URL: https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
Submission: On October 30 via manual from MX

Summary

This website contacted 6 IPs in 3 countries across 5 domains to perform 24 HTTP transactions. The main IP is 148.153.73.200, located in Plano, United States and belongs to CDSC-AS1, US. The main domain is dod.us.freefiremobile.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 7th 2020. Valid for: 2 years.
This is the only time dod.us.freefiremobile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 148.153.73.200 63199 (CDSC-AS1)
14 2600:9000:20d... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.92.112.60 58521 (GARENA-SG...)
24 6
Domain Requested by
14 dl.dir.freefiremobile.com dod.us.freefiremobile.com
4 fonts.googleapis.com dl.dir.freefiremobile.com
4 dod.us.freefiremobile.com 1 redirects dod.us.freefiremobile.com
dl.dir.freefiremobile.com
1 logcollector.data.garenanow.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com dod.us.freefiremobile.com
24 6

This site contains no links.

Subject Issuer Validity Valid
*.us.freefiremobile.com
Sectigo RSA Domain Validation Secure Server CA
2020-01-07 -
2022-01-06
2 years crt.sh
dl.dir.freefiremobile.com
SSL.com RSA SSL subCA
2020-06-05 -
2022-06-05
2 years crt.sh
upload.video.google.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2020-10-06 -
2020-12-29
3 months crt.sh
logcollector.data.garenanow.com
SSL.com RSA SSL subCA
2020-09-08 -
2021-09-08
a year crt.sh

This page contains 1 frames:

Primary Page: https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
Frame ID: A107E3D75C0A0F9EA82A7D9835A99518
Requests: 24 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://dod.us.freefiremobile.com/assist/6NVV3YKJ HTTP 301
    https://dod.us.freefiremobile.com/assist/6NVV3YKJ/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /(?:\/([\d.]+))?\/vue(?:\.min)?\.js/i

Page Statistics

24
Requests

96 %
HTTPS

67 %
IPv6

5
Domains

6
Subdomains

6
IPs

3
Countries

1254 kB
Transfer

1629 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://dod.us.freefiremobile.com/assist/6NVV3YKJ HTTP 301
    https://dod.us.freefiremobile.com/assist/6NVV3YKJ/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
dod.us.freefiremobile.com/assist/6NVV3YKJ/
Redirect Chain
  • https://dod.us.freefiremobile.com/assist/6NVV3YKJ
  • https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
3 KB
1 KB
Document
General
Full URL
https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.153.73.200 Plano, United States, ASN63199 (CDSC-AS1, US),
Reverse DNS
Software
nginx /
Resource Hash
fffa4fd63e703e121e2803951eed6e06415f3ea3a6e6c295d1a0d3cdfbde1bd8
Security Headers
Name Value
X-Frame-Options DENY

Request headers

:method
GET
:authority
dod.us.freefiremobile.com
:scheme
https
:path
/assist/6NVV3YKJ/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
content-encoding
gzip
content-type
text/html
date
Fri, 30 Oct 2020 19:38:35 GMT
server
nginx
vary
Accept-Encoding
x-frame-options
DENY
content-length
1188

Redirect headers

status
301
content-type
text/html; charset=utf-8
date
Fri, 30 Oct 2020 19:38:34 GMT
location
/assist/6NVV3YKJ/
server
nginx
x-frame-options
DENY
content-length
0
app.a23d3c30.css
dl.dir.freefiremobile.com/common/web_event/dayofdeath/css/
32 KB
6 KB
Stylesheet
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/css/app.a23d3c30.css
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
141ae8ac0125ac8234ca22fb633e33fb89a7b30888fecf633cfdb7b067b79509

Request headers

Referer
https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
content-encoding
gzip
x-amz-cf-pop
ZAG50-C1
x-cache
RefreshHit from cloudfront
status
200
content-length
5518
access-control-allow-origin
*
last-modified
Wed, 28 Oct 2020 09:46:40 GMT
server
AkamaiNetStorage
etag
"c98be454670e9afcccc5eaa46ceeb9b4:1603878400.26099"
vary
Accept-Encoding
content-type
text/css
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
VxUxU2MvbH-gEL9PmgJ9bAEF-7dUR0jhbTayMw57wAQilcqOXz2sXg==
expires
Fri, 30 Oct 2020 12:14:43 GMT
app.f752e277.js
dl.dir.freefiremobile.com/common/web_event/dayofdeath/js/
41 KB
11 KB
Script
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/js/app.f752e277.js
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0530ac1b7938697858f9e1be7964ca34607551a4dd5545623c0b1f555276b306

Request headers

Referer
https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
content-encoding
gzip
x-amz-cf-pop
ZAG50-C1
x-cache
RefreshHit from cloudfront
status
200
content-length
11250
access-control-allow-origin
*
last-modified
Wed, 28 Oct 2020 09:46:41 GMT
server
AkamaiNetStorage
etag
"ca148035d756e34721fe782f66875f38:1603878401.739507"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
VhzL1FV8a8fDkqA2Xgh7hxXStGxNm5grY9ITXBELUBlmG7ZzVWj_DA==
expires
Fri, 30 Oct 2020 12:14:43 GMT
chunk-vendors.b6d0d101.js
dl.dir.freefiremobile.com/common/web_event/dayofdeath/js/
107 KB
35 KB
Script
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/js/chunk-vendors.b6d0d101.js
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7b597f2c8d23662966a7154df1951b23bdfa7ddb45d09417493dde6195f7903b

Request headers

Referer
https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
content-encoding
gzip
x-amz-cf-pop
ZAG50-C1
x-cache
RefreshHit from cloudfront
status
200
content-length
35570
access-control-allow-origin
*
last-modified
Wed, 28 Oct 2020 09:46:43 GMT
server
AkamaiNetStorage
etag
"e5b09f237b4c4ea3511d1ee044c8e1d0:1603878402.887076"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
lQx6s6BzflmUWM2sB58IRK2S660y5FObaDVAtBSHKKu22sFJUgUrig==
expires
Fri, 30 Oct 2020 12:47:52 GMT
css
dod.us.freefiremobile.com/api/
7 KB
750 B
Stylesheet
General
Full URL
https://dod.us.freefiremobile.com/api/css?region=US&lang=es
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.153.73.200 Plano, United States, ASN63199 (CDSC-AS1, US),
Reverse DNS
Software
nginx /
Resource Hash
785f17cadced89e85184888923449bf6bca5bab94633bd658e9ef4e8da6eb416
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Referer
https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
content-encoding
gzip
server
nginx
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css
status
200
content-length
713
vue.min.js
dl.dir.freefiremobile.com/common/web_event/common/js/
91 KB
34 KB
Script
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/js/vue.min.js
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
bbc2aee0c334dcc3f7c914d11f0cb3c9a60e76e616081db905de31be8f1c22d3

Request headers

Referer
https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
content-encoding
gzip
x-amz-cf-pop
ZAG50-C1
x-cache
RefreshHit from cloudfront
unused119
[3:97141:2859]
status
200
content-length
33946
access-control-allow-origin
*
last-modified
Tue, 01 Sep 2020 05:08:53 GMT
server
AkamaiNetStorage
etag
"b61d0f6becd1987bdeecbe37fed41033:1598936933.68102"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
BvH3kzQ9_UaqT89i4JYlzRcSMGKAErOazAp_YrPBj80WPMhfWgoAkg==
expires
Fri, 30 Oct 2020 11:57:50 GMT
vue-router.min.js
dl.dir.freefiremobile.com/common/web_event/common/js/
28 KB
10 KB
Script
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/js/vue-router.min.js
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e6915f17c9de5f43e9104599036319a1b71e2847f7717328157fe819dd68c71d

Request headers

Referer
https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
content-encoding
gzip
x-amz-cf-pop
ZAG50-C1
x-cache
RefreshHit from cloudfront
status
200
content-length
9770
access-control-allow-origin
*
last-modified
Tue, 01 Sep 2020 05:08:52 GMT
server
AkamaiNetStorage
etag
"f5c840f557abb74a3c4b14261d0272fb:1598936932.856844"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
p8OjFdO23USV-3tFrzB8fwUrXqboxQfKft0KB--R9gDtmDtiDRQopA==
expires
Fri, 30 Oct 2020 12:14:43 GMT
axios.min.js
dl.dir.freefiremobile.com/common/web_event/common/js/
14 KB
5 KB
Script
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/js/axios.min.js
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
83e40aef92138c841a236895c09496aa49fb2959472427c9397a1bacd51c62b3

Request headers

Referer
https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
content-encoding
gzip
x-amz-cf-pop
ZAG50-C1
x-cache
RefreshHit from cloudfront
status
200
content-length
4788
access-control-allow-origin
*
last-modified
Tue, 01 Sep 2020 05:08:46 GMT
server
AkamaiNetStorage
etag
"27cb70c23ca9ccaf54717acf8a886f4f:1598936926.577814"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
OydJMPwKxLUyS1pG3SBd37MsTanaqaeTSNwe-K_a9fZzEaZu-7jkpw==
expires
Fri, 30 Oct 2020 12:31:38 GMT
garenaGA.8c8849937e3958e738c4.js
dl.dir.freefiremobile.com/common/web_event/garenaAnalyticsFrontend/
11 KB
5 KB
Script
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/garenaAnalyticsFrontend/garenaGA.8c8849937e3958e738c4.js
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
af072e5a624ed7b6f7d36fa1a05f8bcf9549c919dce2053f98f9612a84c95aa4

Request headers

Referer
https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
content-encoding
gzip
x-amz-cf-pop
ZAG50-C1
x-cache
Hit from cloudfront
status
200
content-length
4311
access-control-allow-origin
*
last-modified
Fri, 18 Sep 2020 09:22:17 GMT
server
AkamaiNetStorage
etag
"6fecfd97f522819b45232736a025c707:1600420937.414603"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
accept-ranges
bytes
x-amz-cf-id
T1Cb3DpyNL2EMvbYh_N7rJzISLPForu79lvQzjjt14g-2aSy0m0eFA==
expires
Fri, 30 Oct 2020 12:25:39 GMT
css2
fonts.googleapis.com/
883 B
506 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Staatliches&display=swap
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/css/app.a23d3c30.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c132b8810a7888eab7b24715cced146755c7405561adf1c21ddf1454871d805c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/css/app.a23d3c30.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Oct 2020 19:38:35 GMT
server
ESF
date
Fri, 30 Oct 2020 19:38:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Oct 2020 19:38:35 GMT
css
fonts.googleapis.com/
869 B
462 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Bebas+Neue&display=swap
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/css/app.a23d3c30.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0026cf5931eab500d6af720a3085df65964b89fd261c21bcb92670418cbcb0a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/css/app.a23d3c30.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Oct 2020 19:38:35 GMT
server
ESF
date
Fri, 30 Oct 2020 19:38:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Oct 2020 19:38:35 GMT
css
fonts.googleapis.com/
123 KB
33 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/css/app.a23d3c30.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f377f6526614881808b1293000fe8eafed3e38b09ea01ac9c9cbaf77acfb4c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/css/app.a23d3c30.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Oct 2020 19:38:35 GMT
server
ESF
date
Fri, 30 Oct 2020 19:38:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Oct 2020 19:38:35 GMT
css
fonts.googleapis.com/
2 KB
564 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Yanone+Kaffeesatz&display=swap
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/css/app.a23d3c30.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b4aa8c70172083cba16f1ce5232152b62379a38e0a1e9bf4163086df30f37a00
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/css/app.a23d3c30.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 30 Oct 2020 19:37:50 GMT
server
ESF
date
Fri, 30 Oct 2020 19:38:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 30 Oct 2020 19:38:35 GMT
js
www.googletagmanager.com/gtag/
95 KB
37 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-167104710-39
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f3fc24bdf70c4173ae1f5ed67dd0dcc7d7503e88a58dfb2cd3d6ee886da4229b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38246
x-xss-protection
0
last-modified
Fri, 30 Oct 2020 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 30 Oct 2020 19:38:35 GMT
assist_info
dod.us.freefiremobile.com/api/
5 KB
2 KB
XHR
General
Full URL
https://dod.us.freefiremobile.com/api/assist_info?code=6NVV3YKJ
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/common/js/axios.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.153.73.200 Plano, United States, ASN63199 (CDSC-AS1, US),
Reverse DNS
Software
nginx /
Resource Hash
fa35af6a61f0ce5cb25e92f3ac40699bcea9532c83c91330db0f6622155a9561
Security Headers
Name Value
X-Frame-Options DENY

Request headers

Accept
application/json, text/plain, */*
Referer
https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-CSRFToken
null

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
content-encoding
gzip
server
nginx
x-frame-options
DENY
vary
Accept-Encoding, Cookie
content-type
application/json
status
200
content-length
1954
us.jpg
dl.dir.freefiremobile.com/common/web_event/dayofdeath/
874 KB
874 KB
Image
General
Full URL
http://dl.dir.freefiremobile.com/common/web_event/dayofdeath/us.jpg
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/api/css?region=US&lang=es
Protocol
HTTP/1.1
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
b1a27c40b690b2f5a334b3f68217c4776fa3875f3224f6d3112cdae3dc4d9899

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 30 Oct 2020 19:38:35 GMT
Via
1.1 3180232852f42d0e8ed2a6999ef03c93.cloudfront.net (CloudFront)
Last-Modified
Wed, 28 Oct 2020 07:02:02 GMT
Server
AkamaiNetStorage
X-Amz-Cf-Pop
ZAG50-C1
ETag
"5adbfb619fb401dfa6939bc10e972edc:1603868522.073587"
X-Cache
RefreshHit from cloudfront
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
894765
X-Amz-Cf-Id
mwU6xBQt7lP5ALct3H-5ZwP-nlfxuoAgMlxERvT12BIMyNAh7F5HBw==
Expires
Fri, 30 Oct 2020 12:53:29 GMT
bg_dialog.png
dl.dir.freefiremobile.com/common/web_event/dayofdeath/images/
181 KB
182 KB
Image
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/images/bg_dialog.png
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/api/css?region=US&lang=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
1c22fecbf967be8fba5251fd77ef451e913dda1e833c2806a30ab00b6b698482

Request headers

Referer
https://dod.us.freefiremobile.com/api/css?region=US&lang=es
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
last-modified
Thu, 22 Oct 2020 09:42:23 GMT
server
AkamaiNetStorage
x-amz-cf-pop
ZAG50-C1
etag
"b4168417ce1f8d0905e96dc774259076:1603359743.520038"
status
200
x-cache
RefreshHit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
185316
x-amz-cf-id
zYIsPfzZSOmHwynowy6ASP_0O9OzHpHny6pDTeglSQ8dkEnP_CghSg==
expires
Fri, 30 Oct 2020 12:36:32 GMT
icon_facebook.png
dl.dir.freefiremobile.com/common/web_event/dayofdeath/images/
515 B
909 B
Image
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/images/icon_facebook.png
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/api/css?region=US&lang=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d90d5c420161c04edb85651a2cbe748e619b702ec1d81cbbd009b129f878ddc5

Request headers

Referer
https://dod.us.freefiremobile.com/api/css?region=US&lang=es
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
last-modified
Thu, 22 Oct 2020 09:42:44 GMT
server
AkamaiNetStorage
x-amz-cf-pop
ZAG50-C1
etag
"2560d1838ce7fcad504bbd21154fc561:1603359764.367808"
status
200
x-cache
RefreshHit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
515
x-amz-cf-id
-bj6rb0pJn-E_vFBNDagk2N7kzqss2QtAKC7XDf4KN64tkXEOF1xbA==
expires
Fri, 30 Oct 2020 13:09:54 GMT
icon_line.png
dl.dir.freefiremobile.com/common/web_event/dayofdeath/images/
82 B
448 B
Image
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/images/icon_line.png
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/api/css?region=US&lang=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
29f238150894d79c00929cfacfb75d72fc3acf06ac7fc538ef957f195fd4587c

Request headers

Referer
https://dod.us.freefiremobile.com/api/css?region=US&lang=es
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:07 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
last-modified
Thu, 22 Oct 2020 09:42:25 GMT
server
AkamaiNetStorage
age
288
etag
"0a8f4f9d3706de3726e7e3230d4ddf38:1603359745.815113"
status
200
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
x-amz-cf-pop
ZAG50-C1
accept-ranges
bytes
content-length
82
x-amz-cf-id
WHbOa-5wIwsK__udftUBX7R8zkgzvtkHARtmo2krM-NQE-6D7B5_wQ==
icon_google.png
dl.dir.freefiremobile.com/common/web_event/dayofdeath/images/
2 KB
2 KB
Image
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/images/icon_google.png
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/api/css?region=US&lang=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9e36abe458c94f90d009dd9adf75173e760c689e7ff8e67ee64b00747c9495e2

Request headers

Referer
https://dod.us.freefiremobile.com/api/css?region=US&lang=es
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
last-modified
Thu, 22 Oct 2020 09:42:38 GMT
server
AkamaiNetStorage
x-amz-cf-pop
ZAG50-C1
etag
"b7cceaf73179e58e319e0ef77fd0dfc8:1603359758.97555"
status
200
x-cache
RefreshHit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
1817
x-amz-cf-id
3uFKB7OvAWeJNadRNr6PfXYA5ROeLKFo-qfC8Nd8pFX0E8ZCRyqQIg==
expires
Fri, 30 Oct 2020 13:09:54 GMT
icon_vk.png
dl.dir.freefiremobile.com/common/web_event/dayofdeath/images/
869 B
1 KB
Image
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/images/icon_vk.png
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/api/css?region=US&lang=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4d82088855c73e61da283bbc4772e0b511faf3363b145212f7c280d3edf14033

Request headers

Referer
https://dod.us.freefiremobile.com/api/css?region=US&lang=es
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
last-modified
Thu, 22 Oct 2020 09:42:43 GMT
server
AkamaiNetStorage
x-amz-cf-pop
ZAG50-C1
etag
"4237bba238c5f821b62e45140b37f1db:1603359763.31936"
status
200
x-cache
RefreshHit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
869
x-amz-cf-id
uDHHXQjjxzDPYE0lNnaEoGTsP4J-mwpo1AdaRxJ07cUl7Ypqt2l47A==
expires
Fri, 30 Oct 2020 13:09:54 GMT
icon_close.png
dl.dir.freefiremobile.com/common/web_event/dayofdeath/images/
4 KB
4 KB
Image
General
Full URL
https://dl.dir.freefiremobile.com/common/web_event/dayofdeath/images/icon_close.png
Requested by
Host: dod.us.freefiremobile.com
URL: https://dod.us.freefiremobile.com/api/css?region=US&lang=es
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20d7:4a00:2:3296:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
3a60cc93360a19467fe94c53b5bf7ad125fd5869c85497754eda0f2b82fc4b62

Request headers

Referer
https://dod.us.freefiremobile.com/api/css?region=US&lang=es
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 19:38:35 GMT
via
1.1 b8c21c40c485a68c7663b93787f93464.cloudfront.net (CloudFront)
last-modified
Thu, 22 Oct 2020 09:42:26 GMT
server
AkamaiNetStorage
x-amz-cf-pop
ZAG50-C1
etag
"ae14229ccc227efddd638fbf30fd5aea:1603359746.177802"
status
200
x-cache
RefreshHit from cloudfront
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
3751
x-amz-cf-id
DV4gApMFwUgB0fVCW0q-S3bUcwQh_LZZ9kCKeOP4DGEesVkslJNQ9A==
expires
Fri, 30 Oct 2020 12:36:32 GMT
JTUSjIg69CK48gW7PXoo9WlhyyTh89Y.woff2
fonts.gstatic.com/s/bebasneue/v2/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/bebasneue/v2/JTUSjIg69CK48gW7PXoo9WlhyyTh89Y.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bebas+Neue&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb7bb168e2cbaded822bfee46393b291395ed61bd0c0f0ff43dbd1b483343e3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://dod.us.freefiremobile.com
Referer
https://fonts.googleapis.com/css?family=Bebas+Neue&display=swap
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 30 Oct 2020 02:23:08 GMT
x-content-type-options
nosniff
last-modified
Thu, 10 Sep 2020 17:05:49 GMT
server
sffe
age
62127
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7904
x-xss-protection
0
expires
Sat, 30 Oct 2021 02:23:08 GMT
pd.gif
logcollector.data.garenanow.com/
0
0
Image
General
Full URL
https://logcollector.data.garenanow.com/pd.gif?data=%7B%22ts%22%3A1604086717%2C%22uuid%22%3A%2265a18fb2-e928-4090-9e79-aae2a19edac5%22%2C%22event%22%3A%22%22%2C%22payload%22%3A%7B%22uid%22%3A0%2C%22region%22%3A0%2C%22data%22%3A%5B%7B%22event%22%3A%22init%22%2C%22info%22%3A%7B%22agent%22%3A%22Netscape%20Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36%22%2C%22url%22%3A%22https%3A%2F%2Fdod.us.freefiremobile.com%2Fassist%2F6NVV3YKJ%2F%22%2C%22screen%22%3A%221600x1200%22%2C%22time%22%3A1604086715%7D%7D%5D%7D%7D&project_name=ff_front_end
Protocol
HTTP/1.0
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
143.92.112.60 , Singapore, ASN58521 (GARENA-SG Garena Online Pte Ltd, SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://dod.us.freefiremobile.com/assist/6NVV3YKJ/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| analyticsId string| src object| script function| gtag object| dataLayer function| Vue object| t function| e function| VueRouter function| axios object| webpackJsonp function| HowlerGlobal object| Howler function| Howl function| Sound function| webpackHotUpdate object| garenaGA object| google_tag_manager

1 Cookies

Domain/Path Name / Value
dod.us.freefiremobile.com/ Name: csrftoken
Value: oBOWYSaCEPEyeHByQ4W7xjlC6nyDlqGKFmqJGoLW1Ll2yRS1YOkEP2nvNGt5aWHl

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dl.dir.freefiremobile.com
dod.us.freefiremobile.com
fonts.googleapis.com
fonts.gstatic.com
logcollector.data.garenanow.com
www.googletagmanager.com
143.92.112.60
148.153.73.200
2600:9000:20d7:4a00:2:3296:ae40:93a1
2a00:1450:4001:803::2008
2a00:1450:4001:818::2003
2a00:1450:4001:81f::200a
0026cf5931eab500d6af720a3085df65964b89fd261c21bcb92670418cbcb0a2
0530ac1b7938697858f9e1be7964ca34607551a4dd5545623c0b1f555276b306
141ae8ac0125ac8234ca22fb633e33fb89a7b30888fecf633cfdb7b067b79509
1c22fecbf967be8fba5251fd77ef451e913dda1e833c2806a30ab00b6b698482
29f238150894d79c00929cfacfb75d72fc3acf06ac7fc538ef957f195fd4587c
3a60cc93360a19467fe94c53b5bf7ad125fd5869c85497754eda0f2b82fc4b62
4d82088855c73e61da283bbc4772e0b511faf3363b145212f7c280d3edf14033
4f377f6526614881808b1293000fe8eafed3e38b09ea01ac9c9cbaf77acfb4c7
785f17cadced89e85184888923449bf6bca5bab94633bd658e9ef4e8da6eb416
7b597f2c8d23662966a7154df1951b23bdfa7ddb45d09417493dde6195f7903b
83e40aef92138c841a236895c09496aa49fb2959472427c9397a1bacd51c62b3
9e36abe458c94f90d009dd9adf75173e760c689e7ff8e67ee64b00747c9495e2
af072e5a624ed7b6f7d36fa1a05f8bcf9549c919dce2053f98f9612a84c95aa4
b1a27c40b690b2f5a334b3f68217c4776fa3875f3224f6d3112cdae3dc4d9899
b4aa8c70172083cba16f1ce5232152b62379a38e0a1e9bf4163086df30f37a00
bb7bb168e2cbaded822bfee46393b291395ed61bd0c0f0ff43dbd1b483343e3b
bbc2aee0c334dcc3f7c914d11f0cb3c9a60e76e616081db905de31be8f1c22d3
c132b8810a7888eab7b24715cced146755c7405561adf1c21ddf1454871d805c
d90d5c420161c04edb85651a2cbe748e619b702ec1d81cbbd009b129f878ddc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6915f17c9de5f43e9104599036319a1b71e2847f7717328157fe819dd68c71d
f3fc24bdf70c4173ae1f5ed67dd0dcc7d7503e88a58dfb2cd3d6ee886da4229b
fa35af6a61f0ce5cb25e92f3ac40699bcea9532c83c91330db0f6622155a9561
fffa4fd63e703e121e2803951eed6e06415f3ea3a6e6c295d1a0d3cdfbde1bd8