freefiresinhnhat.garsena.vn Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

URL: https://freefiresinhnhat.garsena.vn/
Submission: On August 15 via api from JP — Scanned from NL

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 42 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is freefiresinhnhat.garsena.vn.
TLS certificate: Issued by E1 on August 15th 2023. Valid for: 3 months.
This is the only time freefiresinhnhat.garsena.vn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Garena Free Fire (Gaming)

Domain & IP information

IP Address AS Autonomous System
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
1 1 45.119.240.169 131418 (VIETNAMES...)
14 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
11 23.48.23.34 20940 (AKAMAI-ASN1)
42 10
Apex Domain
Subdomains
Transfer
14 freefiremobile.com
dl.dir.freefiremobile.com — Cisco Umbrella Rank: 36053
836 KB
11 akamaihd.net
dlgarenanow-a.akamaihd.net — Cisco Umbrella Rank: 97684
439 KB
6 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 245
130 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 392
fonts.googleapis.com — Cisco Umbrella Rank: 67
66 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 356
48 KB
2 garsena.vn
freefiresinhnhat.garsena.vn
2.garsena.vn
5 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 65
73 KB
1 garena.vn
ff.member.garena.vn
254 B
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1184
13 KB
42 9
Domain Requested by
14 dl.dir.freefiremobile.com freefiresinhnhat.garsena.vn
2.garsena.vn
dl.dir.freefiremobile.com
11 dlgarenanow-a.akamaihd.net 2.garsena.vn
dl.dir.freefiremobile.com
6 cdnjs.cloudflare.com freefiresinhnhat.garsena.vn
3 fonts.googleapis.com freefiresinhnhat.garsena.vn
dl.dir.freefiremobile.com
2 cdn.jsdelivr.net freefiresinhnhat.garsena.vn
1 www.googletagmanager.com 2.garsena.vn
1 2.garsena.vn freefiresinhnhat.garsena.vn
1 ff.member.garena.vn 1 redirects
1 use.fontawesome.com freefiresinhnhat.garsena.vn
1 ajax.googleapis.com freefiresinhnhat.garsena.vn
1 freefiresinhnhat.garsena.vn
42 11

This site contains no links.

Subject Issuer Validity Valid
garsena.vn
E1
2023-08-15 -
2023-11-13
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
use.fontawesome.com
GTS CA 1P5
2023-07-04 -
2023-10-02
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-17 -
2023-10-09
3 months crt.sh
dl.dir.freefiremobile.com
SSL.com RSA SSL subCA
2023-03-08 -
2024-03-07
a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1
2023-05-16 -
2024-05-15
a year crt.sh

This page contains 2 frames:

Primary Page: https://freefiresinhnhat.garsena.vn/
Frame ID: B5DBF1B11271B1C8912CFEBF94EEFAE7
Requests: 14 HTTP requests in this frame

Frame: https://2.garsena.vn/
Frame ID: 66B4A05CB1535DAE53C25DE724AA6076
Requests: 28 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • <script [^>]*src="[^"]*/popper\.js/([0-9.]+)
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

42
Requests

95 %
HTTPS

80 %
IPv6

9
Domains

11
Subdomains

10
IPs

3
Countries

1610 kB
Transfer

2769 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://ff.member.garena.vn/images/logo-fb.png HTTP 302
  • https://dl.dir.freefiremobile.com/common/Yn_event/vip-member/images/logo-fb.png

42 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
freefiresinhnhat.garsena.vn/
9 KB
3 KB
Document
General
Full URL
https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
8ad11d86163a7756ad83b7e4f540d6ae5617f6b6c899686ebfb8ace62aa8d7d8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f7177d21ba80ba6-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 15 Aug 2023 12:33:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYMv9ZAs4YUN23DJuSY6krpUytVUMGePao25%2Fn3oGGiChs4Qse4AQFq0bltiIH1I%2FnRJ4C%2FVDD8U8snUnr0ne8tdgW9MsJ6ggaKPE2oMhr7ZVqRtRvXmh4lVgHjMxCW4cnBvMKFiBtY1s8Yhji4H9qhd0Lu1ZWgr8ss%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://freefiresinhnhat.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
496807
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10482
last-modified
Thu, 22 Jun 2023 11:02:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a3b-28f2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8eGZDRoPL0GUCD4lpcdg7jXUodUHf8zeAxQ7HN%2B6QFmyZKl5vFM8CKpS%2BkRdtKQauCgoXe2CGyaEEO%2BK0oVWN2jtFCC%2BWSzpORnz9eoWYAQ1G4FDLHFytPsFqwvnaQwxNRdnPAfJIsLgqu1mQcsaNHJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f7177d54e9eb7d0-AMS
expires
Sun, 04 Aug 2024 12:33:48 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/
85 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://freefiresinhnhat.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2981837
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27277
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15283"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqzEbTEFHWQrfHwCV3OccpTVM6f80i%2BgHWqxcUW3YspZHLbeCRNDlAnSIMUYUN6ho4%2F%2FDIIWvKVcRCv7DlRr9BJMOD%2B3e1icXf4TDkVqsqh7tX7vvdaU6hEd4SWddFKf4GSiqsdcgLqZcCAVgtGYHgXT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f7177d55ea1b7d0-AMS
expires
Sun, 04 Aug 2024 12:33:48 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/
20 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://freefiresinhnhat.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1596368
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6451
last-modified
Thu, 22 Jun 2023 11:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942d85-1933"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VKnmrcZzQAoQazLHEBJf9G3j6wT5C%2BWaxNc7RAQUdnJDoAdpr8jPOhH%2BYCPYJIypDsmXBrzart5LQBU64z4kFo9iK2Gl5s%2FnfLZLm8t%2BYNkaozP0XgC0Jh7OhhCXO%2F%2BG2%2Fy7yhfwyswvOB2W3KkFmGUt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f7177d55ea2b7d0-AMS
expires
Sun, 04 Aug 2024 12:33:48 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.1/dist/css/
191 KB
29 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.2.1/dist/css/bootstrap.min.css
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://freefiresinhnhat.garsena.vn/
Origin
https://freefiresinhnhat.garsena.vn
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
13493979
x-jsd-version
5.2.1
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230088-FRA, cache-jnb7026-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"2fbaa-t81XpP1qH65hJhUPQn7yFzlyk+Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SM%2FJP8qOkE9xCqBSZrpiWSEyRhwhfCDiV7B%2F9o%2B%2FqHvAeqZVXtnUR3oDwVTBJPBM9iT0xybbrFp6XQg9Qr%2FrNZZC9ouDKtGZ46bqyFx7wdGJyjN8%2BzRn7hZJl9bvPyafmCsDVeb%2Fvw9AOD90TNU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7f7177d55926b70d-AMS
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://freefiresinhnhat.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 06:30:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21813
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Aug 2024 06:30:15 GMT
all.css
use.fontawesome.com/releases/v5.15.2/css/
58 KB
13 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.15.2/css/all.css
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://freefiresinhnhat.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:48 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
SJY43ZAXCT60XHQ7
age
2528706
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Xuc2bks37FCYhK3cfUds1oLKRXiOwG1eBFFKfr4LXezIGtvW5EQNNjgrWVdKMqtaKiGybvz/Y7s=
last-modified
Wed, 30 Jun 2021 15:40:53 GMT
server
cloudflare
etag
W/"c4af24ce595437830af0a401897698b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCMUA3bV7Cpz9OA%2F6pPHfbzjGPOpYGE66xx5iLPexmiUClki8Qtok86GhZf%2BaIYVZTUpCaL%2FVTBQuCdNpOwMSBDkXHpJG%2B7zplZiwkYpQrsEzXQCiZNBVHVYvs%2FrDkYDYIljlQBV53r2QLsBRqXTrJSk"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7f7177d55bf9b968-AMS
css2
fonts.googleapis.com/
11 KB
881 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://freefiresinhnhat.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 15 Aug 2023 12:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 11:35:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Aug 2023 12:33:48 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://freefiresinhnhat.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
677032
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
10491
last-modified
Thu, 22 Jun 2023 11:02:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942a3b-28fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sKWTyVuCyJ0BWOtGqySqKwGtJJPcF2FdTEb8Z2JNEt79Zx1iWNw6gtDIR2FV5R%2BxAuFSzqJTkJamLUq8RoZKsiMEgm3mrVAlNmh%2BswkyQ5tU%2Fm5NPP%2BHJv1V%2FevuH5KUpHFkjiXKgqqKITQHSTC%2BHsni"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f7177d55e9fb7d0-AMS
expires
Sun, 04 Aug 2024 12:33:48 GMT
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://freefiresinhnhat.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 15 Aug 2023 12:33:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 11:47:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Aug 2023 12:33:48 GMT
mdb.min.css
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/3.6.0/
294 KB
29 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/3.6.0/mdb.min.css
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25af217d3c760da3c3334b64fa58cef758626129db805590329596c2dc55be08
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://freefiresinhnhat.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2294182
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
28902
last-modified
Thu, 22 Jun 2023 11:08:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942bcb-70e6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6A5b69KzpY1XqE73irbiSicsM97XOBTZI8eOdygcayONRtYkN9T8F2KD6KN6x6fsStpahx1rskVlXTEpiWrcWVfBi81uLQzMWo4AwjD3otrmZu7U%2FASemjvUqnRsPmDiPjUA%2FqN%2BK%2Fi1yocXpuxC6DFz"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f7177d55ea0b7d0-AMS
expires
Sun, 04 Aug 2024 12:33:48 GMT
sweetalert2@11
cdn.jsdelivr.net/npm/
67 KB
19 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2fd91f5065663e0cfc9b8bf76692359804569bca75c63e4f1e36c3ec89317dbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://freefiresinhnhat.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15624
x-jsd-version
11.7.23
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230029-FRA, cache-bma1625-BMA
x-jsd-version-type
version
server
cloudflare
etag
W/"10a2e-1PetY2vj6G18CDfG/JETvYh9YQI"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOxi9hfiJ%2FQJsT4dyd4zQjksQt8Y0VLkUoxnTJ3xEsTxyBfHBenGgR5gpyPe4EmeQ66Rm6Ef%2FMUrsPJNdL2bDbvXavC5QdgK6z2GUbqekY58TyCSPVm%2BI7MEolTI4mbCIx5EjznDnqHav2L6gZM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7f7177d559f80b8c-AMS
logo-fb.png
dl.dir.freefiremobile.com/common/Yn_event/vip-member/images/
Redirect Chain
  • https://ff.member.garena.vn/images/logo-fb.png
  • https://dl.dir.freefiremobile.com/common/Yn_event/vip-member/images/logo-fb.png
544 B
1 KB
Image
General
Full URL
https://dl.dir.freefiremobile.com/common/Yn_event/vip-member/images/logo-fb.png
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
HTTP/1.1
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69372a2cbab804326e6f1a102fa1d0ab95cfc7b0aec7763c8b003bea349ba7c8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://freefiresinhnhat.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:50 GMT
CF-Cache-Status
HIT
Age
3318
x-obs-request-id
000001891A50605290179AB0E223D060
Connection
keep-alive
Content-Length
544
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSrG3T47Vxu45t37XQFENAndSoPoN+Dv
Last-Modified
Thu, 29 Jun 2023 03:20:09 GMT
Server
cloudflare
ETag
"2aac898b7c590dbc1f5a3eedd8e2c070"
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
x-reserved-indicator
372
Accept-Ranges
bytes
CF-RAY
7f7177e0ba41b920-AMS

Redirect headers

Location
https://dl.dir.freefiremobile.com/common/Yn_event/vip-member/images/logo-fb.png
Date
Tue, 15 Aug 2023 12:33:49 GMT
Server
nginx/1.12.2
Connection
keep-alive
Content-Length
161
Content-Type
text/html
mdb.min.js
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/3.6.0/
230 KB
46 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/3.6.0/mdb.min.js
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c203b910388ddd0a665f9d474cb718737002a0ba8188ba1eb7b6f1848b595868
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://freefiresinhnhat.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1092200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
46537
last-modified
Thu, 22 Jun 2023 11:08:59 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942bcb-b5c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qPYA3I9ervO368BKEPmY8ndBUgRlAWS%2FXTxC7SAqdqNnsLJOsw8SWGdXVdua%2BDx48MN9d%2BT2hgKwZvJDeEttI28LF%2FkfByYGC8iYgY17UMU7Bz%2BTTl32AmWI0KK8Y%2Bvcv3AtS%2BS7oh9uDMm%2BW1UF%2Fl%2F"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f7177d5bf0ab7d0-AMS
expires
Sun, 04 Aug 2024 12:33:48 GMT
/
2.garsena.vn/ Frame 66B4
7 KB
2 KB
Document
General
Full URL
https://2.garsena.vn/
Requested by
Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
4b6ed153b23f0130b699faca4762632346e1078a888fa4d343e99edb7cefa530

Request headers

Referer
https://freefiresinhnhat.garsena.vn/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f7177d70ad50ba6-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 15 Aug 2023 12:33:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m1Anl9KyLVqYLHo8Tr%2F%2B5AeYsqyRhbgbM9D%2FDpyE14clXJ90%2FpuaxiFNHrnNesm8NRb6FQi%2BYpBP%2Bcdq36gqrS3%2F9LRBtAzFSS4VIxEPOGwzI4EvI230C8r4UuqkbhjxzBQdVTFWnaHSF24%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
js
www.googletagmanager.com/gtag/ Frame 66B4
203 KB
73 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y1QNJ6ZLV6
Requested by
Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d3df7819cd6f60164e1d783d8ec258b2ddc7a5c65def163e4dbd46efa038c7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://2.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:49 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
74826
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 15 Aug 2023 12:33:49 GMT
main.447aeaee79bb574826e0.css
dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/ Frame 66B4
68 KB
68 KB
Stylesheet
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Requested by
Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f0cdfcbeb1eeeffe2e37a895671c0115c30fdb56867c9c531dc6042b70984b4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://2.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:50 GMT
CF-Cache-Status
HIT
Content-MD5
zY4zvEA47S0mil7E3YYemA==
Age
3027
x-obs-request-id
000001891A5274AC994458ECDEEF5B16
Connection
keep-alive
Content-Length
69359
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSNowDo9HiHW/MOh1Cemf4C3L3aJVGJg
Last-Modified
Tue, 09 May 2023 07:13:07 GMT
Server
cloudflare
x-obs-replication-status
REPLICA
ETag
"cd8e33bc4038ed2d268a5ec4dd861e98"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
x-reserved-indicator
372
Accept-Ranges
bytes
CF-RAY
7f7177e0bead0b90-AMS
facebook.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 66B4
9 KB
9 KB
Image
General
Full URL
https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/facebook.png
Requested by
Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://2.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:49 GMT
last-modified
Mon, 07 Mar 2022 08:28:08 GMT
server
AkamaiNetStorage
etag
"e328a85faf3ec595e525860c98e34098:1646641688.184041"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
9175
vk.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 66B4
10 KB
10 KB
Image
General
Full URL
https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/vk.png
Requested by
Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8ffae0974acd7014b8e30ff2510ff2c8809103dca22a9e9d252cfd525cc7eff9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://2.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:49 GMT
last-modified
Mon, 07 Mar 2022 08:26:45 GMT
server
AkamaiNetStorage
etag
"a53bf2276aa814a0053de1eb24d48b1b:1646641605.329783"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
9846
google.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 66B4
6 KB
6 KB
Image
General
Full URL
https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/google.png
Requested by
Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
edefde11d13eb274cafd860dd219755352257187b374f313c810cb6a20f0a477

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://2.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:49 GMT
last-modified
Mon, 07 Mar 2022 08:28:07 GMT
server
AkamaiNetStorage
etag
"fad350ab1b376d6e63f4e20880b7714d:1646641687.797583"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
6351
huawei.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 66B4
3 KB
3 KB
Image
General
Full URL
https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/huawei.png
Requested by
Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
38e377481a3abf35890dbc9abd19fd4657ab4ea449d24299073da019da5b4281

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://2.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:49 GMT
last-modified
Mon, 07 Mar 2022 08:26:48 GMT
server
AkamaiNetStorage
etag
"3fb518b7c5881ad6aeb6c6fda87627e9:1646641608.964761"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
3010
apple.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 66B4
9 KB
9 KB
Image
General
Full URL
https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/apple.png
Requested by
Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://2.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:49 GMT
last-modified
Mon, 07 Mar 2022 08:29:14 GMT
server
AkamaiNetStorage
etag
"d72825e76a981573e800cb3983bff287:1646641754.910995"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
9069
twitter.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 66B4
10 KB
10 KB
Image
General
Full URL
https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/twitter.png
Requested by
Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
392c6ef45dc72dc2d72c2a2d16ff5fcd5943766e78e14f1f6bb008c59cf80877

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://2.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:49 GMT
last-modified
Mon, 07 Mar 2022 08:28:06 GMT
server
AkamaiNetStorage
etag
"fac267d563f943d005abd2a01d207764:1646641686.462893"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
9812
arrow.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 66B4
449 B
659 B
Image
General
Full URL
https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/arrow.png
Requested by
Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://2.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:49 GMT
last-modified
Mon, 07 Mar 2022 08:26:50 GMT
server
AkamaiNetStorage
etag
"3303308c2aacb531af045e92a5d7101c:1646641610.663508"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
449
logo_small_foot.jpg
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 66B4
3 KB
4 KB
Image
General
Full URL
https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/logo_small_foot.jpg
Requested by
Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://2.garsena.vn/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:49 GMT
last-modified
Mon, 07 Mar 2022 08:28:07 GMT
server
AkamaiNetStorage
etag
"c34038edcf4185b3e75a6b85f1cd3d4f:1646641687.19891"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
3522
css
fonts.googleapis.com/ Frame 66B4
117 KB
33 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c9f7cf605fe9b7997cd43da48328bdfc7166b1d3cc48a69fdc120ca09440ccb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dl.dir.freefiremobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 15 Aug 2023 12:33:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 12:33:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 15 Aug 2023 12:33:50 GMT
bg.jpg
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 66B4
134 KB
134 KB
Image
General
Full URL
https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/bg.jpg
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dl.dir.freefiremobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:50 GMT
last-modified
Mon, 07 Mar 2022 08:28:11 GMT
server
AkamaiNetStorage
etag
"57fd6fc58a09519be8012650efd9881d:1646641691.083794"
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
136773
top_teeth-l.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 66B4
144 B
353 B
Image
General
Full URL
https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/top_teeth-l.png
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dl.dir.freefiremobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:50 GMT
last-modified
Mon, 07 Mar 2022 08:26:47 GMT
server
AkamaiNetStorage
etag
"fe98481dd3ffad514594309ceb2ef4ba:1646641607.0753"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
144
logo-new.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 66B4
253 KB
253 KB
Image
General
Full URL
https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/logo-new.png
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-34.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e5d1ff232a26bd3b8a702a52464d1bdf12992e9f166084da5cfad235d8f7b20e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dl.dir.freefiremobile.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 12:33:50 GMT
last-modified
Tue, 19 Jul 2022 08:34:23 GMT
server
AkamaiNetStorage
etag
"76697e9220e45c00a5fbaf78cc3d7553:1658219663.088581"
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
alt-svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
258949
FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/b834daea5160f85ecaabb2c549b25484/ Frame 66B4
66 KB
67 KB
Font
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/b834daea5160f85ecaabb2c549b25484/FZLTHB.woff2
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80d0682310f5374addcbdc60186e23935dda84231cc1c12858477428eb114f4a

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin
https://2.garsena.vn
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:50 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSHPgF2pDoQkCHM+6mrHKDxLkjM73TNQ
CF-Cache-Status
HIT
Last-Modified
Thu, 04 Aug 2022 12:29:56 GMT
Server
cloudflare
ETag
"55eb3a834bc9fbff6fd34ca96cc664e0"
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-obs-request-id
00000189E4B1B043994849EDD0D36FE8
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f7177e1fb2d0bc8-AMS
Content-Length
67904
FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/1224834698e4e84263548a1dab323467/ Frame 66B4
72 KB
72 KB
Font
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/1224834698e4e84263548a1dab323467/FZLTHB.woff2
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75e79a67f1bdf19f33b1fce93ce73a78324e5d258df4037317d046a1fbcdc6d4

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin
https://2.garsena.vn
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:51 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS1DK9NSax6VHRCxGuRPbWXHZ53HZe0G
CF-Cache-Status
HIT
Last-Modified
Thu, 04 Aug 2022 12:29:56 GMT
Server
cloudflare
ETag
"3a3beccb4138424e8065ef007685d39e"
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-obs-request-id
00000189E4B1B9239949A84E50006E97
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f7177e68a3c0bc8-AMS
Content-Length
73344
FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/93f5f343951b4b830d365962d9363ea4/ Frame 66B4
71 KB
71 KB
Font
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/93f5f343951b4b830d365962d9363ea4/FZLTHB.woff2
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9859815a35442c2f7869843308b0411c9df36ed0d59e5a9beda68cfdab89622

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin
https://2.garsena.vn
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:51 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS9Cqql+KAegFzvJUDkg1NGnoiiUTq0z
CF-Cache-Status
HIT
Last-Modified
Thu, 04 Aug 2022 12:29:56 GMT
Server
cloudflare
ETag
"e9752fdf455120affa8fbb139f46fc54"
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-obs-request-id
00000189E4B1BA649949A97CBF648C41
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f7177e8bd210bc8-AMS
Content-Length
72276
FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/9aef251ab5981f83c4d91df00e116bd0/ Frame 66B4
70 KB
70 KB
Font
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/9aef251ab5981f83c4d91df00e116bd0/FZLTHB.woff2
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c79b108aa877d1878052ef27f9d6b8c8d572c99c48b8fa91bf13af533c6e367f

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin
https://2.garsena.vn
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:51 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS8TpteNx3GiDAsoKsnj61Y0d9G9G+07
CF-Cache-Status
HIT
Last-Modified
Thu, 04 Aug 2022 12:29:56 GMT
Server
cloudflare
ETag
"f68af4e43d5cdce5afc04cfeae49c807"
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-obs-request-id
00000189E4B1BBB59950F113F64ED3B4
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f7177ea4f350bc8-AMS
Content-Length
71340
FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/eadcd441e16d7cf2527937b6771b457b/ Frame 66B4
39 KB
39 KB
Font
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/eadcd441e16d7cf2527937b6771b457b/FZLTHB.woff2
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e69272d07262a40249f3ca75cec75a633845417dabce8bfbf90c3ce736af28f6

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin
https://2.garsena.vn
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:52 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSp7WkSxcJDCdyAwX1BXx7dPcR1zXwBF
CF-Cache-Status
HIT
Last-Modified
Thu, 04 Aug 2022 12:29:56 GMT
Server
cloudflare
ETag
"376f1116de6985e7b2731add83ca439f"
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-obs-request-id
00000189E4B1BCCC9142AC057FD39EF8
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f7177ebc8d20bc8-AMS
Content-Length
39908
FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/975e5e220553a843b1ff8c4b6e0e86c5/ Frame 66B4
43 KB
44 KB
Font
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/975e5e220553a843b1ff8c4b6e0e86c5/FZLTHB.woff2
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17deaf237ad555333a5edeb7c8159988ebe6c7761fde56a58ff27fe6683c6591

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin
https://2.garsena.vn
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:52 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSwv6JYecT+olHPc9fswWcD/E2JQQZYP
CF-Cache-Status
HIT
Last-Modified
Thu, 04 Aug 2022 12:29:56 GMT
Server
cloudflare
ETag
"f8271990dbe1385470ad15c73b48711c"
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-obs-request-id
00000189E4B1BD6C994A3C3B9AF6196C
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f7177ed4a6e0bc8-AMS
Content-Length
44352
FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/0d00e5e6706d99564e6061ea5310c706/ Frame 66B4
65 KB
65 KB
Font
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/0d00e5e6706d99564e6061ea5310c706/FZLTHB.woff2
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
feaff8a5200ae8f8d3da7d69f475079056163b97569673f7a83a814931990320

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin
https://2.garsena.vn
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:52 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCScadnvrM5tsWpMYzClAoJLf8UJqphS9
CF-Cache-Status
HIT
Last-Modified
Thu, 04 Aug 2022 12:29:56 GMT
Server
cloudflare
ETag
"ecbf5b56f674802ec420fcf8bd8f827b"
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-obs-request-id
00000189E4B1BE84994EB6EF1FB56A38
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f7177eedc840bc8-AMS
Content-Length
66448
FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/79b66a2b1f95ba67ab5092f19d801f38/ Frame 66B4
55 KB
56 KB
Font
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/79b66a2b1f95ba67ab5092f19d801f38/FZLTHB.woff2
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c82585605cc365277e35623e951fc75c47e5dd67d38d416104e2626cd457e691

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin
https://2.garsena.vn
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:52 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS3hP4pWFs9Cg3eqRNm7OxiojsBA2zCC
CF-Cache-Status
HIT
Last-Modified
Thu, 04 Aug 2022 12:29:56 GMT
Server
cloudflare
ETag
"c0f61bd94bc15fa6cfd948278f46bc6a"
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-obs-request-id
00000189E3F60762994A4249F1952D3C
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f7177f09e810bc8-AMS
Content-Length
56472
FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/a71c8d835503eda399ced04cded29563/ Frame 66B4
71 KB
71 KB
Font
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/a71c8d835503eda399ced04cded29563/FZLTHB.woff2
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e69ad102ebb0735d94aae18f925f4f3d9e03bc129376e2ec5132c22410307383

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin
https://2.garsena.vn
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:53 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSG/l5aAx0qPVqjt9ePuAngJYfFAoJZw
CF-Cache-Status
HIT
Last-Modified
Thu, 04 Aug 2022 12:29:56 GMT
Server
cloudflare
ETag
"98fa3612e13506f025b723f86458bde6"
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-obs-request-id
00000189E3F60804994675871D97C24C
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f7177f2087f0bc8-AMS
Content-Length
72380
FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/41c46ae865752174fdd5f4aebdbbf54d/ Frame 66B4
70 KB
71 KB
Font
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/41c46ae865752174fdd5f4aebdbbf54d/FZLTHB.woff2
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14d26884b43e3cd3876156b3197f70b4b4a4cbdd7489d911f7540530274dc623

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin
https://2.garsena.vn
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:53 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSIH+88Oxhxi0lrhTk8G/1AWhxYXNYJc
CF-Cache-Status
HIT
Last-Modified
Thu, 04 Aug 2022 12:29:56 GMT
Server
cloudflare
ETag
"9273f0ddb55b20b6ec497c414258563e"
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-obs-request-id
00000189E3F6092499510A8D895070C3
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f7177f3daaa0bc8-AMS
Content-Length
71920
FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/25d6cefaffd0999b271e6e1ca1ec052c/ Frame 66B4
72 KB
72 KB
Font
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/25d6cefaffd0999b271e6e1ca1ec052c/FZLTHB.woff2
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4340044010ba7536d081d3fbc225e9123af296c2ea6e54dee873d7b2845a3fda

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin
https://2.garsena.vn
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:53 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS2kiDrWJTIo1iv4yujlgBj3nxgcfwcH
CF-Cache-Status
HIT
Last-Modified
Thu, 04 Aug 2022 12:29:56 GMT
Server
cloudflare
ETag
"b274e3599f5bf7c08901132ec6404ff3"
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-obs-request-id
00000189E3F6350599490B4DA1BB0EC3
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f7177f58d300bc8-AMS
Content-Length
73300
FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/639b16eed133c639a3244e218d094379/ Frame 66B4
67 KB
68 KB
Font
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/639b16eed133c639a3244e218d094379/FZLTHB.woff2
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9c24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d519ca4a97498e3dbfca34764d38dea27d5c4416bd9bb328845dbeb1b9b62af

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin
https://2.garsena.vn
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Tue, 15 Aug 2023 12:33:54 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSH4SXks0r3/veHTu7lJlWJlDh+SJP9S
CF-Cache-Status
HIT
Last-Modified
Thu, 04 Aug 2022 12:29:56 GMT
Server
cloudflare
ETag
"2f65fad12bc496837baaf86f784e6a6b"
Vary
Accept-Encoding
Content-Type
font/woff2
Access-Control-Allow-Origin
*
x-obs-request-id
00000189E3F63727995009344AE37DC3
x-reserved-indicator
372
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
7f7177f758010bc8-AMS
Content-Length
69108
FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/c6cb77a6f97a64513bd7443fc0296d3e/ Frame 66B4
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dl.dir.freefiremobile.com
URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/c6cb77a6f97a64513bd7443fc0296d3e/FZLTHB.woff2

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Garena Free Fire (Gaming)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| $ function| jQuery function| Popper function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal number| uidEvent object| mdb function| google function| fb function| garena function| twitter function| vk number| detector function| isVietnamesePhoneNumber function| validateEmail

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.garsena.vn
ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
dl.dir.freefiremobile.com
dlgarenanow-a.akamaihd.net
ff.member.garena.vn
fonts.googleapis.com
freefiresinhnhat.garsena.vn
use.fontawesome.com
www.googletagmanager.com
dl.dir.freefiremobile.com
23.48.23.34
2606:4700::6810:5614
2606:4700::6810:9c24
2606:4700::6811:180e
2606:4700:e0::ac40:660b
2a00:1450:4001:803::2008
2a00:1450:4001:806::200a
2a00:1450:4001:82a::200a
2a06:98c1:3120::3
45.119.240.169
0c9f7cf605fe9b7997cd43da48328bdfc7166b1d3cc48a69fdc120ca09440ccb
0f0cdfcbeb1eeeffe2e37a895671c0115c30fdb56867c9c531dc6042b70984b4
14d26884b43e3cd3876156b3197f70b4b4a4cbdd7489d911f7540530274dc623
17deaf237ad555333a5edeb7c8159988ebe6c7761fde56a58ff27fe6683c6591
25af217d3c760da3c3334b64fa58cef758626129db805590329596c2dc55be08
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
2fd91f5065663e0cfc9b8bf76692359804569bca75c63e4f1e36c3ec89317dbf
38e377481a3abf35890dbc9abd19fd4657ab4ea449d24299073da019da5b4281
392c6ef45dc72dc2d72c2a2d16ff5fcd5943766e78e14f1f6bb008c59cf80877
3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346
42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae
4340044010ba7536d081d3fbc225e9123af296c2ea6e54dee873d7b2845a3fda
4b6ed153b23f0130b699faca4762632346e1078a888fa4d343e99edb7cefa530
5d3df7819cd6f60164e1d783d8ec258b2ddc7a5c65def163e4dbd46efa038c7b
69372a2cbab804326e6f1a102fa1d0ab95cfc7b0aec7763c8b003bea349ba7c8
756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861
75e79a67f1bdf19f33b1fce93ce73a78324e5d258df4037317d046a1fbcdc6d4
80d0682310f5374addcbdc60186e23935dda84231cc1c12858477428eb114f4a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
8ad11d86163a7756ad83b7e4f540d6ae5617f6b6c899686ebfb8ace62aa8d7d8
8ffae0974acd7014b8e30ff2510ff2c8809103dca22a9e9d252cfd525cc7eff9
94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2
9d519ca4a97498e3dbfca34764d38dea27d5c4416bd9bb328845dbeb1b9b62af
ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b9859815a35442c2f7869843308b0411c9df36ed0d59e5a9beda68cfdab89622
ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d
c203b910388ddd0a665f9d474cb718737002a0ba8188ba1eb7b6f1848b595868
c79b108aa877d1878052ef27f9d6b8c8d572c99c48b8fa91bf13af533c6e367f
c82585605cc365277e35623e951fc75c47e5dd67d38d416104e2626cd457e691
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748
e5d1ff232a26bd3b8a702a52464d1bdf12992e9f166084da5cfad235d8f7b20e
e69272d07262a40249f3ca75cec75a633845417dabce8bfbf90c3ce736af28f6
e69ad102ebb0735d94aae18f925f4f3d9e03bc129376e2ec5132c22410307383
edefde11d13eb274cafd860dd219755352257187b374f313c810cb6a20f0a477
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
feaff8a5200ae8f8d3da7d69f475079056163b97569673f7a83a814931990320