:88:54:12:70:FD:AA:41:FA:92:A3:8B:27:AB:B6:FC:E9:EB:A1:9B:2E:29:6C:87:78:CE:29:8E:C4:CB:2A:D4"}}},"request":{"raw":"GET /assets/q1-xs2wBzmH.jpg HTTP/1.1\r\nHost: promociongarena.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promociongarena.online/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 25 Mar 2026 10:56:51 GMT\r\ncontent-type: image/jpeg\r\nlast-modified: Tue, 10 Mar 2026 01:04:18 GMT\r\netag: \"10c24-69af6e12-7c9ec3da1041b6e7;;;\"\r\naccept-ranges: bytes\r\ncontent-length: 68644\r\ndate: Wed, 18 Mar 2026 10:56:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":68644,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x512, components 3","md5":"dcfa04edd787a18c15d05e86690c56aa","sha1":"5c53850482eaaeb365d1efe31f156a83a0d73cb4","sha256":"2ed2706a921ad5dfec103937c0c8d3fc3c5fc48e093c2d944df6539ee43e465f","sha512":"06fdc866e2ad2ae601c1308b8cda4d4694a284377870fc2a851a0389b296e7ef2e4c5609e5f32863da0db3ac577c36e36ecc1ba5f47d8e0e070bbe111579bf8d","ssdeep":"1536:hS8AfAQU2sfAzQtbri5sL7vA2H7KK0PXqjzDjvXEE+:MnfAQUpAmri5sL7vA2gXgH7EE+","tlshash":"d6631225dd7d59ad08660fa6aa503d585207ed3c31ce383dacf985c88ba5eb1e09dec0","first_seen":"2026-03-18T10:57:22.568471Z","last_seen":"2026-03-18T10:57:22.568471Z","times_seen":1,"resource_available":false,"data":null}},"time_used":154,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":127,"receive":27,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"promociongarena.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"app.promogarenas.online/~api/analytics","fqdn":"app.promogarenas.online","domain":"promogarenas.online","tld":"online"},"ip":{"addr":"185.158.133.1","port":443,"asn":13213,"as":"UK-2 Limited","country":"United Arab Emirates","country_code":"AE"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:52.320Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"app.promogarenas.online","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 03 Mar 2026 14:45:49 GMT","end":"Mon, 01 Jun 2026 15:45:35 GMT"},"fingerprint":{"sha1":"C6:35:ED:9A:E0:5D:04:68:39:AF:97:A3:93:12:C1:70:81:7B:4A:40","sha256":"F8:ED:6D:74:EF:F4:FE:7D:E8:96:4B:56:1B:D7:06:54:1E:E7:CE:B2:C5:8B:F2:1B:33:48:DE:E3:DF:9A:4E:A4"}}},"request":{"raw":"OPTIONS /~api/analytics HTTP/1.1\r\nHost: app.promogarenas.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://promociongarena.online/\r\nOrigin: https://promociongarena.online\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 18 Mar 2026 10:56:52 GMT\r\ncontent-type: text/html\r\nset-cookie: __cf_bm=i_138H_S9WmhVQEtOjjR05hEfnZhq266gp2I9kjy92E-1773831412.4281056-1.0.1.1-Ji066zlpqhFVZxd80vSxlON9YHxlXQGyxg9xKF3WanxvlZY5fzY0yz40WXVVG2ul43..FUmDm8Qby_VeueAmQfqIuIfKi1VhswU6GIncTAAM3Qw.vfy8tAC0PwFmGQ3z; HttpOnly; Secure; Path=/; Domain=app.promogarenas.online; Expires=Wed, 18 Mar 2026 11:26:52 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\nreferrer-policy: strict-origin-when-cross-origin\r\nx-content-type-options: nosniff\r\netag: W/\"87b8ba56c8c246e79444cc662a37517d\"\r\ncontent-encoding: gzip\r\nserver: cloudflare\r\ncf-ray: 9de3b697ac970731-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare Bot Management","description":"Cloudflare bot management solution identifies and mitigates automated traffic to protect websites from bad bots.","website":"https://www.cloudflare.com/en-gb/products/bot-management/","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["Security"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/html","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-05-15T15:20:42.416165Z","times_seen":15223586,"resource_available":true,"data":null}},"time_used":754,"timings":{"blocked":103,"dns":78,"connect":1,"send":0,"wait":547,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/assets/pixel.js","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:51.033Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"promociongarena.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Mar 2026 18:30:39 GMT","end":"Sun, 07 Jun 2026 18:30:38 GMT"},"fingerprint":{"sha1":"06:CA:78:CA:9C:61:A5:DE:27:C0:A5:8C:7C:23:B1:8B:51:60:37:BE","sha256":"93:88:54:12:70:FD:AA:41:FA:92:A3:8B:27:AB:B6:FC:E9:EB:A1:9B:2E:29:6C:87:78:CE:29:8E:C4:CB:2A:D4"}}},"request":{"raw":"GET /assets/pixel.js HTTP/1.1\r\nHost: promociongarena.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promociongarena.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 25 Mar 2026 10:56:51 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Tue, 10 Mar 2026 00:19:56 GMT\r\netag: \"16386-69af63ac-bdbba02417efa8f8;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 11317\r\ndate: Wed, 18 Mar 2026 10:56:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":91014,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with CRLF line terminators","md5":"9364a2a2b20323865fbcb0102e76c923","sha1":"0b60a8a019b83b24e561305298c5a6761620bf76","sha256":"86603d220f5da211e0d50adc7db864e168aff7ede1ceb284719e128e2412c1e7","sha512":"e45ac8bfbb0c49edbb5dfc6f43ce4e7a9b59e3bd7460cde85f7db6f4f86fff1f1954126e575a867809494054f7670678b4c687720c20ce4af3e6f5807b6a8931","ssdeep":"1536:QeVO7V2RAcBEVOZV232cqvjrto+2paeV2UNsR8kW4iV2GOdVOhV2p:3aHFI3FvjCL9OgA","tlshash":"13931147e6846c650273e37acb278070f9296b2f12594a037e7d89590f3372563b1fae","first_seen":"2026-03-18T10:57:22.569449Z","last_seen":"2026-03-18T10:57:22.569449Z","times_seen":1,"resource_available":true,"data":null}},"time_used":111,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":103,"receive":8,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"promociongarena.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"promociongarena.online/assets/index-pUMqBSix.js","fqdn":"promociongarena.online","domain":"promociongarena.online","tld":"online"},"ip":{"addr":"147.93.42.21","port":443,"asn":0,"as":"","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://promociongarena.online/","date":"2026-03-18T10:56:51.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"promociongarena.online","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Mon, 09 Mar 2026 18:30:39 GMT","end":"Sun, 07 Jun 2026 18:30:38 GMT"},"fingerprint":{"sha1":"06:CA:78:CA:9C:61:A5:DE:27:C0:A5:8C:7C:23:B1:8B:51:60:37:BE","sha256":"93:88:54:12:70:FD:AA:41:FA:92:A3:8B:27:AB:B6:FC:E9:EB:A1:9B:2E:29:6C:87:78:CE:29:8E:C4:CB:2A:D4"}}},"request":{"raw":"GET /assets/index-pUMqBSix.js HTTP/1.1\r\nHost: promociongarena.online\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://promociongarena.online/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncache-control: public, max-age=604800\r\nexpires: Wed, 25 Mar 2026 10:56:51 GMT\r\ncontent-type: application/x-javascript\r\nlast-modified: Tue, 10 Mar 2026 00:19:56 GMT\r\netag: \"12c145-69af63ac-eafa19a4db9f615e;br\"\r\naccept-ranges: bytes\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ncontent-length: 241147\r\ndate: Wed, 18 Mar 2026 10:56:51 GMT\r\nserver: LiteSpeed\r\nplatform: hostinger\r\npanel: hpanel\r\ncontent-security-policy: upgrade-insecure-requests\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"LiteSpeed","description":"LiteSpeed is a high-scalability web server.","website":"https://litespeedtech.com","common_platform_enumeration":"cpe:2.3:a:litespeedtech:litespeed_web_server:*:*:*:*:*:*:*:*","icon":"LiteSpeed.svg","categories":["Web servers"]},{"name":"Hostinger","description":"Hostinger is an employee-owned Web hosting provider and internet domain registrar.","website":"https://www.hostinger.com","common_platform_enumeration":"","icon":"Hostinger.svg","categories":["Hosting"]}],"data":{"size":1229125,"size_decoded":0,"mime_type":"application/x-javascript","magic":"JavaScript source, ASCII text, with very long lines (1083)","md5":"373a5dd5c0156fccae7cef075118694a","sha1":"c69f6454626af44bba60fa43c6fe7914babddaaf","sha256":"11e73a276597bd10243dd70f8a7387bc88462c2dab626412e06bbf72fb0c28c3","sha512":"4505ad1aa0c32c3d1718649d957b269c462c661703c30f8bd23b9c5032e9a3ae5abcf027083c34a7c38f62d40b68a28f9430ca32dd4d791828d09e4a289e4c4c","ssdeep":"12288:l+M3LSFIbe0QKFPkZLjGO3khPMaAxLUJ5OtBSC:4QSFIbe0QKFPkZLjGO3khPMaAxLUJ5O5","tlshash":"fe257f4aa6f724315223b0394e2fd4497625980f1e9dfd183a8c82a45f4c53da7f6fe8","first_seen":"2026-03-18T10:57:22.570529Z","last_seen":"2026-03-18T10:57:22.570529Z","times_seen":1,"resource_available":false,"data":null}},"time_used":398,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":111,"receive":287,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"hagezi","sensor_type":"DNS","title":"Hagezi Threat Feed","description":"Hagezi Threat Feed","scan_date":"2026-03-18","alert":"Sinkholed","trigger":"promociongarena.online","verdict":"malicious","severity":"medium","comment":"","link":"https://github.com/hagezi/dns-blocklists","meta":null}],"urlquery":null}}]}