www.freefirextiktokfreeclaim.brantly.my.id Open in urlscan Pro
149.28.154.169  Malicious Activity! Public Scan

URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Submission: On February 04 via automatic, source certstream-suspicious

Summary

This website contacted 10 IPs in 5 countries across 9 domains to perform 31 HTTP transactions. The main IP is 149.28.154.169, located in Singapore, Singapore and belongs to AS-CHOOPA, US. The main domain is www.freefirextiktokfreeclaim.brantly.my.id.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 4th 2021. Valid for: 3 months.
This is the only time www.freefirextiktokfreeclaim.brantly.my.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

IP Address AS Autonomous System
16 149.28.154.169 20473 (AS-CHOOPA)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:6ea0:c70... 60068 (CDN77 (^_^)/)
2 2a04:4e42:9::84 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
2 65.9.58.72 16509 (AMAZON-02)
31 10
Domain Requested by
16 www.freefirextiktokfreeclaim.brantly.my.id www.freefirextiktokfreeclaim.brantly.my.id
4 cdnjs.cloudflare.com www.freefirextiktokfreeclaim.brantly.my.id
cdnjs.cloudflare.com
2 api.pubgameshowtime.com code.jquery.com
2 fonts.googleapis.com www.freefirextiktokfreeclaim.brantly.my.id
2 i.pinimg.com www.freefirextiktokfreeclaim.brantly.my.id
1 code.jquery.com www.freefirextiktokfreeclaim.brantly.my.id
1 1.bp.blogspot.com www.freefirextiktokfreeclaim.brantly.my.id
1 img.icons8.com www.freefirextiktokfreeclaim.brantly.my.id
1 www.imore.com www.freefirextiktokfreeclaim.brantly.my.id
31 9

This site contains no links.

Subject Issuer Validity Valid
freefirextiktokfreeclaim.brantly.my.id
cPanel, Inc. Certification Authority
2021-02-04 -
2021-05-05
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
*.icons8.com
Sectigo RSA Domain Validation Secure Server CA
2020-05-13 -
2022-05-13
2 years crt.sh
*.pinterest.com
DigiCert SHA2 High Assurance Server CA
2020-07-16 -
2021-08-04
a year crt.sh
misc-sni.blogspot.com
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA
2020-10-06 -
2021-10-16
a year crt.sh
upload.video.google.com
GTS CA 1O1
2021-01-19 -
2021-04-13
3 months crt.sh
api.pubgameshowtime.com
Amazon
2020-04-17 -
2021-05-17
a year crt.sh

This page contains 1 frames:

Primary Page: https://www.freefirextiktokfreeclaim.brantly.my.id/
Frame ID: B50575ADF1BB7A9B9C133F0D59D3548D
Requests: 31 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Overall confidence: 100%
Detected patterns
  • script /jquery[.-]([\d.]*\d)[^/]*\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

31
Requests

97 %
HTTPS

78 %
IPv6

9
Domains

9
Subdomains

10
IPs

5
Countries

2666 kB
Transfer

2898 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.freefirextiktokfreeclaim.brantly.my.id/
13 KB
3 KB
Document
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
b82c4b7b4ff9772c1388680ec18430a9eeeb2b1b471017addfb1661196734d2b

Request headers

:method
GET
:authority
www.freefirextiktokfreeclaim.brantly.my.id
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
content-encoding
br
vary
Accept-Encoding
date
Thu, 04 Feb 2021 07:07:25 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
style.css
www.freefirextiktokfreeclaim.brantly.my.id/css/
19 KB
3 KB
Stylesheet
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
8cadeea2dfd52e58dd121ec35420d5a0be3b2946e970a1d68b7d33afa4a24ee6

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
content-encoding
br
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2890
expires
Thu, 11 Feb 2021 07:07:25 GMT
facebook.css
www.freefirextiktokfreeclaim.brantly.my.id/css/
4 KB
1022 B
Stylesheet
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/css/facebook.css
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
3efec52f8ce8e122485c2986aeec236731a73bb2ead97b8dd38a1941d0dccb7b

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
content-encoding
br
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
914
expires
Thu, 11 Feb 2021 07:07:25 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1677875
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10472
cf-request-id
080d7711e300004c268eacf000000001
timing-allow-origin
*
last-modified
Wed, 13 Jan 2021 22:29:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fff7431-e7d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W8wfW9lZ4aUPWrf6DF2qSLSKH526OnigDBAs%2BQdi%2BU3lWUYiLdAIY10dmC%2Bu3Usnz0J5NrnwimID37iBlVB%2FabpG%2BHdEoUOIOhdXmAzxzeE5EizQpiiyqokkrZmVBab7tw%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
61c28dfc9af74c26-AMS
expires
Tue, 25 Jan 2022 07:07:25 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1242753
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
cf-request-id
080d7711e300004c26c4966000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0KsV%2Bum2IBTohhThXStGqSCRMI1RajxpTg%2FsOJXCR%2FNlff8Twhp2yDJEO1qUNbFXMMiegDUKOOyQCMnpaazif93zqcuGv94EiiUeT%2FECvPzD8oK%2BEuIfDM1gEMih2BnLig%3D%3D"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
61c28dfc9afe4c26-AMS
expires
Tue, 25 Jan 2022 07:07:25 GMT
tiktok-logo2-jks-jks-jks-jks-jks-jks-jks.jpg
www.imore.com/sites/imore.com/files/styles/large/public/article_images/2019/11/
8 KB
8 KB
Image
General
Full URL
https://www.imore.com/sites/imore.com/files/styles/large/public/article_images/2019/11/tiktok-logo2-jks-jks-jks-jks-jks-jks-jks.jpg
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e9df4d77c614fc328916c616889f2a733bee074d057da1cbf30f7f493a1c51

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
cf-cache-status
HIT
age
397803
cf-polished
qual=85, origFmt=jpeg, origSize=19389
content-disposition
inline; filename="tiktok-logo2-jks-jks-jks-jks-jks-jks-jks.webp"
content-length
7798
cf-request-id
080d7712050000bde1a4868000000001
last-modified
Thu, 27 Aug 2020 22:34:07 GMT
server
cloudflare
etag
"5f4834df-4bbd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Tue, 02 Mar 2021 16:37:21 GMT
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
61c28dfccfacbde1-AMS
cf-bgj
imgq:85,h2pri
back.png
www.freefirextiktokfreeclaim.brantly.my.id/icon/
15 KB
15 KB
Image
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/icon/back.png
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
ce0f1f13548cf9beecdf59ec441778f67ed0afd3aac3c553c80e9fccffc35ba4

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
15476
expires
Thu, 11 Feb 2021 07:07:25 GMT
menu.png
www.freefirextiktokfreeclaim.brantly.my.id/icon/
1 KB
1 KB
Image
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/icon/menu.png
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
6c0f2bb571086e41ff26577c15b58360747254c3dbcd0ad3933b5551aa587694

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1227
expires
Thu, 11 Feb 2021 07:07:25 GMT
pp.jpeg
www.freefirextiktokfreeclaim.brantly.my.id/icon/
168 KB
169 KB
Image
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/icon/pp.jpeg
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
8d1d8ac9da014992daf892fcd006afec31b2d8771cd92ed8182409fb0bc9a8b9

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:26 GMT
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
172481
expires
Thu, 11 Feb 2021 07:07:26 GMT
tiktok-verified-account.png
img.icons8.com/color/452/
12 KB
12 KB
Image
General
Full URL
https://img.icons8.com/color/452/tiktok-verified-account.png
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::2 , Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
3532415ecb5d0c650399676ca8f6b6e81d5c6430decdb7f48deea57367fe0e37
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 04 Feb 2021 07:07:25 GMT
icon-size
452
x-content-type-options
nosniff
memory-svg-cache
true
access-control-allow-origin
*
from-cache
false
from-svg-cache
true
icon-format
png
x-cache
HIT
x-age
40976
x-dns-prefetch-control
off
content-length
12151
x-xss-protection
1; mode=block
x-77-nzt
AcO1ry8LV8LvEKAAAA==
not-found-platform
false
last-modified
Tue, 02 Feb 2021 18:19:42 GMT
server
CDN77-Turbo
x-77-nzt-ray
AMJfE03Bgl0=
x-download-options
noopen
x-77-cache
HIT
strict-transport-security
max-age=15552000; includeSubDomains
content-type
image/png
memory-cache
true
access-control-expose-headers
Content-Disposition
cache-control
public, max-age=302400
icon-id
p9jKUHLk5ejE
accept-ranges
bytes
version
0.199
8e1d1cee4879db1796c87f0a620afe6a.png
i.pinimg.com/originals/8e/1d/1c/
32 KB
32 KB
Image
General
Full URL
https://i.pinimg.com/originals/8e/1d/1c/8e1d1cee4879db1796c87f0a620afe6a.png
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
287cb61829d8c08da8ce4023e9011059ac34ab182015485ae659d36aff0a49d8

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
x-cdn
fastly
etag
"fad8233679eb82633a26003deeb2ea0b"
vary
Origin
content-type
image/png
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
32736
2.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/
0
0
Image
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/img/2.jpg
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
343904
expires
Thu, 11 Feb 2021 07:07:25 GMT
3.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/
248 KB
248 KB
Image
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/img/3.jpg
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
853319ab3894cabc9c76e5659cee027e8e7c22ea602b8bc483e286a74242e4d2

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:26 GMT
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
254218
expires
Thu, 11 Feb 2021 07:07:26 GMT
4.png
www.freefirextiktokfreeclaim.brantly.my.id/img/
382 KB
382 KB
Image
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/img/4.png
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
5f047fdd4bf3ea2e7994115f284fb06c93a7c1c0333993db02cef24004527f51

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:26 GMT
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
391298
expires
Thu, 11 Feb 2021 07:07:26 GMT
5.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/
17 KB
17 KB
Image
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/img/5.jpg
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
1a58a0705dcb44e2dbdadadc0702b2c073f4b96e0ec2c8abf3af686186000684

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:26 GMT
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
17221
expires
Thu, 11 Feb 2021 07:07:26 GMT
6.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/
0
0

7.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/
181 KB
181 KB
Image
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/img/7.jpg
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
611a74008979369f19914c819776b75eefe31b4676c1c2f1036780cd71ad7700

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
185351
expires
Thu, 11 Feb 2021 07:07:25 GMT
8.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/
206 KB
206 KB
Image
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/img/8.jpg
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
3523421138677d3def057245f41b431a4b796f32dcc8549d473e4aa0d5544481

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
211284
expires
Thu, 11 Feb 2021 07:07:25 GMT
9.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/
14 KB
14 KB
Image
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/img/9.jpg
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
fad2518dc6ad8ddb91fee3c8589478c9a7fcf4ba976684dad5cc1299f6a3f3fd

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
14204
expires
Thu, 11 Feb 2021 07:07:25 GMT
10.jpg
www.freefirextiktokfreeclaim.brantly.my.id/img/
245 KB
245 KB
Image
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/img/10.jpg
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
ff6abd8b2bd8ea79123e6585b72b8743dea11dd3bc1402f3e3fb11b2c3705398

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
250445
expires
Thu, 11 Feb 2021 07:07:25 GMT
1.png
www.freefirextiktokfreeclaim.brantly.my.id/img/
333 KB
334 KB
Image
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/img/1.png
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
3fde121390bd9222fef9d613ac6ba91455b0bcda8e819f2bf4d3845e2fbcb8ce

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:26 GMT
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
341458
expires
Thu, 11 Feb 2021 07:07:26 GMT
facebook_text.png
www.freefirextiktokfreeclaim.brantly.my.id/img/
28 KB
28 KB
Image
General
Full URL
https://www.freefirextiktokfreeclaim.brantly.my.id/img/facebook_text.png
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
149.28.154.169 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
149.28.154.169.vultr.com
Software
LiteSpeed /
Resource Hash
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:26 GMT
last-modified
Sat, 30 Jan 2021 18:21:26 GMT
server
LiteSpeed
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
28789
expires
Thu, 11 Feb 2021 07:07:26 GMT
free-fire-battlegrounds.jpg
1.bp.blogspot.com/-LvknwJpUAos/WzSvg105i5I/AAAAAAAAA10/s9rVJsH1_lso3bKITW4dLa0qweptwfqgQCEwYBhgL/s1600/
371 KB
372 KB
Image
General
Full URL
https://1.bp.blogspot.com/-LvknwJpUAos/WzSvg105i5I/AAAAAAAAA10/s9rVJsH1_lso3bKITW4dLa0qweptwfqgQCEwYBhgL/s1600/free-fire-battlegrounds.jpg
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
8cddea59c5b5eca1588d46d596cf41bd3be60776feffd85372d76cfb057ed7b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 03:32:56 GMT
x-content-type-options
nosniff
age
12869
content-disposition
inline;filename="free-fire-battlegrounds.png"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379894
x-xss-protection
0
server
fife
etag
"v35d"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Thu, 28 Jan 2021 08:09:18 GMT
jquery-3.5.1.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.5.1.min.js
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:25 GMT
content-encoding
gzip
last-modified
Mon, 04 May 2020 23:02:39 GMT
server
nginx
etag
W/"5eb09f0f-15d84"
vary
Accept-Encoding
x-hw
1612422445.dop138.fr8.t,1612422445.cds242.fr8.hn,1612422445.cds142.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30879
css2
fonts.googleapis.com/
109 KB
29 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Yusei+Magic&display=swap
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7a349a36da059796c707cf61a533655fab9db93a484a38b0c9409d8f26d8123c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Feb 2021 07:07:26 GMT
server
ESF
date
Thu, 04 Feb 2021 07:07:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Feb 2021 07:07:26 GMT
css2
fonts.googleapis.com/
1 KB
579 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Chakra+Petch:wght@600&display=swap
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78a38f362b5e5ac36f0b15dc2f9808b616c77be437b2b3474a89e6027e790556
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 04 Feb 2021 07:07:26 GMT
server
ESF
date
Thu, 04 Feb 2021 07:07:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Feb 2021 07:07:26 GMT
getcountry
api.pubgameshowtime.com/ip/
61 B
427 B
XHR
General
Full URL
https://api.pubgameshowtime.com/ip/getcountry
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fb2585a5a851e48861807bd5aea3a447670e508fa68efe91ea8b5449b6171e56

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:26 GMT
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amzn-requestid
624ef814-1377-432f-8381-8167bd2a7f82
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-601b9d2e-0a705fad101d31611926d4a4;Sampled=0
x-amz-apigw-id
aNV_SEwISK4FXyA=
content-length
61
x-amz-cf-id
gpAw6Co9RQSiGRmi5dw1O-scJETt0GoHxQjgd8jLdYQkORU76dC4ew==
d160d03b448ecaff5a10c57962b45187.jpg
i.pinimg.com/originals/d1/60/d0/
160 KB
160 KB
Image
General
Full URL
https://i.pinimg.com/originals/d1/60/d0/d160d03b448ecaff5a10c57962b45187.jpg
Requested by
Host: www.freefirextiktokfreeclaim.brantly.my.id
URL: https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:9::84 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dfd1cd6ae0bebb4587b9ea8e37b5ebf0523ced8e161c1629dd56f1b45c388092

Request headers

Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:26 GMT
x-cdn
fastly
etag
"0eb270006f9de562b725af75dc47a8df"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000, immutable
accept-ranges
bytes
content-length
163406
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/
77 KB
77 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ccb86c5cca20d69f5da56707c66f6e0c2656ae43fe626f94ca2fc1a46b5026a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.freefirextiktokfreeclaim.brantly.my.id
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1678097
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78472
cf-request-id
080d77166700000c21b2970000000001
timing-allow-origin
*
last-modified
Wed, 13 Jan 2021 22:29:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fff7432-13288"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=C0HNd1d9VP1%2BuazhKTjBCL%2Bu1XXEnjqLlJddybMXEKXTPmHvScKuF8ix%2Fol%2FjpHlAqwmX3ZB0BYpW8fguA%2BX8zr8O9%2BTxJZpNbaGTY%2B9d3%2FfeXFPxV0GnguBStgr5EHmaw%3D%3D"}]}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
61c28e03d9610c21-AMS
expires
Tue, 25 Jan 2022 07:07:26 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/
78 KB
79 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Origin
https://www.freefirextiktokfreeclaim.brantly.my.id
Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:26 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
646361
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80252
cf-request-id
080d77166800000c21961b1000000001
timing-allow-origin
*
last-modified
Wed, 13 Jan 2021 22:29:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fff7432-1397c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UTF7VamnOASsNXli1lMXxmo3vNlqzZft9%2F0tOV%2FiB2iuvxwIJKiska8HFmQgptq8%2BBkihuDYtFA%2FTVkrCUmUcocoC4OHHD0ZPjnlrMOUduC6tw7UWADHPPm613PGY2NtzQ%3D%3D"}]}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
61c28e03d9640c21-AMS
expires
Tue, 25 Jan 2022 07:07:26 GMT
getcountry
api.pubgameshowtime.com/ip/
61 B
427 B
XHR
General
Full URL
https://api.pubgameshowtime.com/ip/getcountry
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.58.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
fb2585a5a851e48861807bd5aea3a447670e508fa68efe91ea8b5449b6171e56

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.freefirextiktokfreeclaim.brantly.my.id/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 04 Feb 2021 07:07:27 GMT
via
1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amzn-requestid
358ce176-2ff3-407e-bcaa-92f65cc481f1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-601b9d2f-34091e5b49fa60d17f04201a;Sampled=0
x-amz-apigw-id
aNV_YECWSK4FUjA=
content-length
61
x-amz-cf-id
tiYLCo0oMsZ0yRerCPlqB-f7gkpGHCBEcKikr70L5nsZRDYBD7HWRA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.freefirextiktokfreeclaim.brantly.my.id
URL
https://www.freefirextiktokfreeclaim.brantly.my.id/img/6.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| lord object| images object| imagesused object| as function| getid function| checkip function| valid

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
api.pubgameshowtime.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
i.pinimg.com
img.icons8.com
www.freefirextiktokfreeclaim.brantly.my.id
www.imore.com
www.freefirextiktokfreeclaim.brantly.my.id
149.28.154.169
2001:4de0:ac19::1:b:1a
2606:4700::6810:135e
2606:4700::6812:e29
2a00:1450:4001:816::2001
2a00:1450:4001:82b::200a
2a02:6ea0:c700::2
2a04:4e42:9::84
65.9.58.72
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
1a58a0705dcb44e2dbdadadc0702b2c073f4b96e0ec2c8abf3af686186000684
287cb61829d8c08da8ce4023e9011059ac34ab182015485ae659d36aff0a49d8
3523421138677d3def057245f41b431a4b796f32dcc8549d473e4aa0d5544481
3532415ecb5d0c650399676ca8f6b6e81d5c6430decdb7f48deea57367fe0e37
3efec52f8ce8e122485c2986aeec236731a73bb2ead97b8dd38a1941d0dccb7b
3fde121390bd9222fef9d613ac6ba91455b0bcda8e819f2bf4d3845e2fbcb8ce
55e9df4d77c614fc328916c616889f2a733bee074d057da1cbf30f7f493a1c51
5ccb86c5cca20d69f5da56707c66f6e0c2656ae43fe626f94ca2fc1a46b5026a
5f047fdd4bf3ea2e7994115f284fb06c93a7c1c0333993db02cef24004527f51
611a74008979369f19914c819776b75eefe31b4676c1c2f1036780cd71ad7700
6c0f2bb571086e41ff26577c15b58360747254c3dbcd0ad3933b5551aa587694
78a38f362b5e5ac36f0b15dc2f9808b616c77be437b2b3474a89e6027e790556
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a349a36da059796c707cf61a533655fab9db93a484a38b0c9409d8f26d8123c
853319ab3894cabc9c76e5659cee027e8e7c22ea602b8bc483e286a74242e4d2
8cadeea2dfd52e58dd121ec35420d5a0be3b2946e970a1d68b7d33afa4a24ee6
8cddea59c5b5eca1588d46d596cf41bd3be60776feffd85372d76cfb057ed7b6
8d1d8ac9da014992daf892fcd006afec31b2d8771cd92ed8182409fb0bc9a8b9
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
b82c4b7b4ff9772c1388680ec18430a9eeeb2b1b471017addfb1661196734d2b
ce0f1f13548cf9beecdf59ec441778f67ed0afd3aac3c553c80e9fccffc35ba4
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
dfd1cd6ae0bebb4587b9ea8e37b5ebf0523ced8e161c1629dd56f1b45c388092
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fad2518dc6ad8ddb91fee3c8589478c9a7fcf4ba976684dad5cc1299f6a3f3fd
fb2585a5a851e48861807bd5aea3a447670e508fa68efe91ea8b5449b6171e56
ff6abd8b2bd8ea79123e6585b72b8743dea11dd3bc1402f3e3fb11b2c3705398