qua.sukien-freefire-garena.io.vn Open in urlscan Pro
104.21.37.237  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response qua.sukien-freefire-garena.io.vn/	25 KB 7 KB	693ms 325ms	Document text/html	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash a8bfd5a3b5ed44d8d8ca0cb650176577fe6e0f7cf713ae2f648fef9aa81bbdb4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 83f38d1c4a7936a1-YYZ content-encoding br content-type text/html; charset=UTF-8 date Tue, 02 Jan 2024 14:04:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NpnirkTI98NIBOu3oPFP8wldombWMOxnFCXyhvnNf7gaMIQuDBuV7IRZ54xINIlM5gDIQArq%2Fde5PZEccOUgtH3KABRR4DnytclToFT8QSM4bHHoT5eBeEz0wfc9QvWveDJ6bDWodqMapdBm3l%2Fs3ebEJQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by PHP/7.4.33
GET H2	200	style.css qua.sukien-freefire-garena.io.vn/css/	54 B 399 B	44ms 34ms	Stylesheet text/css	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/css/style.css Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2be4bae42532f306435631b10885d8932cbf7a7743dd145481f07df140c9c972 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1291 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U1zRtpWDLwgfZIFSzfyCQyQ9sfmkg0QqZruYHkSlqOnrAllrhs9zXDwWxRo4mcjLiXxQhIO36Zexcnr3lBfIftQoOGsPUn%2BkHVYf71O3OLAESK1AtzYpqlBewvl9KJVrpbwkuAPrPCZ9RfgGAfBUCrzaVw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 83f38d1e6d0936a1-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	animate.css qua.sukien-freefire-garena.io.vn/css/	86 KB 5 KB	48ms 39ms	Stylesheet text/css	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/css/animate.css Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1080f4a2e6306aa8b4c6984402dab47b2c3da7b33aff7deda4efc3642009d9c Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1291 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sghyJG9sNCZ8h8wzEDFRsVfISJaVWPQmOhImoOPKhGVpSHcMziIHEGDgmCr7xRYSh52VsP2FkV8OobbdHSyOQls2GzlPUhCw5grL4proMbnZRZr3mkSd4FcIYLlJxMVmzpJsrbR6cCC36Ax9%2Bcw9QRNUnw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 83f38d1e6d0b36a1-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	facebook.css qua.sukien-freefire-garena.io.vn/css/login/	3 KB 1 KB	48ms 40ms	Stylesheet text/css	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/css/login/facebook.css Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ea56cf9de4b8b2ab86684416378b2a34d654734675919af0dd0e745f0381aaa Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1291 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYGNTiegy17MsdVj1%2Fq4XcyZ%2Bvjoy%2FsBhnIegj1kZLGy35A75EaUfLODQRFKpWAvz4%2FYMhNaPC4XYzFzWCpsOJd7HgkY42sgTVoFnoJ0v0k5MfxnVuYzJTRXYZL%2Fpwex2pV40QFHL1D7uZT7LeOgpmgdVw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 83f38d1e6d0e36a1-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	twitter.css qua.sukien-freefire-garena.io.vn/css/login/	2 KB 796 B	52ms 44ms	Stylesheet text/css	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/css/login/twitter.css Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9f6a677149a6aaa7be49e1cd48a4a4f19877934e291f2148b0566b8f6f49b8dd Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1291 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xI82t2mbS6jQptZPSiTaZrtMy9UPNTbehaT1fg22jj7F1N2xToGu1C%2B56bthVPoaS18Nl0xBCdqf%2BVPD8BwFQi0Em6FKiNPpybBvVQlXAp953XhPs%2BVHw07bSkn4uPJSrWcOAoXIqBlRDRTfdMjCs6jtEw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 83f38d1e6d1036a1-YYZ alt-svc h3=":443"; ma=86400
GET H2	200	font-awesome.min.css stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	109ms 35ms	Stylesheet text/css	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding br cdn-edgestorageid 722 age 24646 cdn-cachedat 11/18/2022 06:18:29 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 last-modified Mon, 25 Jan 2021 22:04:55 GMT cdn-proxyver 1.03 cdn-requestpullcode 200 server cloudflare etag W/"269550530cc127b6aa5a35925a7de6ce" vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * cdn-cache HIT cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cache-control public, max-age=31919000 cdn-requestid b3a57c6aca414a3b87fe0638b631146d timing-allow-origin * cdn-requestcountrycode DE cdn-status 200 cf-ray 83f38d1edb3b542b-YYZ cdn-requestpullsuccess True
GET H2	200	material-design-iconic-font.min.css cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/	69 KB 6 KB	107ms 35ms	Stylesheet text/css	104.17.25.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 3048087 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5845 last-modified Mon, 04 May 2020 16:12:09 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ed9-1149f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BStHXGNord2DfJQXpjByb9e5aVSNbFBh8nAhCuVrwORgMFu%2Bsp%2FICFXyGbCpWhxW6WQ43RKdtlUR3nxj8u6XxnR1gQQOka0%2FMilQpeONDZzYHfmpxzi4DRmxhlYLdOI8Ys2S4J0E"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 83f38d1edd2239f4-YYZ expires Sun, 22 Dec 2024 14:04:27 GMT
GET H2	200	css2 fonts.googleapis.com/	1 KB 930 B	114ms 44ms	Stylesheet text/css	142.250.65.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Baloo+2:wght@600&amp;display=swap Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.170 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f10.1e100.net Software ESF / Resource Hash 68c7a3b71820f774f641bfe303ed3d34dd9ae59356d595e392aa362222b2d499 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 02 Jan 2024 14:04:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 02 Jan 2024 14:04:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 02 Jan 2024 14:04:27 GMT
GET H2	200	css fonts.googleapis.com/	11 KB 942 B	115ms 45ms	Stylesheet text/css	142.250.65.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.65.170 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s71-in-f10.1e100.net Software ESF / Resource Hash 21fa9748efb8c509c94597f75d1784b536bcc05c6df36b25523a51ec14a3c7c4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 02 Jan 2024 14:04:27 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 02 Jan 2024 14:04:27 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 02 Jan 2024 14:04:27 GMT
GET		icon.png sukienbts.garenaa.vn/img/	0 0
GET H2	200	OXCgXLM.png i.imgur.com/	928 KB 929 KB	126ms 37ms	Image image/png	199.232.36.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/OXCgXLM.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.36.193 New York, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 802f8daf3b7cf1a1d80c956f6043782354e5f3e37b9b65b6472bd63c6a795b62 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD61-P2 age 2926558 x-cache Miss from cloudfront, HIT, HIT x-amz-storage-class STANDARD_IA content-length 949901 x-served-by cache-iad-kiad7000112-IAD, cache-lga21921-LGA last-modified Sat, 05 Mar 2022 17:27:49 GMT server cat factory 1.0 x-timer S1704204267.362648,VS0,VE4 etag "8191db081c031e0984b3ec9dbd2d0685" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id j0k8j3qYOrG_h4XPXdLRSm51shUhIW59zKwYoJT8VRI-nf-fn6iKfA== x-cache-hits 22, 1
GET H2	200	btn_music.png qua.sukien-freefire-garena.io.vn/img/other/	4 KB 4 KB	45ms 40ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/other/btn_music.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1963d37fa20e4f9772b36c36c8a8f9b3561b6d7896a4d4a3b8ab4d2a3522ef2d Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1291 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4qZvMRF6ikONNCjZ3ZA6yyJTiY6UlEMviijhf1skYsG5jozPUn7ceKDoSglAXN2olQQaqGWFoq4Mz4v%2FVIvlqKEm1FG0kUS6yL%2BX4qx9Z3%2BYSGRDRFDMJOv5WKDvXpfOe5H5T0cv%2BTMAfCVzqZXjTeOeuA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1e7d1936a1-YYZ alt-svc h3=":443"; ma=86400 content-length 4257
GET H2	200	btn_music_off.png qua.sukien-freefire-garena.io.vn/img/other/	7 KB 7 KB	47ms 42ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/other/btn_music_off.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ccb745639d4eaaa61373fe45c44896f696b20a1f25744aab8e16e2dbeab57c91 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1291 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=69xIEPuytS4GWBtYMLlpCtTUn8y6xcdXt52oHXYD8BA15z6fwA78oAfzUBfKB8SHh4IU3n0rUOjteK6SjdlHjhxyh0AdMPJxeyJFe55PMDiNhCbCVnpYw8AHWZ87eKbcemjVprE%2B4bJiEICXVj5oz2ng8g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1e7d1a36a1-YYZ alt-svc h3=":443"; ma=86400 content-length 7366
GET H2	200	1.png qua.sukien-freefire-garena.io.vn/img/rewards/	301 KB 301 KB	49ms 44ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/rewards/1.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4359ed418f4c1d1d3ad48daaf343244b46a743a3ec3784bbd5ee4e31bce08e11 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1291 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mcrYf%2F%2BqhmXaBsdzWAO8JSwKa2Xqd6geG7Zfx7OBJZGZFJAiSocc9fYyhzo0k1uVQv2Rd6BhwfqkJM6b1inyLcxTkkssHkTCv5cMFthCVvlbM5RLdOstYGnhhfRrcwr2co6Rgs%2B8dPzrosIC%2BWN%2BmdSpBw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1e7d1b36a1-YYZ alt-svc h3=":443"; ma=86400 content-length 307777
GET H2	200	2.png qua.sukien-freefire-garena.io.vn/img/rewards/	133 KB 134 KB	83ms 78ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/rewards/2.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e52deffd6cf56cdc8b3bc5ae9d34b2207db7ab14b9915193c5031d0ab6b1def Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1287 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8wYpowSpQfkTx3qC1Y2kFAOcut%2B1e0Z2ojZrnjd3JrauSWGlnH27yijSjtexLWBtSfZG5b0T78UqqrP%2BV3%2BpJ%2Bwx08WP4mzE3YGtogPTaXQjvx3bQS0QRqgXXBNZAvYzEXtlut%2BpvFsopmZmNFOwuZ7WEA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1e7d1e36a1-YYZ alt-svc h3=":443"; ma=86400 content-length 136569
GET H2	200	3.png qua.sukien-freefire-garena.io.vn/img/rewards/	517 KB 518 KB	81ms 76ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/rewards/3.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a56ac2204dc59c9bd2fc2ad9ed4fb3b6974de997f50d8724d7fc3d152703c6c Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1287 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B9msRct%2FkHSOzwElo40Nn9LqPvHlWo6YNXkwCmlB4UkU5SF84P2iteQv6x0pgVi6APDUofjgYBXwDN1LkRIOlDl%2FP%2B%2BbvRWKDE9XZ4AeStyzgO9e%2FXX%2FNkGmfJkgRD39gc3pUiGSr%2Fb8pJp5C4tdOtLJRg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1e7d2136a1-YYZ alt-svc h3=":443"; ma=86400 content-length 529810
GET H2	200	4.png qua.sukien-freefire-garena.io.vn/img/rewards/	24 KB 24 KB	79ms 75ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/rewards/4.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21726bd5fc26e45158cf2fd69da728d31cb7e939f936c1cf318eae3dbcbb7cd8 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1291 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIIXmRMCgHMymlnvpIqUI0CTWuBKmLKsBO%2FUg%2FqooFU9Nf7D9Zq0Av01npYXDkoIW4KUBIQpK6Djv131UK0m3sFhJAWfRnrsTutjlikOg6WL1R9phro%2FuhFkL7OyR%2BrfwRu1Z%2BtcmFpvuC2DDMeT2I5LIA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1e7d2336a1-YYZ alt-svc h3=":443"; ma=86400 content-length 24640
GET H2	200	5.png qua.sukien-freefire-garena.io.vn/img/rewards/	360 KB 361 KB	83ms 79ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/rewards/5.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3ae0607fe04eaa8294ed2e64a121f3bd37655e26706fcb417d9dc5716fd720a3 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1291 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doY6iO%2BzNuUNUEguO8JVIMHvONkWYODPNn1e5C6SSEyfPdm7mVcRXZ%2FXq9Gt6so9royi083l9taJ2FUr4Fe4PbeGAaemk3yny42sPiMZFbCiRakfGnQb7dueiq1DbwYrWKo%2F8UztquCdskcQqMJWpApzrg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1e8d2836a1-YYZ alt-svc h3=":443"; ma=86400 content-length 368969
GET H2	200	6.png qua.sukien-freefire-garena.io.vn/img/rewards/	74 KB 75 KB	82ms 79ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/rewards/6.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 61297e9743c1f7610a0f16a0b0dae94df226caa3a2479b4dc2b68ea0977d9e45 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1286 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaH5tcJevpmmDoE2qLyGoA8uuRhz0nZZ5%2FUc10duamrej3rIXDLgxyFGkUJ%2F51tYhawm29VTTZ9Aw2tYuQbRmn8n7VCUc%2Blok2UpApC6hTf3howMVq0qVlRt1KiK6vz4ik1BDAoSn%2BUZr92uY7svh5IbBA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1e8d2936a1-YYZ alt-svc h3=":443"; ma=86400 content-length 75985
GET H2	200	7.png qua.sukien-freefire-garena.io.vn/img/rewards/	24 KB 25 KB	82ms 79ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/rewards/7.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0664e5c55ec6822fd75c343fab3b84c339aa460c1d7785d51473d9ec5b7cc74b Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1289 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivW40scKH2GAY0Op0%2Bmua1qnZpkxkbErHDitUD%2F%2BL6B1rle6EqvarYOg8OO1WfmooiELgxuCoSRYukzV4WGKmuqoCsETlceGiG%2Bcj2eKRL1vDj1caSuNMZnlXPh1PTem021N2u1qdl4mFyIyXG746b4E%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1e8d2a36a1-YYZ alt-svc h3=":443"; ma=86400 content-length 25010
GET H2	200	8.png qua.sukien-freefire-garena.io.vn/img/rewards/	32 KB 32 KB	82ms 80ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/rewards/8.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 37dc38d49f71de2602b42789d952582f41621b4db34afadc089daeef08e67a49 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1288 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LI8TW%2BExgkU0Fok3d1UraorLtI63A2DHvXUdErPJjTQaAisP7JoWVxJliApTNapxWdnoNEikOFhbjbwhm3OV4ROUkL11buf7uKELfSNQobv9TKmaBA1l5RoqLaZxwLhX3ZEuabpeHDmYaIL8Wt74eV6fgw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1e8d2b36a1-YYZ alt-svc h3=":443"; ma=86400 content-length 32534
GET H2	200	9.png qua.sukien-freefire-garena.io.vn/img/rewards/	31 KB 32 KB	83ms 80ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/rewards/9.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd3b8b315c5f8b44bbc8535ebb0550b5f8040c9e3088c83062011015fc412e31 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1290 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TAK4JtfeKLAif7F99rj91bql7FKYgLf0vO96N%2BDS1rHOxuYW3PUy2%2B6LeLfV%2BlUZ2jf6SklQKnEZYAemlAZcWmmx8OXwZYp6IwwzlXNkYquc%2FjhcSGBw2zsvNnX1tbvLfsQxwVUAKBLZMR5%2B3G91gZnMwQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1e8d2e36a1-YYZ alt-svc h3=":443"; ma=86400 content-length 32150
GET H2	200	footer_img.png qua.sukien-freefire-garena.io.vn/img/	504 KB 505 KB	83ms 81ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/footer_img.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 619dc7a67df8737317bfb3022ea8d1825720fb5b68dee8d1ad799aec762c661b Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1289 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GD8zWkSVmQokzH3KbgjUycxvuMZG8IoMUWEsQO42N7tojeZvQrcEhIwHdFFheDkJr%2FHDqWWmAiPQsl6T%2BsJrGAIRGgAF5J1Gv9%2F6HZSjUrrDYWqU8EU0ByVA1NZFZUFwvMJzH4DVobgpE11MyHPj05Uqzg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1e8d2f36a1-YYZ alt-svc h3=":443"; ma=86400 content-length 516517
GET		nvn.mp3 sukienbts.garenaa.vn/media/	0 0
GET H3	200	bg_1.jpg qua.sukien-freefire-garena.io.vn/img/	76 KB 76 KB	41ms 41ms	Image image/jpeg	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/bg_1.jpg Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d39d2fce94b27a808e40849427e2c3afecb3d444cffc2ba477ecd2d95eb1b36 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1286 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROg96UqUZRH2ElllW7g3%2F1tOEaO6Y%2F5A5T7gb93Uu8tvSuBeaC0lCeBG1839AkkwfilxlHGJN%2FmZBws57f6U1diri2ZjbBOoePh4t55KoipvILF7zheA1NZBXa0YZSFMfnxdfDVNJs%2F9PIdIqoS45UTDUg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1f28d9a247-YYZ alt-svc h3=":443"; ma=86400 content-length 77787
GET H3	200	s3_tab2.png qua.sukien-freefire-garena.io.vn/img/	18 KB 18 KB	96ms 93ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/s3_tab2.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5b238860f3dafd871576d07d0b4f70de098896fc8d35f441e2bd6a4cfe5a0616 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1286 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFcmJSOlwZ9ZazLrre0dYtMgvF%2BcbkADUVOto8%2BGFru5tFVb8nXkixI9yr%2BdihOsBlYW9%2F713G12NC%2Btquw9ZNIj5XJzznwOqHCRIlDidB9HxSxUfrVzGVBhFUwDyE7v69HE4AYWli0moktHbzQLJTZFpQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1f38e1a247-YYZ alt-svc h3=":443"; ma=86400 content-length 18100
GET H3	200	s3_tab1.png qua.sukien-freefire-garena.io.vn/img/	18 KB 19 KB	121ms 119ms	Image image/png	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://qua.sukien-freefire-garena.io.vn/img/s3_tab1.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ecf31f402dfbc0a8bbcb0399c2099573c206345d32fa74342a5da29cd4d7f1d5 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1286 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GU8vG5JvNf6cCVVFC17ie6b2adDFn4WMrJ0LwF5sdfMzK2VISilNd0EZfbSmhNkyo4jCAI%2FgFtZyR7zxUQVW6JPYJABM6IIEOa%2BIzlSg6afGEqnVfCFGzGeC%2FEopZbdBJmuTwlW8xKt95pYyUoUDyZsqzQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 83f38d1f38e2a247-YYZ alt-svc h3=":443"; ma=86400 content-length 18615
GET H2	200	LYjNdG7kmE0gfaN9pQ.woff2 fonts.gstatic.com/s/teko/v20/	15 KB 15 KB	210ms 43ms	Font font/woff2	142.251.40.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/teko/v20/LYjNdG7kmE0gfaN9pQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s81-in-f3.1e100.net Software sffe / Resource Hash 714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://qua.sukien-freefire-garena.io.vn accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 26 Dec 2023 17:29:14 GMT x-content-type-options nosniff age 592513 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15044 x-xss-protection 0 last-modified Thu, 24 Aug 2023 21:55:11 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 25 Dec 2024 17:29:14 GMT
GET H2	200	wXK0E3kTposypRydzVT08TS3JnAmtdjEyppo_lc.woff2 fonts.gstatic.com/s/baloo2/v21/	19 KB 20 KB	194ms 27ms	Font font/woff2	142.251.40.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/baloo2/v21/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppo_lc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Baloo+2:wght@600&amp;display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s81-in-f3.1e100.net Software sffe / Resource Hash d2646602d0beed6bdf7af300b997903ae1ebf2fac68ccad2539410942814fe97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://qua.sukien-freefire-garena.io.vn accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Wed, 27 Dec 2023 03:42:24 GMT x-content-type-options nosniff age 555723 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19496 x-xss-protection 0 last-modified Thu, 24 Aug 2023 21:04:49 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 26 Dec 2024 03:42:24 GMT
GET H2	200	wXK0E3kTposypRydzVT08TS3JnAmtdjEyppn_led7Q.woff2 fonts.gstatic.com/s/baloo2/v21/	5 KB 5 KB	184ms 50ms	Font font/woff2	142.251.40.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/baloo2/v21/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppn_led7Q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Baloo+2:wght@600&amp;display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.40.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s81-in-f3.1e100.net Software sffe / Resource Hash 12f0cd69f190f7db4c5cd05962c9f56e3c510061e9ca6201bb78776329906d0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://qua.sukien-freefire-garena.io.vn accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 26 Dec 2023 21:37:38 GMT x-content-type-options nosniff age 577609 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5448 x-xss-protection 0 last-modified Thu, 24 Aug 2023 21:11:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 25 Dec 2024 21:37:38 GMT
GET H2	200	opXuESN.png i.imgur.com/	28 KB 28 KB	65ms 63ms	Image image/png	199.232.36.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/opXuESN.png Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.36.193 New York, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD12-P2 age 4827728 x-cache Miss from cloudfront, HIT, HIT content-length 28789 x-served-by cache-iad-kiad7000111-IAD, cache-lga21921-LGA last-modified Sun, 16 Jan 2022 11:22:12 GMT server cat factory 1.0 x-timer S1704204267.493342,VS0,VE2 etag "74190b93fc4f5d88f0c8e6411ba20bd8" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id IyfPsIoGArAiFYzEH7wGHhpJB_xHUnB69PIDbbhrQo2IuR7i-qPR9w== x-cache-hits 867, 1
GET H2	200	Iehzq0fyCTsAMX7_XEUEy8w8RRcgVNmX2UPDVDkqK8ezhl-4qOBOwm7tb7qe7XGYLqQ play-lh.googleusercontent.com/	384 KB 384 KB	285ms 194ms	Image image/png	142.250.176.214 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://play-lh.googleusercontent.com/Iehzq0fyCTsAMX7_XEUEy8w8RRcgVNmX2UPDVDkqK8ezhl-4qOBOwm7tb7qe7XGYLqQ Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.176.214 , United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s37-in-f22.1e100.net Software fife / Resource Hash 8000008611e00dfadca3b363a68e0e7bb7b6b2be69bf15b54c7f6dd1db57d5de Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT x-content-type-options nosniff server fife etag "v1" vary Origin content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control public, max-age=86400, no-transform content-disposition inline;filename="unnamed.png" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 393101 x-xss-protection 0 expires Wed, 03 Jan 2024 14:04:27 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.4.1/	86 KB 31 KB	94ms 25ms	Script text/javascript	142.250.81.234 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.81.234 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga25s74-in-f10.1e100.net Software sffe / Resource Hash 0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Fri, 29 Dec 2023 05:55:44 GMT content-encoding gzip x-content-type-options nosniff age 374923 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30774 x-xss-protection 0 last-modified Mon, 13 May 2019 14:37:17 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 28 Dec 2024 05:55:44 GMT
GET H3	200	tab.js Show response qua.sukien-freefire-garena.io.vn/js/	681 B 721 B	40ms 38ms	Script text/javascript	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/js/tab.js Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 53809ffde67749dccbe986a3278c8ed502ad874395ef669c2d540e70e24965f7 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1291 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qt1iZSsDa6Hhr%2FHRpwj2z1I%2FsWuMMbyJ8%2FZmC9SLyCpgv0Sesk%2BLfWfLDJ8CvvjJLBR1pImJ1WVE0oGeDUuCZQUXHOYJ7o2byguN%2BSWLbNpyMxyDTlfaS2u8szSdIBRExHbyBHvRElNVtPP8YgZ%2FMvwqSQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 83f38d206a17a247-YYZ alt-svc h3=":443"; ma=86400
GET H3	200	timer.js Show response qua.sukien-freefire-garena.io.vn/js/	930 B 671 B	41ms 39ms	Script text/javascript	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/js/timer.js Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f772313555ea50ae371975edc52ab2355adb3b4b924eb787d89036f5c2a515cf Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1286 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quMy0BgSoBeK5yOb%2BfVe1BRr3NfbiGVjMII%2Fap6BmJIJm%2BCTwhiLUIHmokco5%2BgUd3UNJgnAFRMZGWFJ%2Fg14liQMszX3QisUQ321TdhZEXx3gXI0Bo1CsYWL6WQkJk5XHCAqezEH57%2FgNa8J0CPm81Dcdw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 83f38d206a1ca247-YYZ alt-svc h3=":443"; ma=86400
GET H3	200	popup.js Show response qua.sukien-freefire-garena.io.vn/js/	2 KB 1017 B	41ms 40ms	Script text/javascript	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/js/popup.js Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aec6255bad8b4c9f22ed6c9e0fddf1c00a26c6255486e90e192be627a17ef1f4 Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1287 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mzd4QtFfIQUWGEUeVNvna%2B6dt3UD8Au0JXaNoUWBOg7C21xJCkezQNwgkKZNrJnu6PPInd5RrByVG%2B%2FDGgr%2F41PWRy5JpgN1X7HX5Ni2zPcOgJq%2F3M3R5qypnGoIXdKlmPVUcjKe3NnGvvHxz2TzsYASfQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 83f38d206a1da247-YYZ alt-svc h3=":443"; ma=86400
GET H3	200	click.js Show response qua.sukien-freefire-garena.io.vn/js/	52 B 519 B	60ms 59ms	Script text/javascript	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/js/click.js Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 388187ce62e508655d368a1db09eb5a18028b1ee4063cf075b118caca5bdbb3b Request headers accept-language en-US,en;q=0.9 Referer https://qua.sukien-freefire-garena.io.vn/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Response headers date Tue, 02 Jan 2024 14:04:27 GMT content-encoding br cf-cache-status HIT last-modified Fri, 22 Apr 2022 05:12:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1287 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lmrDdYSxQ0kFe%2BK%2FO1JsOt237pHfl9PnXoo44PBmu49ssT4M5ceVNXZc%2F5x%2BC0yfyF302AzbehWOVl5aIbhrRbnrtT1fVII%2FPuSLLbATFYX2o2fx%2FkbkewcgS6duYWb0n2jDqUSRMiuCjn3wMOCEUYm6vA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control max-age=14400 cf-ray 83f38d206a1fa247-YYZ alt-svc h3=":443"; ma=86400
GET H3	404	login.mp3 qua.sukien-freefire-garena.io.vn/media/	0 0	256ms 254ms	Media text/html	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/media/login.mp3 Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://qua.sukien-freefire-garena.io.vn/ Accept-Encoding identity;q=1, *;q=0 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Range bytes=0- Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pL9MMW1seAdKQY62jUk2oIyYc2LzbmIkd2dsYM5TRE9i7DlJfNZdoAjni3dzI1T1LHJm%2FC6NFvxzy5IxEIVVrDllaIRK6cguweWUR3HRmUTszJ4QT4WECMlmmUoBVj5FWWfHS19bsgse795QnmQjJtYRyQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83f38d213b21a247-YYZ alt-svc h3=":443"; ma=86400
GET H3	404	tutup.mp3 qua.sukien-freefire-garena.io.vn/media/	315 B 772 B	263ms 262ms	Media text/html	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/media/tutup.mp3 Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://qua.sukien-freefire-garena.io.vn/ Accept-Encoding identity;q=1, *;q=0 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Range bytes=0- Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2Buwk5WMUSGZ%2B%2FDYLGU4LCx%2FibQiPg9GU90Q2NVxDjkB7cObgJLypSaWoqo6qHrn%2Fk2WmWCkmorrXoXQhjncTdDAvUXo2AyiCiiFNMfL%2BFsBEji43YghPHSM7mJcFjv7Oi6gehhPLoc1Xfn4HyFX%2BF%2BMhg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83f38d213b26a247-YYZ alt-svc h3=":443"; ma=86400
GET H3	404	button.mp3 qua.sukien-freefire-garena.io.vn/media/	0 0	261ms 260ms	Media text/html	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/media/button.mp3 Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://qua.sukien-freefire-garena.io.vn/ Accept-Encoding identity;q=1, *;q=0 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Range bytes=0- Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEa2xFo9KOPNK4fV8awB1%2Bc4w0hl5Il4SPzJ2hVFsr6qXmFKCgrhHM%2Bb4odkcOfml%2Bj4tCzNOifGgBIkUOeFsMPDzpvpKXiBZEqG9oYjFVmsfM0Zg5MnupmcyBQPlqrIxWPNkns1Po%2Bw8gkm1kGG48lIug%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83f38d213b29a247-YYZ alt-svc h3=":443"; ma=86400
GET H3	404	click_new.mp3 qua.sukien-freefire-garena.io.vn/media/	315 B 759 B	279ms 276ms	Media text/html	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/media/click_new.mp3 Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://qua.sukien-freefire-garena.io.vn/ Accept-Encoding identity;q=1, *;q=0 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Range bytes=0- Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N8iwmwkTVbuh0YJtU4ihbs1ysNtS%2FKnnIr7JQbbVi7qDVMH0zf8CdMdk2dOEyNcB6w0H65M9aArRcEdb94dU26rG8CxU9hXd4ForetAdhf4sXEeouF15kH18NxERzQkVHtPr1J2OAvm0DDdax8XnnHeQMQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83f38d214b39a247-YYZ alt-svc h3=":443"; ma=86400
GET H3	404	putaran.mp3 qua.sukien-freefire-garena.io.vn/media/	315 B 771 B	260ms 259ms	Media text/html	104.21.37.237 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://qua.sukien-freefire-garena.io.vn/media/putaran.mp3 Requested by Host: qua.sukien-freefire-garena.io.vn URL: https://qua.sukien-freefire-garena.io.vn/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.37.237 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers Referer https://qua.sukien-freefire-garena.io.vn/ Accept-Encoding identity;q=1, *;q=0 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36 Range bytes=0- Response headers date Tue, 02 Jan 2024 14:04:27 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lo%2BDq9fhgotU34y7QADnU%2FsTyJckrF%2B7c80KEsmYv%2Builumpx9tjJDJGWJMpSqBnOVbrQJ7Vcn4EuuURE9Vw%2BMan9z68Yc4PNxayzyIzIFUc%2FF0KC%2FXnuze1mDb36bmS15lGS8pExdZOcuEaHm5Jo%2F0Hxg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 83f38d214b3da247-YYZ alt-svc h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

sukienbts.garenaa.vn

URL

https://sukienbts.garenaa.vn/img/icon.png

Domain

sukienbts.garenaa.vn

URL

https://sukienbts.garenaa.vn/media/nvn.mp3

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| phonenumber function| validateEmail function| validatepassword function| valid function| $ function| jQuery object| login object| tutup object| button object| click_new object| putaran function| putarkan function| acakHadiah function| pengaturanWaktu function| gaskeun function| putarkan5 function| acakHadiah5 function| pengaturanWaktu5 function| gaskeun5 function| openRewards object| _0x6437 function| validation function| open_reward_confirmation function| open_account_login function| open_facebook function| open_twitter function| tutup_facebook function| tutup_twitter

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://qua.sukien-freefire-garena.io.vn/ Message: Mixed Content: The page at 'https://qua.sukien-freefire-garena.io.vn/' was loaded over HTTPS, but requested an insecure element 'http://sukienbts.garenaa.vn/img/icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qua.sukien-freefire-garena.io.vn/(Line 693) Message: Mixed Content: The page at 'https://qua.sukien-freefire-garena.io.vn/' was loaded over HTTPS, but requested an insecure element 'http://sukienbts.garenaa.vn/img/icon.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://qua.sukien-freefire-garena.io.vn/(Line 693) Message: Mixed Content: The page at 'https://qua.sukien-freefire-garena.io.vn/' was loaded over HTTPS, but requested an insecure element 'http://sukienbts.garenaa.vn/media/nvn.mp3'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://sukienbts.garenaa.vn/img/icon.png Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://sukienbts.garenaa.vn/media/nvn.mp3 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://qua.sukien-freefire-garena.io.vn/media/login.mp3 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://qua.sukien-freefire-garena.io.vn/media/button.mp3 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://qua.sukien-freefire-garena.io.vn/media/tutup.mp3 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://qua.sukien-freefire-garena.io.vn/media/putaran.mp3 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://qua.sukien-freefire-garena.io.vn/media/click_new.mp3 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
play-lh.googleusercontent.com
qua.sukien-freefire-garena.io.vn
stackpath.bootstrapcdn.com
sukienbts.garenaa.vn
sukienbts.garenaa.vn
104.17.25.14
104.18.10.207
104.21.37.237
142.250.176.214
142.250.65.170
142.250.81.234
142.251.40.163
199.232.36.193
0664e5c55ec6822fd75c343fab3b84c339aa460c1d7785d51473d9ec5b7cc74b
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
12f0cd69f190f7db4c5cd05962c9f56e3c510061e9ca6201bb78776329906d0a
1963d37fa20e4f9772b36c36c8a8f9b3561b6d7896a4d4a3b8ab4d2a3522ef2d
21726bd5fc26e45158cf2fd69da728d31cb7e939f936c1cf318eae3dbcbb7cd8
21fa9748efb8c509c94597f75d1784b536bcc05c6df36b25523a51ec14a3c7c4
2be4bae42532f306435631b10885d8932cbf7a7743dd145481f07df140c9c972
2d39d2fce94b27a808e40849427e2c3afecb3d444cffc2ba477ecd2d95eb1b36
2ea56cf9de4b8b2ab86684416378b2a34d654734675919af0dd0e745f0381aaa
37dc38d49f71de2602b42789d952582f41621b4db34afadc089daeef08e67a49
388187ce62e508655d368a1db09eb5a18028b1ee4063cf075b118caca5bdbb3b
3a56ac2204dc59c9bd2fc2ad9ed4fb3b6974de997f50d8724d7fc3d152703c6c
3ae0607fe04eaa8294ed2e64a121f3bd37655e26706fcb417d9dc5716fd720a3
4359ed418f4c1d1d3ad48daaf343244b46a743a3ec3784bbd5ee4e31bce08e11
53809ffde67749dccbe986a3278c8ed502ad874395ef669c2d540e70e24965f7
5b238860f3dafd871576d07d0b4f70de098896fc8d35f441e2bd6a4cfe5a0616
61297e9743c1f7610a0f16a0b0dae94df226caa3a2479b4dc2b68ea0977d9e45
619dc7a67df8737317bfb3022ea8d1825720fb5b68dee8d1ad799aec762c661b
68c7a3b71820f774f641bfe303ed3d34dd9ae59356d595e392aa362222b2d499
714088bef569d6981bfae79530ef315f4d6505f302a944ce9063601919977e6f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e52deffd6cf56cdc8b3bc5ae9d34b2207db7ab14b9915193c5031d0ab6b1def
8000008611e00dfadca3b363a68e0e7bb7b6b2be69bf15b54c7f6dd1db57d5de
802f8daf3b7cf1a1d80c956f6043782354e5f3e37b9b65b6472bd63c6a795b62
9f6a677149a6aaa7be49e1cd48a4a4f19877934e291f2148b0566b8f6f49b8dd
a8bfd5a3b5ed44d8d8ca0cb650176577fe6e0f7cf713ae2f648fef9aa81bbdb4
aec6255bad8b4c9f22ed6c9e0fddf1c00a26c6255486e90e192be627a17ef1f4
b1080f4a2e6306aa8b4c6984402dab47b2c3da7b33aff7deda4efc3642009d9c
ccb745639d4eaaa61373fe45c44896f696b20a1f25744aab8e16e2dbeab57c91
d2646602d0beed6bdf7af300b997903ae1ebf2fac68ccad2539410942814fe97
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
ecf31f402dfbc0a8bbcb0399c2099573c206345d32fa74342a5da29cd4d7f1d5
f772313555ea50ae371975edc52ab2355adb3b4b924eb787d89036f5c2a515cf
fd3b8b315c5f8b44bbc8535ebb0550b5f8040c9e3088c83062011015fc412e31