sukien-freefire.garaena.vn Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sukien-freefire.garaena.vn/
Submission: On November 01 via api (November 1st 2023, 1:34:09 am UTC) from JP — Scanned from NL

Summary HTTP 65 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 65 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is sukien-freefire.garaena.vn.
TLS certificate: Issued by GTS CA 1P5 on October 30th 2023. Valid for: 3 months.

This is the only time sukien-freefire.garaena.vn was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
9	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	146.75.120.193 146.75.120.193	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	23.32.239.50 23.32.239.50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:9d24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:310... 2606:4700:3108::ac42:2b55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2016	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	129.226.2.89 129.226.2.89	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
65	22

9 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

sukien-freefire.garaena.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 146.75.120.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.kolpaper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.32.239.50 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-239-50.deploy.static.akamaitechnologies.com

freefiremobile-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:9d24 (United States)

ASN13335 (CLOUDFLARENET, US)

dl.dir.freefiremobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b55 (United States)

ASN13335 (CLOUDFLARENET, US)

files7.webydo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.226.2.89 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

na.apps.amsoveasea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	akamaihd.net freefiremobile-a.akamaihd.net — Cisco Umbrella Rank: 72414	368 KB
10	imgur.com i.imgur.com — Cisco Umbrella Rank: 7022	291 KB
9	garaena.vn sukien-freefire.garaena.vn	264 KB
7	youtube.com www.youtube.com — Cisco Umbrella Rank: 68	959 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364 jnn-pa.googleapis.com — Cisco Umbrella Rank: 207	66 KB
5	gstatic.com fonts.gstatic.com	61 KB
5	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	24 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 static.doubleclick.net — Cisco Umbrella Rank: 255	1 KB
1	amsoveasea.com na.apps.amsoveasea.com — Cisco Umbrella Rank: 239715	171 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 219	5 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 87	51 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	15 KB
1	webydo.com files7.webydo.com	21 KB
1	freefiremobile.com dl.dir.freefiremobile.com — Cisco Umbrella Rank: 43783	114 KB
1	kolpaper.com www.kolpaper.com — Cisco Umbrella Rank: 635741	409 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	14 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	30 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
0	top4top.io Failed h.top4top.io Failed
65	19

	Domain	Requested by
10	freefiremobile-a.akamaihd.net	sukien-freefire.garaena.vn
10	i.imgur.com	sukien-freefire.garaena.vn
9	sukien-freefire.garaena.vn	sukien-freefire.garaena.vn code.jquery.com static.cloudflareinsights.com
7	www.youtube.com	sukien-freefire.garaena.vn www.youtube.com
5	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
5	cdn.jsdelivr.net	sukien-freefire.garaena.vn
4	jnn-pa.googleapis.com	www.youtube.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	na.apps.amsoveasea.com	code.jquery.com
1	yt3.ggpht.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	files7.webydo.com	sukien-freefire.garaena.vn
1	dl.dir.freefiremobile.com	sukien-freefire.garaena.vn
1	www.kolpaper.com	sukien-freefire.garaena.vn
1	ajax.googleapis.com	sukien-freefire.garaena.vn
1	cdnjs.cloudflare.com	sukien-freefire.garaena.vn
1	code.jquery.com	sukien-freefire.garaena.vn
1	fonts.googleapis.com	sukien-freefire.garaena.vn
1	static.cloudflareinsights.com	sukien-freefire.garaena.vn
0	h.top4top.io Failed	sukien-freefire.garaena.vn
65	22

This site contains no links.

Subject Issuer	Validity	Valid
garaena.vn GTS CA 1P5	`2023-10-30` - `2024-01-28`	3 months	crt.sh
*.imgur.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-13` - `2024-03-12`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
kolpaper.com GTS CA 1P5	`2023-10-27` - `2024-01-25`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
dl.dir.freefiremobile.com GeoTrust TLS RSA CA G1	`2023-09-12` - `2024-09-11`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
na.apps.amsoveasea.com TrustAsia RSA DV TLS CA G2	`2023-04-23` - `2024-05-22`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://sukien-freefire.garaena.vn/
Frame ID: BBA1F9C03C786CEE9BEB6F6897A33E77
Requests: 46 HTTP requests in this frame

Frame: https://www.youtube.com/embed/5176jTcQ8C0?controls=0
Frame ID: D8D21ABD543B9DFD07B2DE2FCA04F2E5
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GARENA FREE FIRE

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

65
Requests

97 %
HTTPS

86 %
IPv6

19
Domains

22
Subdomains

22
IPs

3
Countries

2700 kB
Transfer

5277 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

65 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sukien-freefire.garaena.vn/ 8 KB
4 KB 986ms
840ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sukien-freefire.garaena.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5107a02a8032e55e3cb1430a5d9f51ca2aaebf0ec027a5d5f698158802152b73

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81f0646c6d3f1953-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 01 Nov 2023 01:33:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FBHK3KWzzvKWWbfcfL4KrACnNTV52srif2HLnmIZAgVTW2A%2Fuyb1%2FirHrC16F6cphOFiv5cj0IaZhvW7Ocjz%2BKuFq7NH4Qf0LsB727pULSnAN4Fc%2FuvJ5MRBcB4jaYZaE3w6nhxEeBhi13soBNNNDqOhzpEwywB75A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/7.4.33
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.css
sukien-freefire.garaena.vn/css/ 23 KB
5 KB 28ms
27ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d67f2b1a4841f39bdf796522a8b369192e323f27d0e45ac319774330d7dd3cf7

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 15 Jul 2022 13:44:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 83962
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BKj1QX7wlvdG%2BL6zIenetimrCdl%2Bvg9yBGvwOR7AGI3iJRQ0xK114eKsjBFP7SHCCYV89WbGapvH20fA9UnNHpIvnXhKxhoISmmxHKWGlW94iGjbuMUlv%2FKQah8ZG%2F4Ny5iB7Z7bUhyeBR%2F3zucMhq8xcW53AenHPg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 81f06471affa1953-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 07 Nov 2023 02:14:32 GMT

GET p_2016h7ob71.gif
h.top4top.io/ 0
0

GET
H2 200 EUV3ile.png
i.imgur.com/ 4 KB
5 KB 74ms
20ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/EUV3ile.png

Requested by

Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8bdb4322a6170d1d92b43e3be71e72673051835bd52152e216efba7cb4e9e1cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:54 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 632278
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4267
x-served-by: cache-iad-kjyo7100108-IAD, cache-fra-etou8220092-FRA
last-modified: Thu, 07 Jul 2022 15:08:29 GMT
server: cat factory 1.0
x-timer: S1698802435.881356,VS0,VE1
etag: "6c4aeb014b77e39ab3ad74e57048a7c6"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: tvVujsqfYggtzhJ0XfkFBMZuipcIrT0rXFBR2Q0tEF_Fj6gPOOmDqg==
x-cache-hits: 441, 1

GET
H2 200 1.jpg
sukien-freefire.garaena.vn/assets/incu/ 213 KB
214 KB 1409ms
1408ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sukien-freefire.garaena.vn/assets/incu/1.jpg
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 432360a0d8577899a613c18a11150cb52fa83c4863e8495d8a5cb03fa431f9f6

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:56 GMT
cf-cache-status: MISS
last-modified: Tue, 05 Apr 2022 19:13:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNM6XFclOmdJqMxy6QG59Rhm%2F%2FOcOEK15brHerTPKQx%2FlyuDcdEHIacpxZSC0TaqpgrBXq8u0t4w6iw01Z7QjvrOvknSF5xWBEOTTtE5aN%2BfVhu519v3ljsjtWATfVHmmSO2dSwz2v%2FjKcHR%2BVlqChC5obQdCPPPFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81f06471affe1953-FRA
alt-svc: h3=":443"; ma=86400
content-length: 218095
expires: Wed, 08 Nov 2023 01:33:55 GMT

GET
H2 200 facebook_text.png
sukien-freefire.garaena.vn/assets/img/ 28 KB
29 KB 28ms
28ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sukien-freefire.garaena.vn/assets/img/facebook_text.png
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 430378
alt-svc: h3=":443"; ma=86400
content-length: 28789
last-modified: Tue, 05 Apr 2022 19:13:08 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cXNqTvUgRIkxkq1uhK1OtYRANjrS1dFJI0Wgv4uVvfPXXMfzMMI%2FE%2FG9OsSwaKPfG8LgNzDmvuawW7tFLIbA%2FCaVdMY8OmvvDtfevSQfARvupeV3%2Bn7LZ7H3gDmC9Cb9qIEB76mkn4%2F9apXBFEMM5EWJCou8qwOHug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 81f06471afff1953-FRA
expires: Fri, 03 Nov 2023 02:00:55 GMT

GET
H2 404 icon.png
sukien-freefire.garaena.vn/tan/ 2 KB
2 KB 700ms
700ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sukien-freefire.garaena.vn/tan/icon.png
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd9fe9fd674479805f8e5a50145a2d7170e38a4d5a3bf8abea7a89c4d557210f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Nov 2023 01:33:55 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFqMA2%2FOK1DOeiRxObhZoNSlXrdOjkZZmsQd5M9dOo9SiJ66VrtapgW82Zwm846Yyus8YZaFrklnG69cgtaeb90fcgNzGE1LSrr%2FX1vpXx7wuSKmQA8g%2FO%2FQ8%2Fr6G9Ivz6lWaXLwt5gjCTB2g8m7yP0ygfTpxtALNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-ray: 81f06471a8001953-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 rocket-loader.min.js Show response
sukien-freefire.garaena.vn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 23ms
22ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sukien-freefire.garaena.vn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 24 Oct 2023 17:54:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"653804c3-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WuqnIKxNJSJ3wP8AxQLKi7ldU9VwdHoWgrg14C4FRoiDAidJORaRfdfBf5SyjgCNwJOCdoeATkHvS2kOwqnE1T%2FP%2FefZ5QaNzLYr%2BEvC7B9EN30AP%2BxuPPKxcW%2FifTjPyPNvBjkGz7y4ko2fVfNgvVMENICSMfoxpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 81f06471a8021953-FRA
expires: Fri, 03 Nov 2023 01:33:54 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 93ms
49ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://sukien-freefire.garaena.vn/
Origin: https://sukien-freefire.garaena.vn
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:54 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 81f06471fe686acb-FRA

GET
H2 200 5176jTcQ8C0 Show response
www.youtube.com/embed/ Frame D8D2 92 KB
41 KB 138ms
84ms Document
text/html 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/5176jTcQ8C0?controls=0

Requested by

Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4b3bc91c51a19d9a2394dbef6b45484743576fc4e189d39a0171d51537cc9bb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://sukien-freefire.garaena.vn/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Nov 2023 01:33:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
930 B 77ms
29ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Baloo+2:wght@600&display=swap

Requested by

Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

68c7a3b71820f774f641bfe303ed3d34dd9ae59356d595e392aa362222b2d499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 01 Nov 2023 01:33:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 01:33:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Nov 2023 01:33:54 GMT

GET
H3 200 kensine.js Show response
sukien-freefire.garaena.vn/chuongdz/ 21 KB
7 KB 725ms
725ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sukien-freefire.garaena.vn/chuongdz/kensine.js?v=1.0
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22f93c0d8bd9dbeaa97b0990c8d21bc05bb0d2f659049383c012238fcbf31105

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 15 Jul 2022 07:39:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpcZM27tGZLH6hD2y6QruWTV3EY%2F%2BPkros79Syh5Fy39dNBUnda9t7RP2Lrbuu40mt5lgE%2BlWK4i4GU1%2FS3Rpi6%2BHMTsKOhanBhvtH9PE8pQmuAJo5EFXY9rpaP3AK%2FaPq41gTwxGRkXKPRBmdtOrq7uu7KfyD6yWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 81f064726ff1b770-AMS
alt-svc: h3=":443"; ma=86400
priority: u=1,i=?0
expires: Wed, 08 Nov 2023 01:33:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 60ms
13ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:54 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 3564335
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-ams21049-AMS
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1698802435.982708,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 468608, 42648

GET
H2 200 sweetalert2.all.js Show response
cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.11.5/ 76 KB
14 KB 75ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.11.5/sweetalert2.all.js

Requested by

Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4de0464f907f90721557737e22dbadf629ec2f606a0f94e5c9dd1bb6261240

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3025331
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13437
last-modified: Mon, 04 May 2020 16:12:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed1-12ec2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xAw4bGrT4%2FClKaRqMzHF14uCBjXWWfYbLH%2BrlRPiywFLaFcFiL6Ob4Fxc0dsHRrSjmxTvzEbZnuqT5inmL8oLue7KuaA2%2B8NNhwoPPcenT%2FSTL%2FTCALP8QaiCBIX3DsZm1FFZ3ZP13BSmwd3fXdbaDe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 81f06472a80465e0-FRA
expires: Mon, 21 Oct 2024 01:33:54 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 68ms
21ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 10:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 30 Oct 2024 10:20:11 GMT

GET
H2 200 ionic.esm.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 22 KB
6 KB 72ms
26ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js

Requested by

Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03d1744c2909d39fa6dc983ca08bbac1d018427fd4fecfb7ae5029b6f3fd1d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 30246
x-jsd-version: 7.5.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220066-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"5834-8QgyN2N0tnjIQYwEem4sYiZRsGk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a8%2FZBAVN4AK9U%2BkIyZp%2Fhmsu3vWxBFRibFWwtuzJKf6PP7m5069v9l7eOSex2eKKqf%2BwMWEOAjFley9KiIQ%2BYgKyOqZzfGAVYrjGGPsKMhhTzdUiHwWHSYasPo4x9yOkfst%2B8S%2BgoubADcwD3dE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81f06472aac7363c-FRA

GET
H2 200 Free-Fire-Desktop-Wallpaper.jpg
www.kolpaper.com/wp-content/uploads/2020/12/ 408 KB
409 KB 335ms
270ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kolpaper.com/wp-content/uploads/2020/12/Free-Fire-Desktop-Wallpaper.jpg

Requested by

Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

439fd9c373886a6039994ec5e13b5076d5f79f5e14506ea5679232dc0da51832

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Dec 2020 21:09:18 GMT
server: cloudflare
etag: W/"5fcaa57e-6600b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdOLs60GcWhSGGjnoPlAhAyzG9Vp2ycZ8DsG%2FgPfSRYjGGqdAugWNXxTGEQhWH%2BrG44sRyB3hQd0Z3WJ%2BPzgQttDRA%2BWL4wZ9x%2FIPHPDk6lkckJbZJTdJ546%2BO4DPHFrQWCOn5bujrkP3M8BQKl9"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
cf-ray: 81f06472de5c2c5a-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bg.jpg
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 40 KB
41 KB 1255ms
1174ms Image
image/jpeg 23.32.239.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/bg.jpg
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.239.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-239-50.deploy.static.akamaitechnologies.com
Software: OBS /
Resource Hash: 6e540389402e3ced8b111dca3b7f564046e027fdbc472359c9d0e0bced2c346e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 01:33:56 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSezNxxs5IG2nGEErOx0Hxs5DMKaYItl
Last-Modified: Thu, 04 Aug 2022 12:28:54 GMT
Server: OBS
ETag: "b622e31856ae444b6c4a8ce98c953ea0"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
x-obs-request-id: 0000018B67BBD92E98113E99A95FEBB9
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 41015

GET
H/1.1 200
OK bg_icon.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 30 KB
31 KB 2576ms
1655ms Image
image/png 23.32.239.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/bg_icon.png
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.239.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-239-50.deploy.static.akamaitechnologies.com
Software: OBS /
Resource Hash: 33ea0b0fde442c704bb17650b00bf78e84e9eef9664159191df0a6c4850e849c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 01:33:57 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSmb2upCA2KOgjq5VnbEV2Cj5r4AvlG0
Last-Modified: Thu, 04 Aug 2022 12:28:54 GMT
Server: OBS
ETag: "5f0e05495e817397cea2a23208b997e8"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
x-obs-request-id: 0000018AE0FC74C6941C2A0ACDAAEAB2
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 31176

GET
H/1.1 200
OK header.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 58 KB
58 KB 2421ms
1162ms Image
image/png 23.32.239.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/header.png
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.239.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-239-50.deploy.static.akamaitechnologies.com
Software: OBS /
Resource Hash: 73a43e9a3b24f10852bac31ff21a50e65bc24030b0db18afdeba5e632ba81072

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 01:33:57 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS1v9W5phkKbMfGP6Hy8muFkGKiR2o/r
Last-Modified: Thu, 04 Aug 2022 12:28:54 GMT
Server: OBS
ETag: "71057ee2a0c3e2a18ae5b044924a412c"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
x-obs-request-id: 0000018ADAB9ECDF9011D4EFDAC4BABA
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 59341

GET
H/1.1 200
OK arrow.gif
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 4 KB
5 KB 1457ms
1377ms Image
image/gif 23.32.239.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/arrow.gif
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.239.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-239-50.deploy.static.akamaitechnologies.com
Software: OBS /
Resource Hash: 29685bc4737559acc10db79fd9536f3bf301e00ac20c497ed32ae6181e0ab260

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 01:33:56 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSAEVofEeo5Em3QFyhRQLcqnKFVSToVm
Last-Modified: Thu, 04 Aug 2022 12:28:54 GMT
Server: OBS
ETag: "e7ee2c678d2185905b0c5ac3307305ba"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
x-obs-request-id: 0000018AFC36BC4294106EB9465EBCF7
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 4454

GET
H/1.1 200
OK modal.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 167 KB
168 KB 875ms
795ms Image
image/png 23.32.239.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/modal.png
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.239.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-239-50.deploy.static.akamaitechnologies.com
Software: OBS /
Resource Hash: b8c0909154e5245f00756fd4dd8cdf388d279657314b07c550c6227cc7adaaad

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 01:33:55 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSztxjjnTOuGf70OT7FzqFVxO5HwTicV
Last-Modified: Thu, 04 Aug 2022 12:28:54 GMT
Server: OBS
ETag: "e8c82b6614df1742f5739c7f2933bcb9"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
x-obs-request-id: 00000188D24FF01898116B523C629A23
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 171268

GET
H/1.1 200
OK toast.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 5 KB
5 KB 1493ms
1414ms Image
image/png 23.32.239.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/toast.png
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.239.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-239-50.deploy.static.akamaitechnologies.com
Software: OBS /
Resource Hash: 8df3d3b0eaf7487e08932291d8b2a135ad2ecb2e32bcaba6308df2e2fb7e3436

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 01:33:56 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSl4VEpzHSFjMp00pOVpdUmySlCIj6gf
Last-Modified: Thu, 04 Aug 2022 12:28:54 GMT
Server: OBS
ETag: "1970383e1b289caa82622e38d4be9643"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
x-obs-request-id: 0000018B87F4C190941FC2AD7B5BA319
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 4723

GET
H/1.1 200
OK purchase.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 7 KB
8 KB 892ms
820ms Image
image/png 23.32.239.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/purchase.png
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.239.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-239-50.deploy.static.akamaitechnologies.com
Software: OBS /
Resource Hash: c8827f7d38ae66631c5cc479dfb23d23a6131227f9ad8ae838d191aed191660f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 01:33:55 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSaGG7NxFnQFOgCr6p3zq6JHzx72itjX
Last-Modified: Thu, 04 Aug 2022 12:28:54 GMT
Server: OBS
ETag: "f8a1198fc0fd4e19cce68cb98cbd8ab1"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
x-obs-request-id: 0000018B813757D299467198AE998BC2
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 7350

GET
H/1.1 200
OK purchase_g.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 6 KB
7 KB 863ms
791ms Image
image/png 23.32.239.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/purchase_g.png
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.239.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-239-50.deploy.static.akamaitechnologies.com
Software: OBS /
Resource Hash: ba6e1178e628e430d7126f1fadc56ec7ede45d051320c0e8908b9a9de63f8fed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 01:33:55 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCS8QOR3UO57qY4I3OSSYMSHHmg7s3j4H
Last-Modified: Thu, 04 Aug 2022 12:28:54 GMT
Server: OBS
ETag: "030fa1f374bcf291bc5f5d66bcdd1873"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
x-obs-request-id: 0000018ADAB9F51E901E336BE46D8CAC
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 6410

GET
H/1.1 200
OK pool.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 39 KB
39 KB 2155ms
1291ms Image
image/png 23.32.239.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/pool.png
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.239.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-239-50.deploy.static.akamaitechnologies.com
Software: OBS /
Resource Hash: f936df3794653b1a21c936fed39043e31171b84fced1723991a7fb5eac30bc5f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 01:33:57 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSOvG8mK913iB0nnt1W41NBeeTE4FTcx
Last-Modified: Thu, 04 Aug 2022 12:28:54 GMT
Server: OBS
ETag: "404ef9fcf563fb04baa76b6967009967"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
x-obs-request-id: 0000018B6A6D07019146DF94420FE7A6
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 39498

GET
H/1.1 200
OK left_tit.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 6 KB
7 KB 1551ms
658ms Image
image/png 23.32.239.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/left_tit.png
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.239.50 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-239-50.deploy.static.akamaitechnologies.com
Software: OBS /
Resource Hash: 020487b2ceebc26c8d309b0ab94170981c0a3b093eeb85a4dc5737e83e83f4fa

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 01:33:56 GMT
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSxQRyGx+Hk96oi6MUb+QpQgikB3gmzz
Last-Modified: Thu, 04 Aug 2022 12:28:54 GMT
Server: OBS
ETag: "a7be21a739cb627134f7b4f727d22738"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
x-obs-request-id: 0000018B5939468B994EEC388ED1A8DB
x-reserved-indicator: 372
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 6411

GET
H/1.1 200
OK PressStart2P-Regular.ttf
dl.dir.freefiremobile.com/common/web_event/gamingdice/fonts/ 113 KB
114 KB 1195ms
237ms Font
font/ttf 2606:4700::6810:9d24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.dir.freefiremobile.com/common/web_event/gamingdice/fonts/PressStart2P-Regular.ttf
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:9d24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1732cbf0b83525ca6769c3a58d15de73f38122ed8c056ca7e30a6076767ef3d6

Request headers

Referer: https://sukien-freefire.garaena.vn/
Origin: https://sukien-freefire.garaena.vn
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date: Wed, 01 Nov 2023 01:33:56 GMT
CF-Cache-Status: HIT
x-obs-request-id: 0000018AE95572F9901B919813028FC1
Connection: keep-alive
Content-Length: 116008
x-obs-id-2: 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSf03AayZ8t0FKSIxl5QbLowboBITHXh
Last-Modified: Thu, 04 Aug 2022 12:32:15 GMT
Server: cloudflare
ETag: "2c404fd06cd67770807d242b2d2e5a16"
Access-Control-Max-Age: 100
Access-Control-Allow-Methods: GET
Content-Type: font/ttf
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, x-obs-request-id, x-obs-api, Content-Type, Content-Length, Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Expires, x-obs-id-2, x-reserved-indicator, x-obs-version-id, x-obs-copy-source-version-id, x-obs-storage-class, x-obs-delete-marker, x-obs-expiration, x-obs-website-redirect-location, x-obs-restore, x-obs-version, x-obs-object-type, x-obs-next-append-position
x-reserved-indicator: 372
Accept-Ranges: bytes
CF-RAY: 81f06478696abbf1-FRA

GET
H2 200 805AD88C-21B4-02B8-4D75-342F16BCBE43.woff
files7.webydo.com/91/9140034/UploadedFiles/ 20 KB
21 KB 604ms
548ms Font
application/font-woff 2606:4700:3108::ac42:2b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files7.webydo.com/91/9140034/UploadedFiles/805AD88C-21B4-02B8-4D75-342F16BCBE43.woff
Requested by: Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/css/style.css?v=1.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3108::ac42:2b55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bb88750901d69a3639be7393062bb2fdab860e075805eb733c4e547074ff0ea

Request headers

Referer: https://sukien-freefire.garaena.vn/
Origin: https://sukien-freefire.garaena.vn
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:55 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sun, 30 Aug 2015 12:10:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"55e2f2c6-5098"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CUZP7CybkuZghHjOQLQQjEADDybXrqwCyu9%2FAw7Qk2nUY3fNYMxgaCz3waurPMawyURUKDspYW0VFnJ9ulgFiEjO0Frp%2Fwls8DTCaEiZ1aNGOEjKybKgs4clzNx3VzqEPhtn3TYFMHxE6ynrHs9o"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 81f06472cdd61c1e-FRA

GET
H2 200 wXK0E3kTposypRydzVT08TS3JnAmtdjEyppo_lc.woff2
fonts.gstatic.com/s/baloo2/v21/ 19 KB
19 KB 95ms
44ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baloo2/v21/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppo_lc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Baloo+2:wght@600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2646602d0beed6bdf7af300b997903ae1ebf2fac68ccad2539410942814fe97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sukien-freefire.garaena.vn
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 19:17:38 GMT
x-content-type-options: nosniff
age: 368176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19496
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:04:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 19:17:38 GMT

GET
H2 200 wXK0E3kTposypRydzVT08TS3JnAmtdjEyppn_led7Q.woff2
fonts.gstatic.com/s/baloo2/v21/ 5 KB
5 KB 88ms
41ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baloo2/v21/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppn_led7Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Baloo+2:wght@600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12f0cd69f190f7db4c5cd05962c9f56e3c510061e9ca6201bb78776329906d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sukien-freefire.garaena.vn
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Fri, 27 Oct 2023 23:33:29 GMT
x-content-type-options: nosniff
age: 352825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5448
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Oct 2024 23:33:29 GMT

GET
H2 200 www-player.css
www.youtube.com/s/player/0b285984/ Frame D8D2 377 KB
48 KB 21ms
19ms Stylesheet
text/css 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0b285984/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5176jTcQ8C0?controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59640f904cf8abdc7a1d4189f3bb6ab83bfd60a8dd251a0abb5d5d3ab8a11b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/5176jTcQ8C0?controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:47:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2768
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48897
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 01:55:05 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 31 Oct 2024 00:47:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D8D2 15 KB
16 KB 22ms
20ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5176jTcQ8C0?controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Sat, 28 Oct 2023 02:58:03 GMT
x-content-type-options: nosniff
age: 340551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 27 Oct 2024 02:58:03 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D8D2 15 KB
15 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5176jTcQ8C0?controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 18:06:30 GMT
x-content-type-options: nosniff
age: 458844
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Oct 2024 18:06:30 GMT

GET
H2 200 embed.js Show response
www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/ Frame D8D2 54 KB
17 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5176jTcQ8C0?controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

731f6885e3fad5585b6fa119f25c3a4f28f4ea7036b6c48cae554a1b126c31f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/5176jTcQ8C0?controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 20:16:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 01:55:05 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Oct 2024 20:16:41 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/0b285984/www-embed-player.vflset/ Frame D8D2 320 KB
96 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0b285984/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5176jTcQ8C0?controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23cd64209deba79ee3ab329d31eb8838ad83fdede8463828a702fd0fca2ac676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/5176jTcQ8C0?controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 00:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3009
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98088
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 01:55:05 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 31 Oct 2024 00:43:45 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/ Frame D8D2 2 MB
757 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5176jTcQ8C0?controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4564c669a80655c8b2066bb173b7abce15e3f8362660dabaaa85f9ead0305d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/5176jTcQ8C0?controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 20:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18247
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 774827
x-xss-protection: 0
last-modified: Mon, 30 Oct 2023 01:55:05 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 30 Oct 2024 20:29:47 GMT

GET
H2

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame D8D2
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
242 B

31ms
30ms

XHR
application/json

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5176jTcQ8C0?controls=0

Protocol

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d2b430312dd5557ce701f12a994714458770cc736b73859e10564b284505a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Nov 2023 01:33:55 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame D8D2 29 B
495 B 64ms
19ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:20:08 GMT
x-content-type-options: nosniff
age: 827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 01 Nov 2023 01:35:08 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 77ms
30ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 01 Nov 2023 01:33:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D8D2 68 KB
32 KB 35ms
34ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

321298e0501f27c2796d084e45640d939d4b16db23f56b96e2c77730a26d4ad8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 01 Nov 2023 01:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32075
x-xss-protection: 0

GET
H2 200 zEfCWrJsF8GWq2CtYueXG8skkVl11z8HN4Cg9ySc7ro.js Show response
www.google.com/js/th/ Frame D8D2 38 KB
15 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/zEfCWrJsF8GWq2CtYueXG8skkVl11z8HN4Cg9ySc7ro.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc47c25ab26c17c196ab60ad62e7971bcb24915975d73f073780a0f7249ceeba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 09:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14861
x-xss-protection: 0
last-modified: Tue, 10 Oct 2023 07:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 30 Oct 2024 09:12:50 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/5176jTcQ8C0/ Frame D8D2 50 KB
51 KB 141ms
57ms Image
image/webp 2a00:1450:4001:830::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/5176jTcQ8C0/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5176jTcQ8C0?controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c62ad5f22fd40e4f15e13d145121c283db5332f1a8d938b9c85b97346cb0c495

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:55 GMT
x-content-type-options: nosniff
server: sffe
etag: "1688726225"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51680
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Wed, 01 Nov 2023 03:33:55 GMT

GET
DATA 200
OK truncated
/ Frame D8D2 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jz9KhK9T2L6oH-CRdkPskJ3Yu4apExXcDs_0ypH76PxvgcEwruxw7H6jgFhMXLy01AsuatBQ4NM=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame D8D2 4 KB
5 KB 66ms
19ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/jz9KhK9T2L6oH-CRdkPskJ3Yu4apExXcDs_0ypH76PxvgcEwruxw7H6jgFhMXLy01AsuatBQ4NM=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5176jTcQ8C0?controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

48935f9a192c1793eae9bcd0961864dd222ecf3b6204e7d750f232cbcc678abf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 22:49:20 GMT
x-content-type-options: nosniff
age: 9875
content-disposition: inline;filename="channels4_profile.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4544
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 01 Nov 2023 22:49:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu7WxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame D8D2 5 KB
5 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7WxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/5176jTcQ8C0?controls=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:28:10 GMT
x-content-type-options: nosniff
age: 601545
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5224
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Oct 2024 02:28:10 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame D8D2 0
10 B 19ms
18ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?jGbafA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/5176jTcQ8C0?controls=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.youtube.com/embed/5176jTcQ8C0?controls=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 27ms
27ms Preflight
text/html 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Wed, 01 Nov 2023 01:33:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame D8D2 90 B
134 B 30ms
29ms XHR
application/json+protobuf 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/player_ias.vflset/nl_NL/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

29c9fea92f1c567c51906b9ac02dd9e06bab13b2c432ffc99fb150bf8cf41d75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Wed, 01 Nov 2023 01:33:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame D8D2 28 B
54 B 35ms
35ms XHR
application/json 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/0b285984/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
X-Goog-Request-Time: 1698802437396
Content-Type: application/json
X-YouTube-Utc-Offset: 60
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/5176jTcQ8C0?controls=0
X-YouTube-Client-Version: 1.20231029.00.00
X-YouTube-Time-Zone: Europe/Amsterdam
X-Goog-Visitor-Id: Cgt3aGgwbWxUTVlOcyiC1oaqBjIICgJOTBICEgA%3D
X-YouTube-Ad-Signals: dt=1698802435038&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C363%2C184&vis=1&wgl=true&ca_type=image

Response headers

date: Wed, 01 Nov 2023 01:33:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0
expires: Wed, 01 Nov 2023 01:33:57 GMT

GET
H3 200 old.php Show response
sukien-freefire.garaena.vn/pages/ 2 KB
751 B 751ms
751ms XHR
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sukien-freefire.garaena.vn/pages/old.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.33
Resource Hash: 5326e2d5f22f5117970dc632d5793109ffcc7ed356d20d09c7d5ec3a299b8ef7

Request headers

Accept: text/html, */*; q=0.01
Referer: https://sukien-freefire.garaena.vn/
X-Requested-With: XMLHttpRequest
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/7.4.33
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUG1bqE6CVMxqDrgX%2Fz4E2YjuT3bvgYcorrQDKIzNf1rEh1BRmE2dw9CVtYnzDdpvGknm7QvQ3jX7H9WKCreIDasq3ttpYueEH%2FD73FTQLldcJQfRhoaz0y%2BTYGAONyqe3yIALxB4MlTMT6UuyYGnQvy8%2FvPIMMe1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-turbo-charged-by: LiteSpeed
cf-ray: 81f0648999ceb770-AMS
alt-svc: h3=":443"; ma=86400
priority: u=1,i

GET
H2 200 / Show response
na.apps.amsoveasea.com/swoole/ 34 B
171 B 798ms
267ms XHR
text/html 129.226.2.89
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://na.apps.amsoveasea.com/swoole/?actid=2020&r=index/getCountry&_only_service_response_=1
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.2.89 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx /
Resource Hash: ba89bac5ea8c9ed0f18a0b820e187cf1e68ebf4aaef4bd3e1081697aa678cbba

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://sukien-freefire.garaena.vn/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 01 Nov 2023 01:33:59 GMT
content-encoding: gzip
server: nginx
content-length: 53
content-type: text/html

GET
H3 200 ionic.esm.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 22 KB
6 KB 61ms
38ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js

Requested by

Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03d1744c2909d39fa6dc983ca08bbac1d018427fd4fecfb7ae5029b6f3fd1d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sukien-freefire.garaena.vn/
Origin: https://sukien-freefire.garaena.vn
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6251
x-jsd-version: 7.5.2
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230139-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"5834-8QgyN2N0tnjIQYwEem4sYiZRsGk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1kRaj5MqD51ZoiyyYsa9WvrvatW8hTOiXn1YM4VLm3P7hZFGVXoZ1%2F0ZMi%2FjCmMqrNklgntw4QyTBi%2F7%2FgftCjNKaXKnLYuDoAm0u1pbvW5N51HpVjghDb8W5bIXzYlTwtLxpLMxyjwQ67vHsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81f0648ebe0f5d9e-FRA

GET
H2 200 TSXULlg.png
i.imgur.com/ 42 KB
42 KB 23ms
20ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/TSXULlg.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

ef9b9a5bf21d560ea66eb512cd493b6b9942b646f2591028815149711afa71b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: MIA3-P1
age: 1853398
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 42973
x-served-by: cache-iad-kjyo7100055-IAD, cache-fra-etou8220092-FRA
last-modified: Tue, 22 Aug 2023 15:03:00 GMT
server: cat factory 1.0
x-timer: S1698802439.454984,VS0,VE1
etag: "92915cb6530fa57b063c86cc5bd0c928"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: AFBsye59bqDbPpBuF_MhF5LdeH727Et7q24wDXZlN1jWrykYiJgijw==
x-cache-hits: 92, 1

GET
H2 200 tId6xK2.jpg
i.imgur.com/ 6 KB
7 KB 23ms
20ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/tId6xK2.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4e25fa3fd784a6a1bd707310d5df5bc185d7d22a3b7662e6723a213d908a72b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 1571411
x-cache: Miss from cloudfront, HIT, HIT
content-length: 6440
x-served-by: cache-iad-kcgs7200075-IAD, cache-fra-etou8220092-FRA
last-modified: Sat, 28 May 2022 16:37:17 GMT
server: cat factory 1.0
x-timer: S1698802439.455375,VS0,VE1
etag: "ee255378cd76d12de00393ef0ba4b27a"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: ocw4-o141uwRpeiqgNEpChNtgj5jY-vt1QTAvaQ9wyfYI2v80jg5KA==
x-cache-hits: 608, 1

GET
H2 200 AZjTtdO.png
i.imgur.com/ 41 KB
42 KB 65ms
63ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/AZjTtdO.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

19f8fbc2a0a65faefe6f46f87ec2d64c8134da1b970f5a6ca95180e56d9e91f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P2
age: 1882195
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 42403
x-served-by: cache-iad-kiad7000179-IAD, cache-fra-etou8220092-FRA
last-modified: Tue, 22 Aug 2023 15:04:03 GMT
server: cat factory 1.0
x-timer: S1698802439.455759,VS0,VE2
etag: "4eb393299e3246e7c860ae557c77fe30"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: rpzEHWq8ajZFL8gSk1GnNdS8Ydetyi-9nazmN1UD78-9j6xMD0fpbg==
x-cache-hits: 97, 1

GET
H2 200 d9OCO6L.png
i.imgur.com/ 38 KB
39 KB 46ms
44ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/d9OCO6L.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

af0bdfd52c8203eeba006297856a33a14e422d1124d0c12fbe2f39159b6e99cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: JFK50-P6
age: 644055
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 39063
x-served-by: cache-iad-kcgs7200032-IAD, cache-fra-etou8220092-FRA
last-modified: Tue, 22 Aug 2023 15:00:01 GMT
server: cat factory 1.0
x-timer: S1698802439.455769,VS0,VE1
etag: "c96ee7b34af479d431ce081aa7c66df8"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: O-zrOOnrfgJcl3bOHcJes_UfkbFjvOnTQF8WKtbfTRB9WopV1UKDWA==
x-cache-hits: 274, 1

GET
H2 200 xHq0yxZ.png
i.imgur.com/ 46 KB
47 KB 69ms
67ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/xHq0yxZ.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

b24f3e2336fe3406afd07e73fe42c72ee2d710c9769e37c7754503d2487320dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2669325
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 47503
x-served-by: cache-iad-kjyo7100050-IAD, cache-fra-etou8220092-FRA
last-modified: Tue, 22 Aug 2023 15:04:35 GMT
server: cat factory 1.0
x-timer: S1698802439.456037,VS0,VE2
etag: "2fc324bb712c35831872f7c44580944f"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: no2m1ASAN-YivLeA3VqPHPXqzhZk-Dc5DIPytHHBMHZaTZ9ArdXM_Q==
x-cache-hits: 314, 1

GET
H2 200 upjIIWQ.png
i.imgur.com/ 38 KB
38 KB 61ms
59ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/upjIIWQ.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

d7471a52feb940774cd5f9e2224fa90c7fb58fafdc9252051e985ccca436e500

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD12-P2
age: 639724
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 38490
x-served-by: cache-iad-kcgs7200124-IAD, cache-fra-etou8220092-FRA
last-modified: Tue, 22 Aug 2023 15:05:09 GMT
server: cat factory 1.0
x-timer: S1698802439.456025,VS0,VE1
etag: "ed695f5a805edadbb1d6ef0ad41a4181"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: WZFAbmCfIIUqf6lOQmuwX2iwi37EHh3QEKS9-22kaiQYFWStToPTag==
x-cache-hits: 87, 1

GET
H2 200 ZyXiQBO.png
i.imgur.com/ 47 KB
47 KB 68ms
66ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/ZyXiQBO.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

244b1afc1ebd15af6fed16c07bcb830e3ed002058644172aaf4985b5c242a410

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 549670
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 48138
x-served-by: cache-iad-kcgs7200068-IAD, cache-fra-etou8220092-FRA
last-modified: Tue, 22 Aug 2023 15:06:41 GMT
server: cat factory 1.0
x-timer: S1698802439.456022,VS0,VE2
etag: "d157867545bb315fb647d229b7fa5541"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: DkeaGcZ8mGAXJU6igSpVp2x0E2cgqd2pGV947OpmQ0pwN2qbWqsBpw==
x-cache-hits: 313, 1

GET
H2 200 qlpQY5S.jpg
i.imgur.com/ 4 KB
4 KB 48ms
46ms Image
image/jpeg 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/qlpQY5S.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

85838033c78bcce6d2da3e527d9af9d2f425c2c1c79e0ab8151f3e56ebf818bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD89-P1
age: 2501874
x-cache: Miss from cloudfront, HIT, HIT
content-length: 4318
x-served-by: cache-iad-kcgs7200127-IAD, cache-fra-etou8220092-FRA
last-modified: Fri, 15 Jul 2022 14:14:34 GMT
server: cat factory 1.0
x-timer: S1698802439.456011,VS0,VE1
etag: "dcd67e92b329d684c64754415f87bfce"
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: J58dlxPz0Sc1FJ79MFKxz_j2VUpCYQKlmSsO2mv3GCdJJ_UGV7eYtg==
x-cache-hits: 6, 1

GET
H2 200 QRp0OYo.png
i.imgur.com/ 21 KB
21 KB 50ms
48ms Image
image/png 146.75.120.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/QRp0OYo.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

146.75.120.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

0d968c973d442158ba38f113951fc3d40b38d261a73513b67b829b74a818273c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://sukien-freefire.garaena.vn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
x-amz-cf-pop: IAD55-P2
age: 2501284
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT, HIT
content-length: 21539
x-served-by: cache-iad-kcgs7200077-IAD, cache-fra-etou8220092-FRA
last-modified: Tue, 22 Aug 2023 15:07:14 GMT
server: cat factory 1.0
x-timer: S1698802439.456010,VS0,VE1
etag: "ecfceb334569b2ce14e5f7d20f28f901"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-amz-cf-id: FU-3saLc79C1t9Qjd9iAFv7q-YZvBrqYJDy7XMV9POP5rlE87eTs1g==
x-cache-hits: 275, 1

GET
H3 200 p-06ac429a.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 16 KB
8 KB 27ms
27ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-06ac429a.js

Requested by

Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b68b947c88b9f466f76a80264202f355b62183044c7d8ecf603e3d10e4c73973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: https://sukien-freefire.garaena.vn
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17121
x-jsd-version: 7.5.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220064-FRA, cache-jnb7023-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"4117-ZdG5lhrOjZcF26hE4VLLoNSdreE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSmxj3EtfwlhMubloqwMYoQleEnsdqMWK7iZOTQX%2FP7h8t76LP1GTa4S7h%2BiKeKpqXIv3NrFz6IygUg1mWsOpab8RGJl47%2BVA9OPwhznA0tXTtOdGkaNzHmg7hAenPklK1xlQLMkZerAE2k%2FvyU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81f0648efe245d9e-FRA

GET
H3 200 p-181b7c2a.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 121 B
790 B 28ms
27ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-181b7c2a.js

Requested by

Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565f56b6334301fa22ddde5165d7d23d592421316335f6dd0a23bb46e2441910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: https://sukien-freefire.garaena.vn
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17006
x-jsd-version: 7.4.4
content-encoding: br
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230074-FRA, cache-jnb7025-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"79-XANjJk1QrmTlmm+pOlpsjDM41hQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqXJjB1nLdoQAp0zN7%2BZZ4zmT5avcmiUO1i7lJWO76Ce1UVE5kvVyEHuEqC%2Fe4l6yY%2BUQ%2FanzYvgh3pPk1hf5ay0e8jnprkTsUG870rYJkPGLHISbG63fwlzFTe%2FFmQlEJf56ltnJW5MkP9%2Fn78%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81f0648efe265d9e-FRA

GET
H3 200 p-76378400.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 3 KB
2 KB 30ms
29ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-76378400.js

Requested by

Host: sukien-freefire.garaena.vn
URL: https://sukien-freefire.garaena.vn/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d5036773eb11f89876a3bcd5d8ea2adeae65b944373b536cc8fe63d3a75f044

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: https://sukien-freefire.garaena.vn
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17072
x-jsd-version: 7.4.4
content-encoding: br
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220068-FRA, cache-jnb7021-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"cca-pOIfs5g8i5w4EZOkyID/8UvWBQ8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DVtDdYYSVkD9xEFzElVsWVzFNVGTmqY%2BlwUjiyfrfWaU4B2%2FUYJukVamCLMb81fejDHiaEk7ZXVyisbDaG9UiRR8fvS%2FZw%2FJqkZM%2Fu0JsmCBxk9DAnaulYAUL58xESpPxrGjqpDnYoNh0H0FI4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81f0648efe275d9e-FRA

POST
H3 204 rum Show response
sukien-freefire.garaena.vn/cdn-cgi/ 0
149 B 26ms
25ms XHR
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sukien-freefire.garaena.vn/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sukien-freefire.garaena.vn/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
content-type: application/json

Response headers

date: Wed, 01 Nov 2023 01:33:59 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://sukien-freefire.garaena.vn
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 81f0648f4bffb770-AMS

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: h.top4top.io
URL: https://h.top4top.io/p_2016h7ob71.gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: SIqmFGt6PUA
			.youtube.com/	1970-01-20 20:12:34	Name: VISITOR_INFO1_LIVE Value: whh0mlTMYNs

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://h.top4top.io/p_2016h7ob71.gif Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://sukien-freefire.garaena.vn/tan/icon.png Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://sukien-freefire.garaena.vn/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Message: A preload for 'https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
javascript	warning	URL: https://sukien-freefire.garaena.vn/ Message: The resource https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
dl.dir.freefiremobile.com
files7.webydo.com
fonts.googleapis.com
fonts.gstatic.com
freefiremobile-a.akamaihd.net
googleads.g.doubleclick.net
h.top4top.io
i.imgur.com
i.ytimg.com
jnn-pa.googleapis.com
na.apps.amsoveasea.com
static.cloudflareinsights.com
static.doubleclick.net
sukien-freefire.garaena.vn
www.google.com
www.kolpaper.com
www.youtube.com
yt3.ggpht.com
h.top4top.io
129.226.2.89
146.75.120.193
23.32.239.50
2606:4700:3108::ac42:2b55
2606:4700::6810:3965
2606:4700::6810:5814
2606:4700::6810:9d24
2606:4700::6811:180e
2a00:1450:4001:801::200a
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2006
2a00:1450:4001:80f::200e
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2016
2a00:1450:4001:831::2004
2a04:4e42:400::649
2a06:98c1:3120::3
2a06:98c1:3121::3
020487b2ceebc26c8d309b0ab94170981c0a3b093eeb85a4dc5737e83e83f4fa
03d1744c2909d39fa6dc983ca08bbac1d018427fd4fecfb7ae5029b6f3fd1d07
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0d5036773eb11f89876a3bcd5d8ea2adeae65b944373b536cc8fe63d3a75f044
0d968c973d442158ba38f113951fc3d40b38d261a73513b67b829b74a818273c
0dfa6a82824cf2be6bb8543de6ef56b87daae5dd63f9e68c88f02697f94af740
12f0cd69f190f7db4c5cd05962c9f56e3c510061e9ca6201bb78776329906d0a
1732cbf0b83525ca6769c3a58d15de73f38122ed8c056ca7e30a6076767ef3d6
19f8fbc2a0a65faefe6f46f87ec2d64c8134da1b970f5a6ca95180e56d9e91f7
22f93c0d8bd9dbeaa97b0990c8d21bc05bb0d2f659049383c012238fcbf31105
23cd64209deba79ee3ab329d31eb8838ad83fdede8463828a702fd0fca2ac676
23d2b430312dd5557ce701f12a994714458770cc736b73859e10564b284505a6
244b1afc1ebd15af6fed16c07bcb830e3ed002058644172aaf4985b5c242a410
29685bc4737559acc10db79fd9536f3bf301e00ac20c497ed32ae6181e0ab260
29c9fea92f1c567c51906b9ac02dd9e06bab13b2c432ffc99fb150bf8cf41d75
321298e0501f27c2796d084e45640d939d4b16db23f56b96e2c77730a26d4ad8
33ea0b0fde442c704bb17650b00bf78e84e9eef9664159191df0a6c4850e849c
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
432360a0d8577899a613c18a11150cb52fa83c4863e8495d8a5cb03fa431f9f6
439fd9c373886a6039994ec5e13b5076d5f79f5e14506ea5679232dc0da51832
4564c669a80655c8b2066bb173b7abce15e3f8362660dabaaa85f9ead0305d82
48935f9a192c1793eae9bcd0961864dd222ecf3b6204e7d750f232cbcc678abf
4b3bc91c51a19d9a2394dbef6b45484743576fc4e189d39a0171d51537cc9bb5
4e25fa3fd784a6a1bd707310d5df5bc185d7d22a3b7662e6723a213d908a72b0
5107a02a8032e55e3cb1430a5d9f51ca2aaebf0ec027a5d5f698158802152b73
5326e2d5f22f5117970dc632d5793109ffcc7ed356d20d09c7d5ec3a299b8ef7
565f56b6334301fa22ddde5165d7d23d592421316335f6dd0a23bb46e2441910
59640f904cf8abdc7a1d4189f3bb6ab83bfd60a8dd251a0abb5d5d3ab8a11b24
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68c7a3b71820f774f641bfe303ed3d34dd9ae59356d595e392aa362222b2d499
6e540389402e3ced8b111dca3b7f564046e027fdbc472359c9d0e0bced2c346e
731f6885e3fad5585b6fa119f25c3a4f28f4ea7036b6c48cae554a1b126c31f9
73a43e9a3b24f10852bac31ff21a50e65bc24030b0db18afdeba5e632ba81072
7bb88750901d69a3639be7393062bb2fdab860e075805eb733c4e547074ff0ea
85838033c78bcce6d2da3e527d9af9d2f425c2c1c79e0ab8151f3e56ebf818bd
8bdb4322a6170d1d92b43e3be71e72673051835bd52152e216efba7cb4e9e1cb
8df3d3b0eaf7487e08932291d8b2a135ad2ecb2e32bcaba6308df2e2fb7e3436
ae4de0464f907f90721557737e22dbadf629ec2f606a0f94e5c9dd1bb6261240
af0bdfd52c8203eeba006297856a33a14e422d1124d0c12fbe2f39159b6e99cd
b24f3e2336fe3406afd07e73fe42c72ee2d710c9769e37c7754503d2487320dd
b68b947c88b9f466f76a80264202f355b62183044c7d8ecf603e3d10e4c73973
b8c0909154e5245f00756fd4dd8cdf388d279657314b07c550c6227cc7adaaad
ba6e1178e628e430d7126f1fadc56ec7ede45d051320c0e8908b9a9de63f8fed
ba89bac5ea8c9ed0f18a0b820e187cf1e68ebf4aaef4bd3e1081697aa678cbba
c62ad5f22fd40e4f15e13d145121c283db5332f1a8d938b9c85b97346cb0c495
c8827f7d38ae66631c5cc479dfb23d23a6131227f9ad8ae838d191aed191660f
cc47c25ab26c17c196ab60ad62e7971bcb24915975d73f073780a0f7249ceeba
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd9fe9fd674479805f8e5a50145a2d7170e38a4d5a3bf8abea7a89c4d557210f
d2646602d0beed6bdf7af300b997903ae1ebf2fac68ccad2539410942814fe97
d67f2b1a4841f39bdf796522a8b369192e323f27d0e45ac319774330d7dd3cf7
d7471a52feb940774cd5f9e2224fa90c7fb58fafdc9252051e985ccca436e500
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef9b9a5bf21d560ea66eb512cd493b6b9942b646f2591028815149711afa71b6
f936df3794653b1a21c936fed39043e31171b84fced1723991a7fb5eac30bc5f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

sukien-freefire.garaena.vn Open in urlscan Pro 2a06:98c1:3120::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

65 Requests

97 %HTTPS

86 %IPv6

19 Domains

22 Subdomains

22 IPs

3 Countries

2700 kBTransfer

5277 kBSize

2 Cookies

0 Outgoing links

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sukien-freefire.garaena.vn Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

97 %
HTTPS

86 %
IPv6

19
Domains

22
Subdomains

22
IPs

3
Countries

2700 kB
Transfer

5277 kB
Size

2
Cookies

65 HTTP transactions
1 data transactions