mshoptt.freefiremobile.com Open in urlscan Pro
202.81.96.3  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mshoptt.freefiremobile.com/	1 KB 678 B	57ms 16ms	Document text/html	202.81.96.3 GARENA-SG Garena ...
General Check archive.org Show headers Download Go to Full URL https://mshoptt.freefiremobile.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 202.81.96.3 , Singapore, ASN58521 (GARENA-SG Garena Online Pte Ltd, SG), Reverse DNS Software nginx / Resource Hash 9803c2c1117be217c173c8e3d31fedba696e259733542a227088ac57d5bf54ee Request headers Accept-Language zh-SG,zh;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache-control no-cache content-encoding gzip content-type text/html date Fri, 24 May 2024 03:04:50 GMT etag W/"6412b17d-42a" expires Fri, 24 May 2024 03:04:49 GMT last-modified Thu, 16 Mar 2023 06:04:45 GMT server nginx vary Accept-Encoding
GET H2	200	index-5ffcc3f3.js Show response dl.dir.freefiremobile.com/common/web_event/mshoptt/js/	55 KB 18 KB	264ms 124ms	Script text/javascript	152.199.39.4 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://dl.dir.freefiremobile.com/common/web_event/mshoptt/js/index-5ffcc3f3.js Requested by Host: mshoptt.freefiremobile.com URL: https://mshoptt.freefiremobile.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.4 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software OBS / Resource Hash 7da2a73edd04a8ce4409f817f680b410108b7f6a3c39d6a21b17d8a82df38cc7 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Origin https://mshoptt.freefiremobile.com Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:50 GMT content-encoding gzip via 1.1 f6c608add865ceeb6da77dce68edf206.cloudfront.net (CloudFront) content-md5 FHa2Y+MA0quO50dMiHRM8g== x-amz-cf-pop HKG54-C1 x-cache Miss from cloudfront ec-version v6.05 x-obs-request-id 0000018FA88EEF62901E5F4729B259B1 content-length 17932 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSbqUeI0FeAIKQmWca06tRNrE5SDknkE last-modified Fri, 11 Nov 2022 02:09:43 GMT server OBS etag "1476b663e300d2ab8ee7474c88744cf2+gzip" access-control-max-age 100 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * access-control-expose-headers ETag, x-obs-request-id, x-obs-api, Content-Type, Content-Length, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Expires, x-obs-id-2, x-reserved-indicator, x-obs-version-id, x-obs-copy-source-version-id, x-obs-storage-class, x-obs-delete-marker, x-obs-expiration, x-obs-website-redirect-location, x-obs-restore, x-obs-version, x-obs-object-type, x-obs-next-append-position cache-control public, max-age=3600 vary Accept-Encoding x-amz-cf-id FkE0uBSP-e67_GngGAyOUPaZNUg65_tz1U3wwnWycjjs7ZRiN3zvRw== expires Fri, 24 May 2024 04:04:50 GMT
GET H2	200	vendor-14812338.js Show response dl.dir.freefiremobile.com/common/web_event/mshoptt/js/	112 KB 39 KB	420ms 280ms	Script text/javascript	152.199.39.4 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://dl.dir.freefiremobile.com/common/web_event/mshoptt/js/vendor-14812338.js Requested by Host: mshoptt.freefiremobile.com URL: https://mshoptt.freefiremobile.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.4 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software OBS / Resource Hash a3d82be486f31872d49843be229c1ea0b8c05ac29a174784c30324aca5858716 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Origin https://mshoptt.freefiremobile.com Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:50 GMT content-encoding gzip via 1.1 8f2a5dcba4af73563588816a8f361736.cloudfront.net (CloudFront) content-md5 gbV/FTS1Az4bXRpwbbIRkg== x-amz-cf-pop SIN2-P4 x-cache Miss from cloudfront ec-version v6.05 x-obs-request-id 0000018FA88EEF84941C0DA4D15F71C9 content-length 39717 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCTV3w8pIdGSEcTARX+Lg7HNykwK+3UCh last-modified Fri, 11 Nov 2022 02:09:43 GMT server OBS etag "81b57f1534b5033e1b5d1a706db21192+gzip" access-control-max-age 100 access-control-allow-methods GET content-type text/javascript access-control-allow-origin * access-control-expose-headers ETag, x-obs-request-id, x-obs-api, Content-Type, Content-Length, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Expires, x-obs-id-2, x-reserved-indicator, x-obs-version-id, x-obs-copy-source-version-id, x-obs-storage-class, x-obs-delete-marker, x-obs-expiration, x-obs-website-redirect-location, x-obs-restore, x-obs-version, x-obs-object-type, x-obs-next-append-position cache-control public, max-age=3600 vary Accept-Encoding x-amz-cf-id snTEafzfbtXnSCEBsPVw1mY0Oxa_XCUdd5Qlashzhc2HK1GJRS8foQ== expires Fri, 24 May 2024 04:04:50 GMT
GET H2	200	index-41bfb79f.css dl.dir.freefiremobile.com/common/web_event/mshoptt/css/	280 KB 72 KB	303ms 163ms	Stylesheet text/css	152.199.39.4 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://dl.dir.freefiremobile.com/common/web_event/mshoptt/css/index-41bfb79f.css Requested by Host: mshoptt.freefiremobile.com URL: https://mshoptt.freefiremobile.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.4 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software OBS / Resource Hash 0f1c878d280a3357c5823b25a2317a41a6f53e6504a3201ecffbf281fb77c537 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:50 GMT content-encoding gzip via 1.1 69ce12cd28f192f5e142ba57e5fe0b80.cloudfront.net (CloudFront) content-md5 fNcKGJOCjLakuUpmamTtkw== x-amz-cf-pop SIN2-P4 x-cache Miss from cloudfront ec-version v6.05 x-obs-request-id 0000018FA88EEF83941A88606FA10037 content-length 73308 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSGiHSvV+bGwOZV3jG6llYuACY96b+ct last-modified Fri, 11 Nov 2022 02:09:42 GMT server OBS etag "7cd70a1893828cb6a4b94a666a64ed93+gzip" vary Origin, Accept-Encoding content-type text/css cache-control public, max-age=3600 x-amz-cf-id UkmAgu8C0H7CEPuBdSaUMdHWXdfJjXBwBrFkekzNY1iLzPCreUmV1A== expires Fri, 24 May 2024 04:04:50 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	282 KB 96 KB	37ms 21ms	Script application/javascript	2404:6800:4003:c02::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-SJKK18YHLF Requested by Host: mshoptt.freefiremobile.com URL: https://mshoptt.freefiremobile.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c02::61 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a8081062d89adc7f3b24c81d7fe3d3c135635c1de732d7c46818a1fa3ef1fd94 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:50 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 98314 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 24 May 2024 03:04:50 GMT
GET H2	200	ga.1c25fedbfed077a9cb68.js Show response dl.dir.freefiremobile.com/common/web_event/ga/	11 KB 5 KB	187ms 48ms	Script application/x-javascript	152.199.39.4 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://dl.dir.freefiremobile.com/common/web_event/ga/ga.1c25fedbfed077a9cb68.js Requested by Host: mshoptt.freefiremobile.com URL: https://mshoptt.freefiremobile.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.4 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (hkc/BD55) / Resource Hash 20526187ce91cc2a74c8abce4110e9701dd68dd01b9ffd00387f3fb35b3858b7 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:50 GMT content-encoding gzip via 1.1 e0a25dd43c42c3d534f35d394e12b204.cloudfront.net (CloudFront) age 247 x-amz-cf-pop SIN52-P1 x-cache HIT ec-version v6.05 x-obs-request-id 0000018FA88B278B90192788AE4063C9 content-length 4339 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSVhGkrswsZiXquSHPbvDlcgJhI9/Ot0 last-modified Thu, 04 Aug 2022 12:32:08 GMT server ECAcc (hkc/BD55) etag "c47f524f5f5061e9396dd4d92acef5f2+gzip" vary Accept-Encoding content-type application/x-javascript cache-control public, max-age=3600 x-amz-cf-id 0IKPH50D3qopfbv3xcKuQLnSjCfiH0WjoBi1UZpxztyVVB1hF6kyOg== expires Fri, 24 May 2024 04:04:50 GMT
GET H2	200	css fonts.googleapis.com/	120 KB 33 KB	144ms 11ms	Stylesheet text/css	2404:6800:4003:c00::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap Requested by Host: dl.dir.freefiremobile.com URL: https://dl.dir.freefiremobile.com/common/web_event/mshoptt/css/index-41bfb79f.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5f Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 78fd77e0744c746a2178e29c697fc34eb5ebbd75822d8e01344815002808b11f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://dl.dir.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Fri, 24 May 2024 03:04:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 24 May 2024 03:04:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 24 May 2024 03:04:51 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	203 KB 73 KB	18ms 17ms	Script application/javascript	2404:6800:4003:c02::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-220297702-39&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-SJKK18YHLF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c02::61 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b9474a128f94e5617267b0befb55c428b5d25166d5874629712944dd5306373e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 74970 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 24 May 2024 03:04:51 GMT
POST H2	204	collect www.google-analytics.com/g/	0 252 B	58ms 15ms	Ping text/plain	2404:6800:4003:c1c::65 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-SJKK18YHLF&gtm=45je45m0v876484781za200&_p=1716519891097&gcd=13l3l3l3l1&npa=0&dma=0&cid=168560119.1716519891&ul=zh-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEAE&_s=1&sid=1716519891&sct=1&seg=0&dl=https%3A%2F%2Fmshoptt.freefiremobile.com%2F&dt=%5BFF%5D%20mshoptt&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90&tfd=625 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-SJKK18YHLF Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::65 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 24 May 2024 03:04:51 GMT server Golfe2 content-type text/plain access-control-allow-origin https://mshoptt.freefiremobile.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	common_config Show response mshoptt.freefiremobile.com/api/	7 KB 2 KB	16ms 16ms	XHR application/json	202.81.96.3 GARENA-SG Garena ...
General Check archive.org Show headers Download Go to Full URL https://mshoptt.freefiremobile.com/api/common_config?lang=en&region=SG&uri= Requested by Host: dl.dir.freefiremobile.com URL: https://dl.dir.freefiremobile.com/common/web_event/mshoptt/js/vendor-14812338.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 202.81.96.3 , Singapore, ASN58521 (GARENA-SG Garena Online Pte Ltd, SG), Reverse DNS Software nginx / Resource Hash 0699558c80af404547b78e3b8c0aedfc6ac45538556b19580bd571f1bb4e0ead Security Headers Name Value X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Accept application/json, text/plain, */* Referer https://mshoptt.freefiremobile.com/ X-CSRFToken sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:51 GMT content-encoding gzip server nginx vary Accept-Encoding x-frame-options DENY content-type application/json
GET H3	200	js Show response www.googletagmanager.com/gtag/	252 KB 89 KB	22ms 22ms	Script application/javascript	74.125.24.97 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8TSGN26FCL&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-220297702-39&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.24.97 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f97.1e100.net Software Google Tag Manager / Resource Hash a1497a2d4cb054320cc8c83befae8ed28c11ea10910df93bfe19dfdabeba97ac Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 90671 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 24 May 2024 03:04:51 GMT
GET H2	200	css mshoptt.freefiremobile.com/api/	5 KB 582 B	13ms 13ms	Stylesheet text/css	202.81.96.3 GARENA-SG Garena ...
General Check archive.org Show headers Download Go to Full URL https://mshoptt.freefiremobile.com/api/css?region=SG&lang=en Requested by Host: dl.dir.freefiremobile.com URL: https://dl.dir.freefiremobile.com/common/web_event/mshoptt/js/index-5ffcc3f3.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 202.81.96.3 , Singapore, ASN58521 (GARENA-SG Garena Online Pte Ltd, SG), Reverse DNS Software nginx / Resource Hash 6ff41da22f8c58e7ecf9e4db8175c49d32e94383094d54f0b4df08cb1a616c02 Security Headers Name Value X-Frame-Options DENY Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:51 GMT content-encoding gzip server nginx vary Accept-Encoding x-frame-options DENY content-type text/css
GET H/1.1	200 OK	PetFood.png freefiremobile-a.akamaihd.net/common/OB18/BlackFriday/	13 KB 14 KB	873ms 580ms	Image image/png	104.91.68.25 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://freefiremobile-a.akamaihd.net/common/OB18/BlackFriday/PetFood.png Requested by Host: mshoptt.freefiremobile.com URL: https://mshoptt.freefiremobile.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.91.68.25 Hong Kong, Hong Kong, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a104-91-68-25.deploy.static.akamaitechnologies.com Software OBS / Resource Hash 1b36254d0bb07aaff3dbc5135f95a836c3bf4f283e6b8df0202d7315c5662df5 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Fri, 24 May 2024 03:04:52 GMT x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSrpBenDoi7mDRdGDux06X94Mpi2ND0E Last-Modified Thu, 04 Aug 2022 11:53:23 GMT Server OBS ETag "94def260aa1c429d2831e9d35efafe9e" Content-Type image/png Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-obs-request-id 0000018FA88EF43F90129CD4727F1F24 Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 13665
GET H2	200	GFFLatinW05-Black.woff dl.dir.freefiremobile.com/common/web_event/common/fonts/website/	20 KB 20 KB	135ms 124ms	Font font/woff	152.199.39.4 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/GFFLatinW05-Black.woff Requested by Host: dl.dir.freefiremobile.com URL: https://dl.dir.freefiremobile.com/common/web_event/mshoptt/css/index-41bfb79f.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.4 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (hkc/BD3D) / Resource Hash 350690bc8cfa7c70581cdcb321d4ba61fa8f6dffcfcd1cafbd4942f514fdae2a Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://dl.dir.freefiremobile.com/common/web_event/mshoptt/css/index-41bfb79f.css Origin https://mshoptt.freefiremobile.com Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:51 GMT via 1.1 c967a8805fdfaef2a31a279939e3cfec.cloudfront.net (CloudFront) age 0 x-amz-cf-pop HKG54-C1 ec-version v6.05 x-obs-request-id 0000018FA88EF1A7941C0D13D56B70A8 content-length 20325 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS7YzwMRm46UEF41IWBATOZ4gWbG9Vhw last-modified Thu, 04 Aug 2022 12:29:55 GMT server ECAcc (hkc/BD3D) etag "4ae3e506647284fe1ad3db77a2bd3376" access-control-max-age 100 access-control-allow-methods GET content-type font/woff access-control-allow-origin * access-control-expose-headers ETag, x-obs-request-id, x-obs-api, Content-Type, Content-Length, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Expires, x-obs-id-2, x-reserved-indicator, x-obs-version-id, x-obs-copy-source-version-id, x-obs-storage-class, x-obs-delete-marker, x-obs-expiration, x-obs-website-redirect-location, x-obs-restore, x-obs-version, x-obs-object-type, x-obs-next-append-position cache-control public, max-age=3600 accept-ranges bytes x-amz-cf-id KWOWxtTj_iLaT8eap4MnKqwTMKTTF-u2dfG5Kca5IcDLZfwhhLCVyQ== expires Fri, 24 May 2024 04:04:51 GMT
GET H2	200	GFFLatinW05-Regular.woff dl.dir.freefiremobile.com/common/web_event/common/fonts/website/	36 KB 36 KB	55ms 44ms	Font font/woff	152.199.39.4 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/GFFLatinW05-Regular.woff Requested by Host: dl.dir.freefiremobile.com URL: https://dl.dir.freefiremobile.com/common/web_event/mshoptt/css/index-41bfb79f.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.4 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (hkc/BD61) / Resource Hash 475f5b3cb03384633a4e870c3377b992f13ad8246a23173a282be11faf2c85fb Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://dl.dir.freefiremobile.com/common/web_event/mshoptt/css/index-41bfb79f.css Origin https://mshoptt.freefiremobile.com Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:51 GMT via 1.1 7d1ba0397af493cf13f301d061e292ac.cloudfront.net (CloudFront) age 1653 x-amz-cf-pop HKG54-C1 x-cache HIT ec-version v6.05 x-obs-request-id 0000018FA875B749901C3B6772761186 content-length 36707 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSRbAqmhMegs2z+UBCWGDtE18rDSiqs+ last-modified Thu, 04 Aug 2022 12:29:55 GMT server ECAcc (hkc/BD61) etag "79eded60054ec31a810b67864d975a8c" access-control-max-age 100 access-control-allow-methods GET content-type font/woff access-control-allow-origin * access-control-expose-headers ETag, x-obs-request-id, x-obs-api, Content-Type, Content-Length, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Expires, x-obs-id-2, x-reserved-indicator, x-obs-version-id, x-obs-copy-source-version-id, x-obs-storage-class, x-obs-delete-marker, x-obs-expiration, x-obs-website-redirect-location, x-obs-restore, x-obs-version, x-obs-object-type, x-obs-next-append-position cache-control public, max-age=3600 accept-ranges bytes x-amz-cf-id OuijN953PrMUCVs7uZo_1VlasCQbGKAO8F26ubgT4d0QMeEmqDWNhg== expires Fri, 24 May 2024 04:04:51 GMT
GET H2	200	GFFLatinW05-Bold.woff dl.dir.freefiremobile.com/common/web_event/common/fonts/website/	37 KB 38 KB	61ms 50ms	Font font/woff	152.199.39.4 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/GFFLatinW05-Bold.woff Requested by Host: dl.dir.freefiremobile.com URL: https://dl.dir.freefiremobile.com/common/web_event/mshoptt/css/index-41bfb79f.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.4 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (hkc/BD96) / Resource Hash 5441944a6ee96a0dc5935f0b4c180045b41c7ef6068bd50c05dade403fbe150e Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://dl.dir.freefiremobile.com/common/web_event/mshoptt/css/index-41bfb79f.css Origin https://mshoptt.freefiremobile.com Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:51 GMT via 1.1 b6d62aaccba821ce2183dc39d7933bc6.cloudfront.net (CloudFront) age 474 x-amz-cf-pop HKG62-C2 x-cache HIT ec-version v6.05 x-obs-request-id 0000018FA887B7B2980F123085BC3B76 content-length 38243 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS4nztSLCrWG227Gk+EgNf0STNx8Ai9Q last-modified Thu, 04 Aug 2022 12:29:55 GMT server ECAcc (hkc/BD96) etag "2aea1e812ea22f7bf315a8d9769e1470" access-control-max-age 100 access-control-allow-methods GET content-type font/woff access-control-allow-origin * access-control-expose-headers ETag, x-obs-request-id, x-obs-api, Content-Type, Content-Length, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Expires, x-obs-id-2, x-reserved-indicator, x-obs-version-id, x-obs-copy-source-version-id, x-obs-storage-class, x-obs-delete-marker, x-obs-expiration, x-obs-website-redirect-location, x-obs-restore, x-obs-version, x-obs-object-type, x-obs-next-append-position cache-control public, max-age=3600 accept-ranges bytes x-amz-cf-id Iu0rZAR64godDRys_FyNceek5m9alkk6ss6RNw3-YYfQ6t193vwKdg== expires Fri, 24 May 2024 04:04:51 GMT
GET H2	200	pc_bg.jpg dl.dir.freefiremobile.com/common/web_event/mshoptt/images/	105 KB 105 KB	127ms 121ms	Image image/jpeg	152.199.39.4 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://dl.dir.freefiremobile.com/common/web_event/mshoptt/images/pc_bg.jpg Requested by Host: mshoptt.freefiremobile.com URL: https://mshoptt.freefiremobile.com/api/css?region=SG&lang=en Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.4 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software OBS / Resource Hash ddf00acbcf6439729dcd41b68322be92119f053eee4a9da4f6a64e303290b565 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:51 GMT via 1.1 52c5ddb029eae46cd9dad0cfd50b5b8e.cloudfront.net (CloudFront) content-md5 r8+AlPpnU6bF5vc53tZPMA== x-amz-cf-pop HKG54-C1 x-cache Miss from cloudfront ec-version v6.05 x-obs-request-id 0000018FA88EF1AA901C3AD033AFC4A7 content-length 107201 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSy1OmGt/EPzcuBsauvTLyp/Ustm9Wel last-modified Fri, 11 Nov 2022 02:09:41 GMT server OBS etag "afcf8094fa6753a6c5e6f739ded64f30" vary Origin content-type image/jpeg cache-control public, max-age=3600 accept-ranges bytes x-amz-cf-id Qo9oO1_lLCLsRkKm37Hy6crfSx4KKAy8Hf9yuxNDEE091oULVbqiIQ== expires Fri, 24 May 2024 04:04:51 GMT
GET H2	200	pc_login_bg.png dl.dir.freefiremobile.com/common/web_event/mshoptt/images/	212 KB 213 KB	136ms 131ms	Image image/png	152.199.39.4 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://dl.dir.freefiremobile.com/common/web_event/mshoptt/images/pc_login_bg.png Requested by Host: mshoptt.freefiremobile.com URL: https://mshoptt.freefiremobile.com/api/css?region=SG&lang=en Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.4 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software OBS / Resource Hash 37094bad2bed9b9b424a1f668c8caadccd61bfd4f80f0756e07bf20e11911554 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:51 GMT via 1.1 c9006eba4649f733be848dcf116b7e3a.cloudfront.net (CloudFront) content-md5 UQSrJSgwt+2n3dOB0qRXQA== x-amz-cf-pop HKG54-C1 x-cache Miss from cloudfront ec-version v6.05 x-obs-request-id 0000018FA88EF1AB980D3165A4BFD400 content-length 217403 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSr4Ioub5R77OWNZEPhIsK4AVFSuT+N0 last-modified Fri, 11 Nov 2022 02:09:42 GMT server OBS etag "5104ab252830b7eda7ddd381d2a45740" vary Origin content-type image/png cache-control public, max-age=3600 accept-ranges bytes x-amz-cf-id rBAa6AYYYwXOshHtvhy-t-CZ_RijqO41ljcjxaSeJi3o7-VSjIp2IQ== expires Fri, 24 May 2024 04:04:51 GMT
GET H2	200	btn_bg1.png dl.dir.freefiremobile.com/common/web_event/mshoptt/images/	151 B 443 B	107ms 102ms	Image image/png	152.199.39.4 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://dl.dir.freefiremobile.com/common/web_event/mshoptt/images/btn_bg1.png Requested by Host: mshoptt.freefiremobile.com URL: https://mshoptt.freefiremobile.com/api/css?region=SG&lang=en Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.4 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software OBS / Resource Hash e147baea9e5237e93557d3d7beba9fac5bf3e944dbd1ee40291403afa3125214 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:08:49 GMT via 1.1 000be6a6f55d3278e3e48047baa61246.cloudfront.net (CloudFront) content-md5 jW+8Be7uBHiq2+Pq1v7YgA== age 3362 x-amz-cf-pop HKG54-C1 x-cache Hit from cloudfront ec-version v6.05 x-obs-request-id 0000018FA85BA4F8941508267228DBA9 content-length 151 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSjfzF5mCIqva90LDtRmo1+kHumIH8eH last-modified Fri, 11 Nov 2022 02:09:41 GMT server OBS etag "8d6fbc05eeee0478aadbe3ead6fed880" vary Origin content-type image/png cache-control public, max-age=3600 accept-ranges bytes x-amz-cf-id aKS5bJ3BG9SA91M5jWBfhpw6-JjWG-B9e5X74vhow0Q571e9f-3czg== expires Fri, 24 May 2024 04:04:51 GMT
GET H2	200	tip_icon.png dl.dir.freefiremobile.com/common/web_event/mshoptt/images/	333 B 695 B	104ms 101ms	Image image/png	152.199.39.4 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://dl.dir.freefiremobile.com/common/web_event/mshoptt/images/tip_icon.png Requested by Host: mshoptt.freefiremobile.com URL: https://mshoptt.freefiremobile.com/api/css?region=SG&lang=en Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.4 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software OBS / Resource Hash 72c79a00bb6905dc5b80f8cef8483eceece158601c39c6bffaf18c9b26b02f64 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:08:49 GMT via 1.1 c967a8805fdfaef2a31a279939e3cfec.cloudfront.net (CloudFront) content-md5 n5FqFQATshyWfaZ7LqAxLQ== age 3362 x-amz-cf-pop HKG54-C1 x-cache Hit from cloudfront ec-version v6.05 x-obs-request-id 0000018FA85BA4F4901D93E577CFC12C content-length 333 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSQOoE5IrrO9MBsvKBG8V2wOILa+yhPP last-modified Fri, 11 Nov 2022 02:09:42 GMT server OBS etag "9f916a150013b21c967da67b2ea0312d" vary Origin content-type image/png cache-control public, max-age=3600 accept-ranges bytes x-amz-cf-id N8iLkDdykNYDgGdEBolbD6PqaXJg3iwk2cDRQU4kbablZiv0wjASqw== expires Fri, 24 May 2024 04:04:51 GMT
GET H2	200	close_icon.png dl.dir.freefiremobile.com/common/web_event/mshoptt/images/	557 B 844 B	191ms 188ms	Image image/png	152.199.39.4 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://dl.dir.freefiremobile.com/common/web_event/mshoptt/images/close_icon.png Requested by Host: mshoptt.freefiremobile.com URL: https://mshoptt.freefiremobile.com/api/css?region=SG&lang=en Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.4 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software OBS / Resource Hash 184eabfc613a829ac108f8330a057c3f515a720f0a29f99aac858862b97117d7 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 02:08:49 GMT via 1.1 3b9e83f086ccaf555831389882e5f732.cloudfront.net (CloudFront) content-md5 f+CmTqwBlD1g5pwMV2VqTg== age 3362 x-amz-cf-pop SIN2-P4 x-cache Hit from cloudfront ec-version v6.05 x-obs-request-id 0000018FA85BA4FA94150819722CFFC0 content-length 557 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSvoLAmPWITfwrJ6blsqGWCJiSbs4KuY last-modified Fri, 11 Nov 2022 02:09:41 GMT server OBS etag "7fe0a64eac01943d60e69c0c57656a4e" vary Origin content-type image/png cache-control public, max-age=3600 accept-ranges bytes x-amz-cf-id zqW5QWynG7A-yc1goZqQSwtaQIDf9o7P2gCawKwcbesfEkEqpjXVGA== expires Fri, 24 May 2024 04:04:51 GMT
POST H2	204	collect www.google-analytics.com/g/	0 54 B	25ms 22ms	Ping text/plain	2404:6800:4003:c1c::65 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-8TSGN26FCL&gtm=45je45m0v9134068428za200&_p=1716519891097&gcd=13l3l3l3l1&npa=0&dma=0&cid=168560119.1716519891&ul=zh-sg&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1716519891&sct=1&seg=0&dl=https%3A%2F%2Fmshoptt.freefiremobile.com%2F&dt=%5BFF%5D%20mshoptt&en=page_view&_fv=1&_ss=1&tfd=838 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8TSGN26FCL&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c1c::65 Singapore, Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Fri, 24 May 2024 03:04:51 GMT server Golfe2 content-type text/plain access-control-allow-origin https://mshoptt.freefiremobile.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	favicon.png dl.dir.freefiremobile.com/common/web_event/common/images/	844 B 1 KB	48ms 48ms	Other image/png	152.199.39.4 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://dl.dir.freefiremobile.com/common/web_event/common/images/favicon.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 152.199.39.4 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (hkc/BD08) / Resource Hash 34268a645025ec250d3f7ad643e65c7e9e39f8290fcbc54dbfcf37d7ca7eba61 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Fri, 24 May 2024 03:04:52 GMT via 1.1 4a0ee5f08fa746093cef8b936257c690.cloudfront.net (CloudFront) age 340 x-amz-cf-pop HKG62-C2 x-cache HIT ec-version v6.05 x-obs-request-id 0000018FA889C419941E06143C59142A content-length 844 x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS40kKRPkdzeWnRhVl/qMIttkCBkXc+m last-modified Thu, 04 Aug 2022 12:29:56 GMT server ECAcc (hkc/BD08) etag "fd19546258b9099be57c72de938cc20e" content-type image/png cache-control public, max-age=3600 accept-ranges bytes x-amz-cf-id -IKn_KqTZ_xqdraqNk2zPxTi3bwq1KSgXUHoz3D5uLG78fG9BQbZsg== expires Fri, 24 May 2024 04:04:52 GMT
GET H2	200	pd.gif logcollector.data.garenanow.com/	43 B 167 B	22ms 4ms	Image image/gif	202.81.113.71 GARENA-SG Garena ...
General Check archive.org Show headers Download Go to Show image Full URL https://logcollector.data.garenanow.com/pd.gif?data=%7B%22ts%22%3A1716519893%2C%22uuid%22%3A%22ffc1cf69-4f93-4a71-9c5d-4d5c3b1853c0%22%2C%22event%22%3A%22mshoptt%22%2C%22payload%22%3A%7B%22uid%22%3A0%2C%22region%22%3A%22SG%22%2C%22data%22%3A%5B%7B%22action%22%3A%22GetCommonConfig%22%2C%22info%22%3A%22success%22%2C%22ts%22%3A1716519891%7D%2C%7B%22action%22%3A%22GuideDialog%22%2C%22info%22%3A%22show%22%2C%22ts%22%3A1716519891%7D%2C%7B%22action%22%3A%22agent%22%2C%22info%22%3A%22Netscape%20Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F125.0.0.0%20Safari%2F537.36%22%2C%22ts%22%3A1716519891%7D%2C%7B%22action%22%3A%22url%22%2C%22info%22%3A%22https%3A%2F%2Fmshoptt.freefiremobile.com%2F%22%2C%22ts%22%3A1716519891%7D%2C%7B%22action%22%3A%22screen%22%2C%22info%22%3A%221600x1200%22%2C%22ts%22%3A1716519891%7D%5D%7D%7D&project_name=ff_front_end Protocol H2 Security TLS 1.3, , AES_128_GCM Server 202.81.113.71 , Singapore, ASN58521 (GARENA-SG Garena Online Pte Ltd, SG), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Tue, 01 Jan 1980 1:00:00 GMT pragma no-cache date Fri, 24 May 2024 03:04:53 GMT cache-control no-store, no-cache content-length 43 vary Accept-Encoding content-type image/gif
POST H3	204	collect www.google-analytics.com/g/	0 17 B	6ms 5ms	Ping text/plain	74.125.24.100
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-SJKK18YHLF&gtm=45je45m0v876484781za200&_p=1716519891097&gcd=13l3l3l3l1&npa=0&dma=0&cid=168560119.1716519891&ul=zh-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&dt=mshoptt&dp=%2Findex.html&sid=1716519891&sct=1&seg=1&dl=https%3A%2F%2Fmshoptt.freefiremobile.com%2F&_s=2&tfd=5729 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-SJKK18YHLF Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.24.100 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 24 May 2024 03:04:56 GMT server Golfe2 content-type text/plain access-control-allow-origin https://mshoptt.freefiremobile.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	6ms 5ms	Ping text/plain	74.125.24.100
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-8TSGN26FCL&gtm=45je45m0v9134068428za200&_p=1716519891097&gcd=13l3l3l3l1&npa=0&dma=0&cid=168560119.1716519891&ul=zh-sg&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.76%7CChromium%3B125.0.6422.76%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EAAI&sid=1716519891&sct=1&seg=0&dl=https%3A%2F%2Fmshoptt.freefiremobile.com%2F&dt=%5BFF%5D%20mshoptt&uid=0&_s=2&tfd=5845 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8TSGN26FCL&l=dataLayer&cx=c Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.24.100 -, , ASN (), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125" sec-ch-ua-platform "Win32" Referer https://mshoptt.freefiremobile.com/ Accept-Language zh-SG,zh;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Fri, 24 May 2024 03:04:56 GMT server Golfe2 content-type text/plain access-control-allow-origin https://mshoptt.freefiremobile.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| google_tag_manager object| google_tag_data object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| gaGlobal function| webpackHotUpdate object| ga function| HowlerGlobal object| Howler function| Howl function| Sound object| promises function| nativePromiseThen boolean| __VUE__ string| GoogleAnalyticsObject

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.freefiremobile.com/	1970-01-21 06:24:39	Name: _ga Value: GA1.1.168560119.1716519891
			.freefiremobile.com/	1970-01-21 06:24:39	Name: _ga_SJKK18YHLF Value: GS1.1.1716519891.1.1.1716519891.0.0.0
			.freefiremobile.com/	1970-01-21 06:24:39	Name: _ga_8TSGN26FCL Value: GS1.1.1716519891.1.0.1716519891.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dl.dir.freefiremobile.com
fonts.googleapis.com
freefiremobile-a.akamaihd.net
logcollector.data.garenanow.com
mshoptt.freefiremobile.com
www.google-analytics.com
www.googletagmanager.com
104.91.68.25
152.199.39.4
202.81.113.71
202.81.96.3
2404:6800:4003:c00::5f
2404:6800:4003:c02::61
2404:6800:4003:c1c::65
74.125.24.100
74.125.24.97
0699558c80af404547b78e3b8c0aedfc6ac45538556b19580bd571f1bb4e0ead
0f1c878d280a3357c5823b25a2317a41a6f53e6504a3201ecffbf281fb77c537
184eabfc613a829ac108f8330a057c3f515a720f0a29f99aac858862b97117d7
1b36254d0bb07aaff3dbc5135f95a836c3bf4f283e6b8df0202d7315c5662df5
20526187ce91cc2a74c8abce4110e9701dd68dd01b9ffd00387f3fb35b3858b7
34268a645025ec250d3f7ad643e65c7e9e39f8290fcbc54dbfcf37d7ca7eba61
350690bc8cfa7c70581cdcb321d4ba61fa8f6dffcfcd1cafbd4942f514fdae2a
37094bad2bed9b9b424a1f668c8caadccd61bfd4f80f0756e07bf20e11911554
475f5b3cb03384633a4e870c3377b992f13ad8246a23173a282be11faf2c85fb
5441944a6ee96a0dc5935f0b4c180045b41c7ef6068bd50c05dade403fbe150e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6ff41da22f8c58e7ecf9e4db8175c49d32e94383094d54f0b4df08cb1a616c02
72c79a00bb6905dc5b80f8cef8483eceece158601c39c6bffaf18c9b26b02f64
78fd77e0744c746a2178e29c697fc34eb5ebbd75822d8e01344815002808b11f
7da2a73edd04a8ce4409f817f680b410108b7f6a3c39d6a21b17d8a82df38cc7
9803c2c1117be217c173c8e3d31fedba696e259733542a227088ac57d5bf54ee
a1497a2d4cb054320cc8c83befae8ed28c11ea10910df93bfe19dfdabeba97ac
a3d82be486f31872d49843be229c1ea0b8c05ac29a174784c30324aca5858716
a8081062d89adc7f3b24c81d7fe3d3c135635c1de732d7c46818a1fa3ef1fd94
b9474a128f94e5617267b0befb55c428b5d25166d5874629712944dd5306373e
ddf00acbcf6439729dcd41b68322be92119f053eee4a9da4f6a64e303290b565
e147baea9e5237e93557d3d7beba9fac5bf3e944dbd1ee40291403afa3125214
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855