freefiresinhnhat.garsena.vn Open in urlscan Pro
2606:4700:3033::ac43:cec2 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://freefiresinhnhat.garsena.vn/
Submission: On August 13 via api (August 13th 2023, 11:34:03 am UTC) from US — Scanned from US

Summary HTTP 37 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 2 countries across 9 domains to perform 37 HTTP transactions. The main IP is 2606:4700:3033::ac43:cec2, located in United States and belongs to CLOUDFLARENET, US. The main domain is freefiresinhnhat.garsena.vn.
TLS certificate: Issued by E1 on June 17th 2023. Valid for: 3 months.

This is the only time freefiresinhnhat.garsena.vn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Garena Free Fire (Gaming)

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3033::ac43:cec2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e0:... 2606:4700:e0::ac40:670b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80f::200a	15169 (GOOGLE) (GOOGLE)
1 1	45.119.240.169 45.119.240.169	131418 (VIETNAMES...) (VIETNAMESPORTS-AS-VN Vietnam Esports Development Joint Stock Company)
10	2606:4700::68... 2606:4700::6810:9d24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
11	23.215.130.177 23.215.130.177	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
37	9

2 2606:4700:3033::ac43:cec2 (United States)

ASN13335 (CLOUDFLARENET, US)

freefiresinhnhat.garsena.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2.garsena.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:670b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.119.240.169 (Binh Tan, Viet Nam) 1 redirects

ASN131418 (VIETNAMESPORTS-AS-VN Vietnam Esports Development Joint Stock Company, VN)

ff.member.garena.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6810:9d24 (United States)

ASN13335 (CLOUDFLARENET, US)

dl.dir.freefiremobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2008 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.215.130.177 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-215-130-177.deploy.static.akamaitechnologies.com

dlgarenanow-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	akamaihd.net dlgarenanow-a.akamaihd.net — Cisco Umbrella Rank: 97684	439 KB
10	freefiremobile.com dl.dir.freefiremobile.com — Cisco Umbrella Rank: 36053	554 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 245	130 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 392 fonts.googleapis.com — Cisco Umbrella Rank: 67	66 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 356	50 KB
2	garsena.vn freefiresinhnhat.garsena.vn 2.garsena.vn	5 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	73 KB
1	garena.vn 1 redirects ff.member.garena.vn	254 B
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1184	13 KB
37	9

	Domain	Requested by
11	dlgarenanow-a.akamaihd.net	2.garsena.vn dl.dir.freefiremobile.com
10	dl.dir.freefiremobile.com	freefiresinhnhat.garsena.vn 2.garsena.vn dl.dir.freefiremobile.com
6	cdnjs.cloudflare.com	freefiresinhnhat.garsena.vn
3	fonts.googleapis.com	freefiresinhnhat.garsena.vn dl.dir.freefiremobile.com
2	cdn.jsdelivr.net	freefiresinhnhat.garsena.vn
1	www.googletagmanager.com	2.garsena.vn
1	2.garsena.vn	freefiresinhnhat.garsena.vn
1	ff.member.garena.vn	1 redirects
1	use.fontawesome.com	freefiresinhnhat.garsena.vn
1	ajax.googleapis.com	freefiresinhnhat.garsena.vn
1	freefiresinhnhat.garsena.vn
37	11

This site contains no links.

Subject Issuer	Validity	Valid
garsena.vn E1	`2023-06-17` - `2023-09-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
dl.dir.freefiremobile.com SSL.com RSA SSL subCA	`2023-03-08` - `2024-03-07`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://freefiresinhnhat.garsena.vn/
Frame ID: 3901CAB9316502406931E59C84061815
Requests: 14 HTTP requests in this frame

Frame: https://2.garsena.vn/
Frame ID: 1D9ACFF40704003732D8C667E8CCFC65
Requests: 23 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

37
Requests

97 %
HTTPS

80 %
IPv6

9
Domains

11
Subdomains

9
IPs

2
Countries

1329 kB
Transfer

2489 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://ff.member.garena.vn/images/logo-fb.png HTTP 302
https://dl.dir.freefiremobile.com/common/Yn_event/vip-member/images/logo-fb.png

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
freefiresinhnhat.garsena.vn/ 9 KB
3 KB 601ms
565ms Document
text/html 2606:4700:3033::ac43:cec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freefiresinhnhat.garsena.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:cec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 8ad11d86163a7756ad83b7e4f540d6ae5617f6b6c899686ebfb8ace62aa8d7d8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f60a5646ee942b5-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 11:33:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOirmuNmVSCu0JoGwyA6B3hanGtPG2%2B4UjYNnNUnnFuVxHv5lMj4mNdhgh5Qxs4zFCavRvxGx4YHuyZOgWG8pMUlHFSYcYfOXs3ZJQBXJGOcwykGZXHp49%2FpTSTPBUDGa1L7MvgJGjvZRIqO8M97UytFpp8g9eV38Hk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 64ms
29ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freefiresinhnhat.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7141291
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10472
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lO%2Fvupz2KmGeeJZkreF2in90qWJXflU1BFgZNKgVFmSlTka8s%2Bk%2FIk58ofIVVQ8dM1rT9HQ79o7UhYsl8EDCwKhNc%2FcpjsSkrkt0492FTVioNsDqj9Pqj0x1qdomTzZagon4UihytfmnnuyL4dtCrVB2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f60a5682fa68c51-EWR
expires: Fri, 02 Aug 2024 11:33:57 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 85 KB
27 KB 92ms
57ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freefiresinhnhat.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1442248
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27233
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6a61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPelwokXa76FkB%2B8rM8Ot9o4sjJwDqZL0sVxsyu8MyjUEBJ%2F%2F5EeMbBC2%2BzU6c8mmERuzZz8Gnlus%2BYS8Kecg9G%2BI1VbuHATiX%2F1mKvb1xIiEz1QvohRDFYre9wNZ%2BIV96Jf4HXSDEENI594Txa4tPW3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f60a5682fa98c51-EWR
expires: Fri, 02 Aug 2024 11:33:57 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 65ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freefiresinhnhat.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2030587
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6451
last-modified: Thu, 22 Jun 2023 11:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942d85-1933"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lx6LIVa%2FeK2d96OlV%2BhjqfWDXiCAudxx07yhwmx9YnflUxq7LL5zsD4xJD3PA57XCm5OTyO%2B%2B2YlAZVBacXptdoOibYjINEPvxrG2KnHoy7BTq5a0JbklPJqQPTRRwZkMpKWmmqmxgtNJ9%2FQSoXFwdak"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f60a5682faa8c51-EWR
expires: Fri, 02 Aug 2024 11:33:57 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.1/dist/css/ 191 KB
30 KB 59ms
17ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.1/dist/css/bootstrap.min.css

Requested by

Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://freefiresinhnhat.garsena.vn/
Origin: https://freefiresinhnhat.garsena.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 13 Aug 2023 11:33:57 GMT
x-content-type-options: nosniff
content-encoding: br
age: 13041235
x-jsd-version: 5.2.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 30372
x-served-by: cache-fra-eddf8230088-FRA, cache-lga21980-LGA
x-jsd-version-type: version
etag: W/"2fbaa-t81XpP1qH65hJhUPQn7yFzlyk+Q"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 38ms
4ms Script
text/javascript 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freefiresinhnhat.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 12 Aug 2023 12:15:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83895
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 11 Aug 2024 12:15:42 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.15.2/css/ 58 KB
13 KB 60ms
27ms Stylesheet
text/css 2606:4700:e0::ac40:670b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.15.2/css/all.css
Requested by: Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freefiresinhnhat.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:57 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5GS154DGMS09F9VP
age: 245874
alt-svc: h3=":443"; ma=86400
x-amz-id-2: KBbv+t7g2i5FThTVv1GVxB5f+s4YBTLXvPdWFuFpEHPnhFnN1O5dRa/CwaZpKDRQBFwT8GStZPM=
last-modified: Wed, 30 Jun 2021 15:40:53 GMT
server: cloudflare
etag: W/"c4af24ce595437830af0a401897698b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yuo%2BSmnREAhSaivFhZs9oyT%2FjFNrEyn0ZkXIIkGy640TEokWgXGBITMw9BFJ689q4i1Oe3a6SGROK4cmrDEwGcqsAKcHlKXYtyopFnvcpQ6My23mbsIfsMtXAeWr4ka67iQgJKsYG%2BdaCQPXAvFdFIj8"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7f60a5682ff14247-EWR

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
881 B 81ms
49ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap

Requested by

Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freefiresinhnhat.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 11:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 10:37:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 11:33:57 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 58 KB
11 KB 63ms
32ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Requested by

Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freefiresinhnhat.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2653662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 10491
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c6cU1%2F%2FY67vjXb65WewRCtnbiB%2BaAKYWIjYFuszuJcbRlOd9Na4xrhUFKRkLEcUDZ5ZQc30CKxw0WKlc7kQ1NPGyXPMQBjtRwHqza3Fqa7G0lKakRuuykthxRUDS%2FSCirKMbNCvHdyBWP1ISlmQGgRxe"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f60a5682fa78c51-EWR
expires: Fri, 02 Aug 2024 11:33:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 66ms
35ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&display=swap

Requested by

Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freefiresinhnhat.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 11:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 11:26:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 11:33:57 GMT

GET
H2 200 mdb.min.css
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/3.6.0/ 294 KB
29 KB 64ms
34ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/3.6.0/mdb.min.css

Requested by

Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25af217d3c760da3c3334b64fa58cef758626129db805590329596c2dc55be08

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freefiresinhnhat.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 17149887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 28902
last-modified: Mon, 07 Jun 2021 14:34:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60be2e58-70e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CA35B5UJOiKN9EJwP%2F0l3vfrRer9dmqanhw5AzwUJ4vltuD3HF10166lXTU%2BAjkte53DGY9Z6xnF4ef0gsssMtuhz%2BhhEbrR3bvhPBxg%2B0BVFFJ5EYtVDdzPXJPTASPR3wPG35jAws53bYSvl5uOz1HE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f60a5682fa88c51-EWR
expires: Fri, 02 Aug 2024 11:33:57 GMT

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 67 KB
19 KB 52ms
0ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b049b6f5caf1f1375cb04496a56104fa61e05e791d6bb7e435aa84a284a6210c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freefiresinhnhat.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 13 Aug 2023 11:33:57 GMT
x-content-type-options: nosniff
content-encoding: br
age: 36422
x-jsd-version: 11.7.22
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19435
x-served-by: cache-fra-eddf8230029-FRA, cache-lga21942-LGA
x-jsd-version-type: version
etag: W/"10a46-4fwPq5elgGsGR7Jvi5VeKvi4HQ8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1

200
OK

logo-fb.png
dl.dir.freefiremobile.com/common/Yn_event/vip-member/images/
Redirect Chain

https://ff.member.garena.vn/images/logo-fb.png
https://dl.dir.freefiremobile.com/common/Yn_event/vip-member/images/logo-fb.png

544 B
1 KB

1366ms
260ms

Image
image/png

2606:4700::6810:9d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/Yn_event/vip-member/images/logo-fb.png
Requested by: Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol: HTTP/1.1
Server: 2606:4700::6810:9d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69372a2cbab804326e6f1a102fa1d0ab95cfc7b0aec7763c8b003bea349ba7c8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freefiresinhnhat.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 11:33:59 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSjp+gpBIFR8nF4Nh2J4mOi6AWo9mPSH
CF-Cache-Status: HIT
Last-Modified: Thu, 29 Jun 2023 03:20:09 GMT
Server: cloudflare
ETag: "2aac898b7c590dbc1f5a3eedd8e2c070"
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: *
x-obs-request-id: 000001891A503E89954AF0E3E48BB4F6
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7f60a574db90447a-EWR
Content-Length: 544

Redirect headers

Location: https://dl.dir.freefiremobile.com/common/Yn_event/vip-member/images/logo-fb.png
Date: Sun, 13 Aug 2023 11:33:57 GMT
Server: nginx/1.12.2
Connection: keep-alive
Content-Length: 161
Content-Type: text/html

GET
H2 200 mdb.min.js Show response
cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/3.6.0/ 230 KB
46 KB 10ms
9ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/mdb-ui-kit/3.6.0/mdb.min.js

Requested by

Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c203b910388ddd0a665f9d474cb718737002a0ba8188ba1eb7b6f1848b595868

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://freefiresinhnhat.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 16492780
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46537
last-modified: Mon, 07 Jun 2021 14:34:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60be2e58-b5c9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=luKCQrkkx2MknTl3KAoYYungOzmQj4Trxs1aDu61rjz%2FRsDykLQJxvdeqvZO1ZyO1bHZEmw8239FX2YiO%2BfTLGAYinsx1%2BxOgzdcojQ31tHPLdx%2B3xyHNkdYwuVswIgAfacZYAv37Cc89KIQtSToHREv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f60a5688fe08c51-EWR
expires: Fri, 02 Aug 2024 11:33:57 GMT

GET
H2 200 / Show response
2.garsena.vn/ Frame 1D9A 7 KB
2 KB 580ms
563ms Document
text/html 2606:4700:3033::ac43:cec2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://2.garsena.vn/
Requested by: Host: freefiresinhnhat.garsena.vn
URL: https://freefiresinhnhat.garsena.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:cec2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 4b6ed153b23f0130b699faca4762632346e1078a888fa4d343e99edb7cefa530

Request headers

Referer: https://freefiresinhnhat.garsena.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7f60a5694a6642b5-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 13 Aug 2023 11:33:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BBkoWtBrRDKJ2WV2CgSSOSL6WhqlNj6EtFnFMWfcx0Edggs4vvrJeGCC5KR1WbtbDxBHeqUuVZx0o90R%2B%2FKA514xOK3%2FXC7%2FKiB11EOGOJRnfwElFuVdm%2FMx5eqjo3nm1sapLjLbBFPx5w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 1D9A 203 KB
73 KB 44ms
28ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y1QNJ6ZLV6

Requested by

Host: 2.garsena.vn
URL: https://2.garsena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ffb4fbd1fd6afdd5b3422a0d832402df8c555b7bbf19571542ace5f45fd7f2fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74832
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 13 Aug 2023 11:33:57 GMT

GET
H/1.1 200
OK main.447aeaee79bb574826e0.css
dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/ Frame 1D9A 68 KB
68 KB 1302ms
24ms Stylesheet
text/css 2606:4700::6810:9d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Requested by: Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f0cdfcbeb1eeeffe2e37a895671c0115c30fdb56867c9c531dc6042b70984b4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 11:33:59 GMT
CF-Cache-Status: HIT
Content-MD5: zY4zvEA47S0mil7E3YYemA==
x-obs-request-id: 000001891A50D36A980EA00DBAFCF3F5
Connection: keep-alive
Content-Length: 69359
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSa9tkcf0WHaWDKzHpXqUhOA6DmDf/No
Last-Modified: Tue, 09 May 2023 07:13:07 GMT
Server: cloudflare
x-obs-replication-status: REPLICA
ETag: "cd8e33bc4038ed2d268a5ec4dd861e98"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
x-reserved-indicator: 372
Accept-Ranges: bytes
CF-RAY: 7f60a574da4c32d9-EWR

GET
H2 200 facebook.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 1D9A 9 KB
9 KB 150ms
12ms Image
image/png 23.215.130.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/facebook.png
Requested by: Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.130.177 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-177.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:58 GMT
last-modified: Mon, 07 Mar 2022 08:28:08 GMT
server: AkamaiNetStorage
etag: "e328a85faf3ec595e525860c98e34098:1646641688.184041"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 9175

GET
H2 200 vk.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 1D9A 10 KB
10 KB 151ms
13ms Image
image/png 23.215.130.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/vk.png
Requested by: Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.130.177 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-177.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8ffae0974acd7014b8e30ff2510ff2c8809103dca22a9e9d252cfd525cc7eff9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:58 GMT
last-modified: Mon, 07 Mar 2022 08:26:45 GMT
server: AkamaiNetStorage
etag: "a53bf2276aa814a0053de1eb24d48b1b:1646641605.329783"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 9846

GET
H2 200 google.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 1D9A 6 KB
6 KB 151ms
14ms Image
image/png 23.215.130.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/google.png
Requested by: Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.130.177 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-177.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: edefde11d13eb274cafd860dd219755352257187b374f313c810cb6a20f0a477

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:58 GMT
last-modified: Mon, 07 Mar 2022 08:28:07 GMT
server: AkamaiNetStorage
etag: "fad350ab1b376d6e63f4e20880b7714d:1646641687.797583"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6351

GET
H2 200 huawei.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 1D9A 3 KB
3 KB 156ms
19ms Image
image/png 23.215.130.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/huawei.png
Requested by: Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.130.177 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-177.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 38e377481a3abf35890dbc9abd19fd4657ab4ea449d24299073da019da5b4281

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:58 GMT
last-modified: Mon, 07 Mar 2022 08:26:48 GMT
server: AkamaiNetStorage
etag: "3fb518b7c5881ad6aeb6c6fda87627e9:1646641608.964761"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 3010

GET
H2 200 apple.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 1D9A 9 KB
9 KB 149ms
12ms Image
image/png 23.215.130.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/apple.png
Requested by: Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.130.177 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-177.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:58 GMT
last-modified: Mon, 07 Mar 2022 08:29:14 GMT
server: AkamaiNetStorage
etag: "d72825e76a981573e800cb3983bff287:1646641754.910995"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 9069

GET
H2 200 twitter.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 1D9A 10 KB
10 KB 151ms
15ms Image
image/png 23.215.130.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/twitter.png
Requested by: Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.130.177 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-177.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 392c6ef45dc72dc2d72c2a2d16ff5fcd5943766e78e14f1f6bb008c59cf80877

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:58 GMT
last-modified: Mon, 07 Mar 2022 08:28:06 GMT
server: AkamaiNetStorage
etag: "fac267d563f943d005abd2a01d207764:1646641686.462893"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 9812

GET
H2 200 arrow.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 1D9A 449 B
659 B 16ms
16ms Image
image/png 23.215.130.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/arrow.png
Requested by: Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.130.177 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-177.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:58 GMT
last-modified: Mon, 07 Mar 2022 08:26:50 GMT
server: AkamaiNetStorage
etag: "3303308c2aacb531af045e92a5d7101c:1646641610.663508"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 449

GET
H2 200 logo_small_foot.jpg
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 1D9A 3 KB
4 KB 11ms
10ms Image
image/jpeg 23.215.130.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/logo_small_foot.jpg
Requested by: Host: 2.garsena.vn
URL: https://2.garsena.vn/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.130.177 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-177.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346

Request headers

accept-language: en-US,en;q=0.9
Referer: https://2.garsena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:58 GMT
last-modified: Mon, 07 Mar 2022 08:28:07 GMT
server: AkamaiNetStorage
etag: "c34038edcf4185b3e75a6b85f1cd3d4f:1646641687.19891"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 3522

GET
H2 200 css
fonts.googleapis.com/ Frame 1D9A 117 KB
33 KB 28ms
28ms Stylesheet
text/css 2607:f8b0:4006:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap

Requested by

Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c9f7cf605fe9b7997cd43da48328bdfc7166b1d3cc48a69fdc120ca09440ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dl.dir.freefiremobile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 13 Aug 2023 11:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 13 Aug 2023 11:33:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 13 Aug 2023 11:33:59 GMT

GET
H2 200 bg.jpg
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 1D9A 134 KB
134 KB 195ms
193ms Image
image/jpeg 23.215.130.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/bg.jpg
Requested by: Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.130.177 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-177.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dl.dir.freefiremobile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:59 GMT
last-modified: Mon, 07 Mar 2022 08:28:11 GMT
server: AkamaiNetStorage
etag: "57fd6fc58a09519be8012650efd9881d:1646641691.083794"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 136773

GET
H2 200 top_teeth-l.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 1D9A 144 B
353 B 167ms
165ms Image
image/png 23.215.130.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/top_teeth-l.png
Requested by: Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.130.177 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-177.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dl.dir.freefiremobile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:59 GMT
last-modified: Mon, 07 Mar 2022 08:26:47 GMT
server: AkamaiNetStorage
etag: "fe98481dd3ffad514594309ceb2ef4ba:1646641607.0753"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 144

GET
H2 200 logo-new.png
dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/ Frame 1D9A 253 KB
253 KB 30ms
28ms Image
image/png 23.215.130.177
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/logo-new.png
Requested by: Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.215.130.177 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-215-130-177.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e5d1ff232a26bd3b8a702a52464d1bdf12992e9f166084da5cfad235d8f7b20e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://dl.dir.freefiremobile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 11:33:59 GMT
last-modified: Tue, 19 Jul 2022 08:34:23 GMT
server: AkamaiNetStorage
etag: "76697e9220e45c00a5fbaf78cc3d7553:1658219663.088581"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 258949

GET
H/1.1 200
OK FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/b834daea5160f85ecaabb2c549b25484/ Frame 1D9A 66 KB
67 KB 284ms
270ms Font
font/woff2 2606:4700::6810:9d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/b834daea5160f85ecaabb2c549b25484/FZLTHB.woff2
Requested by: Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80d0682310f5374addcbdc60186e23935dda84231cc1c12858477428eb114f4a

Request headers

Referer: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin: https://2.garsena.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 11:33:59 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSHPgF2pDoQkCHM+6mrHKDxLkjM73TNQ
CF-Cache-Status: HIT
Last-Modified: Thu, 04 Aug 2022 12:29:56 GMT
Server: cloudflare
ETag: "55eb3a834bc9fbff6fd34ca96cc664e0"
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
x-obs-request-id: 00000189E4B1B043994849EDD0D36FE8
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7f60a5756c84433d-EWR
Content-Length: 67904

GET
H/1.1 200
OK FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/1224834698e4e84263548a1dab323467/ Frame 1D9A 72 KB
72 KB 290ms
290ms Font
font/woff2 2606:4700::6810:9d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/1224834698e4e84263548a1dab323467/FZLTHB.woff2
Requested by: Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75e79a67f1bdf19f33b1fce93ce73a78324e5d258df4037317d046a1fbcdc6d4

Request headers

Referer: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin: https://2.garsena.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 11:34:00 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS1DK9NSax6VHRCxGuRPbWXHZ53HZe0G
CF-Cache-Status: HIT
Last-Modified: Thu, 04 Aug 2022 12:29:56 GMT
Server: cloudflare
ETag: "3a3beccb4138424e8065ef007685d39e"
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
x-obs-request-id: 00000189E4B1B9239949A84E50006E97
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7f60a5796f23433d-EWR
Content-Length: 73344

GET
H/1.1 200
OK FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/93f5f343951b4b830d365962d9363ea4/ Frame 1D9A 71 KB
71 KB 1113ms
1113ms Font
font/woff2 2606:4700::6810:9d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/93f5f343951b4b830d365962d9363ea4/FZLTHB.woff2
Requested by: Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9859815a35442c2f7869843308b0411c9df36ed0d59e5a9beda68cfdab89622

Request headers

Referer: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin: https://2.garsena.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 11:34:01 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS9Cqql+KAegFzvJUDkg1NGnoiiUTq0z
CF-Cache-Status: HIT
Last-Modified: Thu, 04 Aug 2022 12:29:56 GMT
Server: cloudflare
ETag: "e9752fdf455120affa8fbb139f46fc54"
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
x-obs-request-id: 00000189E4B1BA649949A97CBF648C41
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7f60a57cd996433d-EWR
Content-Length: 72276

GET
H/1.1 200
OK FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/9aef251ab5981f83c4d91df00e116bd0/ Frame 1D9A 70 KB
70 KB 263ms
263ms Font
font/woff2 2606:4700::6810:9d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/9aef251ab5981f83c4d91df00e116bd0/FZLTHB.woff2
Requested by: Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c79b108aa877d1878052ef27f9d6b8c8d572c99c48b8fa91bf13af533c6e367f

Request headers

Referer: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin: https://2.garsena.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 11:34:01 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS8TpteNx3GiDAsoKsnj61Y0d9G9G+07
CF-Cache-Status: HIT
Last-Modified: Thu, 04 Aug 2022 12:29:56 GMT
Server: cloudflare
ETag: "f68af4e43d5cdce5afc04cfeae49c807"
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
x-obs-request-id: 00000189E4B1BBB59950F113F64ED3B4
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7f60a583de32433d-EWR
Content-Length: 71340

GET
H/1.1 200
OK FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/eadcd441e16d7cf2527937b6771b457b/ Frame 1D9A 39 KB
39 KB 277ms
277ms Font
font/woff2 2606:4700::6810:9d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/eadcd441e16d7cf2527937b6771b457b/FZLTHB.woff2
Requested by: Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e69272d07262a40249f3ca75cec75a633845417dabce8bfbf90c3ce736af28f6

Request headers

Referer: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin: https://2.garsena.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 11:34:02 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSp7WkSxcJDCdyAwX1BXx7dPcR1zXwBF
CF-Cache-Status: HIT
Last-Modified: Thu, 04 Aug 2022 12:29:56 GMT
Server: cloudflare
ETag: "376f1116de6985e7b2731add83ca439f"
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
x-obs-request-id: 00000189E4B1BCCC9142AC057FD39EF8
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7f60a5858f6a433d-EWR
Content-Length: 39908

GET
H/1.1 200
OK FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/975e5e220553a843b1ff8c4b6e0e86c5/ Frame 1D9A 43 KB
44 KB 274ms
273ms Font
font/woff2 2606:4700::6810:9d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/975e5e220553a843b1ff8c4b6e0e86c5/FZLTHB.woff2
Requested by: Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17deaf237ad555333a5edeb7c8159988ebe6c7761fde56a58ff27fe6683c6591

Request headers

Referer: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin: https://2.garsena.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 11:34:02 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSwv6JYecT+olHPc9fswWcD/E2JQQZYP
CF-Cache-Status: HIT
Last-Modified: Thu, 04 Aug 2022 12:29:56 GMT
Server: cloudflare
ETag: "f8271990dbe1385470ad15c73b48711c"
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
x-obs-request-id: 00000189E4B1BD6C994A3C3B9AF6196C
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7f60a58748f8433d-EWR
Content-Length: 44352

GET
H/1.1 200
OK FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/0d00e5e6706d99564e6061ea5310c706/ Frame 1D9A 65 KB
65 KB 261ms
261ms Font
font/woff2 2606:4700::6810:9d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/0d00e5e6706d99564e6061ea5310c706/FZLTHB.woff2
Requested by: Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feaff8a5200ae8f8d3da7d69f475079056163b97569673f7a83a814931990320

Request headers

Referer: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin: https://2.garsena.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 11:34:02 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCScadnvrM5tsWpMYzClAoJLf8UJqphS9
CF-Cache-Status: HIT
Last-Modified: Thu, 04 Aug 2022 12:29:56 GMT
Server: cloudflare
ETag: "ecbf5b56f674802ec420fcf8bd8f827b"
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
x-obs-request-id: 00000189E4B1BE84994EB6EF1FB56A38
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7f60a5890a2a433d-EWR
Content-Length: 66448

GET
H/1.1 200
OK FZLTHB.woff2
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/79b66a2b1f95ba67ab5092f19d801f38/ Frame 1D9A 55 KB
56 KB 558ms
557ms Font
font/woff2 2606:4700::6810:9d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/zh/79b66a2b1f95ba67ab5092f19d801f38/FZLTHB.woff2
Requested by: Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.447aeaee79bb574826e0.css
Origin: https://2.garsena.vn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Sun, 13 Aug 2023 11:34:03 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS3hP4pWFs9Cg3eqRNm7OxiojsBA2zCC
CF-Cache-Status: HIT
Last-Modified: Thu, 04 Aug 2022 12:29:56 GMT
Server: cloudflare
ETag: "c0f61bd94bc15fa6cfd948278f46bc6a"
Vary: Accept-Encoding
Content-Type: font/woff2
Access-Control-Allow-Origin: *
x-obs-request-id: 00000189E3F60762994A4249F1952D3C
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 7f60a58acbb9433d-EWR
Content-Length: 56472

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Garena Free Fire (Gaming)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.garsena.vn
ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
dl.dir.freefiremobile.com
dlgarenanow-a.akamaihd.net
ff.member.garena.vn
fonts.googleapis.com
freefiresinhnhat.garsena.vn
use.fontawesome.com
www.googletagmanager.com
23.215.130.177
2606:4700:3033::ac43:cec2
2606:4700::6810:9d24
2606:4700::6811:180e
2606:4700:e0::ac40:670b
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80f::200a
2607:f8b0:4006:822::200a
2a04:4e42:400::485
45.119.240.169
0c9f7cf605fe9b7997cd43da48328bdfc7166b1d3cc48a69fdc120ca09440ccb
0f0cdfcbeb1eeeffe2e37a895671c0115c30fdb56867c9c531dc6042b70984b4
17deaf237ad555333a5edeb7c8159988ebe6c7761fde56a58ff27fe6683c6591
25af217d3c760da3c3334b64fa58cef758626129db805590329596c2dc55be08
2933c96348a4eae7cbbf8f280ca0981586a9b5c097ef952b996cad7d28f2fad0
38e377481a3abf35890dbc9abd19fd4657ab4ea449d24299073da019da5b4281
392c6ef45dc72dc2d72c2a2d16ff5fcd5943766e78e14f1f6bb008c59cf80877
3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346
42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae
4b6ed153b23f0130b699faca4762632346e1078a888fa4d343e99edb7cefa530
69372a2cbab804326e6f1a102fa1d0ab95cfc7b0aec7763c8b003bea349ba7c8
756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861
75e79a67f1bdf19f33b1fce93ce73a78324e5d258df4037317d046a1fbcdc6d4
80d0682310f5374addcbdc60186e23935dda84231cc1c12858477428eb114f4a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
886e1e675050878cd1710ba030a7787613e5bbbe02a2b099683306c16ac8c8cd
8ad11d86163a7756ad83b7e4f540d6ae5617f6b6c899686ebfb8ace62aa8d7d8
8ffae0974acd7014b8e30ff2510ff2c8809103dca22a9e9d252cfd525cc7eff9
94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2
ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b049b6f5caf1f1375cb04496a56104fa61e05e791d6bb7e435aa84a284a6210c
b9859815a35442c2f7869843308b0411c9df36ed0d59e5a9beda68cfdab89622
ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d
c203b910388ddd0a665f9d474cb718737002a0ba8188ba1eb7b6f1848b595868
c79b108aa877d1878052ef27f9d6b8c8d572c99c48b8fa91bf13af533c6e367f
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d5b43c13f29156b87b601565e8abe066f9dc7ef32d856deeee11f099f1807748
e5d1ff232a26bd3b8a702a52464d1bdf12992e9f166084da5cfad235d8f7b20e
e69272d07262a40249f3ca75cec75a633845417dabce8bfbf90c3ce736af28f6
edefde11d13eb274cafd860dd219755352257187b374f313c810cb6a20f0a477
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
feaff8a5200ae8f8d3da7d69f475079056163b97569673f7a83a814931990320
ffb4fbd1fd6afdd5b3422a0d832402df8c555b7bbf19571542ace5f45fd7f2fa

freefiresinhnhat.garsena.vn Open in urlscan Pro 2606:4700:3033::ac43:cec2 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

37 Requests

97 %HTTPS

80 %IPv6

9 Domains

11 Subdomains

9 IPs

2 Countries

1329 kBTransfer

2489 kBSize

0 Cookies

0 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

freefiresinhnhat.garsena.vn Open in urlscan Pro
2606:4700:3033::ac43:cec2 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

97 %
HTTPS

80 %
IPv6

9
Domains

11
Subdomains

9
IPs

2
Countries

1329 kB
Transfer

2489 kB
Size

0
Cookies

37 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!