urlscan.io logo urlscan.io
SecurityTrails logo

reward.ff.garena.com Open in urlscan Pro
148.222.67.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://reward.ff.theextraevent.com/
Effective URL: https://reward.ff.garena.com/
Submission: On May 20 via automatic, source openphish — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 2 countries across 7 domains to perform 22 HTTP transactions. The main IP is 148.222.67.158, located in Singapore and belongs to GARENA-SG Garena Online Pte Ltd, SG. The main domain is reward.ff.garena.com. The Cisco Umbrella rank of the primary domain is 263027.
TLS certificate: Issued by R3 on April 23rd 2024. Valid for: 3 months.
This is the only time reward.ff.garena.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 148.222.67.158 58521 (GARENA-SG...)
1 2404:6800:400... 15169 (GOOGLE)
17 13.35.18.99 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
22 5
3    148.222.67.158 (Singapore)

ASN58521 (GARENA-SG Garena Online Pte Ltd, SG)
reward.ff.theextraevent.com
reward.ff.garena.com
rosetta.garenanow.com
1    2404:6800:4003:c1a::61 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
17    13.35.18.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-18-99.sin5.r.cloudfront.net
dl.dir.freefiremobile.com
1    2404:6800:4003:c05::66 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2404:6800:4003:c11::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
Apex Domain
Subdomains		 Transfer
17 freefiremobile.com
dl.dir.freefiremobile.com — Cisco Umbrella Rank: 32577
992 KB
1 garenanow.com
rosetta.garenanow.com
8 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
33 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
257 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
85 KB
1 garena.com
reward.ff.garena.com — Cisco Umbrella Rank: 263027
931 B
1 theextraevent.com
reward.ff.theextraevent.com
85 B
22 7
Domain Requested by
17 dl.dir.freefiremobile.com reward.ff.garena.com
dl.dir.freefiremobile.com
1 rosetta.garenanow.com dl.dir.freefiremobile.com
1 fonts.googleapis.com dl.dir.freefiremobile.com
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com reward.ff.garena.com
1 reward.ff.garena.com
1 reward.ff.theextraevent.com 1 redirects
22 7

This site contains no links.

Subject Issuer Validity Valid
reward.ff.garena.com
R3		 2024-04-23 -
2024-07-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
dl.dir.freefiremobile.com
Amazon RSA 2048 M03		 2023-11-29 -
2024-12-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-05-06 -
2024-07-29		 3 months crt.sh
rosetta.garenanow.com
R3		 2024-04-15 -
2024-07-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://reward.ff.garena.com/
Frame ID: 590611A80B7941D1AF955BFBD864B5FF
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Fire

Page URL History Show full URLs

  1. https://reward.ff.theextraevent.com/ HTTP 302
    https://reward.ff.garena.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

22
Requests

100 %
HTTPS

60 %
IPv6

7
Domains

7
Subdomains

5
IPs

2
Countries

1119 kB
Transfer

1351 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://reward.ff.theextraevent.com/ HTTP 302
    https://reward.ff.garena.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
reward.ff.garena.com/
Redirect Chain
  • https://reward.ff.theextraevent.com/
  • https://reward.ff.garena.com/
2 KB
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://reward.ff.garena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.222.67.158 , Singapore, ASN58521 (GARENA-SG Garena Online Pte Ltd, SG),
Reverse DNS
Software
openresty /
Resource Hash
ca1d554f1842e34ba7e3743c6d60b3c508e78709a693194cc8b15b16b6e48fbc

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
max-age=300
content-encoding
gzip
content-type
text/html
date
Mon, 20 May 2024 13:19:21 GMT
etag
W/"65dd54b7-72b"
last-modified
Tue, 27 Feb 2024 03:19:19 GMT
server
openresty
vary
Accept-Encoding

Redirect headers

content-length
158
content-type
text/html
date
Mon, 20 May 2024 13:19:21 GMT
location
https://reward.ff.garena.com
server
openresty
js
www.googletagmanager.com/gtag/ 		237 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Y1QNJ6ZLV6
Requested by
Host: reward.ff.garena.com
URL: https://reward.ff.garena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
27c42eca4c1eb201d0ba2e9ef71d2bb14d745e32fc1ce1eac71e4b14b0615afa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 13:19:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86490
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 20 May 2024 13:19:21 GMT
main.037c1ac475d55279eb78.css
dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/ 		69 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.037c1ac475d55279eb78.css
Requested by
Host: reward.ff.garena.com
URL: https://reward.ff.garena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
030b11ea01780dcef28d553f24578118d1aea7ff26f064d6c6366c124d9cc35a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:48:36 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
Gk4YuiJyaQ8IwZi1KKcbxg==
x-amz-cf-pop
SIN5-C1
age
1845
x-cache
Hit from cloudfront
x-obs-request-id
0000018F960BF447901597BDBC7AB72C
content-length
70930
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS4jtEvdg1iMqjr2Vrk9o9okS3Zh7ZXe
last-modified
Tue, 27 Feb 2024 03:51:19 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"1a4e18ba2272690f08c198b528a71bc6"
vary
Accept-Encoding, Origin
content-type
text/css
accept-ranges
bytes
x-amz-cf-id
SzdlYAEB9ePvMvTbGZUs2LgFO8iWDmT8QAiD-1LY9ss6wLTt4wSt9A==
vendors~main.75f0f793a533d9cfef89.js
dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/js/ 		251 KB
251 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/js/vendors~main.75f0f793a533d9cfef89.js
Requested by
Host: reward.ff.garena.com
URL: https://reward.ff.garena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
b6f41823460946a44d1558ab5ab19ddd4c09218d1e53eefe92d6b3b7357ad6cd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:42:09 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
GCRnLnc7bjp9fS1gdbzQGA==
x-amz-cf-pop
SIN5-C1
age
2232
x-cache
Hit from cloudfront
x-obs-request-id
0000018F9606091E9412D174628BF0C1
content-length
256574
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCScWO/itZT0NhLqis3yK6NT3+YOr+ZWi
last-modified
Tue, 27 Feb 2024 03:51:19 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"1824672e773b6e3a7d7d2d6075bcd018"
vary
Accept-Encoding, Origin
content-type
text/javascript
accept-ranges
bytes
x-amz-cf-id
8O4jGlSl06y5jJjlIcEMENTbPh5D5QAna_oVYdO67kMfNIH_dok0uA==
main.9a6f308934c7aea2ca3e.js
dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/js/ 		159 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/js/main.9a6f308934c7aea2ca3e.js
Requested by
Host: reward.ff.garena.com
URL: https://reward.ff.garena.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
d46fb431df919707ebd96390ce8b152dd0fce98403b2e7850cfb6dc321b97a01

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:56:00 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
GsQnpfY7UAqtCPzWLDUG1A==
x-amz-cf-pop
SIN5-C1
age
1401
x-cache
Hit from cloudfront
x-obs-request-id
0000018F9612B73E9806580201D013C5
content-length
163308
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSwczc8/CPdZL6OaZZ5vYXURE9tWs8wZ
last-modified
Tue, 27 Feb 2024 03:51:19 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"1ac427a5f63b500aad08fcd62c3506d4"
vary
Accept-Encoding, Origin
content-type
text/javascript
accept-ranges
bytes
x-amz-cf-id
-_SGypy6VTxCuZwZJEh4g6knRt2Ye51arbZm-IXAYrFhkzfH5gTQXA==
collect
www.google-analytics.com/g/ 		0
257 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Y1QNJ6ZLV6&gtm=45je45f0v9102731567za200&_p=1716211161863&gcd=13l3l3l3l1&npa=0&dma=0&cid=738660327.1716211162&ul=zh-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.207%7CGoogle%2520Chrome%3B124.0.6367.207%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1716211161&sct=1&seg=0&dl=https%3A%2F%2Freward.ff.garena.com%2F&dt=Free%20Fire&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=180
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y1QNJ6ZLV6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c05::66 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 20 May 2024 13:19:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://reward.ff.garena.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		120 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.037c1ac475d55279eb78.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c11::5f Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
78fd77e0744c746a2178e29c697fc34eb5ebbd75822d8e01344815002808b11f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dl.dir.freefiremobile.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 20 May 2024 13:19:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 20 May 2024 13:14:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 20 May 2024 13:19:21 GMT
203
rosetta.garenanow.com/transify/ 		8 KB
8 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rosetta.garenanow.com/transify/203?lang=1
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/js/main.9a6f308934c7aea2ca3e.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
148.222.67.158 , Singapore, ASN58521 (GARENA-SG Garena Online Pte Ltd, SG),
Reverse DNS
Software
openresty /
Resource Hash
9efc72b9ba057522502b2bfdd4181af2758c184c95f882895434c7bc5cd6584f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Mon, 20 May 2024 13:19:22 GMT
server
openresty
content-type
application/json
ff-logo-icon.png
dl.dir.freefiremobile.com/common/web_event/tweb-event/FFSH/assets-common/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/FFSH/assets-common/ff-logo-icon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
049490ddf516d0c066e4245937065d8ff549ecddfd0f6ebe55891960627c86e8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:52:58 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
eCnseZl3WGWmYkaN1+lhFw==
x-amz-cf-pop
SIN5-C1
age
1584
x-cache
Hit from cloudfront
x-obs-request-id
0000018F960FF058980C0432746B57F7
content-length
1414
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSf2kMQti4fut489rptm3zItAA8lbq/w
last-modified
Thu, 14 Sep 2023 11:55:15 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"7829ec7999775865a662468dd7e96117"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
h1oBuYVVMCSLCd_Q3j89iL28mKYKR8WuWg_PY977VXsC_zEyOntXJg==
ff-logo-icon.png
dl.dir.freefiremobile.com/common/web_event/tweb-event/FFSH/assets-common/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/FFSH/assets-common/ff-logo-icon.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
049490ddf516d0c066e4245937065d8ff549ecddfd0f6ebe55891960627c86e8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:52:58 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
eCnseZl3WGWmYkaN1+lhFw==
x-amz-cf-pop
SIN5-C1
age
1584
x-cache
Hit from cloudfront
x-obs-request-id
0000018F960FF058980C0432746B57F7
content-length
1414
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSf2kMQti4fut489rptm3zItAA8lbq/w
last-modified
Thu, 14 Sep 2023 11:55:15 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"7829ec7999775865a662468dd7e96117"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
h1oBuYVVMCSLCd_Q3j89iL28mKYKR8WuWg_PY977VXsC_zEyOntXJg==
facebook.png
dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/facebook.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:55:39 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
4yioX68+xZXlJYYMmONAmA==
x-amz-cf-pop
SIN5-C1
age
1423
x-cache
Hit from cloudfront
x-obs-request-id
0000018F9612663894137AB6921B33C8
content-length
9175
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSU7V06LLQECAqGGoLJDTzHLhZVgMYMS
last-modified
Thu, 14 Sep 2023 08:51:30 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"e328a85faf3ec595e525860c98e34098"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
npLI8dEipnaU7brl8VqUhjPVftqUt1d8WEsvITMgTM07fFahqsmulg==
vk.png
dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/vk.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
b66755701dc92b57f3d116a42fb1c4c573cb3d9b628125b61339277585018f90

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:44:26 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
LdgDY7gcgZb3+InjsNh3/Q==
x-amz-cf-pop
SIN5-C1
age
2096
x-cache
Hit from cloudfront
x-obs-request-id
0000018F960821FC9806572157C5CA06
content-length
5939
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSesdR7OtxjsIozpXtPTJmlIj+UOhzrk
last-modified
Wed, 04 Oct 2023 11:13:59 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"2dd80363b81c8196f7f889e3b0d877fd"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
sP14pAHMJp0_zduHg4UrkLKMU38DZacm19JNLgWK1sVKgLWMI7x9lQ==
google.png
dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/google.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
edefde11d13eb274cafd860dd219755352257187b374f313c810cb6a20f0a477

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:24:43 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
+tNQqxs3bW5j9OIIgLdxTQ==
x-amz-cf-pop
SIN5-C1
age
3279
x-cache
Hit from cloudfront
x-obs-request-id
0000018F95F6151398137B5B2D49F0B7
content-length
6351
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCShyzJhnhgWASLlOx9p0JzkCMzHgCdmD
last-modified
Thu, 14 Sep 2023 08:51:33 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"fad350ab1b376d6e63f4e20880b7714d"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
nGhj1IrXS-lqFmJLUT_eeu3xNavUhwod0NKvFF-cfAWLkwf-8ftp7g==
apple.png
dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/apple.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 13:07:44 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
1ygl52qYFXPoAMs5g7/yhw==
x-amz-cf-pop
SIN5-C1
age
698
x-cache
Hit from cloudfront
x-obs-request-id
0000018F961D7640980C0540A8327F74
content-length
9069
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSMSt7dUqAFwzY1K+v0xThxUKGvAdO8V
last-modified
Thu, 14 Sep 2023 08:51:25 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"d72825e76a981573e800cb3983bff287"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
Wj1ADU614MHLdf6myWLaUhKF5J9BM_569ADgwbApT202ZpnyQR12Rw==
twitter.png
dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/twitter.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
3b72d1f882a004a422b19a96191b2ada8867293aee251f3b70e1741d410234f1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:55:48 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
X9KLaobgoUGj0YKcralhQQ==
x-amz-cf-pop
SIN5-C1
age
1414
x-cache
Hit from cloudfront
x-obs-request-id
0000018F961288DD901596F61A17B5EC
content-length
8338
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCStv6uWyxRM/iTwRDlwxLmGNiROBCJwf
last-modified
Wed, 04 Oct 2023 11:24:42 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"5fd28b6a86e0a141a3d1829cada96141"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
C0UbX9DgX3dLgpGD_Jwi268tk4wHoftea-a0i2r79jKb5EfDMZtHGw==
arrow.png
dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/ 		449 B
930 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/arrow.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:28:18 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
MwMwjCqstTGvBF6SpdcQHA==
x-amz-cf-pop
SIN5-C1
age
3064
x-cache
Hit from cloudfront
x-obs-request-id
0000018F95F95B6698137B60C928EAE5
content-length
449
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSy/rpC6AfYApnBQ903aX1RIPUPn97ck
last-modified
Thu, 14 Sep 2023 08:51:24 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"3303308c2aacb531af045e92a5d7101c"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
7IJRFcvwu9yMzjXsmd6DOpoJ9VmA5KcP5d0w2r81QnoQsIvLl2SGrw==
logo_small_foot.jpg
dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/logo_small_foot.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://reward.ff.garena.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:31:14 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
w0A47c9BhbPnWmuF8c09Tw==
x-amz-cf-pop
SIN5-C1
age
2888
x-cache
Hit from cloudfront
x-obs-request-id
0000018F95FC0C0D98065797909CC214
content-length
3522
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS3pahvumvzZe17l+rs4oBHb7Je5ZG2H
last-modified
Thu, 14 Sep 2023 08:51:35 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"c34038edcf4185b3e75a6b85f1cd3d4f"
vary
Origin
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
jh_Dc8qjF9z0cPYzxofuUT6xneR_2KCWNEt0pX_csvesZSoX9lVocg==
bg.jpg
dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/bg.jpg
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.037c1ac475d55279eb78.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.037c1ac475d55279eb78.css
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:46:16 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
V/1vxYoJUZvoASZQ79mIHQ==
x-amz-cf-pop
SIN5-C1
age
1986
x-cache
Hit from cloudfront
x-obs-request-id
0000018F9609CDA598089D5EAE44D92F
content-length
136773
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSYNkS+mwLs+NZoZ+PAjLp8+gdvCQGZ2
last-modified
Thu, 14 Sep 2023 08:51:29 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"57fd6fc58a09519be8012650efd9881d"
vary
Origin
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
4p305SfzXYKK_nJSNh4j3d_INA3AmZ8nD0K2lHGQOUxgmR_3h2unXg==
top_teeth-l.png
dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/ 		144 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/top_teeth-l.png
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.037c1ac475d55279eb78.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.037c1ac475d55279eb78.css
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:25:22 GMT
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
content-md5
/phIHdP/rVFFlDCc6y70ug==
x-amz-cf-pop
SIN5-C1
age
3240
x-cache
Hit from cloudfront
x-obs-request-id
0000018F95F6AE66941A8725D427EE61
content-length
144
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS/x140W+gza3Voojqbbbk18sUUF+9k+
last-modified
Thu, 14 Sep 2023 08:51:42 GMT
server
OBS
x-obs-replication-status
REPLICA
etag
"fe98481dd3ffad514594309ceb2ef4ba"
vary
Origin
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
ooWlsY3evoYmDKgMrhdZ1KEuHbIBkJ3hxABF1fotnYPjtydPx2cLnQ==
logo-new.png
dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/ 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/redemption/img/logo-new.png
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.037c1ac475d55279eb78.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
e5d1ff232a26bd3b8a702a52464d1bdf12992e9f166084da5cfad235d8f7b20e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.037c1ac475d55279eb78.css
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:30:06 GMT
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSZK+JGT+zM35h62xMwXYpnUAY6cjvDe
via
1.1 a0dab1619e09a1e6e84a759dfdfe7342.cloudfront.net (CloudFront)
last-modified
Thu, 04 Aug 2022 12:38:25 GMT
server
OBS
x-amz-cf-pop
SIN5-C1
age
2956
etag
"76697e9220e45c00a5fbaf78cc3d7553"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
x-obs-request-id
0000018F95FB03DB980F12891A99E4DF
accept-ranges
bytes
content-length
258949
x-amz-cf-id
E43Gmhe56WAlb2v7MEg4mT73lQqs2WrpBAdl-2GCgkZsoC8RH3TtqA==
GFFLatinW05-Bold.woff
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/ 		37 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/GFFLatinW05-Bold.woff
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.037c1ac475d55279eb78.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
5441944a6ee96a0dc5935f0b4c180045b41c7ef6068bd50c05dade403fbe150e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.037c1ac475d55279eb78.css
Origin
https://reward.ff.garena.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:39:33 GMT
via
1.1 1728256c36c9016e0b9379e91a1c2e68.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
age
2389
x-cache
Hit from cloudfront
x-obs-request-id
0000018F9603A7AE90129CB0CF795832
content-length
38243
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSoclSETdQxPaQGDwVZdVAXz2Zj7ok18
last-modified
Thu, 04 Aug 2022 12:29:55 GMT
server
OBS
etag
"2aea1e812ea22f7bf315a8d9769e1470"
access-control-max-age
100
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
ETag, x-obs-request-id, x-obs-api, Content-Type, Content-Length, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Expires, x-obs-id-2, x-reserved-indicator, x-obs-version-id, x-obs-copy-source-version-id, x-obs-storage-class, x-obs-delete-marker, x-obs-expiration, x-obs-website-redirect-location, x-obs-restore, x-obs-version, x-obs-object-type, x-obs-next-append-position
accept-ranges
bytes
x-amz-cf-id
zUTggXvARipH22M4YUDKswCGCu8i_wcVtNpYktHfMqLRkDZXv1Q06Q==
GFFLatinW05-Regular.woff
dl.dir.freefiremobile.com/common/web_event/common/fonts/website/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dl.dir.freefiremobile.com/common/web_event/common/fonts/website/GFFLatinW05-Regular.woff
Requested by
Host: dl.dir.freefiremobile.com
URL: https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.037c1ac475d55279eb78.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-99.sin5.r.cloudfront.net
Software
OBS /
Resource Hash
475f5b3cb03384633a4e870c3377b992f13ad8246a23173a282be11faf2c85fb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://dl.dir.freefiremobile.com/common/web_event/tweb-event/rewardFF/dist/assets/css/main.037c1ac475d55279eb78.css
Origin
https://reward.ff.garena.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 20 May 2024 12:58:08 GMT
via
1.1 1728256c36c9016e0b9379e91a1c2e68.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
age
1274
x-cache
Hit from cloudfront
x-obs-request-id
0000018F9614AB8798137B913F3FA629
content-length
36707
x-obs-id-2
32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSkOmRcJEo79E3SU0dZ9kSvzGJDLXh80
last-modified
Thu, 04 Aug 2022 12:29:55 GMT
server
OBS
etag
"79eded60054ec31a810b67864d975a8c"
access-control-max-age
100
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
access-control-expose-headers
ETag, x-obs-request-id, x-obs-api, Content-Type, Content-Length, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Expires, x-obs-id-2, x-reserved-indicator, x-obs-version-id, x-obs-copy-source-version-id, x-obs-storage-class, x-obs-delete-marker, x-obs-expiration, x-obs-website-redirect-location, x-obs-restore, x-obs-version, x-obs-object-type, x-obs-next-append-position
accept-ranges
bytes
x-amz-cf-id
WdHyv1UHodmlYeqvjWm4MWpaiqRFZzK3fHF6n9TXY881l65O3LsuZQ==

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager object| google_tag_data object| gaGlobal object| webpackJsonp object| __SENTRY__ object| regeneratorRuntime object| vue

2 Cookies

Domain/Path Name / Value
.garena.com/ Name: _ga_Y1QNJ6ZLV6
Value: GS1.1.1716211161.1.0.1716211161.0.0.0
.garena.com/ Name: _ga
Value: GA1.1.738660327.1716211162

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dl.dir.freefiremobile.com
fonts.googleapis.com
reward.ff.garena.com
reward.ff.theextraevent.com
rosetta.garenanow.com
www.google-analytics.com
www.googletagmanager.com
13.35.18.99
148.222.67.158
2404:6800:4003:c05::66
2404:6800:4003:c11::5f
2404:6800:4003:c1a::61
030b11ea01780dcef28d553f24578118d1aea7ff26f064d6c6366c124d9cc35a
049490ddf516d0c066e4245937065d8ff549ecddfd0f6ebe55891960627c86e8
27c42eca4c1eb201d0ba2e9ef71d2bb14d745e32fc1ce1eac71e4b14b0615afa
3b72d1f882a004a422b19a96191b2ada8867293aee251f3b70e1741d410234f1
3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346
42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae
475f5b3cb03384633a4e870c3377b992f13ad8246a23173a282be11faf2c85fb
5441944a6ee96a0dc5935f0b4c180045b41c7ef6068bd50c05dade403fbe150e
756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861
78fd77e0744c746a2178e29c697fc34eb5ebbd75822d8e01344815002808b11f
94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2
9efc72b9ba057522502b2bfdd4181af2758c184c95f882895434c7bc5cd6584f
ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3
b66755701dc92b57f3d116a42fb1c4c573cb3d9b628125b61339277585018f90
b6f41823460946a44d1558ab5ab19ddd4c09218d1e53eefe92d6b3b7357ad6cd
ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d
ca1d554f1842e34ba7e3743c6d60b3c508e78709a693194cc8b15b16b6e48fbc
d46fb431df919707ebd96390ce8b152dd0fce98403b2e7850cfb6dc321b97a01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d1ff232a26bd3b8a702a52464d1bdf12992e9f166084da5cfad235d8f7b20e
edefde11d13eb274cafd860dd219755352257187b374f313c810cb6a20f0a477