skin-gratis9710.real2.biz.id Open in urlscan Pro
2606:4700:3030::ac43:9169  Malicious Activity! Public Scan

Submitted URL: https://skin-gratis9710.real2.biz.id/
Effective URL: https://skin-gratis9710.real2.biz.id/id/
Submission Tags: phishingrod
Submission: On January 06 via api from DE — Scanned from DE

Summary

This website contacted 14 IPs in 1 countries across 13 domains to perform 84 HTTP transactions. The main IP is 2606:4700:3030::ac43:9169, located in United States and belongs to CLOUDFLARENET, US. The main domain is skin-gratis9710.real2.biz.id.
TLS certificate: Issued by E1 on November 17th 2023. Valid for: 3 months.
This is the only time skin-gratis9710.real2.biz.id was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

Domain Requested by
11 skin-gratis9710.real2.biz.id 2 redirects skin-gratis9710.real2.biz.id
9 freefiremobile-a.akamaihd.net skin-gratis9710.real2.biz.id
4 ajax.googleapis.com skin-gratis9710.real2.biz.id
3 dl.dir.freefiremobile.com skin-gratis9710.real2.biz.id
3 cdnjs.cloudflare.com skin-gratis9710.real2.biz.id
2 i.ibb.co skin-gratis9710.real2.biz.id
1 fonts.gstatic.com fonts.googleapis.com
1 i.postimg.cc skin-gratis9710.real2.biz.id
1 cdn.jsdelivr.net skin-gratis9710.real2.biz.id
1 i.im.ge skin-gratis9710.real2.biz.id
1 stackpath.bootstrapcdn.com skin-gratis9710.real2.biz.id
1 fonts.googleapis.com skin-gratis9710.real2.biz.id
1 www.w3schools.com skin-gratis9710.real2.biz.id
0 rawcdn.githack.com Failed skin-gratis9710.real2.biz.id
84 14

This site contains no links.

Subject Issuer Validity Valid
real2.biz.id
E1
2023-11-17 -
2024-02-15
3 months crt.sh
*.w3schools.com
DigiCert TLS RSA SHA256 2020 CA1
2023-03-05 -
2024-04-04
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
bootstrapcdn.com
GTS CA 1P5
2023-11-30 -
2024-02-28
3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2023-05-16 -
2024-05-15
a year crt.sh
dl.dir.freefiremobile.com
Amazon RSA 2048 M03
2023-11-29 -
2024-12-27
a year crt.sh
ibb.co
R3
2023-12-09 -
2024-03-08
3 months crt.sh
image.01.cdn.im.ge
Sectigo RSA Domain Validation Secure Server CA
2023-06-21 -
2024-06-21
a year crt.sh
postimg.cc
R3
2023-12-23 -
2024-03-22
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 1 frames:

Primary Page: https://skin-gratis9710.real2.biz.id/id/
Frame ID: A5772BFC8663FB94B1677B684B5BD391
Requests: 84 HTTP requests in this frame

Screenshot

Page Title

Garena Free Fire. Best survival Battle Royale on mobile!

Page URL History Show full URLs

  1. https://skin-gratis9710.real2.biz.id/ Page URL
  2. https://skin-gratis9710.real2.biz.id/id HTTP 301
    http://skin-gratis9710.real2.biz.id/id/ HTTP 301
    https://skin-gratis9710.real2.biz.id/id/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

84
Requests

44 %
HTTPS

71 %
IPv6

13
Domains

14
Subdomains

14
IPs

1
Countries

2728 kB
Transfer

3157 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://skin-gratis9710.real2.biz.id/ Page URL
  2. https://skin-gratis9710.real2.biz.id/id HTTP 301
    http://skin-gratis9710.real2.biz.id/id/ HTTP 301
    https://skin-gratis9710.real2.biz.id/id/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

84 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
skin-gratis9710.real2.biz.id/
142 B
564 B
Document
General
Full URL
https://skin-gratis9710.real2.biz.id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:9169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8410cd1dd8d2b8fc-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 06 Jan 2024 03:16:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2FuXAmo617TZcm%2B2F4ys%2FPGxx8%2FE6lGSkq120IVIO7xcmVlfQ5GXWJOXxgk1U7ibdxkWGAUzp5ILbw4xkc8W7OwI0W042p9cGbhtF8I%2FlmS1agxrp32iAjaoA%2BLQK42IVxtQd3oDDinyXwYDrZEME0n6wY4sm9pCz3AZ"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request /
skin-gratis9710.real2.biz.id/id/
Redirect Chain
  • https://skin-gratis9710.real2.biz.id/id
  • http://skin-gratis9710.real2.biz.id/id/
  • https://skin-gratis9710.real2.biz.id/id/
43 KB
6 KB
Document
General
Full URL
https://skin-gratis9710.real2.biz.id/id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:9169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79dc2317fd029c730e1766c1fa26fd1ec8e67a42e8e0a7b9089dab7d84d4cf2a

Request headers

Referer
https://skin-gratis9710.real2.biz.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8410cd349d7c1959-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 06 Jan 2024 03:16:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISvoUhMMm%2FpZTN1tebA5ly6aZuh6ggzFeW5y5GQmiBLE8Jtq5b6e7%2FSECmktPZ0v%2BhS1zKFgUjU5oP5B1ETJfjkKZFY6WURZPT2Gd06oOVHjXQgEaY78nfKc%2FTznFfgQb4J9kqFfoUt%2FH4gCjGjj27n6VmhppuFjtPzw"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

CF-RAY
8410cd3299766f10-CDG
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sat, 06 Jan 2024 03:16:18 GMT
Expires
Sat, 06 Jan 2024 04:16:18 GMT
Location
https://skin-gratis9710.real2.biz.id/id/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YfyG2LA%2FXcrvEsN8BqUgsh%2F%2FjUwhyRgG1xn9K0PsbYGEdvi5tF%2BepLC44UXhaHOUBwWHLFxwLXWXznKYSg1ZHBGbGaZMLEIlcbGqUmdO6h6iuUF5EWnkmUtImD8Q%2F7z4AfF4OGzx4pID39hpaXu3f%2Fd%2B4MTJ2sSHOuPn"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
w3.css
www.w3schools.com/w3css/4/
23 KB
5 KB
Stylesheet
General
Full URL
https://www.w3schools.com/w3css/4/w3.css
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.133.221 -, , ASN (),
Reverse DNS
Software
ECS (frb/6796) / ASP.NET
Resource Hash
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding
gzip
date
Sat, 06 Jan 2024 03:16:23 GMT
last-modified
Thu, 04 Jan 2024 14:04:14 GMT
server
ECS (frb/6796)
age
2823
etag
"03eae5163fda1:0+gzip"
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
cache-control
public,max-age=14400,public
accept-ranges
bytes
content-length
5256
x-content-security-policy
frame-ancestors 'self' https://mycourses.w3schools.com;
css2
fonts.googleapis.com/
1 KB
867 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Barlow:wght@500&display=swap
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
874c1da73cdef15da42307811222fd5aec84bdb516df0269336d92c4f0c32699
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 06 Jan 2024 03:16:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 06 Jan 2024 03:16:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 06 Jan 2024 03:16:23 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3362519
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBEnAYe4dbgN0sh9LDjwIjTCdvPJ6TxC58nm8r2OgF8R2q9qLkPO%2B4tmZOyQBIP%2FObPQd2kSo2pTNVFr%2BYTsAJGWfLN8P3illaWsFv1y%2FClK83OsgIenUh0RdSyTQEc824DDVRWjlq9znJyOJVCpIwlZ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8410cd4ee9ba372d-FRA
expires
Thu, 26 Dec 2024 03:16:23 GMT
alex-facebook.css
rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/
0
0

all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3103504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10472
last-modified
Wed, 13 Jan 2021 22:29:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fff7431-e7d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtUWW0bEbMPg8xyx9lE94UCcmD9WKjgT%2FnMT5t%2FJ6Zzwxzpqkk9gLyxBxihRPDNYvjAcC4YY4KtEKQ8rloPMFsWgvp3VxEQVjsq1JHH%2FXOAYzEbPPkpfl4vs9gYYDH5DrBnAz4IHtO801L7%2Bo%2Ff5LY8D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8410cd4ee9c0372d-FRA
expires
Thu, 26 Dec 2024 03:16:23 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
722
age
3115894
cdn-cachedat
11/18/2022 06:18:29
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"269550530cc127b6aa5a35925a7de6ce"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b3a57c6aca414a3b87fe0638b631146d
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
8410cd4ee8d0bba3-FRA
cdn-requestpullsuccess
True
material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/
69 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:23 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2029140
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5845
last-modified
Mon, 04 May 2020 16:12:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed9-1149f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jdEB6Uw30tlqs96zv%2FbEFYLYVc5poa29tjvuro3qqOC2sGxA0vWIWTsIhfdMY%2B7ccuh%2FCjZN6VlOQDWXXojGdNVD%2Fl09%2BVKQ%2F9mYI7B1hXUF0iM6CYdV3B1F1xEr2NsKsGEhGqm%2FAkCjIkWnZ92P020i"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8410cd4ee9c4372d-FRA
expires
Thu, 26 Dec 2024 03:16:23 GMT
style-AlexHost.css
skin-gratis9710.real2.biz.id/id/alexFrontEnd/css/
12 KB
3 KB
Stylesheet
General
Full URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/css/style-AlexHost.css
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:9169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14441b7e916c11b68637c980790c1821488a5a5f1ed731284daff04f468904ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:28 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 10 Dec 2022 00:21:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CecrGpqkPEMQ2q8rzcHgEvyf22YPwotRLeROQvYMCXQetGQ9vCoDATlgmbJT1ILY2Rvb%2BRPwNWwXKZm3sA5jTBxHbzBC7J1DueHJ7ATGqI0SpgyQQB9ozi0vvjQZlhoSME4vx21bFc1BKm0YZpvpKTwI2crhFVzLzebP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8410cd4eaf9d1959-FRA
alt-svc
h3=":443"; ma=86400
app_icon.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/
22 KB
23 KB
Image
General
Full URL
https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/app_icon.png
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.63 -, , ASN (),
Reverse DNS
Software
OBS /
Resource Hash
b27a41813f7963b39fe1755ad31a133c30066d5a8fcabf9710b44556109aba17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:16:23 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSS7VqQr7onCQWN9AVWfmNFL6SWG/h79
Last-Modified
Thu, 04 Aug 2022 12:36:15 GMT
Server
OBS
ETag
"db8d665e878853bc4b041870b3661072"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
x-obs-request-id
0000018CD66ECCCF9815C4001B6D8611
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
22559
logo_small.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/
22 KB
23 KB
Image
General
Full URL
https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/logo_small.png
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.63 -, , ASN (),
Reverse DNS
Software
OBS /
Resource Hash
adcab86657a7a2669c7d7434397486372c7b0b9b50e34c379166bf957e4e7da8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:16:23 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS5ScmT+6og/iyS3pVPd0glw3fhFO0zA
Last-Modified
Thu, 04 Aug 2022 12:36:15 GMT
Server
OBS
ETag
"57eaed1e025698432da8dfe2c49d9798"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
x-obs-request-id
0000018CBFE956FA9806BB02107AAC19
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
22987
appstore2.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/
11 KB
12 KB
Image
General
Full URL
https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/appstore2.png
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.63 -, , ASN (),
Reverse DNS
Software
OBS /
Resource Hash
72c76d5534a6e0df94fec3302fac7e96054d1e1665430ee6dc74e70261926613

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:16:23 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSWjdeN11iI+Drrusiv6zYq/Xm9jpS7w
Last-Modified
Thu, 04 Aug 2022 12:38:43 GMT
Server
OBS
ETag
"9cb027f9dad9bb8c8fe4d56819eddcd7"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
x-obs-request-id
0000018B15AFEC91954B2A2AAACF2644
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
11498
googlePlay2.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/
8 KB
9 KB
Image
General
Full URL
https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/googlePlay2.png
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.63 -, , ASN (),
Reverse DNS
Software
OBS /
Resource Hash
b4e430ab7b2405f6bc883baf550a035edc912aa51f0ac061e5faa78b873fff12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:16:23 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCScMrvz0qiBVfoXDaNBiBa2ICrYndsAr
Last-Modified
Thu, 04 Aug 2022 12:38:43 GMT
Server
OBS
ETag
"8831569bce8ed34e68b8ada692b683dd"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
x-obs-request-id
0000018C945B55269808607DB4DCC605
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
8502
a0a4ae30805722476d7af24e8266c18ajpg
dl.dir.freefiremobile.com/common/web_event/hash/
391 KB
392 KB
Image
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/hash/a0a4ae30805722476d7af24e8266c18ajpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4600:12:3436:3dc0:93a1 -, , ASN (),
Reverse DNS
Software
OBS /
Resource Hash
6754b08e6e658246f0d71f02c406517d88c1a0e1455b2d3bdc06db2f3d54739e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:49:41 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS83ab2dvVfyT2YWmtDjNCQu/NDEiA4S
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 12:34:53 GMT
server
OBS
x-amz-cf-pop
FRA56-C2
age
1602
etag
"aebc670bd7bf24b2c94e3bd7443daf93"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/plain
x-obs-request-id
0000018CDCAD1AEF954448CE7AEC1E44
accept-ranges
bytes
content-length
400214
x-amz-cf-id
epZDbkv-RSn-C23XAOXGOPn0fO8zyCgxBLUwxasm0DHnJHQLnMko1Q==
c175292e0a856831eeeeb727bd33c324jpg
dl.dir.freefiremobile.com/common/web_event/hash/
382 KB
383 KB
Image
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/hash/c175292e0a856831eeeeb727bd33c324jpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4600:12:3436:3dc0:93a1 -, , ASN (),
Reverse DNS
Software
OBS /
Resource Hash
5c91a3f8654051a93899960e8cc6053250bc90f8e4a9567c309d963dcd72c818

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:49:41 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSYxhzB5CQDGGcugt9U0qxGdoT7uyQso
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 12:35:08 GMT
server
OBS
x-amz-cf-pop
FRA56-C2
age
1602
etag
"c777d5d6b49fa89f90f42e7a8e8c5b01"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/plain
x-obs-request-id
0000018CDCAD1AF4901BA7706D530BDA
accept-ranges
bytes
content-length
391215
x-amz-cf-id
5Yw8AwZnrZ_TDTCmE9s2HbzRW12pvqirAlu3wQN72tBUhkM99iMSKQ==
242c176892fae8907c4502dc6f745837jpg
dl.dir.freefiremobile.com/common/web_event/hash/
427 KB
427 KB
Image
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/hash/242c176892fae8907c4502dc6f745837jpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4600:12:3436:3dc0:93a1 -, , ASN (),
Reverse DNS
Software
OBS /
Resource Hash
e1736ebdbb540fc361581e9254a04234e6f663af89db30ea15fe783d8f50827d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 02:49:41 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSmVFhMViHhbT4d1XoVGp4u252ToULmx
via
1.1 3fdf3aacaef6ec40c4eedb85c8144da2.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 12:33:43 GMT
server
OBS
x-amz-cf-pop
FRA56-C2
age
1602
etag
"412f7a9187960146917b47861b2b4b84"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/plain
x-obs-request-id
0000018CDCAD1AF8941E3F3321CA7BD4
accept-ranges
bytes
content-length
436740
x-amz-cf-id
xR9vYOfvjTXZGmZUsYW7l--7ME7_dxLw_9acEMBTQzCuTQ3zsoawhQ==
freefiremax.jpg
i.ibb.co/kKP1yGt/
71 KB
72 KB
Image
General
Full URL
https://i.ibb.co/kKP1yGt/freefiremax.jpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.160 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1a0504f2a5aac9b8c1f248d67366397ee900b82bf29a5bbe4a07b0d9f48017cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:23 GMT
last-modified
Thu, 07 Jul 2022 20:35:40 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
73173
expires
Thu, 31 Dec 2037 23:55:55 GMT
1.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/
42 KB
43 KB
Image
General
Full URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/1.jpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:9169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c66caa7b50d90c1c8a3c2d878a95a492df9b9a851a2eb75376d6240be7db66a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:28 GMT
cf-cache-status
MISS
last-modified
Sat, 23 Jul 2022 22:47:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v0zCRqmVZc9zO1QzVJYoxEyB%2FGKvK5qnPCJkkJW3v0KEqd7XgzneJfM%2BiAsD57%2Fq6G1FRFirfD0aSmvnTIc4wqdG%2BLjI29XRdyEIyr8k%2B3TiR3cxEEi2nP6JXPo2GFdVYmhTFadza3ofBq0q3gI24CrrYaF0n0hB%2FDaT"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8410cd4ecfae1959-FRA
alt-svc
h3=":443"; ma=86400
content-length
43227
2.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/
78 KB
79 KB
Image
General
Full URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/2.jpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:9169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a540f8213c6f6c36ba1b3d0cfc13de6b14fb9008b8dda0169893e24c6e6080d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:29 GMT
cf-cache-status
MISS
last-modified
Sat, 23 Jul 2022 22:47:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKf7AbMURlZUB7jsI%2B2PGR2DYGy0MPAm7zr9uA1WtmEOia50VVjrOUxVN4HRL6r6gsx1dI4FI%2F7vsEUnTWKjNrv0ZJeshVELdfaZqhzexXQlEal37G8Sf7%2FJ2eUFJYYlU68RmWEi0wThmiOiTp0SAyv%2BdkCbtFhE8eTK"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8410cd4ecfaf1959-FRA
alt-svc
h3=":443"; ma=86400
content-length
80000
3.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/
51 KB
51 KB
Image
General
Full URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/3.jpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:9169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
178261e9f2cf3f066f1fd5fa1e1d5621cfaeb064dd317b4114d9b39ac7107fdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:28 GMT
cf-cache-status
MISS
last-modified
Sat, 23 Jul 2022 22:47:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vkh8PSEvw3j8fJzuxJzuj3eOQQDCIoxZTNaXOHDHT%2FEUD7nWddIqX1roys%2FiNkzhpbwVcgxwWl%2B4A2pzoUsgtMs5O7o53j0H4Np72k6m37jltF3KZNLB%2F3x0t8%2B%2F9kPVhlLRihOhovETe72MHv6lmE0gKLi0NL9pJw7F"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8410cd4ecfb01959-FRA
alt-svc
h3=":443"; ma=86400
content-length
52172
4.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/
36 KB
36 KB
Image
General
Full URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/4.jpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:9169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8272a0e13f39fabff9c1c1d54a78067c7e32ad07085cbf29f8837873f1d96328

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:29 GMT
cf-cache-status
MISS
last-modified
Sat, 23 Jul 2022 22:47:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhyN8ISBPXk1DMx6GH0mey4zx3IBF7UJ7KtPEBmE7WMfujQg%2BWrIBElNhHU3LOi3fB95ngF0%2BfNhEnij9HJeFSU%2B2SnwLlIS5R1tZVThrOACvpvMZTyixo83UaGt%2Bpq5Qr0nTZ6WmRFHO1CUhaCRosF96HCxcAidG0G2"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8410cd4ecfb11959-FRA
alt-svc
h3=":443"; ma=86400
content-length
36821
5.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/
0
0

6.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/
58 KB
58 KB
Image
General
Full URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/6.jpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:9169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d122d0c27e7c41ea93839c9f30b3937377ba3221e2bfd474d14de4476cf913f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:28 GMT
cf-cache-status
MISS
last-modified
Sat, 23 Jul 2022 22:47:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJsnW9Hbq%2BTgRCq4FD50VS%2BCOO3oG1IEnxwirY8smjwlBAH9YBbC6u9mH%2FAa%2B8YRS%2B6Rp3fV%2FRo1BigRarjFvF7fWhhX35A0gOzbtzNHwPTR8mQSLhKezDEyWQmyUJNPfNT7ELGiHbHgV6ezaHSL1yrnXERPzsUNNMdI"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8410cd4ecfb31959-FRA
alt-svc
h3=":443"; ma=86400
content-length
59014
7.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/
0
0

8.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/
0
0

9.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/
0
0

10.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/
0
0

11.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/
69 KB
70 KB
Image
General
Full URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/11.jpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:9169 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eab839e532d92c9833593f854b784b19623e233422afc2ddbe9e2444140fc8a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:29 GMT
cf-cache-status
MISS
last-modified
Sat, 23 Jul 2022 22:47:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kXYegj0bT%2FCZdIVhuCEvLII7I07kWZkGspCcUD6J%2B3pWKM29Bp3g2CBJ2NFtJiNs2yMRvWK0ocmBaA036DTSX4LZl9xpcQE1i3qHcCQZXpI72mQWtsNSHhNt%2F%2B%2FUcEReLe9r%2B4rTFNyd8EI7lreXn5bo6jyqKNcVJYX"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8410cd4ecfb81959-FRA
alt-svc
h3=":443"; ma=86400
content-length
70900
12.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/
0
0

1.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/
0
0

2.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/
0
0

3.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/
0
0

4.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/
0
0

5.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/
0
0

6.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/
0
0

7.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/
0
0

8.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/
0
0

9.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/
0
0

10.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/
0
0

11.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/
0
0

12.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/
0
0

1.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/
0
0

2.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/
0
0

3.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/
0
0

4.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/
0
0

5.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/
0
0

6.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/
0
0

7.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/
0
0

8.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/
0
0

1.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/
0
0

2.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/
0
0

3.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/
0
0

4.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/
0
0

5.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/
0
0

6.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/
0
0

7.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/
0
0

8.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/
0
0

9.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/
0
0

10.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/
0
0

11.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/
0
0

12.jpg
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/
0
0

pistol.png
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/menu/
0
0

tshirt.png
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/menu/
0
0

diamond.png
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/menu/
0
0

jacket.png
skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/menu/
0
0

1.jpg
i.ibb.co/dW02vDC/
1 KB
1 KB
Image
General
Full URL
https://i.ibb.co/dW02vDC/1.jpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.160 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:23 GMT
server
nginx
content-length
1031
content-type
image/png
Tw3QNy.png
i.im.ge/2021/09/15/
28 KB
28 KB
Image
General
Full URL
https://i.im.ge/2021/09/15/Tw3QNy.png
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:fccf:400:37::1 -, , ASN (),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-meta-mtime
1631696336.783
date
Sat, 06 Jan 2024 03:16:04 GMT
last-modified
Tue, 07 Jun 2022 12:52:13 GMT
server
nginx/1.22.0
age
20
content-type
image/png
access-control-expose-headers
Content-Disposition
cache-control
max-age=3600, public
content-disposition
inline; filename="Tw3QNy.png"
accept-ranges
bytes
content-length
28789
expires
Sat, 06 Jan 2024 04:16:04 GMT
IMG_20220724_015739.jpg
cdn.jsdelivr.net/gh/RyuchaXD/image@main/
363 KB
364 KB
Image
General
Full URL
https://cdn.jsdelivr.net/gh/RyuchaXD/image@main/IMG_20220724_015739.jpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e4f982ab5cee166fe10da225dc6c930bc2d0a4f9342fc255b8ce327c613fef55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
607
x-jsd-version
main
x-cache
MISS, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
371846
x-served-by
cache-fra-eddf8230127-FRA, cache-lga21964-LGA
x-jsd-version-type
branch
cf-bgj
h2pri
server
cloudflare
etag
W/"5ac86-ByAdCDBQz4mDLOaQXTInNMniuXI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ti0RhCdi7%2BKFqdEhH5E9FI9vJEK40AGPlFz7L%2FUkANdnge60NT3FXBsWyo1nMlFwO9kdYmaq%2BVf14wmsj2ozBSlVG9WL9olcm6oIaRMNSv7jaOmVobDWcSLexwjqNLhpQiTeeoVUJ5%2B6JdyIOPc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8410cd4f8c3565ad-FRA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/
87 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:13:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
327746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 08:13:57 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/
87 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 10:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147720
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 10:14:23 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/
82 KB
29 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 20:28:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
110867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 20:28:36 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/
82 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Thu, 04 Jan 2024 10:14:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
147717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29707
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 Jan 2025 10:14:26 GMT
watermark.css
rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/
0
0

bg_news.jpg
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/
99 KB
99 KB
Image
General
Full URL
https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/bg_news.jpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/css/style-AlexHost.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.63 -, , ASN (),
Reverse DNS
Software
OBS /
Resource Hash
7dad3b583982c93797143d047f54994aadc9695f715eb7f994cca09a45f9f7e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:16:28 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSMxjFNZ8rr+2/p4XQWOm0ZnMHZdkIfx
Last-Modified
Thu, 04 Aug 2022 12:36:15 GMT
Server
OBS
ETag
"51f58699119c3da820f1a6bc9db41120"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
x-obs-request-id
0000018CC0BC1DAB994BADC7EE393B2C
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
101131
swiper_light.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/v4/
12 KB
13 KB
Image
General
Full URL
https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/v4/swiper_light.png
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/css/style-AlexHost.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.63 -, , ASN (),
Reverse DNS
Software
OBS /
Resource Hash
3efb19f7cb50d2fde0a12e2b0e8388c9d8ab0ac6140a61ec159b18eafc450ac1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:16:28 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS/c7PiHP4BmJ4h/7UDGvi/NN9gOj+P9
Last-Modified
Thu, 04 Aug 2022 12:36:15 GMT
Server
OBS
ETag
"99aeeb8b0ec5008215a0423635beeb83"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
x-obs-request-id
0000018CD67A305E980F97ED652EC8A7
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
12406
brushed_metal.jpg
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/
253 KB
253 KB
Image
General
Full URL
https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/brushed_metal.jpg
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/css/style-AlexHost.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.63 -, , ASN (),
Reverse DNS
Software
OBS /
Resource Hash
2ebd8a8e1938ff33366a70f72ac90bcd80e04024e220fa2bd570a21c952acaae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:16:28 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCShJWwQ+p8p+xAcpFTNRdSF7fO/cea65
Last-Modified
Thu, 04 Aug 2022 12:36:15 GMT
Server
OBS
ETag
"7d3f40127316b51c3ed7eff0399bff8c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
x-obs-request-id
0000018CD559652B914A2083A4E0672C
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
258656
redirect_2.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/
36 KB
37 KB
Image
General
Full URL
https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/redirect_2.png
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/css/style-AlexHost.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.63 -, , ASN (),
Reverse DNS
Software
OBS /
Resource Hash
093dbebff97a7ea70010510acdf553680b04cbb5656cc406ba3ed7a5d5e533ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:16:28 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSFXfNCjCFHAGCqNEPWIoDMa5cynsQ5Y
Last-Modified
Thu, 04 Aug 2022 12:36:15 GMT
Server
OBS
ETag
"bc9c01607e9e947578087db60c920b39"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
x-obs-request-id
0000018CD5321BFF994EC81C41E8EAA2
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
37239
redirect_1.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/
9 KB
9 KB
Image
General
Full URL
https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/redirect_1.png
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/css/style-AlexHost.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.63 -, , ASN (),
Reverse DNS
Software
OBS /
Resource Hash
c33ea1ee19cdd2943b0cc8f82f873fdab0b0562b42b6ffa65ce92147eb119511

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date
Sat, 06 Jan 2024 03:16:28 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSMEBPPqf/gs6Q0CH79R4HVctlz/cyW7
Last-Modified
Thu, 04 Aug 2022 12:36:15 GMT
Server
OBS
ETag
"d05c87edc117884594dfaf1bba2076d9"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
x-obs-request-id
0000018CC0BC4ADD914A2096C31213A8
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
8903
trueid.png
i.postimg.cc/25N85NFP/
60 KB
60 KB
Image
General
Full URL
https://i.postimg.cc/25N85NFP/trueid.png
Requested by
Host: skin-gratis9710.real2.biz.id
URL: https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/css/style-AlexHost.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.88.69 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
01522c9a06cba7138ceb05d977503539113c4e6a6fd77e55eb5f751c575ee600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skin-gratis9710.real2.biz.id/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 03:16:29 GMT
last-modified
Fri, 09 Dec 2022 17:14:56 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
61398
expires
Thu, 31 Dec 2037 23:55:55 GMT
7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v12/
20 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E3_-gs51os.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skin-gratis9710.real2.biz.id
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date
Tue, 02 Jan 2024 08:58:01 GMT
x-content-type-options
nosniff
age
325107
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20960
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:18:28 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 01 Jan 2025 08:58:01 GMT
watermark.css
rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/
0
0

FF_SFX_WebEvent_UI_Confirm.mp3
skin-gratis9710.real2.biz.id/id/alexFrontEnd/audio/
0
0

FF_SFX_WebEvent_UI_Close.mp3
skin-gratis9710.real2.biz.id/id/alexFrontEnd/audio/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
rawcdn.githack.com
URL
https://rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/alex-facebook.css
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/5.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/7.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/8.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/9.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/10.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/senjata/12.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/1.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/2.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/3.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/4.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/5.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/6.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/7.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/8.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/9.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/10.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/11.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/old/12.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/1.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/2.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/3.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/4.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/5.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/6.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/7.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/diamond/8.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/1.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/2.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/3.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/4.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/5.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/6.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/7.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/8.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/9.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/10.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/11.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/incubator/12.jpg
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/menu/pistol.png
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/menu/tshirt.png
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/menu/diamond.png
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/img/menu/jacket.png
Domain
rawcdn.githack.com
URL
https://rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/watermark.css
Domain
rawcdn.githack.com
URL
https://rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/watermark.css
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/audio/FF_SFX_WebEvent_UI_Confirm.mp3
Domain
skin-gratis9710.real2.biz.id
URL
https://skin-gratis9710.real2.biz.id/id/alexFrontEnd/audio/FF_SFX_WebEvent_UI_Close.mp3

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

0 Cookies

4 Console Messages

Source Level URL
Text
security error URL: https://skin-gratis9710.real2.biz.id/id/
Message:
Refused to apply style from 'https://rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/alex-facebook.css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security error URL: https://skin-gratis9710.real2.biz.id/id/
Message:
Refused to apply style from 'https://rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/watermark.css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://i.ibb.co/dW02vDC/1.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://skin-gratis9710.real2.biz.id/id/(Line 673)
Message:
Refused to apply style from 'https://rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/watermark.css' because its MIME type ('') is not a supported stylesheet MIME type, and strict MIME checking is enabled.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
dl.dir.freefiremobile.com
fonts.googleapis.com
fonts.gstatic.com
freefiremobile-a.akamaihd.net
i.ibb.co
i.im.ge
i.postimg.cc
rawcdn.githack.com
skin-gratis9710.real2.biz.id
stackpath.bootstrapcdn.com
www.w3schools.com
rawcdn.githack.com
skin-gratis9710.real2.biz.id
162.19.58.160
162.19.88.69
192.229.133.221
23.48.23.63
2600:9000:211e:4600:12:3436:3dc0:93a1
2602:fccf:400:37::1
2606:4700:3030::ac43:9169
2606:4700:3031::6815:4178
2606:4700::6810:5714
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::200a
01522c9a06cba7138ceb05d977503539113c4e6a6fd77e55eb5f751c575ee600
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
093dbebff97a7ea70010510acdf553680b04cbb5656cc406ba3ed7a5d5e533ba
14441b7e916c11b68637c980790c1821488a5a5f1ed731284daff04f468904ea
178261e9f2cf3f066f1fd5fa1e1d5621cfaeb064dd317b4114d9b39ac7107fdf
1a0504f2a5aac9b8c1f248d67366397ee900b82bf29a5bbe4a07b0d9f48017cf
2ebd8a8e1938ff33366a70f72ac90bcd80e04024e220fa2bd570a21c952acaae
3efb19f7cb50d2fde0a12e2b0e8388c9d8ab0ac6140a61ec159b18eafc450ac1
5c91a3f8654051a93899960e8cc6053250bc90f8e4a9567c309d963dcd72c818
63e3696c5e5e8b037e28e8fbef871184b0d1d60a7314c965b1426d9cce84dd69
6754b08e6e658246f0d71f02c406517d88c1a0e1455b2d3bdc06db2f3d54739e
72c76d5534a6e0df94fec3302fac7e96054d1e1665430ee6dc74e70261926613
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79dc2317fd029c730e1766c1fa26fd1ec8e67a42e8e0a7b9089dab7d84d4cf2a
7c0597b1b0c771139c958982210f05b275993037f0f3ba20d7a9300a0741dc80
7dad3b583982c93797143d047f54994aadc9695f715eb7f994cca09a45f9f7e1
8272a0e13f39fabff9c1c1d54a78067c7e32ad07085cbf29f8837873f1d96328
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
874c1da73cdef15da42307811222fd5aec84bdb516df0269336d92c4f0c32699
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
a540f8213c6f6c36ba1b3d0cfc13de6b14fb9008b8dda0169893e24c6e6080d1
adcab86657a7a2669c7d7434397486372c7b0b9b50e34c379166bf957e4e7da8
b27a41813f7963b39fe1755ad31a133c30066d5a8fcabf9710b44556109aba17
b4e430ab7b2405f6bc883baf550a035edc912aa51f0ac061e5faa78b873fff12
c33ea1ee19cdd2943b0cc8f82f873fdab0b0562b42b6ffa65ce92147eb119511
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
c66caa7b50d90c1c8a3c2d878a95a492df9b9a851a2eb75376d6240be7db66a5
d122d0c27e7c41ea93839c9f30b3937377ba3221e2bfd474d14de4476cf913f6
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e1736ebdbb540fc361581e9254a04234e6f663af89db30ea15fe783d8f50827d
e4f982ab5cee166fe10da225dc6c930bc2d0a4f9342fc255b8ce327c613fef55
eab839e532d92c9833593f854b784b19623e233422afc2ddbe9e2444140fc8a8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e