www.freefirextiktokfreeclaim.brantly.my.id Open in urlscan Pro
149.28.154.169 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.freefirextiktokfreeclaim.brantly.my.id/
Submission: On February 04 via automatic, source certstream-suspicious (February 4th 2021, 7:07:50 am UTC)

Summary HTTP 31 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 9 domains to perform 31 HTTP transactions. The main IP is 149.28.154.169, located in Singapore, Singapore and belongs to AS-CHOOPA, US. The main domain is www.freefirextiktokfreeclaim.brantly.my.id.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 4th 2021. Valid for: 3 months.

This is the only time www.freefirextiktokfreeclaim.brantly.my.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
16	149.28.154.169 149.28.154.169	20473 (AS-CHOOPA) (AS-CHOOPA)
4	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:e29	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	2a04:4e42:9::84 2a04:4e42:9::84	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	65.9.58.72 65.9.58.72	16509 (AMAZON-02) (AMAZON-02)
31	10

16 149.28.154.169 (Singapore, Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 149.28.154.169.vultr.com

www.freefirextiktokfreeclaim.brantly.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:e29 (United States)

ASN13335 (CLOUDFLARENET, US)

www.imore.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Germany)

ASN60068 (CDN77 (^_^)/, GB)

img.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:9::84 (Ascension Island)

ASN54113 (FASTLY, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.58.72 (Seattle, United States)

ASN16509 (AMAZON-02, US)

api.pubgameshowtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	brantly.my.id www.freefirextiktokfreeclaim.brantly.my.id	2 MB
4	cloudflare.com cdnjs.cloudflare.com	173 KB
2	pubgameshowtime.com api.pubgameshowtime.com	854 B
2	googleapis.com fonts.googleapis.com	30 KB
2	pinimg.com i.pinimg.com	192 KB
1	jquery.com code.jquery.com	30 KB
1	blogspot.com 1.bp.blogspot.com	372 KB
1	icons8.com img.icons8.com	12 KB
1	imore.com www.imore.com	8 KB
31	9

	Domain	Requested by
16	www.freefirextiktokfreeclaim.brantly.my.id	www.freefirextiktokfreeclaim.brantly.my.id
4	cdnjs.cloudflare.com	www.freefirextiktokfreeclaim.brantly.my.id cdnjs.cloudflare.com
2	api.pubgameshowtime.com	code.jquery.com
2	fonts.googleapis.com	www.freefirextiktokfreeclaim.brantly.my.id
2	i.pinimg.com	www.freefirextiktokfreeclaim.brantly.my.id
1	code.jquery.com	www.freefirextiktokfreeclaim.brantly.my.id
1	1.bp.blogspot.com	www.freefirextiktokfreeclaim.brantly.my.id
1	img.icons8.com	www.freefirextiktokfreeclaim.brantly.my.id
1	www.imore.com	www.freefirextiktokfreeclaim.brantly.my.id
31	9

This site contains no links.

Subject Issuer	Validity	Valid
freefirextiktokfreeclaim.brantly.my.id cPanel, Inc. Certification Authority	`2021-02-04` - `2021-05-05`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.icons8.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-13` - `2022-05-13`	2 years	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
api.pubgameshowtime.com Amazon	`2020-04-17` - `2021-05-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.freefirextiktokfreeclaim.brantly.my.id/
Frame ID: B50575ADF1BB7A9B9C133F0D59D3548D
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

31
Requests

97 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

10
IPs

5
Countries

2666 kB
Transfer

2898 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.freefirextiktokfreeclaim.brantly.my.id/ 13 KB
3 KB 1356ms
190ms Document
text/html 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: b82c4b7b4ff9772c1388680ec18430a9eeeb2b1b471017addfb1661196734d2b

Request headers

:method: GET
:authority: www.freefirextiktokfreeclaim.brantly.my.id
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Thu, 04 Feb 2021 07:07:25 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 style.css
www.freefirextiktokfreeclaim.brantly.my.id/css/ 19 KB
3 KB 367ms
187ms Stylesheet
text/css 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: 8cadeea2dfd52e58dd121ec35420d5a0be3b2946e970a1d68b7d33afa4a24ee6

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
content-encoding: br
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2890
expires: Thu, 11 Feb 2021 07:07:25 GMT

GET
H2 200 facebook.css
www.freefirextiktokfreeclaim.brantly.my.id/css/ 4 KB
1022 B 366ms
186ms Stylesheet
text/css 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/css/facebook.css
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: 3efec52f8ce8e122485c2986aeec236731a73bb2ead97b8dd38a1941d0dccb7b

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
content-encoding: br
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 914
expires: Thu, 11 Feb 2021 07:07:25 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 52ms
24ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1677875
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10472
cf-request-id: 080d7711e300004c268eacf000000001
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W8wfW9lZ4aUPWrf6DF2qSLSKH526OnigDBAs%2BQdi%2BU3lWUYiLdAIY10dmC%2Bu3Usnz0J5NrnwimID37iBlVB%2FabpG%2BHdEoUOIOhdXmAzxzeE5EizQpiiyqokkrZmVBab7tw%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61c28dfc9af74c26-AMS
expires: Tue, 25 Jan 2022 07:07:25 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 51ms
23ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1242753
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
cf-request-id: 080d7711e300004c26c4966000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0KsV%2Bum2IBTohhThXStGqSCRMI1RajxpTg%2FsOJXCR%2FNlff8Twhp2yDJEO1qUNbFXMMiegDUKOOyQCMnpaazif93zqcuGv94EiiUeT%2FECvPzD8oK%2BEuIfDM1gEMih2BnLig%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61c28dfc9afe4c26-AMS
expires: Tue, 25 Jan 2022 07:07:25 GMT

GET
H2 200 tiktok-logo2-jks-jks-jks-jks-jks-jks-jks.jpg
www.imore.com/sites/imore.com/files/styles/large/public/article_images/2019/11/ 8 KB
8 KB 151ms
94ms Image
image/webp 2606:4700::6812:e29
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.imore.com/sites/imore.com/files/styles/large/public/article_images/2019/11/tiktok-logo2-jks-jks-jks-jks-jks-jks-jks.jpg
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55e9df4d77c614fc328916c616889f2a733bee074d057da1cbf30f7f493a1c51

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
cf-cache-status: HIT
age: 397803
cf-polished: qual=85, origFmt=jpeg, origSize=19389
content-disposition: inline; filename="tiktok-logo2-jks-jks-jks-jks-jks-jks-jks.webp"
content-length: 7798
cf-request-id: 080d7712050000bde1a4868000000001
last-modified: Thu, 27 Aug 2020 22:34:07 GMT
server: cloudflare
etag: "5f4834df-4bbd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Tue, 02 Mar 2021 16:37:21 GMT
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 61c28dfccfacbde1-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 back.png
www.freefirextiktokfreeclaim.brantly.my.id/icon/ 15 KB
15 KB 531ms
353ms Image
image/png 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/icon/back.png
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: ce0f1f13548cf9beecdf59ec441778f67ed0afd3aac3c553c80e9fccffc35ba4

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15476
expires: Thu, 11 Feb 2021 07:07:25 GMT

GET
H2 200 menu.png
www.freefirextiktokfreeclaim.brantly.my.id/icon/ 1 KB
1 KB 532ms
354ms Image
image/png 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/icon/menu.png
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: 6c0f2bb571086e41ff26577c15b58360747254c3dbcd0ad3933b5551aa587694

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1227
expires: Thu, 11 Feb 2021 07:07:25 GMT

GET
H2 200 pp.jpeg
www.freefirextiktokfreeclaim.brantly.my.id/icon/ 168 KB
169 KB 1031ms
854ms Image
image/jpeg 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/icon/pp.jpeg
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: 8d1d8ac9da014992daf892fcd006afec31b2d8771cd92ed8182409fb0bc9a8b9

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:26 GMT
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 172481
expires: Thu, 11 Feb 2021 07:07:26 GMT

GET
H2 200 tiktok-verified-account.png
img.icons8.com/color/452/ 12 KB
12 KB 97ms
30ms Image
image/png 2a02:6ea0:c700::2
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.icons8.com/color/452/tiktok-verified-account.png

Requested by

Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c700::2 , Germany, ASN60068 (CDN77 (^_^)/, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

3532415ecb5d0c650399676ca8f6b6e81d5c6430decdb7f48deea57367fe0e37

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 04 Feb 2021 07:07:25 GMT
icon-size: 452
x-content-type-options: nosniff
memory-svg-cache: true
access-control-allow-origin: *
from-cache: false
from-svg-cache: true
icon-format: png
x-cache: HIT
x-age: 40976
x-dns-prefetch-control: off
content-length: 12151
x-xss-protection: 1; mode=block
x-77-nzt: AcO1ry8LV8LvEKAAAA==
not-found-platform: false
last-modified: Tue, 02 Feb 2021 18:19:42 GMT
server: CDN77-Turbo
x-77-nzt-ray: AMJfE03Bgl0=
x-download-options: noopen
x-77-cache: HIT
strict-transport-security: max-age=15552000; includeSubDomains
content-type: image/png
memory-cache: true
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=302400
icon-id: p9jKUHLk5ejE
accept-ranges: bytes
version: 0.199

GET
H2 200 8e1d1cee4879db1796c87f0a620afe6a.png
i.pinimg.com/originals/8e/1d/1c/ 32 KB
32 KB 48ms
13ms Image
image/png 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/8e/1d/1c/8e1d1cee4879db1796c87f0a620afe6a.png
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 287cb61829d8c08da8ce4023e9011059ac34ab182015485ae659d36aff0a49d8

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
x-cdn: fastly
etag: "fad8233679eb82633a26003deeb2ea0b"
vary: Origin
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 32736

GET
H2 200 2.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/ 0
0 529ms
352ms Image
image/jpeg 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/img/2.jpg
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 343904
expires: Thu, 11 Feb 2021 07:07:25 GMT

GET
H2 200 3.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/ 248 KB
248 KB 1029ms
852ms Image
image/jpeg 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/img/3.jpg
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: 853319ab3894cabc9c76e5659cee027e8e7c22ea602b8bc483e286a74242e4d2

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:26 GMT
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 254218
expires: Thu, 11 Feb 2021 07:07:26 GMT

GET
H2 200 4.png
www.freefirextiktokfreeclaim.brantly.my.id/img/ 382 KB
382 KB 1028ms
852ms Image
image/png 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/img/4.png
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: 5f047fdd4bf3ea2e7994115f284fb06c93a7c1c0333993db02cef24004527f51

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:26 GMT
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 391298
expires: Thu, 11 Feb 2021 07:07:26 GMT

GET
H2 200 5.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/ 17 KB
17 KB 866ms
690ms Image
image/jpeg 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/img/5.jpg
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: 1a58a0705dcb44e2dbdadadc0702b2c073f4b96e0ec2c8abf3af686186000684

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:26 GMT
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 17221
expires: Thu, 11 Feb 2021 07:07:26 GMT

GET 6.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/ 0
0

GET
H2 200 7.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/ 181 KB
181 KB 861ms
685ms Image
image/jpeg 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/img/7.jpg
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: 611a74008979369f19914c819776b75eefe31b4676c1c2f1036780cd71ad7700

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 185351
expires: Thu, 11 Feb 2021 07:07:25 GMT

GET
H2 200 8.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/ 206 KB
206 KB 703ms
527ms Image
image/jpeg 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/img/8.jpg
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: 3523421138677d3def057245f41b431a4b796f32dcc8549d473e4aa0d5544481

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 211284
expires: Thu, 11 Feb 2021 07:07:25 GMT

GET
H2 200 9.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/ 14 KB
14 KB 702ms
527ms Image
image/jpeg 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/img/9.jpg
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: fad2518dc6ad8ddb91fee3c8589478c9a7fcf4ba976684dad5cc1299f6a3f3fd

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14204
expires: Thu, 11 Feb 2021 07:07:25 GMT

GET
H2 200 10.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/ 245 KB
245 KB 530ms
354ms Image
image/jpeg 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/img/10.jpg
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: ff6abd8b2bd8ea79123e6585b72b8743dea11dd3bc1402f3e3fb11b2c3705398

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 250445
expires: Thu, 11 Feb 2021 07:07:25 GMT

GET
H2 200 1.png
www.freefirextiktokfreeclaim.brantly.my.id/img/ 333 KB
334 KB 1028ms
853ms Image
image/png 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/img/1.png
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: 3fde121390bd9222fef9d613ac6ba91455b0bcda8e819f2bf4d3845e2fbcb8ce

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:26 GMT
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 341458
expires: Thu, 11 Feb 2021 07:07:26 GMT

GET
H2 200 facebook_text.png
www.freefirextiktokfreeclaim.brantly.my.id/img/ 28 KB
28 KB 1027ms
852ms Image
image/png 149.28.154.169
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.freefirextiktokfreeclaim.brantly.my.id/img/facebook_text.png
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS: 149.28.154.169.vultr.com
Software: LiteSpeed /
Resource Hash: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:26 GMT
last-modified: Sat, 30 Jan 2021 18:21:26 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28789
expires: Thu, 11 Feb 2021 07:07:26 GMT

GET
H2 200 free-fire-battlegrounds.jpg
1.bp.blogspot.com/-LvknwJpUAos/WzSvg105i5I/AAAAAAAAA10/s9rVJsH1_lso3bKITW4dLa0qweptwfqgQCEwYBhgL/s1600/ 371 KB
372 KB 31ms
8ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1.bp.blogspot.com/-LvknwJpUAos/WzSvg105i5I/AAAAAAAAA10/s9rVJsH1_lso3bKITW4dLa0qweptwfqgQCEwYBhgL/s1600/free-fire-battlegrounds.jpg

Requested by

Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8cddea59c5b5eca1588d46d596cf41bd3be60776feffd85372d76cfb057ed7b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 03:32:56 GMT
x-content-type-options: nosniff
age: 12869
content-disposition: inline;filename="free-fire-battlegrounds.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379894
x-xss-protection: 0
server: fife
etag: "v35d"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 28 Jan 2021 08:09:18 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 35ms
11ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:25 GMT
content-encoding: gzip
last-modified: Mon, 04 May 2020 23:02:39 GMT
server: nginx
etag: W/"5eb09f0f-15d84"
vary: Accept-Encoding
x-hw: 1612422445.dop138.fr8.t,1612422445.cds242.fr8.hn,1612422445.cds142.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 css2
fonts.googleapis.com/ 109 KB
29 KB 21ms
20ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Yusei+Magic&display=swap

Requested by

Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a349a36da059796c707cf61a533655fab9db93a484a38b0c9409d8f26d8123c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 07:07:26 GMT
server: ESF
date: Thu, 04 Feb 2021 07:07:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Feb 2021 07:07:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
579 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@600&display=swap

Requested by

Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78a38f362b5e5ac36f0b15dc2f9808b616c77be437b2b3474a89e6027e790556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Feb 2021 07:07:26 GMT
server: ESF
date: Thu, 04 Feb 2021 07:07:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Feb 2021 07:07:26 GMT

GET
H2 200 getcountry Show response
api.pubgameshowtime.com/ip/ 61 B
427 B 595ms
503ms XHR
application/json 65.9.58.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pubgameshowtime.com/ip/getcountry
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fb2585a5a851e48861807bd5aea3a447670e508fa68efe91ea8b5449b6171e56

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:26 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 624ef814-1377-432f-8381-8167bd2a7f82
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-601b9d2e-0a705fad101d31611926d4a4;Sampled=0
x-amz-apigw-id: aNV_SEwISK4FXyA=
content-length: 61
x-amz-cf-id: gpAw6Co9RQSiGRmi5dw1O-scJETt0GoHxQjgd8jLdYQkORU76dC4ew==

GET
H2 200 d160d03b448ecaff5a10c57962b45187.jpg
i.pinimg.com/originals/d1/60/d0/ 160 KB
160 KB 16ms
16ms Image
image/jpeg 2a04:4e42:9::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/d1/60/d0/d160d03b448ecaff5a10c57962b45187.jpg
Requested by: Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dfd1cd6ae0bebb4587b9ea8e37b5ebf0523ced8e161c1629dd56f1b45c388092

Request headers

Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:26 GMT
x-cdn: fastly
etag: "0eb270006f9de562b725af75dc47a8df"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
content-length: 163406

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ 77 KB
77 KB 27ms
27ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccb86c5cca20d69f5da56707c66f6e0c2656ae43fe626f94ca2fc1a46b5026a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.freefirextiktokfreeclaim.brantly.my.id
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1678097
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78472
cf-request-id: 080d77166700000c21b2970000000001
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7432-13288"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C0HNd1d9VP1%2BuazhKTjBCL%2Bu1XXEnjqLlJddybMXEKXTPmHvScKuF8ix%2Fol%2FjpHlAqwmX3ZB0BYpW8fguA%2BX8zr8O9%2BTxJZpNbaGTY%2B9d3%2FfeXFPxV0GnguBStgr5EHmaw%3D%3D"}]}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61c28e03d9610c21-AMS
expires: Tue, 25 Jan 2022 07:07:26 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ 78 KB
79 KB 97ms
97ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.freefirextiktokfreeclaim.brantly.my.id
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 646361
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 80252
cf-request-id: 080d77166800000c21961b1000000001
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7432-1397c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UTF7VamnOASsNXli1lMXxmo3vNlqzZft9%2F0tOV%2FiB2iuvxwIJKiska8HFmQgptq8%2BBkihuDYtFA%2FTVkrCUmUcocoC4OHHD0ZPjnlrMOUduC6tw7UWADHPPm613PGY2NtzQ%3D%3D"}]}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 61c28e03d9640c21-AMS
expires: Tue, 25 Jan 2022 07:07:26 GMT

GET
H2 200 getcountry Show response
api.pubgameshowtime.com/ip/ 61 B
427 B 497ms
496ms XHR
application/json 65.9.58.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pubgameshowtime.com/ip/getcountry
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fb2585a5a851e48861807bd5aea3a447670e508fa68efe91ea8b5449b6171e56

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 07:07:27 GMT
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 358ce176-2ff3-407e-bcaa-92f65cc481f1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-601b9d2f-34091e5b49fa60d17f04201a;Sampled=0
x-amz-apigw-id: aNV_YECWSK4FUjA=
content-length: 61
x-amz-cf-id: tiYLCo0oMsZ0yRerCPlqB-f7gkpGHCBEcKikr70L5nsZRDYBD7HWRA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/img/6.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
api.pubgameshowtime.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
i.pinimg.com
img.icons8.com
www.freefirextiktokfreeclaim.brantly.my.id
www.imore.com
www.freefirextiktokfreeclaim.brantly.my.id
149.28.154.169
2001:4de0:ac19::1:b:1a
2606:4700::6810:135e
2606:4700::6812:e29
2a00:1450:4001:816::2001
2a00:1450:4001:82b::200a
2a02:6ea0:c700::2
2a04:4e42:9::84
65.9.58.72
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
1a58a0705dcb44e2dbdadadc0702b2c073f4b96e0ec2c8abf3af686186000684
287cb61829d8c08da8ce4023e9011059ac34ab182015485ae659d36aff0a49d8
3523421138677d3def057245f41b431a4b796f32dcc8549d473e4aa0d5544481
3532415ecb5d0c650399676ca8f6b6e81d5c6430decdb7f48deea57367fe0e37
3efec52f8ce8e122485c2986aeec236731a73bb2ead97b8dd38a1941d0dccb7b
3fde121390bd9222fef9d613ac6ba91455b0bcda8e819f2bf4d3845e2fbcb8ce
55e9df4d77c614fc328916c616889f2a733bee074d057da1cbf30f7f493a1c51
5ccb86c5cca20d69f5da56707c66f6e0c2656ae43fe626f94ca2fc1a46b5026a
5f047fdd4bf3ea2e7994115f284fb06c93a7c1c0333993db02cef24004527f51
611a74008979369f19914c819776b75eefe31b4676c1c2f1036780cd71ad7700
6c0f2bb571086e41ff26577c15b58360747254c3dbcd0ad3933b5551aa587694
78a38f362b5e5ac36f0b15dc2f9808b616c77be437b2b3474a89e6027e790556
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a349a36da059796c707cf61a533655fab9db93a484a38b0c9409d8f26d8123c
853319ab3894cabc9c76e5659cee027e8e7c22ea602b8bc483e286a74242e4d2
8cadeea2dfd52e58dd121ec35420d5a0be3b2946e970a1d68b7d33afa4a24ee6
8cddea59c5b5eca1588d46d596cf41bd3be60776feffd85372d76cfb057ed7b6
8d1d8ac9da014992daf892fcd006afec31b2d8771cd92ed8182409fb0bc9a8b9
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
b82c4b7b4ff9772c1388680ec18430a9eeeb2b1b471017addfb1661196734d2b
ce0f1f13548cf9beecdf59ec441778f67ed0afd3aac3c553c80e9fccffc35ba4
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
dfd1cd6ae0bebb4587b9ea8e37b5ebf0523ced8e161c1629dd56f1b45c388092
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fad2518dc6ad8ddb91fee3c8589478c9a7fcf4ba976684dad5cc1299f6a3f3fd
fb2585a5a851e48861807bd5aea3a447670e508fa68efe91ea8b5449b6171e56
ff6abd8b2bd8ea79123e6585b72b8743dea11dd3bc1402f3e3fb11b2c3705398

www.freefirextiktokfreeclaim.brantly.my.id Open in urlscan Pro 149.28.154.169 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

31 Requests

97 %HTTPS

78 %IPv6

9 Domains

9 Subdomains

10 IPs

5 Countries

2666 kBTransfer

2898 kBSize

0 Cookies

0 Outgoing links

Redirected requests

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.freefirextiktokfreeclaim.brantly.my.id Open in urlscan Pro
149.28.154.169 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

31
Requests

97 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

10
IPs

5
Countries

2666 kB
Transfer

2898 kB
Size

0
Cookies

31 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!