urlscan.io logo urlscan.io
SecurityTrails logo

freefirelimited-vip.gazrena.io.vn Open in urlscan Pro
172.67.208.33  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://freefirelimited-vip.gazrena.io.vn/
Effective URL: https://freefirelimited-vip.gazrena.io.vn/
Submission: On October 20 via automatic, source openphish — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 15 domains to perform 45 HTTP transactions. The main IP is 172.67.208.33, located in United States and belongs to CLOUDFLARENET, US. The main domain is freefirelimited-vip.gazrena.io.vn.
TLS certificate: Issued by WE1 on September 27th 2024. Valid for: 3 months.
This is the only time freefirelimited-vip.gazrena.io.vn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Garena Free Fire (Gaming)

Domain & IP information

IP Address AS Autonomous System
18 172.67.208.33 13335 (CLOUDFLAR...)
2 104.18.10.207 13335 (CLOUDFLAR...)
2 104.17.25.14 13335 (CLOUDFLAR...)
3 152.195.13.243 15133 (EDGECAST)
1 142.250.80.118 15169 (GOOGLE)
1 123.30.242.13 135905 (VNPT-AS-V...)
1 42.112.37.35 18403 (FPT-AS-AP...)
6 199.232.192.193 54113 (FASTLY)
1 151.101.2.137 54113 (FASTLY)
2 142.251.41.74 15169 (GOOGLE)
1 23.200.0.28 20940 (AKAMAI-ASN1)
1 162.249.168.129 26548 (PUREVOLTA...)
3 142.250.81.227 15169 (GOOGLE)
1 135.181.63.70 24940 (HETZNER-AS)
1 65.21.235.194 24940 (HETZNER-AS)
45 16
18    172.67.208.33 (United States)

ASN13335 (CLOUDFLARENET, US)
freefirelimited-vip.gazrena.io.vn
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
3    152.195.13.243 (United States)

ASN15133 (EDGECAST, US)
dl.dir.freefiremobile.com
1    142.250.80.118 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f22.1e100.net
i.ytimg.com
1    123.30.242.13 (Viet Nam)

ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN)
PTR: static.vnpt.vn
kenh14cdn.com
1    42.112.37.35 (Hanoi, Viet Nam)

ASN18403 (FPT-AS-AP FPT Telecom Company, VN)
channel.mediacdn.vn
6    199.232.192.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
1    151.101.2.137 (San Francisco, United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    142.251.41.74 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: yyz10s20-in-f10.1e100.net
ajax.googleapis.com
1    23.200.0.28 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-200-0-28.deploy.static.akamaitechnologies.com
freefiremobile-a.akamaihd.net
1    162.249.168.129 (United States)

ASN26548 (PUREVOLTAGE-INC, US)
i.postimg.cc
3    142.250.81.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f3.1e100.net
fonts.gstatic.com
1    135.181.63.70 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: cdn15.top4top.io
l.top4top.io
1    65.21.235.194 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: cdn16.top4top.io
a.top4top.io
Apex Domain
Subdomains		 Transfer
18 io.vn
freefirelimited-vip.gazrena.io.vn
144 KB
6 imgur.com
i.imgur.com — Cisco Umbrella Rank: 8556
924 KB
3 gstatic.com
fonts.gstatic.com
37 KB
3 freefiremobile.com
dl.dir.freefiremobile.com — Cisco Umbrella Rank: 39712
655 KB
2 top4top.io
l.top4top.io
a.top4top.io
37 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 412
59 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
44 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3270
83 KB
1 postimg.cc
i.postimg.cc — Cisco Umbrella Rank: 17317
13 KB
1 akamaihd.net
freefiremobile-a.akamaihd.net — Cisco Umbrella Rank: 100785
155 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
32 KB
1 mediacdn.vn
channel.mediacdn.vn — Cisco Umbrella Rank: 243465
229 KB
1 kenh14cdn.com
kenh14cdn.com — Cisco Umbrella Rank: 82073
81 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 99
225 KB
0 Failed
function sub() { [native code] }. Failed
45 15
Domain Requested by
18 freefirelimited-vip.gazrena.io.vn freefirelimited-vip.gazrena.io.vn
6 i.imgur.com freefirelimited-vip.gazrena.io.vn
3 fonts.gstatic.com freefirelimited-vip.gazrena.io.vn
3 dl.dir.freefiremobile.com freefirelimited-vip.gazrena.io.vn
2 ajax.googleapis.com freefirelimited-vip.gazrena.io.vn
2 cdnjs.cloudflare.com freefirelimited-vip.gazrena.io.vn
cdnjs.cloudflare.com
2 stackpath.bootstrapcdn.com freefirelimited-vip.gazrena.io.vn
stackpath.bootstrapcdn.com
1 a.top4top.io freefirelimited-vip.gazrena.io.vn
1 l.top4top.io freefirelimited-vip.gazrena.io.vn
1 i.postimg.cc freefirelimited-vip.gazrena.io.vn
1 freefiremobile-a.akamaihd.net freefirelimited-vip.gazrena.io.vn
1 code.jquery.com freefirelimited-vip.gazrena.io.vn
1 channel.mediacdn.vn freefirelimited-vip.gazrena.io.vn
1 kenh14cdn.com freefirelimited-vip.gazrena.io.vn
1 i.ytimg.com freefirelimited-vip.gazrena.io.vn
0 invalid Failed freefirelimited-vip.gazrena.io.vn
45 16

This site contains no links.

Subject Issuer Validity Valid
gazrena.io.vn
WE1		 2024-09-27 -
2024-12-26		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
cdnjs.cloudflare.com
WE1		 2024-09-28 -
2024-12-27		 3 months crt.sh
garenanow.com
GeoTrust TLS RSA CA G1		 2024-08-07 -
2025-05-30		 10 months crt.sh
edgestatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
kenh14cdn.com
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-08-30 -
2025-10-01		 a year crt.sh
*.mediacdn.vn
GlobalSign GCC R6 AlphaSSL CA 2023		 2024-06-08 -
2025-07-10		 a year crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA		 2024-02-15 -
2025-02-14		 a year crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
upload.video.google.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2024-04-18 -
2025-04-19		 a year crt.sh
postimg.cc
E5		 2024-08-21 -
2024-11-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-30 -
2024-12-23		 3 months crt.sh
*.top4top.co
R10		 2024-08-29 -
2024-11-27		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://freefirelimited-vip.gazrena.io.vn/
Frame ID: 3691B20C1301D314DDD1253E480D9E4D
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Garena Free Fire

Page URL History Show full URLs

  1. http://freefirelimited-vip.gazrena.io.vn/ HTTP 307
    https://freefirelimited-vip.gazrena.io.vn/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

45
Requests

98 %
HTTPS

0 %
IPv6

15
Domains

16
Subdomains

16
IPs

4
Countries

2719 kB
Transfer

3048 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://freefirelimited-vip.gazrena.io.vn/ HTTP 307
    https://freefirelimited-vip.gazrena.io.vn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
freefirelimited-vip.gazrena.io.vn/
Redirect Chain
  • http://freefirelimited-vip.gazrena.io.vn/
  • https://freefirelimited-vip.gazrena.io.vn/
17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://freefirelimited-vip.gazrena.io.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.33
Resource Hash
659bbbb4e575a5f58570a5d7a58f47e6591e86d2ccc19a63439cd72947c9ee89

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8d552ec01d1fabe8-YYZ
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Sun, 20 Oct 2024 01:19:58 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h3pfK9XcUDLC4%2BDJRkkhbx6FkeH7zbV5dKE51IDQlAQg1tLdxOZXVhfpUH6fd2PeP11AmOHjcdpAIvOlAiZ6%2FkfGUipJ6do0pstJIFzPtsI92k43js00ZDLyb%2BzpvTOuKKEA%2FXHugaWnsRdIh0lxi0V2dfs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=22455&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4160&recv_bytes=4499&delivery_rate=637&cwnd=12000&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=947&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed

Redirect headers

Location
https://freefirelimited-vip.gazrena.io.vn/
Non-Authoritative-Reason
HttpsUpgrades
style.css
freefirelimited-vip.gazrena.io.vn/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freefirelimited-vip.gazrena.io.vn/css/style.css
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88e3f83e0743f173fa8f091ea2f98724c4cd1ca51e41200a9508dd8caf73d503

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
10478
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KnoxaHXf%2F3h7gsQhQ44oCikUAVoxcACQbewLLbcQ9tO5p83jqEG5G9Z1Y0TZI%2Bg40W9utv0EULuiYxW0Bju2WjHt%2B0yAxQOcKIY9TxaEaYzr0ksTy5TWqz0qNR2pfD6sQGk0bOwkRMh3JRemDH6r7T15OGU%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22145&sent=20&recv=17&lost=0&retrans=0&sent_bytes=10631&recv_bytes=6133&delivery_rate=299470&cwnd=12000&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=995&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
text/css
last-modified
Fri, 02 Feb 2024 14:43:42 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec60abbabe8-YYZ
x-turbo-charged-by
LiteSpeed
server
cloudflare
animate.css
freefirelimited-vip.gazrena.io.vn/css/ 		76 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freefirelimited-vip.gazrena.io.vn/css/animate.css
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
10478
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BDHQIcKVQJtacX7Wk13VCH19i27CQBKc3CSyzuVcXmxYK%2Fkv35%2F8vbQqP%2FlIntPF1aDjiqloq%2Fx3V7ySnFAg7LdEqn9CnGEgK6VtS6T6sZzB0CHCwr9IrMlNatwU5Cp%2FRwk4d31a6MbTntRKtkhVnKr1Nzw%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22145&sent=26&recv=17&lost=0&retrans=0&sent_bytes=16201&recv_bytes=6133&delivery_rate=299470&cwnd=12000&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=998&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
text/css
last-modified
Fri, 02 Feb 2024 14:43:32 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec61abfabe8-YYZ
x-turbo-charged-by
LiteSpeed
server
cloudflare
facebook.css
freefirelimited-vip.gazrena.io.vn/css/login/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freefirelimited-vip.gazrena.io.vn/css/login/facebook.css
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
10478
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cUdSdzR3TX0SMU97N21wrli7WlnmUlmxUarLdsbBteSPeedaKS%2FT0poL2Kd6p%2BgZ6VbVKKPPQwQDaipJi3GC7UEFXgLpLc2LRX7DdPOrrJAUj3uXDYUF%2FQeTncLPKhzKZHtHiYIeFrTZbiuqsTuJrrhOTic%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22145&sent=32&recv=17&lost=0&retrans=0&sent_bytes=22631&recv_bytes=6133&delivery_rate=299470&cwnd=12000&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=999&x=1", cfExtPri, cfHdrFlush;dur=16
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
text/css
last-modified
Fri, 02 Feb 2024 14:43:50 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec61ac1abe8-YYZ
x-turbo-charged-by
LiteSpeed
server
cloudflare
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"269550530cc127b6aa5a35925a7de6ce"
age
268196
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sun, 20 Oct 2024 01:19:58 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
10/06/2024 01:22:44
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a7a3366160ab46d924a71bfca18b1cf5
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8d552ec668b4ac64-YYZ
access-control-allow-origin
*
cdn-edgestorageid
871
server
cloudflare
cdn-requestcountrycode
US
material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 		69 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ed9-1149f"
age
800882
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yn3v15mWsadQRvouW6WJRVL9EpIyakHSLex0rveBmFMPEQlo3aW9aqPgLrBWCxtUktLCl4QfXA8T6QbH%2Bj%2FkW%2FoecSdcEczfXR19f%2FCx%2BcSszV5zYk7YtSdVS4GblWkriiFFKPTp"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 01:19:58 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
text/css; charset=utf-8
last-modified
Mon, 04 May 2020 16:12:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d552ec64d2fa208-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
5845
server
cloudflare
/
invalid/ 		0
0
FREE_FIRE_LOGO.PNG(2).png
dl.dir.freefiremobile.com/common/test/official/ 		253 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/test/official/FREE_FIRE_LOGO.PNG(2).png
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.13.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (chd/077D) /
Resource Hash
e5d1ff232a26bd3b8a702a52464d1bdf12992e9f166084da5cfad235d8f7b20e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
etag
"76697e9220e45c00a5fbaf78cc3d7553"
age
2218
expires
Sun, 20 Oct 2024 02:19:58 GMT
x-amz-cf-id
BJZ1qCseI0IASzUyXgh9FPMy4GPVkxCuT8s5aQAafUJHgzCkTg4rhw==
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/png
last-modified
Thu, 15 Sep 2022 12:58:04 GMT
ec-version
v6.05
x-obs-request-id
00000192A760A138901D19219145DED5
cache-control
public, max-age=3600
via
1.1 9f44979371753c2c471cc68585a60f9c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
258949
x-amz-cf-pop
ORD56-P8
server
ECAcc (chd/077D)
nav_shop.svg
freefirelimited-vip.gazrena.io.vn/img/ 		993 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefirelimited-vip.gazrena.io.vn/img/nav_shop.svg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad9e2db663bbdb4f80bdcb6ea144d69502f9d58bf6fcf19f17e365ffea0220f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
10478
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tZaKqTcTUUToIDI8k2SzxA%2BfttFHOiTG%2BO375ynhzpuQDMxFwczH8huaueZv4lmXipkAG9WD4f5mjHMWIMS409XKjMj95VHtYbe5I3KnuCDUvZVl0h7DDXMRez5Qq3oCsh5DbxPWymSFO9Jddzk%2BH%2Fp%2F30%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22145&sent=24&recv=17&lost=0&retrans=0&sent_bytes=14878&recv_bytes=6133&delivery_rate=299470&cwnd=12000&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=998&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/svg+xml
last-modified
Mon, 05 Feb 2024 05:45:36 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec61ac3abe8-YYZ
x-turbo-charged-by
LiteSpeed
server
cloudflare
nav_language.svg
freefirelimited-vip.gazrena.io.vn/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefirelimited-vip.gazrena.io.vn/img/nav_language.svg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
10478
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I8ebkYIZ1M%2BzCDl5FE0cA8ufZIJbHkZmadnTPUA8tErKtnv4aoQPR%2BVjciYLKsL%2BCsR1OnFWAOAFprG89lqrfODY4BCkxjaGOppw3u36aY0E19yG6lg5WYcfXtSOvwSNCLkF2fd1cQXIu9jqJjOFmKhtbhI%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27612&sent=39&recv=28&lost=0&retrans=0&sent_bytes=24412&recv_bytes=8387&delivery_rate=403827&cwnd=15600&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=1021&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/svg+xml
last-modified
Mon, 05 Feb 2024 05:45:37 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec63b00abe8-YYZ
x-turbo-charged-by
LiteSpeed
server
cloudflare
nav_menu.svg
freefirelimited-vip.gazrena.io.vn/img/ 		884 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefirelimited-vip.gazrena.io.vn/img/nav_menu.svg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
10478
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C3XBf7jbEUCyKa2MAGt9AXOCEoe4FqAOwCiUGO2qAqlYB6M1dIUt%2BaS%2BvHx%2BYyUFsG6hHjswWZi9fhe8r5Unhgd7%2F8IspwECF8JBBeRXu71254HsNtZv%2FRbDDkV6LclTRPHZY267U%2FmXjoGkZhlbDod8UO4%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27612&sent=41&recv=28&lost=0&retrans=0&sent_bytes=25885&recv_bytes=8387&delivery_rate=403827&cwnd=15600&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=1023&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/svg+xml
last-modified
Mon, 05 Feb 2024 05:45:39 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec63b03abe8-YYZ
x-turbo-charged-by
LiteSpeed
server
cloudflare
nav_download.svg
freefirelimited-vip.gazrena.io.vn/img/ 		1007 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefirelimited-vip.gazrena.io.vn/img/nav_download.svg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b22f25d8b7421c4c4aec15a9a4781f873545a5732ac128871da40f38c98f4cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
10478
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wt%2BxxxAdK4EdeojIqrcCiMGov2HvLeJox6rDfOvW6emF4OjwBmZUguPmPiyaJ%2BjIMTSlM8Tl56qSHo810JpHFqFHlLQCp6mRBNedULUuaFukv3yRJCNrJYI5wgpEkjDotQtx5gpeMcgOYrN7pFbboAuLm8o%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27612&sent=43&recv=28&lost=0&retrans=0&sent_bytes=27125&recv_bytes=8387&delivery_rate=403827&cwnd=15600&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=1024&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/svg+xml
last-modified
Mon, 05 Feb 2024 05:45:35 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec63b06abe8-YYZ
x-turbo-charged-by
LiteSpeed
server
cloudflare
maxresdefault.jpg
i.ytimg.com/vi/YVarqm5YuMs/ 		225 KB
225 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi/YVarqm5YuMs/maxresdefault.jpg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.80.118 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s36-in-f22.1e100.net
Software
sffe /
Resource Hash
60b80e3af6ff5922da5a21f44348bb4219d4e584fc7ccf76b1605beb0b197a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

etag
"1654682829"
age
0
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
x-content-type-options
nosniff
expires
Sun, 20 Oct 2024 03:19:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/jpeg
vary
Origin
cache-control
public, max-age=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
content-length
229959
x-xss-protection
0
server
sffe
photo1613294337693-1613294338044867615888.jpg
kenh14cdn.com/thumb_w/600/203336854389633024/2021/2/14/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kenh14cdn.com/thumb_w/600/203336854389633024/2021/2/14/photo1613294337693-1613294338044867615888.jpg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
123.30.242.13 , Viet Nam, ASN135905 (VNPT-AS-VN VIETNAM POSTS AND TELECOMMUNICATIONS GROUP, VN),
Reverse DNS
static.vnpt.vn
Software
VCCloud CDN / 247.5827337eef8190c245ef59e4d10b3e9b /
Resource Hash
c79012e51f1c058f7fb43e9efad282a36c3d5090514c4bd8ce23a143fc3cd81c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
access-control-allow-methods
GET, HEAD, POST, OPTIONS
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT from VCCloud CDN
content-length
82578
date
Sun, 20 Oct 2024 01:19:59 GMT
x-xss-protection
1; mode=block
content-type
image/webp
last-modified
Sat, 25 May 2024 17:54:06 GMT
server
VCCloud CDN / 247.5827337eef8190c245ef59e4d10b3e9b
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
photo-1-1673952510712158437165.jpg
channel.mediacdn.vn/428462621602512896/2023/1/17/ 		229 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://channel.mediacdn.vn/428462621602512896/2023/1/17/photo-1-1673952510712158437165.jpg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.112.37.35 Hanoi, Viet Nam, ASN18403 (FPT-AS-AP FPT Telecom Company, VN),
Reverse DNS
Software
VCCloud CDN / 564.4bad4bc7c26b9c8a2a9425522ac28508 /
Resource Hash
eedaeb90bb7b1aae081292ae2bf9c19034f7525a8e776959ca3819d73f7b184b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
access-control-allow-methods
GET, HEAD, POST, OPTIONS
x-content-type-options
nosniff
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT from VCCloud CDN
content-length
234144
date
Sun, 20 Oct 2024 01:19:59 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
last-modified
Tue, 09 Jul 2024 17:48:56 GMT
server
VCCloud CDN / 564.4bad4bc7c26b9c8a2a9425522ac28508
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Length,Content-Type,DNT,If-Modified-Since,Keep-Alive,Key,Origin,Range,User-Agent,X-Requested-With
s4_img2.png
freefirelimited-vip.gazrena.io.vn/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefirelimited-vip.gazrena.io.vn/img/s4_img2.png
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tb6nokLOVB7fFh2pnaQNTIql7%2Boggsiykfw24E%2FD1ie%2FMvMGL%2F4a4eq%2FBb%2FyfucSnjvlWtGJaMPZeVhWC%2FLq%2FZvOx1UNuOctR%2FhYwczuhMubWxrlcUBnupzCq6fF3qaufQow%2F33zgnTsNB43mtB4lnYnta0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d552ec63b07abe8-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21057&sent=168&recv=77&lost=6&retrans=6&sent_bytes=158229&recv_bytes=13153&delivery_rate=1194640&cwnd=42840&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=1789&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 01:19:59 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
PRAgJZL.jpg
i.imgur.com/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/PRAgJZL.jpg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
44b56c5209aa8f67827b694be8518a0d46a1508e52bfb8481b54a3926837e916
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

etag
"f59a68dcc000a7bb9e589cae40af29b6"
age
234350
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
JuOQzGvrpbYOQhXW7yby1elyygB7gcoo08ogyc1EY_EBfC5BJ2KYVA==
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/jpeg
last-modified
Tue, 16 Jan 2024 10:40:43 GMT
x-cache-hits
6, 0
x-served-by
cache-iad-kiad7000153-IAD, cache-yyz4580-YYZ
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1729387198.483442,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
content-length
30795
x-amz-cf-pop
IAD89-P2
server
cat factory 1.0
x-amz-server-side-encryption
AES256
Shoz1ga.jpg
i.imgur.com/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Shoz1ga.jpg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
a0a583e6d36815a801f40ed878f8d6f573c5830249bf88416d41521ccdd517d2
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

etag
"14f08f2a118277cefd4bf87ff42d71df"
age
173480
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-amz-storage-class
STANDARD_IA
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
PISLnM4hzKxLpxg5kSRwD2OrUtX8jD4fIyMMxzjrXJtvdfhHuyKlfw==
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/jpeg
last-modified
Sat, 03 Jun 2023 04:28:52 GMT
x-cache-hits
1, 0
x-served-by
cache-iad-kjyo7100122-IAD, cache-yyz4580-YYZ
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1729387198.483552,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
content-length
158925
x-amz-cf-pop
MIA50-P4
server
cat factory 1.0
x-amz-server-side-encryption
AES256
Tvmofzx.jpg
i.imgur.com/ 		222 KB
223 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/Tvmofzx.jpg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
7b43506b35f6da569246253d5499d770c6d9578642637fd887e7f734dc4ca438
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

etag
"59966c2e4a16ab9767d62864f7b78ac6"
age
162225
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-amz-storage-class
STANDARD_IA
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
dIIcK_g-Yit54z2LYiFGP_hkEIrH1LjtMBOe9b4IucU_DfKUj6eexw==
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/jpeg
last-modified
Sat, 03 Jun 2023 04:29:29 GMT
x-cache-hits
6, 0
x-served-by
cache-iad-kcgs7200125-IAD, cache-yyz4580-YYZ
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1729387198.483670,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
content-length
227756
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
aayuhgO.jpg
i.imgur.com/ 		262 KB
262 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/aayuhgO.jpg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
90fcc95b87f2f667906a17e1d704ff4b6a2befa796f33c65caec4d1824ff1ce2
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

etag
"884cd969100aa25ca05c4a158f0e4ebe"
age
333042
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-amz-storage-class
STANDARD_IA
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
TwmLBtZZUBBuwuP-spkYRJWxN7G87qtB61UUFZSsDXTUfBG9wsgwJQ==
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/jpeg
last-modified
Sat, 03 Jun 2023 04:37:46 GMT
x-cache-hits
10, 0
x-served-by
cache-iad-kjyo7100111-IAD, cache-yyz4580-YYZ
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1729387198.483536,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
content-length
268221
x-amz-cf-pop
MIA50-P4
server
cat factory 1.0
x-amz-server-side-encryption
AES256
AH0buwh.jpg
i.imgur.com/ 		241 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/AH0buwh.jpg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
d744cd57739ca340e0ae79aaced0069d48ef8f99ad017f3b14c29f224e00cf0a
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

etag
"70704a46b4437975c6ed55fca840caa7"
age
234350
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-amz-storage-class
STANDARD_IA
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
mbY6Qsgkf5-2Ar5GDOTiyJKsb7Rq7PwDqAwICUVbU9n0ikI-jKY2_Q==
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/jpeg
last-modified
Fri, 02 Jun 2023 10:53:27 GMT
x-cache-hits
7, 0
x-served-by
cache-iad-kjyo7100153-IAD, cache-yyz4580-YYZ
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1729387198.494583,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
content-length
247036
x-amz-cf-pop
IAD12-P2
server
cat factory 1.0
x-amz-server-side-encryption
AES256
c8VFRYV.jpg
i.imgur.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/c8VFRYV.jpg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
7f559f8c2f8bc327f3b1975646d46ecd6657b8108d3a0094afe0f807104bccaf
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

etag
"d5ccfb29758967ae8f15adc669768861"
age
240528
access-control-allow-methods
GET, OPTIONS
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
1Gl4-yrQ6dvmQUIqKKINEsvMy7A9-vB1k6H3SbC5OGaoe_8stNOcmA==
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/jpeg
last-modified
Tue, 14 Nov 2023 16:47:27 GMT
x-cache-hits
7, 0
x-served-by
cache-iad-kjyo7100031-IAD, cache-yyz4580-YYZ
strict-transport-security
max-age=300
cache-control
public, max-age=31536000
x-timer
S1729387198.494700,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
content-length
11425
x-amz-cf-pop
IAD89-P1
server
cat factory 1.0
x-amz-server-side-encryption
AES256
logo.c7fec21.png
dl.dir.freefiremobile.com/common/web_event/ffuniversenew/img/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/ffuniversenew/img/logo.c7fec21.png
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.13.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (chd/079D) /
Resource Hash
64637c8441732137d863f79b59603293e75d0af45ff9e3420b00d5ba7da69dd3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

content-md5
SQ/XwdBLT+03Nf8E7TCSMg==
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
etag
"490fd7c1d04b4fed3735ff04ed309232"
age
344
expires
Sun, 20 Oct 2024 02:19:58 GMT
x-amz-cf-id
OyLOoCobMafJw4-a6Ff9EX5OwJm5Lf4KDgDbDaKEoAVcVp5GwiJKQQ==
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/png
last-modified
Mon, 29 May 2023 05:14:03 GMT
ec-version
v6.05
x-obs-request-id
00000192A77D38AC90169C18121B12E8
cache-control
public, max-age=3600
via
1.1 eb3bb1d97a7a209cd1ad4ea0ddcd8bf6.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
61764
x-obs-replication-status
REPLICA
x-amz-cf-pop
ORD56-P10
server
ECAcc (chd/079D)
jquery-1.10.2.min.js
code.jquery.com/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.10.2.min.js
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

content-encoding
gzip
etag
W/"28feccc0-16bb3"
age
5682803
x-cache
HIT, HIT
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
14111, 14348
x-served-by
cache-lga21955-LGA, cache-yyz4532-YYZ
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1729387198.484648,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
32788
server
nginx
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.74 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz10s20-in-f10.1e100.net
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

content-encoding
gzip
age
126007
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 14:19:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 14:19:51 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
29671
x-xss-protection
0
server
sffe
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.41.74 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
yyz10s20-in-f10.1e100.net
Software
sffe /
Resource Hash
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

content-encoding
gzip
age
99269
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 21:45:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 21:45:29 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
29707
x-xss-protection
0
server
sffe
nvn.css
freefirelimited-vip.gazrena.io.vn/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freefirelimited-vip.gazrena.io.vn/css/nvn.css
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0076ccc63e9ef584dbf387b5d0b376bc24b0d469eae3f80ff5171d2ef3fd985

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/css/style.css

Response headers

content-encoding
zstd
cf-cache-status
HIT
age
10478
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H5gk3fLwuYR0%2BGHkDwxd5mFkOCBw%2BeMe9LsuhMMlIbd2QL71o9VKS4czmU0wnHkHil3xM5COLdCjfjP8ACiq1tll7jezqGOnErflW4TT5XsgwjyMPV7jXXcxzihzYDNftonX3Zp8dlZyial01%2FBx25akCk8%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:20 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27612&sent=45&recv=28&lost=0&retrans=0&sent_bytes=28413&recv_bytes=8387&delivery_rate=403827&cwnd=15600&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=1029&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
text/css
last-modified
Fri, 02 Feb 2024 14:43:38 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec64b12abe8-YYZ
x-turbo-charged-by
LiteSpeed
server
cloudflare
83f3aecfe60c6ec13a09696b3465907a.jpg
dl.dir.freefiremobile.com/common/web_event/official2.ff.garena.all/20232/ 		341 KB
341 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/official2.ff.garena.all/20232/83f3aecfe60c6ec13a09696b3465907a.jpg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.13.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (chd/0780) /
Resource Hash
b5a79ac9adb2cde5e508ac84e74bb9a9e5a87e3e3cdd4f5b269224437f61d052

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

content-md5
mAsnWnO/tjcYj9puBZ+yDQ==
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
etag
"980b275a73bfb637188fda6e059fb20d"
age
2026
expires
Sun, 20 Oct 2024 02:19:58 GMT
x-amz-cf-id
buw4_LzelKfWzySMELoE3I-sQL2SvFEsHxIS3z8sE4YlykvTQ_5apw==
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/jpeg
last-modified
Fri, 03 Feb 2023 10:24:09 GMT
ec-version
v6.05
x-obs-request-id
00000192A7638E90941A2803A0A2B4A5
cache-control
public, max-age=3600
via
1.1 4ce7820043470844432b463359690f4c.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
349155
x-obs-replication-status
REPLICA
x-amz-cf-pop
ORD56-P8
server
ECAcc (chd/0780)
284e7fe8d941a07012304a3ad7ad86e8.jpg
freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20228/ 		154 KB
155 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefiremobile-a.akamaihd.net/common/web_event/official2.ff.garena.all/img/20228/284e7fe8d941a07012304a3ad7ad86e8.jpg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.200.0.28 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-200-0-28.deploy.static.akamaitechnologies.com
Software
OBS /
Resource Hash
e9a5c76a3fe82b6c1fc575d7b47acb5cb802affa64205528fbe1ca764b276a26

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Cache-Control
public, max-age=3600
ETag
"ac2cb1bda658d3a4c2cee214f44497fb"
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Access-Control-Allow-Origin
*
Content-Length
157948
Date
Sun, 20 Oct 2024 01:19:58 GMT
Content-Type
image/jpeg
x-obs-request-id
00000192A6E1858F90156E78242A2B32
Server
OBS
Last-Modified
Thu, 15 Sep 2022 13:06:49 GMT
s4_text1.png
freefirelimited-vip.gazrena.io.vn/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefirelimited-vip.gazrena.io.vn/img/s4_text1.png
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b703429ff672bc0e5fbd32fd2c97f37d4115e03b8f1c3c30e211fcab2ebc1ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/css/style.css

Response headers

cf-cache-status
HIT
age
10477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rn1%2B7pTM9H%2BbU85Wi4uBEZY17DAnVqa6mVlYuF3x43C%2Bww%2B0NMWNzJ2nBSRkVWA1zdUEDY%2BUSgEK370j9C3xMAGuYVMGZRvtSPYyN1CKYy7XAYbc8hKn0Nu5376qvt4qoClZKtXf41DqRTzWNlm5OVJxEV8%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26276&sent=51&recv=41&lost=0&retrans=0&sent_bytes=29783&recv_bytes=11523&delivery_rate=275759&cwnd=15600&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=1085&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/png
last-modified
Fri, 02 Feb 2024 14:47:12 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec69b65abe8-YYZ
accept-ranges
bytes
content-length
8350
x-turbo-charged-by
LiteSpeed
server
cloudflare
event-notification.png
freefirelimited-vip.gazrena.io.vn/img/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefirelimited-vip.gazrena.io.vn/img/event-notification.png
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab25c7f8bd03d146a667af4cf4a7991dd3485acba86c617d02eb5cf87355384

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/css/style.css

Response headers

cf-cache-status
HIT
age
10477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7cMGvmkyPszBEVTTPYczdDsxWjTDlEXXhxF8wP7d4%2BehyJb6HghWZvjhYPPg7hIutrueGme1d8nYrdjNCBLFnNtU2Exicm2uvYBlNS4OyGanqWrbsJiIAiYoSw3LS%2BfQg4tKGznSIDk09hyV8m5B1jqA6NA%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26276&sent=59&recv=41&lost=0&retrans=0&sent_bytes=39049&recv_bytes=11523&delivery_rate=275759&cwnd=15600&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=1088&x=1", cfExtPri, cfHdrFlush;dur=16
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/png
last-modified
Fri, 02 Feb 2024 14:44:48 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec69b66abe8-YYZ
accept-ranges
bytes
content-length
17522
x-turbo-charged-by
LiteSpeed
server
cloudflare
rewards-box-navbar.png
freefirelimited-vip.gazrena.io.vn/img/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefirelimited-vip.gazrena.io.vn/img/rewards-box-navbar.png
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6eab209a7df43f9f088e62a99f7a7a0f654015f2497de0702ecd9a73ad17d5a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/css/style.css

Response headers

cf-cache-status
HIT
age
10477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hbRD%2FxFOmg2FmIyHmYQdKz7HG3Nl32x7xjX6tYA60v%2BJKkOX0HliAdli0EmBsCvIzG0cdOE2oXuv8R8dVI9PUzOLJtyIYYT7C91Qbzp1lTnBFGlvxX2u3KdP1yf%2FnExtEVkRTCxC3XbbJXGcuvxOnhApgAs%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26276&sent=65&recv=41&lost=0&retrans=0&sent_bytes=45383&recv_bytes=11523&delivery_rate=275759&cwnd=15600&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=1088&x=1", cfExtPri, cfHdrFlush;dur=16
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/png
last-modified
Fri, 02 Feb 2024 14:47:10 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec6ab68abe8-YYZ
accept-ranges
bytes
content-length
10046
x-turbo-charged-by
LiteSpeed
server
cloudflare
rewards-box-content.png
freefirelimited-vip.gazrena.io.vn/img/ 		56 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefirelimited-vip.gazrena.io.vn/img/rewards-box-content.png
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45fb6adc6085431c1b4c6fc68229983f5d6035a0d1226590e18d35fde7b912a3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/css/style.css

Response headers

cf-cache-status
HIT
age
10477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2BCyNek1CzaVWes0CE1IUo9Yuu67ti4Jx2TdzUJeixUjOwkgzUVhR9vYKxUoOVHhSeAArGrjIiygIfiP0nE5098pNsrhHanXt2nJGS%2FuT1FIKPAxmrTJ5K41dgauDEDpxBE037sIYXQclKQnKcXnOFTpQwA%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26276&sent=59&recv=41&lost=0&retrans=0&sent_bytes=39049&recv_bytes=11523&delivery_rate=275759&cwnd=15600&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=1088&x=1", cfExtPri, cfHdrFlush;dur=16
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/png
last-modified
Fri, 02 Feb 2024 14:47:08 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec6ab69abe8-YYZ
accept-ranges
bytes
content-length
57660
x-turbo-charged-by
LiteSpeed
server
cloudflare
btn-item.png
freefirelimited-vip.gazrena.io.vn/img/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefirelimited-vip.gazrena.io.vn/img/btn-item.png
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eec76005342c623c5ad4e9493ae2f791d768a423872a1218226fb85580b6158

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/css/style.css

Response headers

cf-cache-status
HIT
age
10477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IxYJwv7SnH2nObel7F6sIvo0%2FdXOlDsau0nkj7RoG%2B91qEGXTgasIgoaz%2BGasr0RrhEqzZNfuyvEbdJ%2FDYOa3F9S9M%2FY3nXX4oh3SJb1ffPJkWxpTwwHSgcDXhGDazHKBAt%2FrdZ%2F1mVx0ETeE4vTVW2t3ac%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26276&sent=59&recv=41&lost=0&retrans=0&sent_bytes=39049&recv_bytes=11523&delivery_rate=275759&cwnd=15600&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=1088&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/png
last-modified
Fri, 02 Feb 2024 14:44:02 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec6ab6babe8-YYZ
accept-ranges
bytes
content-length
7624
x-turbo-charged-by
LiteSpeed
server
cloudflare
footer-bg.jpg
i.postimg.cc/DZYQm0Gm/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.postimg.cc/DZYQm0Gm/footer-bg.jpg
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.249.168.129 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software
nginx /
Resource Hash
2e941582ccd035c15c6d6003745300a0f1a2ad587774e255a8482939f58a6d16

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
12634
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/jpeg
last-modified
Wed, 13 Apr 2022 14:17:46 GMT
server
nginx
popup-navbar.png
freefirelimited-vip.gazrena.io.vn/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefirelimited-vip.gazrena.io.vn/img/popup-navbar.png
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1fd62c73e5d5d6f9914363672c8a7192bdb374436bf9f6cc9bba71ee47bb8075

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/css/style.css

Response headers

cf-cache-status
HIT
age
10477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LDogIevUPnOTZAMxqXGHRF8%2FLi2HNrcXzXk1s1W5G7dG%2FqW9YmEbrajp%2BcsraZ2Zq5o%2BVcVG9%2B%2BNe9t87BYwpyPjgdr35az7yrMdu5krkHnQrQDffcoEyzdVBIIE2pf3CKppcghAJ95Or%2BZk4r5gauWAXQw%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26276&sent=65&recv=41&lost=0&retrans=0&sent_bytes=45383&recv_bytes=11523&delivery_rate=275759&cwnd=15600&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=1089&x=1", cfExtPri, cfHdrFlush;dur=15
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/png
last-modified
Fri, 02 Feb 2024 14:47:26 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec6ab6cabe8-YYZ
accept-ranges
bytes
content-length
8555
x-turbo-charged-by
LiteSpeed
server
cloudflare
popup-box-bg.png
freefirelimited-vip.gazrena.io.vn/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefirelimited-vip.gazrena.io.vn/img/popup-box-bg.png
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de96470c437bdaffc85802518ca72b74a49e10029843e4d4bcb96afe4cefcad6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/css/style.css

Response headers

cf-cache-status
HIT
age
10477
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lLKHwUBVWjf%2F1wX%2BDFUrKdrOWJsjVMACdna5dPxvsR2n9MWFXE9eqOaPTABgXpvhevtGeA4dWCM2JeaJFOStqu1kadtVAGakN9uMLPZwpRq7ZCjzG8D2ceGEeO71%2BTZtmrLURWingCULDJ1pIv4jgSekrc8%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 26 Oct 2024 22:25:21 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26276&sent=65&recv=41&lost=0&retrans=0&sent_bytes=45383&recv_bytes=11523&delivery_rate=275759&cwnd=15600&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=1089&x=1", cfExtPri, cfHdrFlush;dur=15
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
image/png
last-modified
Fri, 02 Feb 2024 14:47:32 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d552ec6ab6eabe8-YYZ
accept-ranges
bytes
content-length
4867
x-turbo-charged-by
LiteSpeed
server
cloudflare
wXK0E3kTposypRydzVT08TS3JnAmtdjEyppo_leP7ncM.woff2
fonts.gstatic.com/s/baloo2/v11/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baloo2/v11/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppo_leP7ncM.woff2
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/nvn.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
sffe /
Resource Hash
5b02201c71d3fa43c6daa590c9498b6cbfbb67edb0d4607c5d6a5d6cc3a38a60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://freefirelimited-vip.gazrena.io.vn
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

age
157000
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 05:43:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 05:43:18 GMT
last-modified
Thu, 03 Feb 2022 00:31:36 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
18592
x-xss-protection
0
server
sffe
Material-Design-Iconic-Font.woff2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://freefirelimited-vip.gazrena.io.vn
Referer
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Response headers

cf-cdnjs-via
cfworker/kv
cf-cache-status
HIT
etag
"5eb03ed9-95f0"
age
804592
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yNLNX%2B4Dz92F2h%2B1s1oXc9ZtxHMz589EUlHlWJVd4FwY9794aAdEc15JRJb5GpF2pk8A4KEaRAAlC7%2Bkpq4pyuhwlsSgg7v4ITnE9glAsqeslClIfSrpqupNVUsxvDVKK3r%2Bj6rG"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Fri, 10 Oct 2025 01:19:58 GMT
alt-svc
h3=":443"; ma=86400
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
application/octet-stream; charset=utf-8
last-modified
Mon, 04 May 2020 16:12:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8d552ec6e98aaae0-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
38384
server
cloudflare
fontawesome-webfont.woff2
stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: stackpath.bootstrapcdn.com
URL: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://freefirelimited-vip.gazrena.io.vn
Referer
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"af7ae505a9eed503f8b8e6982036873e"
age
10477
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
font/woff2
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat
10/17/2024 08:42:05
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
86ea61e3b01c659ce973c469678a1a3a
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8d552ec6eaa7ac12-YYZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
cdn-edgestorageid
1029
server
cloudflare
cdn-requestcountrycode
US
wXK0E3kTposypRydzVT08TS3JnAmtdjEyppm_leP7ncMgzQ.woff2
fonts.gstatic.com/s/baloo2/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baloo2/v11/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppm_leP7ncMgzQ.woff2
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/nvn.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
sffe /
Resource Hash
2d33d6f1b6f1131e4500af570e814f8ca012acc996accd933d18dd7e5ba467f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://freefirelimited-vip.gazrena.io.vn
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

age
157000
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 05:43:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 05:43:18 GMT
last-modified
Thu, 03 Feb 2022 00:30:24 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
14160
x-xss-protection
0
server
sffe
m_1725u5z7i1.mp3
l.top4top.io/ 		19 KB
20 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://l.top4top.io/m_1725u5z7i1.mp3
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn15.top4top.io
Software
nginx /
Resource Hash
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54

Request headers

Referer
https://freefirelimited-vip.gazrena.io.vn/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=7200
etag
"5f685351-4d45"
x-file-id
x34392023x
Content-Range
bytes 0-19780/19781
expires
Sun, 20 Oct 2024 03:19:58 GMT
Content-Length
19781
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
audio/mpeg
last-modified
Mon, 21 Sep 2020 07:16:33 GMT
server
nginx
content-disposition
inline; filename="open_reward_tab.mp3"
m_1725zobal2.mp3
a.top4top.io/ 		17 KB
18 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://a.top4top.io/m_1725zobal2.mp3
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cdn16.top4top.io
Software
nginx /
Resource Hash
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65

Request headers

Referer
https://freefirelimited-vip.gazrena.io.vn/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

cache-control
max-age=7200
etag
"5f685351-451b"
x-file-id
x34392024x
Content-Range
bytes 0-17690/17691
expires
Sun, 20 Oct 2024 03:19:58 GMT
Content-Length
17691
date
Sun, 20 Oct 2024 01:19:58 GMT
content-type
audio/mpeg
last-modified
Mon, 21 Sep 2020 07:16:33 GMT
server
nginx
content-disposition
inline; filename="close_reward_popup.mp3"
wXK0E3kTposypRydzVT08TS3JnAmtdjEyppn_leP7ncMgzQ.woff2
fonts.gstatic.com/s/baloo2/v11/ 		5 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/baloo2/v11/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppn_leP7ncMgzQ.woff2
Requested by
Host: freefirelimited-vip.gazrena.io.vn
URL: https://freefirelimited-vip.gazrena.io.vn/css/nvn.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f3.1e100.net
Software
sffe /
Resource Hash
40afc48a5f88815f3178170d4959821d17a2acc40e6d72bdbc5934c8508f898f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://freefirelimited-vip.gazrena.io.vn
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

age
156999
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 18 Oct 2025 05:43:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 18 Oct 2024 05:43:19 GMT
last-modified
Thu, 03 Feb 2022 00:33:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
4740
x-xss-protection
0
server
sffe
icon.png
freefirelimited-vip.gazrena.io.vn/img/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://freefirelimited-vip.gazrena.io.vn/img/icon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.208.33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://freefirelimited-vip.gazrena.io.vn/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NOy%2B9XIwnoxpAGDMFkwgyesPT4T%2BHYWnPeD3Z0nsxXmbSiFySaJVfAHHHHHCxzZqlFBGCnHZHtAMSay3a4QEIIWEndx6s9HmnhWDpZLXh9wGbYy1iWEBYadUw0sTF4uSbNCqeGQIjQ2AkYXETrDfSojcS1w%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d552ed6aaafabe8-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20794&sent=171&recv=79&lost=6&retrans=6&sent_bytes=159780&recv_bytes=13608&delivery_rate=62769&cwnd=42840&unsent_bytes=0&cid=1bcb46bbc7252eb7&ts=4526&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 20 Oct 2024 01:20:01 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
invalid
URL
chrome-extension://invalid/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Garena Free Fire (Gaming)

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| _0x49338e object| buka object| tutup function| _0x1d70 function| _0x272d function| openRewards function| openSlides function| open_itemReward_confirmation function| open_otherReward_confirmation function| open_account_verification function| open_facebook function| open_twitter function| close_reward_confirmation function| tutup_facebook function| tutup_twitter function| ValidateVerificationData function| nvn_facebook number| slideIndexHeader function| showSlidesHeader

1 Cookies

Domain/Path Name / Value
freefirelimited-vip.gazrena.io.vn/ Name: PHPSESSID
Value: ac3a635cb4e6d58ea245a092b0cb7e1e

3 Console Messages

Source Level URL
Text
network error URL: chrome-extension://invalid/
Message:
Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network error URL: https://freefirelimited-vip.gazrena.io.vn/img/s4_img2.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://freefirelimited-vip.gazrena.io.vn/img/icon.png
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.top4top.io
ajax.googleapis.com
cdnjs.cloudflare.com
channel.mediacdn.vn
code.jquery.com
dl.dir.freefiremobile.com
fonts.gstatic.com
freefirelimited-vip.gazrena.io.vn
freefiremobile-a.akamaihd.net
i.imgur.com
i.postimg.cc
i.ytimg.com
invalid
kenh14cdn.com
l.top4top.io
stackpath.bootstrapcdn.com
invalid
104.17.25.14
104.18.10.207
123.30.242.13
135.181.63.70
142.250.80.118
142.250.81.227
142.251.41.74
151.101.2.137
152.195.13.243
162.249.168.129
172.67.208.33
199.232.192.193
23.200.0.28
42.112.37.35
65.21.235.194
0b22f25d8b7421c4c4aec15a9a4781f873545a5732ac128871da40f38c98f4cf
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
1fd62c73e5d5d6f9914363672c8a7192bdb374436bf9f6cc9bba71ee47bb8075
22e1575a06426f427b46598d6599c565e80ed3e937b1872b0d5d928bfe5b2d65
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d33d6f1b6f1131e4500af570e814f8ca012acc996accd933d18dd7e5ba467f1
2e941582ccd035c15c6d6003745300a0f1a2ad587774e255a8482939f58a6d16
2eec76005342c623c5ad4e9493ae2f791d768a423872a1218226fb85580b6158
3ab25c7f8bd03d146a667af4cf4a7991dd3485acba86c617d02eb5cf87355384
40afc48a5f88815f3178170d4959821d17a2acc40e6d72bdbc5934c8508f898f
44b56c5209aa8f67827b694be8518a0d46a1508e52bfb8481b54a3926837e916
45fb6adc6085431c1b4c6fc68229983f5d6035a0d1226590e18d35fde7b912a3
4bc5852e5cec62ceab9260f712961f59609868151e01b63e7b7cae2b00efed54
4c13d452dd5d49671bd93ca32f2b4f85c78e39b6ab0ad1f38d98ed267f8fd896
5b02201c71d3fa43c6daa590c9498b6cbfbb67edb0d4607c5d6a5d6cc3a38a60
60b80e3af6ff5922da5a21f44348bb4219d4e584fc7ccf76b1605beb0b197a4a
64637c8441732137d863f79b59603293e75d0af45ff9e3420b00d5ba7da69dd3
659bbbb4e575a5f58570a5d7a58f47e6591e86d2ccc19a63439cd72947c9ee89
6eab209a7df43f9f088e62a99f7a7a0f654015f2497de0702ecd9a73ad17d5a5
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b43506b35f6da569246253d5499d770c6d9578642637fd887e7f734dc4ca438
7f559f8c2f8bc327f3b1975646d46ecd6657b8108d3a0094afe0f807104bccaf
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
88e3f83e0743f173fa8f091ea2f98724c4cd1ca51e41200a9508dd8caf73d503
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8b703429ff672bc0e5fbd32fd2c97f37d4115e03b8f1c3c30e211fcab2ebc1ed
90fcc95b87f2f667906a17e1d704ff4b6a2befa796f33c65caec4d1824ff1ce2
a0a583e6d36815a801f40ed878f8d6f573c5830249bf88416d41521ccdd517d2
a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870
a441182568ad88fa9c54384de94a77f64148d3d54df66ea1beff4a11100967c6
b0d849e0e910d13bcdab1e94f5c799dda1a9429c908e18069f9dc7f7d551d58a
b5a79ac9adb2cde5e508ac84e74bb9a9e5a87e3e3cdd4f5b269224437f61d052
bad9e2db663bbdb4f80bdcb6ea144d69502f9d58bf6fcf19f17e365ffea0220f
c0076ccc63e9ef584dbf387b5d0b376bc24b0d469eae3f80ff5171d2ef3fd985
c79012e51f1c058f7fb43e9efad282a36c3d5090514c4bd8ce23a143fc3cd81c
d744cd57739ca340e0ae79aaced0069d48ef8f99ad017f3b14c29f224e00cf0a
de96470c437bdaffc85802518ca72b74a49e10029843e4d4bcb96afe4cefcad6
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e5d1ff232a26bd3b8a702a52464d1bdf12992e9f166084da5cfad235d8f7b20e
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
e9a5c76a3fe82b6c1fc575d7b47acb5cb802affa64205528fbe1ca764b276a26
eedaeb90bb7b1aae081292ae2bf9c19034f7525a8e776959ca3819d73f7b184b