urlscan.io logo urlscan.io
SecurityTrails logo

k8cckjdqwwere.shop Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://k8cckjdqwwere.shop/
Effective URL: https://k8cckjdqwwere.shop/indexacsad.php
Submission: On April 30 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 45 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is k8cckjdqwwere.shop.
TLS certificate: Issued by GTS CA 1P5 on April 30th 2023. Valid for: 3 months.
This is the only time k8cckjdqwwere.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 2a06:98c1:312... 13335 (CLOUDFLAR...)
33 2a02:26f0:780... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 2.19.126.81 20940 (AKAMAI-ASN1)
2 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.124.132.209 396982 (GOOGLE-CL...)
45 8
5    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
k8cckjdqwwere.shop
33    2a02:26f0:780::5f65:3663 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
dl.dir.freefiremobile.com
2    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2.19.126.81 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-81.deploy.static.akamaitechnologies.com
freefiremobile-a.akamaihd.net
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    34.124.132.209 (Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 209.132.124.34.bc.googleusercontent.com
pub.sentry.web.garenanow.com
Apex Domain
Subdomains		 Transfer
33 freefiremobile.com
dl.dir.freefiremobile.com — Cisco Umbrella Rank: 22394
2 MB
5 k8cckjdqwwere.shop
k8cckjdqwwere.shop
19 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1718
www.google-analytics.com — Cisco Umbrella Rank: 91
21 KB
2 garenanow.com
pub.sentry.web.garenanow.com — Cisco Umbrella Rank: 535210
313 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 114
123 KB
1 akamaihd.net
freefiremobile-a.akamaihd.net — Cisco Umbrella Rank: 27252
227 KB
45 6
Domain Requested by
33 dl.dir.freefiremobile.com k8cckjdqwwere.shop
dl.dir.freefiremobile.com
5 k8cckjdqwwere.shop 2 redirects dl.dir.freefiremobile.com
2 pub.sentry.web.garenanow.com dl.dir.freefiremobile.com
2 www.google-analytics.com www.googletagmanager.com
dl.dir.freefiremobile.com
2 region1.google-analytics.com www.googletagmanager.com
2 www.googletagmanager.com k8cckjdqwwere.shop
www.googletagmanager.com
1 freefiremobile-a.akamaihd.net k8cckjdqwwere.shop
45 7
Subject Issuer Validity Valid
k8cckjdqwwere.shop
GTS CA 1P5		 2023-04-30 -
2023-07-29		 3 months crt.sh
dl.kgtw.garenanow.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-26 -
2024-04-25		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-03 -
2023-06-26		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
pub.sentry.web.garenanow.com
R3		 2023-04-11 -
2023-07-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://k8cckjdqwwere.shop/indexacsad.php
Frame ID: 4B17A749ACA825176E2B56958FBD1A35
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Garena Free Fire. Best survival Battle Royale on mobile!Download_on_the_App_Store_Badge_US-UK_RGB_blk_4SVG_092917

Page URL History Show full URLs

  1. http://k8cckjdqwwere.shop/ HTTP 301
    https://k8cckjdqwwere.shop/ HTTP 301
    https://k8cckjdqwwere.shop/indexacsad.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <div [^>]*id="__nuxt"
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

45
Requests

100 %
HTTPS

71 %
IPv6

6
Domains

7
Subdomains

8
IPs

3
Countries

2581 kB
Transfer

8515 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://k8cckjdqwwere.shop/ HTTP 301
    https://k8cckjdqwwere.shop/ HTTP 301
    https://k8cckjdqwwere.shop/indexacsad.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request indexacsad.php
k8cckjdqwwere.shop/
Redirect Chain
  • http://k8cckjdqwwere.shop/
  • https://k8cckjdqwwere.shop/
  • https://k8cckjdqwwere.shop/indexacsad.php
91 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0f838fdc2f9329e730c6960379ce45bd2658c5875940af6323f124213331c63

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7c01ba537ad50df5-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 18:08:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iyO32fVN22huiO1Zo%2FWsud%2FdQHii0cQQsm7PUiRdNsDvOnm8ks4jfjaS51wfznBce4%2Fh5jLAxbQ6WOonYGmoFeFXrQliZAuUXhb9Z8fclmdGpXulHx%2ByxZga3fynMOFkrcImnMjCtEU9dOhyAj9aas%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7c01ba51afd20df5-AMS
content-type
text/html; charset=UTF-8
date
Sun, 30 Apr 2023 18:08:03 GMT
location
https://k8cckjdqwwere.shop/indexacsad.php
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mhaWk%2F2oNWgQPTVUScnzOXHgwWme1lneCdHpojWR8pFqGUjJP6bCSOmWcsb%2FNSMjqfce5cAQdTujaXuQodO1lWtqSq00x%2Bwjl5jv5PBNYcdfM3tYJmi2Bly3PwMpFqWJUwSt62lbBY6ryHnv1qFLfvc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
spine-player.css
dl.dir.freefiremobile.com/common/web_event/common/packages/spine/3.8/ 		27 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/packages/spine/3.8/spine-player.css
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
1cef737651487ed39d646b7aa15c47dcf1a82895ef9ad729bf13e35c6f681cca

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSkf/zyPEw+dd36eoDTLlnm6osALWulw
last-modified
Thu, 04 Aug 2022 12:29:58 GMT
server
OBS
etag
"ed806caac8c41b293af0b1ac29b06511"
cdn-origin-protocol
HTTP
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
x-obs-request-id
00000183612C6EE7914875F336313F1F
accept-ranges
bytes
x-forward-proto
http
content-length
27593
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KE3SY7MRSD
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41d8abb48100e56caceea192f1d9e0e2963b4ccb174a0c59b72bab1aafdafd1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80177
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Apr 2023 18:08:04 GMT
4f2dc7c.js
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/4f2dc7c.js
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
54f275507da85d2d6c8c1f4cd09e0cb9f1176c592e61356126c63ac7b50191a5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:05 GMT
content-encoding
gzip
content-md5
/5BRC1Vmv/FOLvWG74XGtw==
cdn-origin-protocol
HTTP
x-obs-request-id
00000186C5BB06069418848E812061C3
x-forward-proto
http
content-length
2806
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSO8hp3w/lTiVCp9MIO7Sc143x56ZRFB
last-modified
Thu, 09 Mar 2023 09:33:44 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"ff90510b5566bff14e2ef586ef85c6b7"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
1ba8953.js
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/ 		232 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/1ba8953.js
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
b1e8509146c509790dd53cb9edb0f62a647fdc8a32bf2d975b62fb04d0844543

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-encoding
gzip
content-md5
bUxE0k39j+ffPXGu1GGasA==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1DFF9689012BB56E72836CD
x-forward-proto
http
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSFLbNIJjrGt6VFBkfWyx1aeTjZZiCS8
last-modified
Fri, 21 Apr 2023 02:41:23 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"6d4c44d24dfd8fe7df3d71aed4619ab0"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
6786561.css
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/ 		11 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/6786561.css
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
a0af83e83bc656e00490cbd47cc0e08ac4b9fa1ee3a50f2dd93b407ca9e2d3af

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-md5
hnXrDyfb7UHPcehcqb0sOg==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1E1EF96954E75280927275A
x-forward-proto
http
content-length
11652
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSwiW93mZdAOkWdk2D0Xt6lg3HUcllqW
last-modified
Fri, 21 Apr 2023 02:41:23 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"8675eb0f27dbed41cf71e85ca9bd2c3a"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
f8398c1.js
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/ 		452 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/f8398c1.js
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
602e393711fa93c5ff99bc8cfc48f949f608ddcceb784a49ec3e4736f2d991c4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-encoding
gzip
content-md5
pQ4+CdqzMQY4L1FLq4wSeg==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1B3149090186292A1D808EE
x-forward-proto
http
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSBvPhWYmTYKywJJLyqpnCE7vbG+X3/G
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"a50e3e09dab33106382f514bab8c127a"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
24ac8a9.css
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/ 		237 KB
238 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/24ac8a9.css
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
5fa7d04f447efa8d39b4d857b41d8357234656ef4b72187d81a7c78ebf1bbfcc

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSMJjge6L7vBltS6eK3+EC/LmIcgBPfJ
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
content-md5
I43tS6j6AKTrK7g7vtdHRQ==
x-obs-replication-status
REPLICA
etag
"238ded4ba8fa00a4eb2bb83bbed74745"
cdn-origin-protocol
HTTP
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
x-obs-request-id
00000187A1E1EE85981367E75DA99477
accept-ranges
bytes
x-forward-proto
http
content-length
242629
56e53f4.js
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/ 		105 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/56e53f4.js
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
5a8160ff14a7ef3bb851c8bda4ac16b4ab8ab0584937f144c98eb58d3920516e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-encoding
gzip
content-md5
5pYMJut/OJ1ubT8rLYiNYg==
cdn-origin-protocol
HTTP
x-obs-request-id
00000186C5BB052594143D8A9C811A83
x-forward-proto
http
content-length
28427
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSGPQ+3Il8f6iZeYcLGi87XY5mRmb9WQ
last-modified
Thu, 09 Mar 2023 09:33:44 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"e6960c26eb7f389d6e6d3f2b2d888d62"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
cc602d1.js
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/ 		252 B
631 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/cc602d1.js
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
e308e9e2efc951808c4345d73cc903f3a4cae20a7b97044d12c70240965d82f8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-md5
ez5KHApD4aQphbSXlCbbVg==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1CAFB4E99420CE29F12B368
x-forward-proto
http
content-length
252
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS5sXh8AAZU8h76sYz291bs45d7RJ4z+
last-modified
Fri, 21 Apr 2023 02:41:23 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"7b3e4a1c0a43e1a42985b4979426db56"
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
4923e27.css
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/ 		14 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/4923e27.css
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
6ed332c60da809b841e48511df516d2d8c7ca0cd8a02ef87873c81af6c9b7d19

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-md5
yhXpRCXHGLeOq3aUFfuwdQ==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1B73C6C941D2D12DAD9CDC6
x-forward-proto
http
content-length
14493
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS2B0PI0F0oMson4WcesaGsirpf3yB1l
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"ca15e94425c718b78eab769415fbb075"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
f4dfd62.js
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/f4dfd62.js
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
df697481e15d7ca19cdf3b4c4e3401be6b41fb4a1fdf4fe67cbf24dcbae68eb3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-encoding
gzip
content-md5
9CMEvezLSDMxCDkai12yvw==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1B73D94901E4DA110876565
x-forward-proto
http
content-length
12069
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS+6aQlQO8kIyCWW9VC32PBs5s2nfVDN
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"f42304bdeccb48333108391a8b5db2bf"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
cdbb9a1.css
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/ 		13 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/cdbb9a1.css
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
91915a7efec61fa5fc6c25d1d15c57111fb9e6f76b627054dec43ce32cc28adf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-md5
9EoKizmMSdsNrTvCn4rsdA==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1D1C9DD9550A80990DF887A
x-forward-proto
http
content-length
13728
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSPKm/92qDo0vy9vgVrZaQ3/56uL2OG1
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"f44a0a8b398c49db0dad3bc29f8aec74"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
13273d6.js
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/ 		140 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/13273d6.js
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
e01f30a2fc1cfb3e17f6691c5e03eed67c386b875ca6fda5815492603bc18107

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-encoding
gzip
content-md5
uBCsN33Waa+YXaMzCKG7Ew==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1DCA8E2901912AA50E56E1D
x-forward-proto
http
content-length
37147
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSTQw5/1bJEOmMPsPSbZO1HPMd5tZu7D
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"b810ac377dd669af985da33308a1bb13"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
b1164aa.css
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/ 		6 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/b1164aa.css
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
f6f8b660d46055552b8720e331fd719ce3178dcc16cb19b169e220a9b08ade2e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-md5
0h70opZjSfbZZ5qBhRkjlQ==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1C4BB85941DB948F20D64D0
x-forward-proto
http
content-length
5967
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS4Ce8NauNBvyn6MxAEMWh12dHy90z1K
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"d21ef4a2966349f6d9679a8185192395"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
6c447ca.js
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/6c447ca.js
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
66ee0fec7fac08095e4c47e3357be095a9ad5ff26506f1438667d4cf55c84071

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-encoding
gzip
content-md5
zHktc5ARi+yBiv+O8AY01w==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1B73FDB914CB9826F694FA7
x-forward-proto
http
content-length
4552
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSPtq+6Z5DehXoj09PG4mMZAdrFgnOHp
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"cc792d7390118bec818aff8ef00634d7"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
full_logo.969f536.png
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/full_logo.969f536.png
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
86ccbc1dbeb58af3e6bce5ee52f86a47399da998ad34a0fd2ce9b0b539d92f6c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-md5
xjLmv9AHZpXlZHe9s/cjLA==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1D74076914ACDACF34B9EC1
x-forward-proto
http
content-length
8314
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS6jd3dXV2FJ/5AMmqPaevbT2TQuXVwM
last-modified
Fri, 21 Apr 2023 02:41:23 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"c632e6bfd0076695e56477bdb3f7232c"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
max_logo.b96cbd2.png
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/max_logo.b96cbd2.png
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
a83b8154e64436beff6f9e7e91f5ef051a0d45a71c82316468d00e5188671862

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-md5
eE1o4qC38g69Vb+plBu3xA==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1D1CFEB954AF2C0B15FF4A4
x-forward-proto
http
content-length
57873
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSIeKSHNrUcAiYU67YYyFGNhjSWX0OBV
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"784d68e2a0b7f20ebd55bfa9941bb7c4"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
83f3aecfe60c6ec13a09696b3465907a.jpg
dl.dir.freefiremobile.com/common/web_event/official2.ff.garena.all/20232/ 		341 KB
342 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2.ff.garena.all/20232/83f3aecfe60c6ec13a09696b3465907a.jpg
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
b5a79ac9adb2cde5e508ac84e74bb9a9e5a87e3e3cdd4f5b269224437f61d052

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSs0inIhpo174vK6YTYYQQBiSaO9CWxy
last-modified
Fri, 03 Feb 2023 10:24:09 GMT
server
OBS
content-md5
mAsnWnO/tjcYj9puBZ+yDQ==
x-obs-replication-status
REPLICA
etag
"980b275a73bfb637188fda6e059fb20d"
cdn-origin-protocol
HTTP
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=3600
x-obs-request-id
000001861700728B994B3F83112F9F0A
accept-ranges
bytes
x-forward-proto
http
content-length
349155
25381186e4933028181d0e2bda7c8de2.jpg
dl.dir.freefiremobile.com/common/web_event/official2.ff.garena.all/20232/ 		239 KB
240 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2.ff.garena.all/20232/25381186e4933028181d0e2bda7c8de2.jpg
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
fdb36d5fdcaa551e6c8a0c91faf9e089fe84c1b16e63ff3a6d55845bb1784d00

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSDLjHYsaKX84VcjYgGh8zX8l2639oxR
last-modified
Fri, 03 Feb 2023 10:24:11 GMT
server
OBS
content-md5
MYsEpN/zBmvw41FcfwwEtg==
x-obs-replication-status
REPLICA
etag
"318b04a4dff3066bf0e3515c7f0c04b6"
cdn-origin-protocol
HTTP
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=3600
x-obs-request-id
0000018616FD4300901CF5F97986FB82
accept-ranges
bytes
x-forward-proto
http
content-length
245211
a3d16a9d12021a2238fe992afaf34f07.png
dl.dir.freefiremobile.com/common/web_event/official2.ff.garena.all/202210/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2.ff.garena.all/202210/a3d16a9d12021a2238fe992afaf34f07.png
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
64ccfb703baefb50222956d5474f1eb154fde5ef038c20e3d7fb9e5d6f18de7d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS0ywkEmEs2F7zPGMNpLbJ4e6G5ArkbL
last-modified
Thu, 13 Oct 2022 06:54:30 GMT
server
OBS
content-md5
br3b4+s4FOYR2Tiz86D51w==
etag
"6ebddbe3eb3814e611d938b3f3a0f9d7"
cdn-origin-protocol
HTTP
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
x-obs-request-id
00000183E0E4DD3998136BBCDEA6B502
accept-ranges
bytes
x-forward-proto
http
content-length
31610
google_play.b8a7e58.png
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/google_play.b8a7e58.png
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-md5
HpHQLPWpAvOPKSPABteSgQ==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1B28EF8915158BA712E2E53
x-forward-proto
http
content-length
4904
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSRtx9U2LLZSF3AUnalDt90XDQWyFtEi
last-modified
Fri, 21 Apr 2023 02:41:23 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"1e91d02cf5a902f38f2923c006d79281"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
65fef1213324415a00e170bef3a51e2b.jpg
freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20228/ 		226 KB
227 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20228/65fef1213324415a00e170bef3a51e2b.jpg
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2.19.126.81 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-19-126-81.deploy.static.akamaitechnologies.com
Software
OBS /
Resource Hash
ba0471a2b008124c8c6fe9ac667dc8a6cd31053d699f6dc07186ea5a23ec71a5

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date
Sun, 30 Apr 2023 18:08:04 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSS9lDFkZrovfdBo0hMWyq4YlE8IKGFr
Last-Modified
Thu, 15 Sep 2022 13:06:50 GMT
Server
OBS
ETag
"c329ac362e65da8f97217bd982976b01"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
x-obs-request-id
000001845E76F1BB980F607F98FFF726
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
231794
home_chars_bg_m.ab67bda.jpeg
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/home_chars_bg_m.ab67bda.jpeg
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
d5152f3ed7382d4fe534aab348fdcc94670c34fe36d113116b70cdda6741fa28

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-md5
Pg9EkQ+dhrmitOl7lKOEdg==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1D5A353954AD69F809EF885
x-forward-proto
http
content-length
92158
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSITPvlYVqaWjj/Nxk34sDEKWlAe+9kC
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"3e0f44910f9d86b9a2b4e97b94a38476"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
truncated
/ 		386 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
237a93e522ff21708cbb1d061edcb42f23f8c928d18e01c0903dbf0b29091ab7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type
image/png
e68883609a0e69a03cc586852ff77dd7.mp4
dl.dir.freefiremobile.com/common/test/official/ 		5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/test/official/e68883609a0e69a03cc586852ff77dd7.mp4
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash

Request headers

Referer
https://k8cckjdqwwere.shop/
Accept-Encoding
identity;q=1, *;q=0
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 30 Apr 2023 18:08:05 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSTmUJysBggAR7GrEoe3rCp0JDtaoMFg
last-modified
Thu, 15 Sep 2022 12:58:04 GMT
server
OBS
etag
"5e8d7362584ef31f68632cb3d1bb4d23"
cdn-origin-protocol
HTTP
content-type
video/mp4
access-control-allow-origin
*
Content-Range
bytes 0-5044284/5044285
cache-control
public, max-age=3600
x-obs-request-id
00000187CFED31689013087860C1B5CB
x-reserved-indicator
372
accept-ranges
bytes
x-forward-proto
http
Content-Length
5044285
home_esports_bg_m.658d754.jpeg
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/ 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/home_esports_bg_m.658d754.jpeg
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
182467afd3d1792cdf53da5b3c8b090abe719eaef285ab977e9b65e4c309e089

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:05 GMT
content-md5
OOXh2uhFzd2vv4tzIwsPUQ==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1B29779901C6527EBDE395F
x-forward-proto
http
content-length
113486
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSVDCcpTc7+ogNIIGEYtMmU/W8JnJte4
last-modified
Fri, 21 Apr 2023 02:41:25 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"38e5e1dae845cdddafbf8b73230b0f51"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
garena_logo.b28b2b6.png
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/garena_logo.b28b2b6.png
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
b695d33c5ece1af9739e89855c4cc718fd6e9550528009ee5ff644cac193cb41

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-md5
93/pf8j00G/ZPq91UsSj6Q==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1B31C609019A7BF88A0D483
x-forward-proto
http
content-length
11185
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSx4H11t477nDPAgS+tsevqAdlmTeoi3
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"f77fe97fc8f4d06fd93eaf7552c4a3e9"
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
spine-player.js
dl.dir.freefiremobile.com/common/web_event/common/packages/spine/3.8/ 		464 KB
465 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/packages/spine/3.8/spine-player.js
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
3f335337a8fa9c51c6502a7557ea44cd2bcb4f22483adae275e4ecf5ec69faec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSji27r/NBL2AMdceBJp1CNb/cEUlteZ
last-modified
Thu, 04 Aug 2022 12:29:58 GMT
server
OBS
etag
"01696dcc53e033381cfc43da9565bf9e"
cdn-origin-protocol
HTTP
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-obs-request-id
00000186080716339809B592325B55A7
accept-ranges
bytes
x-forward-proto
http
content-length
475015
home_news_bg.c422198.jpg
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/ 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/home_news_bg.c422198.jpg
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
ec9444976112a21d2fe26fa4f4d2bda83354047db5241696276c0796fc867e5d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:05 GMT
content-md5
ecZpUV71FFkiHk8jaSxmbA==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1B74823901FFBA38A97EB08
x-forward-proto
http
content-length
70842
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSulRUsUlbv1PJdbMMDmsWpxgit6YBkQ
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"79c669515ef51459221e4f23692c666c"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
cursor_1_right.c26d829.svg
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/cursor_1_right.c26d829.svg
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/b1164aa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
2756e306ab82ce01287b8a6aeaee39bf47b92d0ec10f8b0d475cc6ce29799ad1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/b1164aa.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-md5
j2REhEPesCWWGp5YNUgzJQ==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1E748CF980F5F6C81F4569F
x-forward-proto
http
content-length
15133
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSXOoI5v5xEylo+0Dt9rzp3DCPGJAMuj
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"8f64448443deb025961a9e5835483325"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
cursor_1_left.f00c099.svg
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/cursor_1_left.f00c099.svg
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/b1164aa.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
e334d288138bb08ab77d66d56b1f0b020021f860343f0fcfefa0d6648fece73d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/b1164aa.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:05 GMT
content-md5
WqmctnMqZIahWJvGYkA9Eg==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1E747E09012EBB4A4CC5086
x-forward-proto
http
content-length
15131
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSig9cmH1jKa7W0QF0eWpgPxJEqlEb+B
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"5aa99cb6732a6486a1589bc662403d12"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
home_chars_bg.bac9116.jpg
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/home_chars_bg.bac9116.jpg
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
1a9411fe7ace8989f1a3596998c1724a0bc1aaf25b15570ecb0a987dd026ff85

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-md5
+X0wQYK+eTLTZ2nVzOByKg==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1BB03A89546635B3CE79984
x-forward-proto
http
content-length
17711
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCShqhXSetaep2X3aMOygqm35hRZw6+C5
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"f97d304182be7932d36769d5cce0722a"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
home_esports_bg.cbdd2a5.jpg
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/img/home_esports_bg.cbdd2a5.jpg
Requested by
Host: k8cckjdqwwere.shop
URL: https://k8cckjdqwwere.shop/indexacsad.php
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
553ad39d4be9e27630d84d37165f495eb529b554d37d821c47d0670996db954e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:04 GMT
content-md5
2Z0Q4kaICAckv6tfVKynkg==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1B48EB6941085F5732D14E5
x-forward-proto
http
content-length
20416
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSZmdsmljhXO0Y0UiPB6IV+IrXFLUUxA
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"d99d10e24688080724bfab5f54aca792"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
GFFLatinW05-Regular.7b8bcd3.woff
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/fonts/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/fonts/GFFLatinW05-Regular.7b8bcd3.woff
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/24ac8a9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
475f5b3cb03384633a4e870c3377b992f13ad8246a23173a282be11faf2c85fb

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/24ac8a9.css
Origin
https://k8cckjdqwwere.shop
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:05 GMT
content-md5
ee3tYAVOwxqBC2eGTZdajA==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1CF8881954301ABE90081C1
x-forward-proto
http
content-length
36707
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSVZX+CHYYBDR3dUKSgR8gFMrfCZGakL
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"79eded60054ec31a810b67864d975a8c"
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
GFFLatinW05-Bold.d2bc101.woff
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/fonts/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/fonts/GFFLatinW05-Bold.d2bc101.woff
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/24ac8a9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
5441944a6ee96a0dc5935f0b4c180045b41c7ef6068bd50c05dade403fbe150e

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/24ac8a9.css
Origin
https://k8cckjdqwwere.shop
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:05 GMT
content-md5
KuoegS6iL3vzFajZdp4UcA==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1E31AF59811B87769F46ACE
x-forward-proto
http
content-length
38243
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS2vNStgkX1zPP0ux7qWB/8qv/leNUOC
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"2aea1e812ea22f7bf315a8d9769e1470"
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
GFFLatinW05-Thin.45f3334.woff
dl.dir.freefiremobile.com/common/web_event/official2/dist/client/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/fonts/GFFLatinW05-Thin.45f3334.woff
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/24ac8a9.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::5f65:3663 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
OBS /
Resource Hash
399e9f4b7b9e3035701a00c823f689992fe5387621e5e1a3645fe0e5df6b99a6

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/css/24ac8a9.css
Origin
https://k8cckjdqwwere.shop
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:05 GMT
content-md5
Z0ou7PmWSscFg9aHtxqCAw==
cdn-origin-protocol
HTTP
x-obs-request-id
00000187A1CDC9FF99480E75A1D600D6
x-forward-proto
http
content-length
18554
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS+CsFKRPdwvTB55cbtm8cC6VkbqjhgX
last-modified
Fri, 21 Apr 2023 02:41:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"674a2eecf9964ac70583d687b71a8203"
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
public, max-age=3600
x-reserved-indicator
372
accept-ranges
bytes
js
www.googletagmanager.com/gtag/ 		114 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-207309476-25&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KE3SY7MRSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d80c237f831509142890e995c9299b57bf9bdb44f862cf76cbe6f07f14fc8a66
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45370
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 30 Apr 2023 18:08:05 GMT
collect
region1.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KE3SY7MRSD&gtm=45je34q0&_p=1534809073&cid=1020357192.1682878085&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1682878085&sct=1&seg=0&dl=https%3A%2F%2Fk8cckjdqwwere.shop%2Findexacsad.php&dt=Garena%20Free%20Fire.%20Best%20survival%20Battle%20Royale%20on%20mobile!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KE3SY7MRSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 18:08:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://k8cckjdqwwere.shop
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
list
k8cckjdqwwere.shop/api/article/ 		548 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k8cckjdqwwere.shop/api/article/list?page=1&size=3&category_id=20&lang=en
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/f8398c1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept
application/json, text/plain, */*
Referer
https://k8cckjdqwwere.shop/indexacsad.php
X-Requested-With
B6FksShzIgjfrYImLpTsadjS86sddhFH
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkPKh%2B0b322vI5M9BbRR9exVFRTla6b62HEW5zUB8eS6jvtNMkonvY4UL%2Ba56pGxgtZ9QDAUhkrwMB2YJ%2BLpLI1P9D2mAnKiFE7yUsPcMAgP3PIB6JGbGAlp5eGzY0ltO9Dmu%2F9f7gGTz44jq69LPw8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
7c01ba60cf60b7a2-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-207309476-25&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 30 Apr 2023 17:05:04 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
3781
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Sun, 30 Apr 2023 19:05:04 GMT
ip_region
k8cckjdqwwere.shop/api/ 		548 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://k8cckjdqwwere.shop/api/ip_region?lang=indexacsad.php
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/f8398c1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept
application/json, text/plain, */*
Referer
https://k8cckjdqwwere.shop/indexacsad.php
X-Requested-With
B6FksShzIgjfrYImLpTsadjS86sddhFH
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Sun, 30 Apr 2023 18:08:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lq3vU2OTfqiRHN9cJv1VDdb1wVInxLOLUhy69xGAnSbs2bY7MCQWgkASHb3ckqj7id%2B7rPT2yX%2FH2cwvo6WjVBTMUnzw%2By71W1gYQXZ7keiNUs%2FWytAY5mZ%2BgWWuHHoe50PIl3JHLVNmTT4nnSZhG6E%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
cf-ray
7c01ba6228fbb7a2-AMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
pub.sentry.web.garenanow.com/api/5/store/ 		41 B
208 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.sentry.web.garenanow.com/api/5/store/?sentry_key=7ecd52ff6fb9493aa711448770c04c1a&sentry_version=7
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/f8398c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.124.132.209 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.132.124.34.bc.googleusercontent.com
Software
sentry-relay/22.5.0 /
Resource Hash
a7eae0c1869d13aee2e32dbd92ecb646bf712779f8741b98d57d2267422ffe3e

Request headers

Referer
https://k8cckjdqwwere.shop/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://k8cckjdqwwere.shop
access-control-expose-headers
x-sentry-rate-limits, x-sentry-error, retry-after
date
Sun, 30 Apr 2023 18:08:06 GMT
server
sentry-relay/22.5.0
content-length
41
vary
Origin
content-type
application/json
/
pub.sentry.web.garenanow.com/api/5/store/ 		41 B
105 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.sentry.web.garenanow.com/api/5/store/?sentry_key=7ecd52ff6fb9493aa711448770c04c1a&sentry_version=7
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/f8398c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.124.132.209 , Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
209.132.124.34.bc.googleusercontent.com
Software
sentry-relay/22.5.0 /
Resource Hash
db87d870ea96bc5f6b0bdd39e66842e9ff603d9e8eafd5913f257c83354392ab

Request headers

Referer
https://k8cckjdqwwere.shop/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://k8cckjdqwwere.shop
access-control-expose-headers
x-sentry-error, x-sentry-rate-limits, retry-after
date
Sun, 30 Apr 2023 18:08:06 GMT
server
sentry-relay/22.5.0
content-length
41
vary
Origin
content-type
application/json
collect
www.google-analytics.com/j/ 		1 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1534809073&t=pageview&_s=1&dl=https%3A%2F%2Fk8cckjdqwwere.shop%2Findexacsad.php&ul=en-us&de=UTF-8&dt=Garena%20Free%20Fire.%20Best%20survival%20Battle%20Royale%20on%20mobile!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=851889757&gjid=1423784540&cid=1020357192.1682878085&tid=UA-207309476-25&_gid=1077838792.1682878085&_r=1&gtm=457e34q0&jsscut=1&z=1250503667
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/official2/dist/client/f8398c1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://k8cckjdqwwere.shop/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 18:08:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://k8cckjdqwwere.shop
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KE3SY7MRSD&gtm=45je34q0&_p=1534809073&cid=1020357192.1682878085&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dp=%2Findexacsad.php&sid=1682878085&sct=1&seg=1&dl=https%3A%2F%2Fk8cckjdqwwere.shop%2Findexacsad.php&dt=Garena%20Free%20Fire.%20Best%20survival%20Battle%20Royale%20on%20mobile!&en=page_view&_ee=1&_et=9
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KE3SY7MRSD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://k8cckjdqwwere.shop/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 30 Apr 2023 18:08:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://k8cckjdqwwere.shop
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| __NUXT__ object| google_tag_manager object| google_tag_data object| dataLayer function| __extends object| spine function| onYouTubeIframeAPIReady object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| __SENTRY__ object| L object| gsapVersions object| gaGlobal object| $nuxt string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

4 Cookies

Domain/Path Name / Value
.k8cckjdqwwere.shop/ Name: _ga_KE3SY7MRSD
Value: GS1.1.1682878085.1.1.1682878085.0.0.0
.k8cckjdqwwere.shop/ Name: _ga
Value: GA1.2.1020357192.1682878085
.k8cckjdqwwere.shop/ Name: _gid
Value: GA1.2.1077838792.1682878085
.k8cckjdqwwere.shop/ Name: _gat_gtag_UA_207309476_25
Value: 1

2 Console Messages

Source Level URL
Text
network error URL: https://k8cckjdqwwere.shop/api/article/list?page=1&size=3&category_id=20&lang=en
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://k8cckjdqwwere.shop/api/ip_region?lang=indexacsad.php
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dl.dir.freefiremobile.com
freefiremobile-a.akamaihd.net
k8cckjdqwwere.shop
pub.sentry.web.garenanow.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
2.19.126.81
2001:4860:4802:32::36
2a00:1450:4001:801::2008
2a00:1450:4001:827::200e
2a02:26f0:780::5f65:3663
2a06:98c1:3120::3
34.124.132.209
182467afd3d1792cdf53da5b3c8b090abe719eaef285ab977e9b65e4c309e089
1a9411fe7ace8989f1a3596998c1724a0bc1aaf25b15570ecb0a987dd026ff85
1cef737651487ed39d646b7aa15c47dcf1a82895ef9ad729bf13e35c6f681cca
237a93e522ff21708cbb1d061edcb42f23f8c928d18e01c0903dbf0b29091ab7
2756e306ab82ce01287b8a6aeaee39bf47b92d0ec10f8b0d475cc6ce29799ad1
399e9f4b7b9e3035701a00c823f689992fe5387621e5e1a3645fe0e5df6b99a6
3f335337a8fa9c51c6502a7557ea44cd2bcb4f22483adae275e4ecf5ec69faec
41d8abb48100e56caceea192f1d9e0e2963b4ccb174a0c59b72bab1aafdafd1e
475f5b3cb03384633a4e870c3377b992f13ad8246a23173a282be11faf2c85fb
5441944a6ee96a0dc5935f0b4c180045b41c7ef6068bd50c05dade403fbe150e
54f275507da85d2d6c8c1f4cd09e0cb9f1176c592e61356126c63ac7b50191a5
553ad39d4be9e27630d84d37165f495eb529b554d37d821c47d0670996db954e
5a8160ff14a7ef3bb851c8bda4ac16b4ab8ab0584937f144c98eb58d3920516e
5fa7d04f447efa8d39b4d857b41d8357234656ef4b72187d81a7c78ebf1bbfcc
602e393711fa93c5ff99bc8cfc48f949f608ddcceb784a49ec3e4736f2d991c4
64ccfb703baefb50222956d5474f1eb154fde5ef038c20e3d7fb9e5d6f18de7d
66ee0fec7fac08095e4c47e3357be095a9ad5ff26506f1438667d4cf55c84071
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ed332c60da809b841e48511df516d2d8c7ca0cd8a02ef87873c81af6c9b7d19
86ccbc1dbeb58af3e6bce5ee52f86a47399da998ad34a0fd2ce9b0b539d92f6c
91915a7efec61fa5fc6c25d1d15c57111fb9e6f76b627054dec43ce32cc28adf
a0af83e83bc656e00490cbd47cc0e08ac4b9fa1ee3a50f2dd93b407ca9e2d3af
a7eae0c1869d13aee2e32dbd92ecb646bf712779f8741b98d57d2267422ffe3e
a83b8154e64436beff6f9e7e91f5ef051a0d45a71c82316468d00e5188671862
b1e8509146c509790dd53cb9edb0f62a647fdc8a32bf2d975b62fb04d0844543
b5a79ac9adb2cde5e508ac84e74bb9a9e5a87e3e3cdd4f5b269224437f61d052
b695d33c5ece1af9739e89855c4cc718fd6e9550528009ee5ff644cac193cb41
ba0471a2b008124c8c6fe9ac667dc8a6cd31053d699f6dc07186ea5a23ec71a5
d0f838fdc2f9329e730c6960379ce45bd2658c5875940af6323f124213331c63
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d5152f3ed7382d4fe534aab348fdcc94670c34fe36d113116b70cdda6741fa28
d80c237f831509142890e995c9299b57bf9bdb44f862cf76cbe6f07f14fc8a66
db87d870ea96bc5f6b0bdd39e66842e9ff603d9e8eafd5913f257c83354392ab
df697481e15d7ca19cdf3b4c4e3401be6b41fb4a1fdf4fe67cbf24dcbae68eb3
e01f30a2fc1cfb3e17f6691c5e03eed67c386b875ca6fda5815492603bc18107
e308e9e2efc951808c4345d73cc903f3a4cae20a7b97044d12c70240965d82f8
e334d288138bb08ab77d66d56b1f0b020021f860343f0fcfefa0d6648fece73d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ec9444976112a21d2fe26fa4f4d2bda83354047db5241696276c0796fc867e5d
f6f8b660d46055552b8720e331fd719ce3178dcc16cb19b169e220a9b08ade2e
f72611e2df8e88204009fd896d05d5e8e83c77009c63943bbffa169559934849
fdb36d5fdcaa551e6c8a0c91faf9e089fe84c1b16e63ff3a6d55845bb1784d00