moruongfreefire.menbership.vn Open in urlscan Pro
2606:4700:3034::ac43:d02b  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Show response moruongfreefire.menbership.vn/	30 KB 6 KB	910ms 715ms	Document text/html	2606:4700:3034::ac43:d02b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:d02b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash b4a92d1d1dc45e98eb4f033e3fb2aa88903ea3c280ce05ef8ba93937256681ce Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8a8c4f13dd40bb55-FRA content-encoding br content-type text/html; charset=UTF-8 date Thu, 25 Jul 2024 12:56:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U1hlGHmxDIi70QK2U%2Bj4Q751HCmP%2FBVlIJhS%2Bf1qSPjdcpP5mTnSnPjdn2ukz%2Bg7PnpciEDECUAzSOm%2Bqxy8Xbm%2BDnPGf54QKehzZOBz2TV0Hmfdl%2FpOLGs9oZSZ83Q01Mg9%2F%2FANKy60mavEQIN3hZInzdt%2FwTieacXE4g%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.33
GET H2	200	style.css moruongfreefire.menbership.vn/ff/moruong/css/	32 KB 4 KB	663ms 660ms	Stylesheet text/css	2606:4700:3034::ac43:d02b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://moruongfreefire.menbership.vn/ff/moruong/css/style.css Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::ac43:d02b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 965a2b35ae5584652dc0381aeb29aebe6d94219b536d97f8265117c8b8b01a41 Request headers Referer https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 12:56:16 GMT content-encoding br cf-cache-status MISS last-modified Mon, 08 Jul 2024 15:56:38 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RW3mRiraQ5ynSAw%2FSGMFFsBKtDocheJPshDPsixn8HjwG9oY%2BGREF8KkVxuuV2oq3iCGAhHZBBS4KW0j%2BOVAcoCTl8IRhcJBoZpvDUnYk5FZYm6VszFkvJ34WGy3EFmbzCrUOwXEvaZe%2F4mrusiRj6oYkotFc2j9EWJqDg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 8a8c4f185bbabb55-FRA alt-svc h3=":443"; ma=86400 expires Thu, 01 Aug 2024 12:56:16 GMT
GET H3	200	font-awesome.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	37 KB 6 KB	105ms 55ms	Stylesheet text/css	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 12:56:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 605013 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5884 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-9226" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kV%2BYP4MTIAb6qG8YWurLkNHJESw4ltknpg30rb81eid7Y3zmTgoI7aUwF0njxERLsyxVUdodPMELm7EjjiabIjHXtbHblCk9iGXF51Z9MWi2o%2Fep1vsWYsEJLfNRYdUll3X7wGgf"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8a8c4f18a908196d-FRA expires Tue, 15 Jul 2025 12:56:15 GMT
GET		ionicons.slim.js unpkg.com/icon-package@5.5.0/	0 0
GET H2	200	lambang%2Bgarena%2Bfree%2Bfire.png 1.bp.blogspot.com/-MejqdCK-qAs/YCf6VJFxsWI/AAAAAAAAHGk/0DocEO1RFdYOm1PJUqZ41Lq2sjugfXfywCNcBGAsYHQ/s382/	62 KB 62 KB	151ms 44ms	Image image/png	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://1.bp.blogspot.com/-MejqdCK-qAs/YCf6VJFxsWI/AAAAAAAAHGk/0DocEO1RFdYOm1PJUqZ41Lq2sjugfXfywCNcBGAsYHQ/s382/lambang%2Bgarena%2Bfree%2Bfire.png Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software fife / Resource Hash c9dbc3e57081db3b1ea3c195009a455e50640d1453da886875cb6bb32a290c3f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 10:53:21 GMT x-content-type-options nosniff age 7374 content-disposition inline;filename="lambang garena free fire.png" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 63330 x-xss-protection 0 server fife etag "v1c6a" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform timing-allow-origin * expires Fri, 26 Jul 2024 10:53:21 GMT
GET H2	200	2048px-OOjs_UI_icon_language-ltr.svg.png upload.wikimedia.org/wikipedia/commons/thumb/4/43/OOjs_UI_icon_language-ltr.svg/	53 KB 54 KB	237ms 97ms	Image image/png	2a02:ec80:300:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/thumb/4/43/OOjs_UI_icon_language-ltr.svg/2048px-OOjs_UI_icon_language-ltr.svg.png Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software envoy / Resource Hash 53a6d7814d49851336463f0fd0deb1dea7316fbcd9767f2e966fae69935e59fe Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 07:28:19 GMT strict-transport-security max-age=106384710; includeSubDomains; preload x-content-type-options nosniff nel { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} age 19676 x-cache-status hit-front x-cache cp3080 hit, cp3080 hit/2 content-disposition inline;filename*=UTF-8''OOjs_UI_icon_language-ltr.svg.png server-timing cache;desc="hit-front", host;desc="cp3080" content-length 53957 x-client-ip 2a01:4a0:1338:93::7 last-modified Sun, 23 Jun 2024 07:16:52 GMT server envoy etag ef49b5b78cb0e8a0b7dbf5f5321f5dde report-to { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/png access-control-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache accept-ranges bytes timing-allow-origin *
GET H2	200	Flag_of_Vietnam.svg upload.wikimedia.org/wikipedia/commons/2/21/	283 B 1 KB	72ms 71ms	Image image/svg+xml	2a02:ec80:300:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/2/21/Flag_of_Vietnam.svg Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software envoy / Resource Hash 175120e06bb95dda22133758395f352acb46433ff81eee449326db54e78af2c4 Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 20:07:01 GMT content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=106384710; includeSubDomains; preload nel { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0} age 60555 x-cache-status hit-front x-cache cp3080 miss, cp3080 hit/508 server-timing cache;desc="hit-front", host;desc="cp3080" content-length 228 x-client-ip 2a01:4a0:1338:93::7 x-object-meta-sha1base36 4m4674u2x0jhxs7kn2hdhxll0bx8iw6 last-modified Mon, 26 Jun 2017 14:09:25 GMT server envoy etag W/cc2e55f0f5f8b70997ac88191a8561e6 vary Accept-Encoding report-to { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/svg+xml access-control-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache accept-ranges bytes timing-allow-origin *
GET H2	200	diamond.png cdngarenanow-a.akamaihd.net/gstaticid/FF_ID/wishscarletgroom/	1 KB 1 KB	914ms 776ms	Image image/png	2.19.126.157 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdngarenanow-a.akamaihd.net/gstaticid/FF_ID/wishscarletgroom/diamond.png Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.126.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-126-157.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash c319a8237479d2ef302c142e8a274a967c0c186aefe975903c21dee004bd1610 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 12:56:16 GMT content-encoding gzip last-modified Fri, 09 Jul 2021 07:02:48 GMT server AkamaiNetStorage etag "0841fb034d88eeb7e6a510749f97df53:1640083155.314895" vary Accept-Encoding content-type image/png access-control-allow-origin * accept-ranges bytes alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 1265
GET H/1.1	200 OK	logoslogan2_20210113.png freefiremobile-a.akamaihd.net/common/web_event/official/	29 KB 29 KB	1087ms 931ms	Image image/png	2.19.126.132 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://freefiremobile-a.akamaihd.net/common/web_event/official/logoslogan2_20210113.png Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.126.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-126-132.deploy.static.akamaitechnologies.com Software OBS / Resource Hash d10894be2fd2c32bd2afb2be302f7795de25d46491954354c511dff1ca897d75 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 25 Jul 2024 12:56:16 GMT x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSbIknsfGNzM2n9Ghb7RScpf+1Z0hGff Last-Modified Thu, 04 Aug 2022 12:36:38 GMT Server OBS ETag "1dff71f74287fb5167c2137aa1cfba37" Content-Type image/png Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-obs-request-id 00000190A5879BBC9019639EA9AD9133 Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 29236
GET H/1.1	200 OK	appstore2.png freefiremobile-a.akamaihd.net/ffwebsite/images/download/	11 KB 12 KB	1115ms 1035ms	Image image/png	2.19.126.132 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/appstore2.png Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.126.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-126-132.deploy.static.akamaitechnologies.com Software OBS / Resource Hash 72c76d5534a6e0df94fec3302fac7e96054d1e1665430ee6dc74e70261926613 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 25 Jul 2024 12:56:17 GMT x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSbwfmHMbFqFAWc0HEz61BHd1GV1gmaU Last-Modified Thu, 04 Aug 2022 12:38:43 GMT Server OBS ETag "9cb027f9dad9bb8c8fe4d56819eddcd7" Content-Type image/png Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-obs-request-id 0000019049F95D2E9019E46639453619 Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 11498
GET H/1.1	200 OK	googlePlay2.png freefiremobile-a.akamaihd.net/ffwebsite/images/download/	8 KB 9 KB	1373ms 1285ms	Image image/png	2.19.126.132 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/googlePlay2.png Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.126.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-126-132.deploy.static.akamaitechnologies.com Software OBS / Resource Hash b4e430ab7b2405f6bc883baf550a035edc912aa51f0ac061e5faa78b873fff12 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 25 Jul 2024 12:56:17 GMT x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS5MLka1bGLfquOR2T0kawY+X25m5fPe Last-Modified Thu, 04 Aug 2022 12:38:43 GMT Server OBS ETag "8831569bce8ed34e68b8ada692b683dd" Content-Type image/png Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-obs-request-id 000001909E57A39594120154E9EF8B37 Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 8502
GET H2	200	p_21888qrpk0.jpg j.top4top.io/	35 KB 35 KB	257ms 125ms	Image image/jpeg	135.181.63.70 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://j.top4top.io/p_21888qrpk0.jpg Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cdn15.top4top.io Software nginx / Resource Hash 717e13d24aed27e557d27e1d22030fe98a28111e58bb5a1d9c9a85da8ae765f8 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-file-id x43353297x date Thu, 25 Jul 2024 12:56:16 GMT last-modified Tue, 28 Dec 2021 16:14:36 GMT server nginx etag "61cb37ec-8c4f" content-type image/jpeg cache-control max-age=7200 content-disposition inline; filename="crate.jpg" accept-ranges bytes content-length 35919 expires Thu, 25 Jul 2024 14:56:16 GMT
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 31 KB	137ms 39ms	Script application/javascript	2a04:4e42:400::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 12:56:16 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 339916 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 30875 x-served-by cache-lga21931-LGA, cache-cph2320051-CPH last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1721912176.365190,VS0,VE0 etag W/"28feccc0-15d9d" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 22, 75844
GET H2	200	css2 fonts.googleapis.com/	115 KB 31 KB	142ms 53ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Kanit&family=Shippori+Antique+B1&display=swap Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/ff/moruong/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c93a4c836b4f8dd75206d2e7199c2627ec6258fdeb1afb0b015bed9f7b0c03ea Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 25 Jul 2024 12:56:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 25 Jul 2024 12:56:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 25 Jul 2024 12:56:16 GMT
GET H2	200	css2 fonts.googleapis.com/	3 KB 708 B	187ms 98ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Play&family=Russo+One&display=swap Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/ff/moruong/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash cf4165decb2cebf15920d7ed638313bf2de52494323b182dff239e17901af777 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 25 Jul 2024 12:56:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 25 Jul 2024 12:56:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 25 Jul 2024 12:56:16 GMT
GET H2	200	css2 fonts.googleapis.com/	2 KB 595 B	149ms 60ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Baloo+2&display=swap Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/ff/moruong/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d869c247bc20280b994ad3cede357c844d4d28bcc2dc5a0e04723a6bc4a3742a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 25 Jul 2024 12:56:16 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 25 Jul 2024 12:56:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 25 Jul 2024 12:56:16 GMT
GET H2	200	p_21888qrpk0.jpg j.top4top.io/	35 KB 0	257ms 257ms	Image image/jpeg	135.181.63.70 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://j.top4top.io/p_21888qrpk0.jpg Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cdn15.top4top.io Software nginx / Resource Hash 717e13d24aed27e557d27e1d22030fe98a28111e58bb5a1d9c9a85da8ae765f8 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-file-id x43353297x date Thu, 25 Jul 2024 12:56:16 GMT last-modified Tue, 28 Dec 2021 16:14:36 GMT server nginx etag "61cb37ec-8c4f" content-type image/jpeg cache-control max-age=7200 content-disposition inline; filename="crate.jpg" accept-ranges bytes content-length 35919 expires Thu, 25 Jul 2024 14:56:16 GMT
GET H2	200	ad657d3c009adbd73302a6603e6ae6d5.jpg dl.dir.freefiremobile.com/common/web_event/official2.ff.garena.all/202210/	401 KB 401 KB	606ms 333ms	Image image/jpeg	152.195.133.221 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://dl.dir.freefiremobile.com/common/web_event/official2.ff.garena.all/202210/ad657d3c009adbd73302a6603e6ae6d5.jpg Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/ff/moruong/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.133.221 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frb/6728) / Resource Hash 06caade0c8e93f2433c907f06b385fd8ca4e48848110461b61b48df52fb21ea0 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 12:56:16 GMT via 1.1 c53fb2c65e26830010100e7d773f73ae.cloudfront.net (CloudFront) content-md5 7ETEtF7cf4wL3hLgZzzDDQ== age 1191 x-amz-cf-pop FRA56-P10 ec-version v6.05 x-obs-request-id 00000190E9E4846398120F9E8B7BD502 content-length 410151 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSaYwFeQEhq+PPr2IMtA142Xwkxl3bN4 last-modified Fri, 28 Oct 2022 08:15:08 GMT server ECAcc (frb/6728) etag "ec44c4b45edc7f8c0bde12e0673cc30d" content-type image/jpeg cache-control public, max-age=3600 accept-ranges bytes x-amz-cf-id Wtu_BTU51maQSQzGLVkPNVQckb8E-TIGqLW1XBwC9FEwSxPdw5ztTA== expires Thu, 25 Jul 2024 13:56:16 GMT
GET H2	200	f9a8cbc3d9315de673964bd572114b22jpg dl.dir.freefiremobile.com/common/web_event/hash/	315 KB 315 KB	606ms 333ms	Image image/jpeg	152.195.133.221 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://dl.dir.freefiremobile.com/common/web_event/hash/f9a8cbc3d9315de673964bd572114b22jpg Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/ff/moruong/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.133.221 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frb/6799) / Resource Hash f4e1ee38b5ffe0e8757c4f164f3f590d679545e178cfeca76c4d7df1d43c779a Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 12:56:16 GMT content-encoding gzip via 1.1 c60125e7f3465aceafb0abd071a41a36.cloudfront.net (CloudFront) age 1191 x-amz-cf-pop FRA60-P1 ec-version v6.05 x-obs-request-id 00000190E9E4845B90124F544D29635E content-length 322404 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSSQiyw2FYmXGhK0oC1q20i3D6suUlCE last-modified Thu, 04 Aug 2022 12:35:33 GMT server ECAcc (frb/6799) etag "7d5f86f06822b3d8f3322de4f6f04e42+gzip" vary Accept-Encoding content-type text/plain cache-control public, max-age=3600 x-amz-cf-id KaLXvQVdqxDLgTHig67RR8qNhStB-bz8o3Ln5R2TUs6EdF0JKV_R5g== expires Thu, 25 Jul 2024 13:56:16 GMT
GET H/1.1	200 OK	line.png freefiremobile-a.akamaihd.net/ffwebsite/images/character/	1 KB 2 KB	138ms 46ms	Image image/png	2.19.126.132 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://freefiremobile-a.akamaihd.net/ffwebsite/images/character/line.png Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/ff/moruong/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.126.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-126-132.deploy.static.akamaitechnologies.com Software OBS / Resource Hash f6f2896aa0a6e2cb01d35b5d9a33e82a835f0826a8f7400117b72a6e799593e6 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 25 Jul 2024 12:56:16 GMT x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSHN2oMicu2SDM5BX9101IqJVN9NMyB5 Last-Modified Thu, 04 Aug 2022 12:38:42 GMT Server OBS ETag "ed097c2da4e370dc72428e85c8f77b0d" Content-Type image/png Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-obs-request-id 00000187E96D151698123F673012C627 x-reserved-indicator 372 Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 1073
GET H2	200	yB6VbEN.jpeg i.imgur.com/	191 KB 192 KB	142ms 47ms	Image image/jpeg	199.232.192.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/yB6VbEN.jpeg Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/CD5MHSxtKEgO83AmEf7u4jwzvNymwZtcpvaztZF4l5iSvIADJC1Hy3tVqHGhG0coc2MUYeV1BDvLQX3enalGZgNQ2k5RWGNoEZVhLVT.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.192.193 , United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 4e99b666b745239cd9a2a906be5799fce9d91fe7f2e8aa3d3e52a3adc4c57a95 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 12:56:16 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 229440 x-amz-server-side-encryption AES256 x-cache Miss from cloudfront, HIT, HIT content-length 195795 x-served-by cache-iad-kiad7000120-IAD, cache-fra-etou8220138-FRA last-modified Thu, 06 Jun 2024 06:47:41 GMT server cat factory 1.0 x-timer S1721912176.369533,VS0,VE3 etag "891e92b048d45c99a4fa33adb16e9117" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id YGc68rosza6YyYKBmTBMYcnMgM29Hc3Tv4ycWB5IDjUP0hqM3Z_Now== x-cache-hits 6, 0
GET H2	200	9901881d59a7399c3fe16844587354fdjpg dl.dir.freefiremobile.com/common/web_event/hash/	383 KB 384 KB	476ms 213ms	Image image/jpeg	152.195.133.221 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://dl.dir.freefiremobile.com/common/web_event/hash/9901881d59a7399c3fe16844587354fdjpg Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/ff/moruong/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.195.133.221 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frb/67F9) / Resource Hash b1135e793b37d19a7cfc98c17390746285c45260aaa8af0c004d960174660e60 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 12:56:16 GMT content-encoding gzip via 1.1 a300dbfb49a2eb50edb83038642c9f82.cloudfront.net (CloudFront) age 1191 x-amz-cf-pop FRA60-P1 ec-version v6.05 x-obs-request-id 00000190E9E484AB9810DE39B3E8D172 content-length 392057 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSfkaARfmPpKTPxBkYKmY9cMutDU8Fj6 last-modified Thu, 04 Aug 2022 12:34:50 GMT server ECAcc (frb/67F9) etag "e38346690f11cf1a7b17331722e109c8+gzip" vary Accept-Encoding content-type text/plain cache-control public, max-age=3600 x-amz-cf-id 8R-Tp_BrXLhhf5ioDFv4Vy4cLWDOF9ENqwjViPPxisxYhlS6d3tKEg== expires Thu, 25 Jul 2024 13:56:16 GMT
GET H2	200	nKKZ-Go6G5tXcraVGwA.woff2 fonts.gstatic.com/s/kanit/v15/	19 KB 19 KB	232ms 136ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraVGwA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Kanit&family=Shippori+Antique+B1&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://moruongfreefire.menbership.vn User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 15:10:45 GMT x-content-type-options nosniff age 164731 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19388 x-xss-protection 0 last-modified Thu, 20 Jul 2023 20:53:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 15:10:45 GMT
GET H2	200	spin_btn10.png cdngarenanow-a.akamaihd.net/gstaticid/FF_ID/wishscarletgroom/	12 KB 12 KB	791ms 790ms	Image image/png	2.19.126.157 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://cdngarenanow-a.akamaihd.net/gstaticid/FF_ID/wishscarletgroom/spin_btn10.png Requested by Host: moruongfreefire.menbership.vn URL: https://moruongfreefire.menbership.vn/ff/moruong/css/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2.19.126.157 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-126-157.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash d7aa61648616f51c0826d41fdf60740c77436bce56497af55fb8abf6dd517b84 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 12:56:17 GMT content-encoding gzip last-modified Fri, 09 Jul 2021 07:02:26 GMT server AkamaiNetStorage etag "368df511c8b3d5f6177851ead67c3534:1640083145.830325" vary Accept-Encoding content-type image/png access-control-allow-origin * accept-ranges bytes alt-svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 12440
GET H2	200	6aez4K2oVqwIvtU2Hw.woff2 fonts.gstatic.com/s/play/v19/	18 KB 18 KB	190ms 95ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvtU2Hw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Play&family=Russo+One&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://moruongfreefire.menbership.vn User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 12:07:06 GMT x-content-type-options nosniff age 175750 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18088 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:26:25 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 12:07:06 GMT
GET H2	200	wXK0E3kTposypRydzVT08TS3JnAmtdgazZpo_lc.woff2 fonts.gstatic.com/s/baloo2/v21/	19 KB 19 KB	207ms 111ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/baloo2/v21/wXK0E3kTposypRydzVT08TS3JnAmtdgazZpo_lc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Baloo+2&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2976a80edb1d57c8ea55ea92ea55af8367d59915f6256a82e6140515b2d11905 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://moruongfreefire.menbership.vn User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 12:25:27 GMT x-content-type-options nosniff age 174649 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18960 x-xss-protection 0 last-modified Thu, 24 Aug 2023 21:04:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 12:25:27 GMT
GET H3	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/	75 KB 76 KB	108ms 66ms	Font application/octet-stream	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css Origin https://moruongfreefire.menbership.vn User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 25 Jul 2024 12:56:16 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 140010 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 77160 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-12d68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1xPTYHv0XqwUXLxg%2BWKqOpZ4ovCxFJIOVbQeQY9jSsXg7up82BrPG0nuuXJq5KEQ5BLB8hsUkqcK3r6DFPGUTGY5FyaHeJ9YyiSHY%2F4oh7k4ahbbve1k3m9g8geN27s7M3%2FD6pSI"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 8a8c4f1e0ab635ed-FRA expires Tue, 15 Jul 2025 12:56:16 GMT
GET H2	200	wXK0E3kTposypRydzVT08TS3JnAmtdgazZpm_led7Q.woff2 fonts.gstatic.com/s/baloo2/v21/	15 KB 15 KB	146ms 52ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/baloo2/v21/wXK0E3kTposypRydzVT08TS3JnAmtdgazZpm_led7Q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Baloo+2&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 14b3a09eccd6e347602cb3f49bc2a9e3aa5115f612578067684b8db9108706af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://moruongfreefire.menbership.vn User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 00:39:47 GMT x-content-type-options nosniff age 216989 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15036 x-xss-protection 0 last-modified Thu, 24 Aug 2023 22:08:46 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 00:39:47 GMT
GET H2	200	wXK0E3kTposypRydzVT08TS3JnAmtdgazZpn_led7Q.woff2 fonts.gstatic.com/s/baloo2/v21/	5 KB 5 KB	179ms 85ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/baloo2/v21/wXK0E3kTposypRydzVT08TS3JnAmtdgazZpn_led7Q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Baloo+2&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a2e72d92f3b06fb07f3960dfd9dc38bcf59ed0e62859e3a84aed51b6959f9471 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://moruongfreefire.menbership.vn User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 15:47:53 GMT x-content-type-options nosniff age 162503 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5000 x-xss-protection 0 last-modified Thu, 24 Aug 2023 21:11:28 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 15:47:53 GMT
GET H2	200	nKKZ-Go6G5tXcraaGwCYdA.woff2 fonts.gstatic.com/s/kanit/v15/	10 KB 11 KB	139ms 45ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/kanit/v15/nKKZ-Go6G5tXcraaGwCYdA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Kanit&family=Shippori+Antique+B1&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6f5d3783edcaf1cc6e96bd7f50140481492da20d5a84f5fad5b8701f0e9dfac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://moruongfreefire.menbership.vn User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Tue, 23 Jul 2024 10:21:47 GMT x-content-type-options nosniff age 182069 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10636 x-xss-protection 0 last-modified Thu, 20 Jul 2023 20:53:06 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 23 Jul 2025 10:21:47 GMT
GET H2	200	6aez4K2oVqwIvts2H68T.woff2 fonts.gstatic.com/s/play/v19/	14 KB 14 KB	238ms 144ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvts2H68T.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Play&family=Russo+One&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7415d870169e2f4fea8e97a4e0701a3730742bb2e5efb5b5fe160eccaa83d8ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://moruongfreefire.menbership.vn User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 22 Jul 2024 21:47:21 GMT x-content-type-options nosniff age 227335 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14156 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:01:43 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 22 Jul 2025 21:47:21 GMT
GET H2	200	6aez4K2oVqwIvto2H68T.woff2 fonts.gstatic.com/s/play/v19/	7 KB 8 KB	181ms 88ms	Font font/woff2	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/play/v19/6aez4K2oVqwIvto2H68T.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Play&family=Russo+One&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de8376e699202d35b936f7923a4c83de5aab9de2662e4fa8bfe5d5b3aa8c10cc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://moruongfreefire.menbership.vn User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Wed, 24 Jul 2024 14:33:52 GMT x-content-type-options nosniff age 80544 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7664 x-xss-protection 0 last-modified Thu, 24 Aug 2023 20:26:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 24 Jul 2025 14:33:52 GMT
GET H/1.1	200 OK	freefire16-2.ico freefiremobile-a.akamaihd.net/ffwebsite/images/	1 KB 2 KB	1118ms 1118ms	Other image/x-icon	2.19.126.132 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://freefiremobile-a.akamaihd.net/ffwebsite/images/freefire16-2.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.126.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-126-132.deploy.static.akamaitechnologies.com Software OBS / Resource Hash 5913aad9d5853b7074edf8539d363b9b41179904289040127e1dc9b0ce6088dc Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 25 Jul 2024 12:56:18 GMT x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS9Zj72d6cGuBFu9xtl2F2HvcqqyrgMM Last-Modified Thu, 04 Aug 2022 12:38:52 GMT Server OBS ETag "ce89b8118878fce7e0b65318d77f9eba" Content-Type image/x-icon Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-obs-request-id 0000018D9F565CC59145394E8B5A1108 Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 1150
GET H/1.1	200 OK	freefire32-2.ico freefiremobile-a.akamaihd.net/ffwebsite/images/	4 KB 5 KB	43ms 42ms	Other image/x-icon	2.19.126.132 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://freefiremobile-a.akamaihd.net/ffwebsite/images/freefire32-2.ico Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2.19.126.132 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-19-126-132.deploy.static.akamaitechnologies.com Software OBS / Resource Hash ca80122571d6d7aea0a3c96b926fd53e5d53f7526c23b6a1f79396420bb08990 Request headers Referer https://moruongfreefire.menbership.vn/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Thu, 25 Jul 2024 12:56:18 GMT x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSNH9g44RVtI6y4nMmJr3JJfTxNf8QaR Last-Modified Thu, 04 Aug 2022 12:38:52 GMT Server OBS ETag "0d2f0e9b2281bf40f5964f6f79fba17a" Content-Type image/x-icon Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-obs-request-id 0000018C900BD2BD91461E2D3D63E18A Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 4286

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

unpkg.com

URL

https://unpkg.com/icon-package@5.5.0/ionicons.slim.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| nvn_facebook function| nvn_twitter function| nvn_vk function| serialize function| animateValue function| listen function| extend

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1.bp.blogspot.com
cdngarenanow-a.akamaihd.net
cdnjs.cloudflare.com
code.jquery.com
dl.dir.freefiremobile.com
fonts.googleapis.com
fonts.gstatic.com
freefiremobile-a.akamaihd.net
i.imgur.com
j.top4top.io
moruongfreefire.menbership.vn
unpkg.com
upload.wikimedia.org
unpkg.com
104.17.24.14
135.181.63.70
152.195.133.221
199.232.192.193
2.19.126.132
2.19.126.157
2606:4700:3034::ac43:d02b
2a00:1450:4001:802::2003
2a00:1450:4001:803::200a
2a00:1450:4001:82f::2001
2a02:ec80:300:ed1a::2:b
2a04:4e42:400::649
06caade0c8e93f2433c907f06b385fd8ca4e48848110461b61b48df52fb21ea0
14b3a09eccd6e347602cb3f49bc2a9e3aa5115f612578067684b8db9108706af
175120e06bb95dda22133758395f352acb46433ff81eee449326db54e78af2c4
2976a80edb1d57c8ea55ea92ea55af8367d59915f6256a82e6140515b2d11905
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
36e0a7e08bee65774168528938072c536437669c1b7458ac77976ec788e4439c
4e99b666b745239cd9a2a906be5799fce9d91fe7f2e8aa3d3e52a3adc4c57a95
53a6d7814d49851336463f0fd0deb1dea7316fbcd9767f2e966fae69935e59fe
5913aad9d5853b7074edf8539d363b9b41179904289040127e1dc9b0ce6088dc
717e13d24aed27e557d27e1d22030fe98a28111e58bb5a1d9c9a85da8ae765f8
72c76d5534a6e0df94fec3302fac7e96054d1e1665430ee6dc74e70261926613
7415d870169e2f4fea8e97a4e0701a3730742bb2e5efb5b5fe160eccaa83d8ee
965a2b35ae5584652dc0381aeb29aebe6d94219b536d97f8265117c8b8b01a41
a2e72d92f3b06fb07f3960dfd9dc38bcf59ed0e62859e3a84aed51b6959f9471
ae7b918efe7cd287651e014ed269c923e1a925c8eee1a474ad11184f04659d3e
b1135e793b37d19a7cfc98c17390746285c45260aaa8af0c004d960174660e60
b4a92d1d1dc45e98eb4f033e3fb2aa88903ea3c280ce05ef8ba93937256681ce
b4e430ab7b2405f6bc883baf550a035edc912aa51f0ac061e5faa78b873fff12
c319a8237479d2ef302c142e8a274a967c0c186aefe975903c21dee004bd1610
c93a4c836b4f8dd75206d2e7199c2627ec6258fdeb1afb0b015bed9f7b0c03ea
c9dbc3e57081db3b1ea3c195009a455e50640d1453da886875cb6bb32a290c3f
ca80122571d6d7aea0a3c96b926fd53e5d53f7526c23b6a1f79396420bb08990
cf4165decb2cebf15920d7ed638313bf2de52494323b182dff239e17901af777
d0964aee1973c5818130723f3bf5b8e0b51bf775a5074949c91d815d91f2924f
d10894be2fd2c32bd2afb2be302f7795de25d46491954354c511dff1ca897d75
d7aa61648616f51c0826d41fdf60740c77436bce56497af55fb8abf6dd517b84
d869c247bc20280b994ad3cede357c844d4d28bcc2dc5a0e04723a6bc4a3742a
de8376e699202d35b936f7923a4c83de5aab9de2662e4fa8bfe5d5b3aa8c10cc
f4e1ee38b5ffe0e8757c4f164f3f590d679545e178cfeca76c4d7df1d43c779a
f6f2896aa0a6e2cb01d35b5d9a33e82a835f0826a8f7400117b72a6e799593e6
f6f5d3783edcaf1cc6e96bd7f50140481492da20d5a84f5fad5b8701f0e9dfac
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e