garena.randumblox.site Open in urlscan Pro
2606:4700:3037::6815:211  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response garena.randumblox.site/	10 KB 3 KB	814ms 602ms	Document text/html	2606:4700:3037::6815:211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://garena.randumblox.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:211 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.4.33 Resource Hash 5d74fd40d034c75651f8f11efda925e3f914c2811fbfe2f09ad70c5d768fb2af Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8517f7a4e83c4bc3-BUF content-encoding br content-type text/html; charset=UTF-8 date Wed, 07 Feb 2024 01:47:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6UIH9sLSoR6ktbyBWL6glnI2HCvumlN7xTNSiI3HvjO1qSKaPEwJoxhgKRo6rj%2F%2FVyuSVQjB7je9NEVDWA1wQkeCRQsOiqgL2WnRnKFfzEmBf%2Bq2EOKjBFPKKqjjAA4I9uLM3ky%2Fsw2qP0utUd5tw5abRHLq"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-powered-by PHP/7.4.33 x-turbo-charged-by LiteSpeed
GET H2	200	style.css garena.randumblox.site/Theme/Css/	24 KB 5 KB	585ms 583ms	Stylesheet text/css	2606:4700:3037::6815:211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://garena.randumblox.site/Theme/Css/style.css?ver=234 Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:211 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a7a67c8ed925fa570325a6d191554c91dbe6bc0e48221fcdf6323508e49e7b99 Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT content-encoding br cf-cache-status MISS last-modified Fri, 15 Sep 2023 14:03:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bnwVuJWHhYsrk9D1BtiNS2%2BI8cNkDjKrevV72xvkYq%2BIYYaL538AwdrJHdyaEgaWVvNIO7NCu%2FuOsTuM%2Bwxojom6HdFEvnX75yKi6n88NpitzY1C9%2Bwe0JgsERXdd%2BTzpDDEYLhR82aGLE0D%2B4m%2F%2B8zdMbWg"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 8517f7a909ea4bc3-BUF alt-svc h3=":443"; ma=86400 expires Wed, 14 Feb 2024 01:47:53 GMT
GET H2	200	ionic.esm.js Show response cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/	22 KB 6 KB	91ms 29ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 091f04c2fcecf8213ea06d4dbc83c25de7980554abd4f3e58c301db59da0ab0c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://garena.randumblox.site/ Origin https://garena.randumblox.site accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 07 Feb 2024 01:47:53 GMT x-content-type-options nosniff content-encoding br age 7498 x-jsd-version 7.7.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 6048 x-served-by cache-fra-etou8220033-FRA, cache-nyc-kteb1890040-NYC x-jsd-version-type version etag W/"58af-9lK8eiHytgFIVn966kwhCJpUkUc" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	3d8064758e54ec662e076b6ca54aa90e.gif i.pinimg.com/originals/3d/80/64/	477 KB 477 KB	146ms 36ms	Image image/gif	2a04:4e42:78::84 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/originals/3d/80/64/3d8064758e54ec662e076b6ca54aa90e.gif Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:78::84 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 63d02da9b53f88176c43f95f11eafd5ef7e09502a6a7985823ac09c76ca9e38e Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT x-cdn fastly etag "0b0d582996a1f5c784e0950e27bfeadf" vary Origin content-type image/gif cache-control max-age=31536000, immutable accept-ranges bytes alt-svc h3=":443";ma=600 content-length 488334
GET H2	200	title1.png garena.randumblox.site/Theme/Images/	102 KB 102 KB	1103ms 1102ms	Image image/png	2606:4700:3037::6815:211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://garena.randumblox.site/Theme/Images/title1.png Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:211 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b86a9d6fe4017cb6977a43dee203eadb93687a465db14b44be0f8d06d229a199 Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:54 GMT cf-cache-status MISS last-modified Fri, 15 Sep 2023 14:03:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6nCeUeEJTU64zKjFiZ1gXmc%2F9a6PbolEX03cM%2B9AAEGPP6ZX93Rd91XuRbFs7LA4pKt6JBzJHGJNBygS1S98%2Ft4mmEW7IzMGy0C2r83eMzZmQRfP6ggXPWGhbSsNLRlud45rZL6XgKmNC6moYvB%2B6BsVn1%2BO"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 8517f7a909ec4bc3-BUF alt-svc h3=":443"; ma=86400 content-length 104298 expires Wed, 14 Feb 2024 01:47:53 GMT
GET H2	200	vong-quay-kim-cuong.gif hoiquanfreefire.com/wp-content/uploads/2022/06/	2 MB 2 MB	1019ms 270ms	Image image/gif	45.119.83.19 LVSS-AS-VN Long V...
General Check archive.org Show headers Download Go to Show image Full URL https://hoiquanfreefire.com/wp-content/uploads/2022/06/vong-quay-kim-cuong.gif Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 45.119.83.19 , Viet Nam, ASN131386 (LVSS-AS-VN Long Van System Solution JSC, VN), Reverse DNS Software nginx / Resource Hash d9f85d39e4951db122d538f97c2ad5afa6ad63d144d2ce8b55de47154c1c2bd0 Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers pragma public date Wed, 07 Feb 2024 01:47:54 GMT last-modified Sat, 11 Jun 2022 04:36:22 GMT server nginx etag "62a41bc6-184d6f" content-type image/gif cache-control max-age=2592000, public, must-revalidate, proxy-revalidate accept-ranges bytes content-length 1592687 expires Fri, 08 Mar 2024 01:47:54 GMT
GET H2	200	Qpozmt8.jpg i.imgur.com/	6 KB 6 KB	157ms 42ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/Qpozmt8.jpg Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 350071ae405fddbbcdd4d7732f32dd6e3ac86c75e64d7350983247d9d5ab89cd Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD12-P2 age 2390611 x-cache Miss from cloudfront, HIT content-length 6340 x-served-by cache-iad-kjyo7100066-IAD last-modified Fri, 15 Jul 2022 13:59:57 GMT server cat factory 1.0 x-timer S1707270473.277579,VS0,VE4 etag "de3d66cd4772a6c1709f56740b285a36" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id 44EiSTeS3-fj2gfEG69I93B_stcrS6M3H2eJgaRd-TSNjXmXJNG54w== x-cache-hits 1
GET H2	200	tId6xK2.jpg i.imgur.com/	6 KB 7 KB	148ms 33ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/tId6xK2.jpg Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 4e25fa3fd784a6a1bd707310d5df5bc185d7d22a3b7662e6723a213d908a72b0 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD12-P2 age 2432955 x-cache Miss from cloudfront, HIT content-length 6440 x-served-by cache-iad-kjyo7100066-IAD last-modified Sat, 28 May 2022 16:37:17 GMT server cat factory 1.0 x-timer S1707270473.277498,VS0,VE2 etag "ee255378cd76d12de00393ef0ba4b27a" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id ocw4-o141uwRpeiqgNEpChNtgj5jY-vt1QTAvaQ9wyfYI2v80jg5KA== x-cache-hits 1
GET H2	200	7iDXxY0.jpg i.imgur.com/	6 KB 6 KB	159ms 45ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/7iDXxY0.jpg Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 632cc589aa073cddb6dc468216dd32b6ff05313f948fd6cd3f59c96176cf6b60 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-P1 age 867866 x-cache Miss from cloudfront, HIT content-length 6382 x-served-by cache-iad-kjyo7100066-IAD last-modified Sat, 28 May 2022 15:46:51 GMT server cat factory 1.0 x-timer S1707270473.278226,VS0,VE4 etag "f0566e4320ae84107785d057a774ae71" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id vN5t-FesrWS5g5nf7Zu8DO_WT1SddL3C3l4pQq45aLF3mpu40F7HtA== x-cache-hits 1
GET H2	200	5Q2Q9sK.jpg i.imgur.com/	5 KB 6 KB	173ms 60ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/5Q2Q9sK.jpg Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash f4d985876d3a73f251ed09511dd02f8dd0dc706aacad39c96a5e9f2845dec2bc Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop PHL50-C1 age 1883052 x-cache Miss from cloudfront, HIT content-length 5560 x-served-by cache-iad-kjyo7100066-IAD last-modified Fri, 15 Jul 2022 14:02:08 GMT server cat factory 1.0 x-timer S1707270473.278115,VS0,VE20 etag "64e293a61ba7a1bd2f0f74d7c5d1be05" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id af2a88_KzhDlWhZqVVmAkmXV7pZx_RtWNYS0r778uu-lg1IhIPS9Dg== x-cache-hits 1
GET H2	200	kFzOvKB.jpg i.imgur.com/	5 KB 6 KB	153ms 40ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/kFzOvKB.jpg Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 677aff0cc2ca154fbb857b9df9403bb24817d7c4560182c9424fcee889445588 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD12-P2 age 747916 x-cache Miss from cloudfront, HIT content-length 5559 x-served-by cache-iad-kjyo7100066-IAD last-modified Fri, 15 Jul 2022 13:59:57 GMT server cat factory 1.0 x-timer S1707270473.278099,VS0,VE2 etag "57f61cfd334e7ebe297f611db8e3f195" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id 4DM03oq7uqYwwzKTPqqMyQ4ZQwUpr3E3_LoELrWNcb_d_UJSzR7wgg== x-cache-hits 1
GET H2	200	VQh8L4Q.jpg i.imgur.com/	10 KB 10 KB	152ms 38ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/VQh8L4Q.jpg Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash bbae609437d028b997620ba4e85389c1b317534ecb17881b19bc8b4edba08e0d Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop MIA3-P4 age 1239053 x-cache Miss from cloudfront, HIT content-length 9941 x-served-by cache-iad-kjyo7100066-IAD last-modified Sat, 28 May 2022 16:37:17 GMT server cat factory 1.0 x-timer S1707270473.278076,VS0,VE2 etag "760bffe1a5e62cee384c8151889762f1" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id _v7muFEsfsXBz-doBXeAiAQrkFODF9i0VpzHFgjZVRMM_fAvY9hTYw== x-cache-hits 1
GET H2	200	FsDGZCK.jpg i.imgur.com/	7 KB 7 KB	35ms 34ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/FsDGZCK.jpg Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 258285515b232b0115a9065a13177e8f66c45f3ac72bc865bca89eba6d5b87e5 Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD55-P2 age 919862 x-cache Miss from cloudfront, HIT content-length 7229 x-served-by cache-iad-kjyo7100066-IAD last-modified Fri, 15 Jul 2022 14:06:40 GMT server cat factory 1.0 x-timer S1707270473.318878,VS0,VE1 etag "ad7252e86e74c5f900f91c0e062a4e84" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id oHaNCPyLyq_sw6VeQ79llxeWNdqZlIz1hZpDt731xB3v4GgT7crbxg== x-cache-hits 1
GET H2	200	qlpQY5S.jpg i.imgur.com/	4 KB 4 KB	38ms 36ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/qlpQY5S.jpg Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 85838033c78bcce6d2da3e527d9af9d2f425c2c1c79e0ab8151f3e56ebf818bd Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD89-C2 age 546805 x-cache Miss from cloudfront, HIT content-length 4318 x-served-by cache-iad-kjyo7100066-IAD last-modified Fri, 15 Jul 2022 14:14:34 GMT server cat factory 1.0 x-timer S1707270473.319167,VS0,VE1 etag "dcd67e92b329d684c64754415f87bfce" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id SBDfKnCAk3jqTnutcVZT0rjiHwJ4oHJQvnJB1vd1pi0kV9jibdq-Mw== x-cache-hits 1
GET H2	200	Wy3nXTd.jpg i.imgur.com/	4 KB 4 KB	41ms 39ms	Image image/jpeg	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/Wy3nXTd.jpg Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash fb1664074515e90d38b70a6a0d65b8cd3c78a87bd90455d7bf2f0d25a56c13cd Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop IAD12-P2 age 272122 x-cache Miss from cloudfront, HIT content-length 3810 x-served-by cache-iad-kjyo7100066-IAD last-modified Fri, 15 Jul 2022 14:05:10 GMT server cat factory 1.0 x-timer S1707270473.319113,VS0,VE2 etag "ac3623a4685c6aebc3fb0508369224bb" access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id JZXef1SUBWWfzj54Q1Rhoa_c7gzfRH5pieclCziqacxg0ne1Iwbk0w== x-cache-hits 1
GET H2	200	EUV3ile.png i.imgur.com/	4 KB 4 KB	35ms 34ms	Image image/png	146.75.32.193 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.imgur.com/EUV3ile.png Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.32.193 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software cat factory 1.0 / Resource Hash 8bdb4322a6170d1d92b43e3be71e72673051835bd52152e216efba7cb4e9e1cb Security Headers Name Value Strict-Transport-Security max-age=300 X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT strict-transport-security max-age=300 x-content-type-options nosniff x-amz-cf-pop MIA3-P1 age 1182447 x-cache Miss from cloudfront, HIT content-length 4267 x-served-by cache-iad-kjyo7100066-IAD last-modified Thu, 07 Jul 2022 15:08:29 GMT server cat factory 1.0 x-timer S1707270473.319095,VS0,VE1 etag "6c4aeb014b77e39ab3ad74e57048a7c6" access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes x-amz-cf-id XWOoNX1vxOU_4zqVBb8tuFTltNfIT7lAqCxEFEBHlgM4KY-p8qFfzw== x-cache-hits 1
GET H2	200	jquery-3.6.4.min.js Show response garena.randumblox.site/Theme/JS/	165 KB 41 KB	831ms 829ms	Script application/javascript	2606:4700:3037::6815:211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://garena.randumblox.site/Theme/JS/jquery-3.6.4.min.js Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:211 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 900df859d906f3e2f5afa5e2cd77d94edef5238b4ab5536eb6df573ee17c0192 Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT content-encoding br cf-cache-status MISS last-modified Fri, 15 Sep 2023 14:03:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JC9EY1%2Bk6PavCC%2FcPqCL7ybUNlwWyhm4dmQf2sjiU03YLjQ8BqxfLRhelAhziPvNYWlIZKNkdlnUXCUFpRtyL8F9%2BL5C08RegGECHSlsOtMGEW3ks6ntUkYkKoyK6oZiJcHAbHqV9ZoSgt8maAVpj1HvU7J"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 8517f7a93a004bc3-BUF alt-svc h3=":443"; ma=86400 expires Wed, 14 Feb 2024 01:47:53 GMT
GET H2	200	NguyenThanhNam.js Show response garena.randumblox.site/Theme/JS/	5 KB 3 KB	584ms 581ms	Script application/javascript	2606:4700:3037::6815:211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://garena.randumblox.site/Theme/JS/NguyenThanhNam.js?ver=1640 Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:211 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc7158e00b71e2e791bd3e483333cd639caca81fadae0f1f3a53a58be7590f5b Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:53 GMT content-encoding br cf-cache-status MISS last-modified Fri, 15 Sep 2023 14:03:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bbj5EXx6SaOhec%2BlN0v%2B4NV7ldHaqLAWt5kvhKl%2BQnMk%2BStZd0I%2BsSnIrOlaJz46oL8h1j4UVQJDvbcpoPg%2FxNYfYy2zJILripWuQ8x1TbhYY4SOBs6fXxwVo9L1hn2y58IRRLi1V2OGCmc8TAeGgMery8sX"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 8517f7a93a024bc3-BUF alt-svc h3=":443"; ma=86400 expires Wed, 14 Feb 2024 01:47:53 GMT
GET H2	200	p-e1271366.js Show response cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/	17 KB 8 KB	30ms 29ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-e1271366.js Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash ec6b24a9a70a82d4b30ffc2c6df7287c21ad25ceb22f3c3edef904dbf7c08488 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js Origin https://garena.randumblox.site accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 07 Feb 2024 01:47:53 GMT x-content-type-options nosniff content-encoding br age 40374 x-jsd-version 7.6.7 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 7976 x-served-by cache-fra-etou8220056-FRA, cache-nyc-kteb1890040-NYC x-jsd-version-type version etag W/"442d-dRfCN5+BeZoRoHJojeKX9+wDxEM" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	p-341b4519.js Show response cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/	121 B 230 B	34ms 34ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-341b4519.js Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5dee183ee159115d151a5fb3e65b4e080544db863fbe830abd8b3beeded329ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js Origin https://garena.randumblox.site accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 07 Feb 2024 01:47:53 GMT x-content-type-options nosniff content-encoding br age 34952 x-jsd-version 7.7.0 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 111 x-served-by cache-fra-etou8220021-FRA, cache-nyc-kteb1890040-NYC x-jsd-version-type version etag W/"79-9XwrkKBA+xmYbHPsfRVDXT9wGNg" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	p-1aa7c019.js Show response cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/	3 KB 2 KB	35ms 35ms	Script application/javascript	2a04:4e42:600::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-1aa7c019.js Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0fe8dbe9906b0d6103581d941bc1cc94577b5d39b650b7e19bf133aac822f7f4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js Origin https://garena.randumblox.site accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 07 Feb 2024 01:47:53 GMT x-content-type-options nosniff content-encoding br age 40548 x-jsd-version 7.6.7 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 1617 x-served-by cache-fra-etou8220105-FRA, cache-nyc-kteb1890040-NYC x-jsd-version-type version etag W/"cca-ZIuSd8KxE+NXB5+VoP8Z8xMZO1Q" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H2	200	css2 fonts.googleapis.com/	1 KB 930 B	96ms 39ms	Stylesheet text/css	2607:f8b0:4006:80a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Baloo+2:wght@600&amp;display=swap Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/Theme/Css/style.css?ver=234 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 68c7a3b71820f774f641bfe303ed3d34dd9ae59356d595e392aa362222b2d499 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Wed, 07 Feb 2024 01:47:53 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Wed, 07 Feb 2024 01:47:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 07 Feb 2024 01:47:53 GMT
GET H3	200	m-bg-big1.jpg garena.randumblox.site/Theme/Images/	373 KB 374 KB	1099ms 1097ms	Image image/jpeg	2606:4700:3037::6815:211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://garena.randumblox.site/Theme/Images/m-bg-big1.jpg Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/Theme/Css/style.css?ver=234 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:211 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 20481dcadb00e98e296680a824bd217e3148cdf018925aeba9ebe33ee38c1246 Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/Theme/Css/style.css?ver=234 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:54 GMT cf-cache-status MISS last-modified Fri, 15 Sep 2023 14:03:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlvERFTwx0kg6wOlt0%2Fy9%2B4H%2B6ATvl4gQFsrfkCfhQMlMf2vLESWB3kjcFMoSJ8gSxw%2BxdobNtf9SnjjYzlL4H50KCq5qAl6KVUySn7umQCi0sv872jIHqH5Y2vPXmvtlbQ%2Foqldz33wLzAVCIL%2BAZE2nS9a"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 8517f7ad5a854bbb-BUF alt-svc h3=":443"; ma=86400 content-length 382433 expires Wed, 14 Feb 2024 01:47:54 GMT
GET H3	200	bg-navright.png garena.randumblox.site/Theme/Images/	119 KB 120 KB	1100ms 1097ms	Image image/png	2606:4700:3037::6815:211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://garena.randumblox.site/Theme/Images/bg-navright.png Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/Theme/Css/style.css?ver=234 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:211 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e1223740cba10a7f204fb64549538cfa3c75622ec50697b7f692733edbc866c4 Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/Theme/Css/style.css?ver=234 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:54 GMT cf-cache-status MISS last-modified Fri, 15 Sep 2023 14:03:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EqTU2bKPgbMEghvQ60tAEyVF83WoiPtdyMCwAD3UoUN0bSlEVkP%2FmZzsXWccDZLUHv3vm5pqbaHZoGidNzpacncMZe0n%2FeI5p%2BohW%2FAr0xfzHcojfz%2BBc6wT6uqQvpa43tLAYHO8FBLPk7Pgv9ypX2w9TGvB"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 8517f7ad5a884bbb-BUF alt-svc h3=":443"; ma=86400 content-length 122081 expires Wed, 14 Feb 2024 01:47:54 GMT
GET H3	200	btn-dotden.png garena.randumblox.site/Theme/Images/	43 KB 44 KB	1070ms 1068ms	Image image/png	2606:4700:3037::6815:211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://garena.randumblox.site/Theme/Images/btn-dotden.png Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/Theme/Css/style.css?ver=234 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:211 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 117db1905058e71f7c1e0c0dc8a662a7924d155db43017ee069422cc624f977f Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/Theme/Css/style.css?ver=234 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:54 GMT cf-cache-status MISS last-modified Fri, 15 Sep 2023 14:03:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHVkBo5VoTEKaR9%2FOGaNY0ZRt5oF6Fle0hqC17y2cn6sKv1Z8VkDbEQG0Oo6gYCCy8HcaLhxz5Dw8Yck8uHdxHhyBAI0O6E6mX4Zis%2BpCF0yb3%2FOb239uMLSq%2BUfpt%2BQl5oTyVMRuj54MR01JlsA%2FBOgCbNL"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 8517f7ad5a894bbb-BUF alt-svc h3=":443"; ma=86400 content-length 44158 expires Wed, 14 Feb 2024 01:47:54 GMT
GET H/1.1	200 OK	arrow.gif freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/	4 KB 5 KB	368ms 119ms	Image image/gif	23.43.243.153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/arrow.gif Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/Theme/Css/style.css?ver=234 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.43.243.153 Montreal, Canada, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-43-243-153.deploy.static.akamaitechnologies.com Software OBS / Resource Hash 29685bc4737559acc10db79fd9536f3bf301e00ac20c497ed32ae6181e0ab260 Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Wed, 07 Feb 2024 01:47:54 GMT x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSbOB2J3Q5N+j+8ccFqlwuJpkMeR7rzj Last-Modified Thu, 04 Aug 2022 12:28:54 GMT Server OBS ETag "e7ee2c678d2185905b0c5ac3307305ba" Content-Type image/gif Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-obs-request-id 0000018D61216D2E94155378DD337AF7 Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 4454
GET H/1.1	200 OK	modal.png freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/	167 KB 168 KB	404ms 155ms	Image image/png	23.43.243.153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/modal.png Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/Theme/Css/style.css?ver=234 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.43.243.153 Montreal, Canada, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-43-243-153.deploy.static.akamaitechnologies.com Software OBS / Resource Hash b8c0909154e5245f00756fd4dd8cdf388d279657314b07c550c6227cc7adaaad Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Wed, 07 Feb 2024 01:47:54 GMT x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSkqlALqr3hEmDjtx+Bym0AYlVRIYNZN Last-Modified Thu, 04 Aug 2022 12:28:54 GMT Server OBS ETag "e8c82b6614df1742f5739c7f2933bcb9" Content-Type image/png Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-obs-request-id 0000018D5F5BFAD4980D4B6B438016BC Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 171268
GET H3	200	bg-number-all.png garena.randumblox.site/Theme/Images/	44 KB 44 KB	1127ms 1125ms	Image image/png	2606:4700:3037::6815:211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://garena.randumblox.site/Theme/Images/bg-number-all.png Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/Theme/Css/style.css?ver=234 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:211 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e98aa7686607f66850da25c62fa0bd1d506437c0bf4aed5eb3e50f4919fe163a Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/Theme/Css/style.css?ver=234 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:54 GMT cf-cache-status MISS last-modified Fri, 15 Sep 2023 14:03:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUvv%2FjTf4xbLzso9R%2B6lX0b9mrVuOnFOOP%2BZsyxKP7aVdwaotjW5DemZ4qQxl257EU8ZE2lXIW4JeJKhAbnx28zu8icydMYuiQjEDwjjo8MFrUOVMEQF9D%2B%2F0i2b5h74kG7XyJmhHFQx3zwskj2TG96GPMJO"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 8517f7ad5a8b4bbb-BUF alt-svc h3=":443"; ma=86400 content-length 44613 expires Wed, 14 Feb 2024 01:47:54 GMT
GET H/1.1	200 OK	pool.png freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/	39 KB 39 KB	379ms 131ms	Image image/png	23.43.243.153 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/pool.png Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/Theme/Css/style.css?ver=234 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.43.243.153 Montreal, Canada, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-43-243-153.deploy.static.akamaitechnologies.com Software OBS / Resource Hash f936df3794653b1a21c936fed39043e31171b84fced1723991a7fb5eac30bc5f Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Wed, 07 Feb 2024 01:47:54 GMT x-obs-id-2 32AAAQAAEAABAAAQAAEAABAAAQAAEAABCSiYxAwaSAStCrVVLIBPG6o+beRFC0VO Last-Modified Thu, 04 Aug 2022 12:28:54 GMT Server OBS ETag "404ef9fcf563fb04baa76b6967009967" Content-Type image/png Access-Control-Allow-Origin * Cache-Control public, max-age=3600 x-obs-request-id 0000018D5F5BF8DF981086463DF223FC Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 39498
GET H3	200	btn-pink.png garena.randumblox.site/Theme/Images/	12 KB 13 KB	589ms 587ms	Image image/png	2606:4700:3037::6815:211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://garena.randumblox.site/Theme/Images/btn-pink.png Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/Theme/Css/style.css?ver=234 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:211 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e32d798ad35c67cd8ff9c983be6cfb5dc916d2b0d2eae3f7f735985f15dde55f Request headers accept-language en-US,en;q=0.9 Referer https://garena.randumblox.site/Theme/Css/style.css?ver=234 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Wed, 07 Feb 2024 01:47:54 GMT cf-cache-status MISS last-modified Fri, 15 Sep 2023 14:03:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5j3qlUWWI8IuoyLrp2bIxElTlAYJTkNaa0TsATCT%2FNwF%2FHThwlxNBiloaQxj%2FwlQiazlWqIflmj%2FgroyqSlPxy2Kd56n0pv0%2F7al0jQS8N3EnCSKZu%2FbLAhFCfnF%2FmIEg5tf86SHCPGvBtp408l9F%2BP%2BKGgo"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 8517f7ad5a8c4bbb-BUF alt-svc h3=":443"; ma=86400 content-length 12601 expires Wed, 14 Feb 2024 01:47:54 GMT
GET H2	200	wXK0E3kTposypRydzVT08TS3JnAmtdjEyppo_lc.woff2 fonts.gstatic.com/s/baloo2/v21/	19 KB 19 KB	84ms 26ms	Font font/woff2	2607:f8b0:4006:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/baloo2/v21/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppo_lc.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Baloo+2:wght@600&amp;display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d2646602d0beed6bdf7af300b997903ae1ebf2fac68ccad2539410942814fe97 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://garena.randumblox.site accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 05:37:34 GMT x-content-type-options nosniff age 504619 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19496 x-xss-protection 0 last-modified Thu, 24 Aug 2023 21:04:49 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 31 Jan 2025 05:37:34 GMT
GET H2	200	wXK0E3kTposypRydzVT08TS3JnAmtdjEyppn_led7Q.woff2 fonts.gstatic.com/s/baloo2/v21/	5 KB 6 KB	80ms 25ms	Font font/woff2	2607:f8b0:4006:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/baloo2/v21/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppn_led7Q.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Baloo+2:wght@600&amp;display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 12f0cd69f190f7db4c5cd05962c9f56e3c510061e9ca6201bb78776329906d0a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://garena.randumblox.site accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Mon, 05 Feb 2024 04:25:06 GMT x-content-type-options nosniff age 163367 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5448 x-xss-protection 0 last-modified Thu, 24 Aug 2023 21:11:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Feb 2025 04:25:06 GMT
POST H3	404	GraphQL Show response garena.randumblox.site/	1 KB 1 KB	536ms 535ms	XHR text/html	2606:4700:3037::6815:211 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://garena.randumblox.site/GraphQL Requested by Host: garena.randumblox.site URL: https://garena.randumblox.site/Theme/JS/jquery-3.6.4.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:211 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://garena.randumblox.site/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers pragma no-cache date Wed, 07 Feb 2024 01:47:54 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xXVDD%2BWX%2F73e%2FOux8fOxkOOK011sOIthqOo58RSJqV7nWVz6uZ5shmFBydZzEYVBHTMsVN090STm5hSzJWPatSAddbSW1nGC%2F7v%2FfSxODwS%2BtT01wB%2BjsIMblkeoLEWp6%2BDvDi0Uh0geNOSJTu%2FIbXub8vX"}],"group":"cf-nel","max_age":604800} content-type text/html cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed cf-ray 8517f7ae9b134bbb-BUF alt-svc h3=":443"; ma=86400

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| op function| $ function| jQuery object| listchan function| _0x298738 object| _0x2a76 object| nick object| id function| _0x2ad7 function| _0x3472 function| tdck function| yez object| postData function| stFunc object| Ionic

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://garena.randumblox.site/GraphQL Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
freefiremobile-a.akamaihd.net
garena.randumblox.site
hoiquanfreefire.com
i.imgur.com
i.pinimg.com
146.75.32.193
23.43.243.153
2606:4700:3037::6815:211
2607:f8b0:4006:80a::200a
2607:f8b0:4006:81c::2003
2a04:4e42:600::485
2a04:4e42:78::84
45.119.83.19
091f04c2fcecf8213ea06d4dbc83c25de7980554abd4f3e58c301db59da0ab0c
0fe8dbe9906b0d6103581d941bc1cc94577b5d39b650b7e19bf133aac822f7f4
117db1905058e71f7c1e0c0dc8a662a7924d155db43017ee069422cc624f977f
12f0cd69f190f7db4c5cd05962c9f56e3c510061e9ca6201bb78776329906d0a
20481dcadb00e98e296680a824bd217e3148cdf018925aeba9ebe33ee38c1246
258285515b232b0115a9065a13177e8f66c45f3ac72bc865bca89eba6d5b87e5
29685bc4737559acc10db79fd9536f3bf301e00ac20c497ed32ae6181e0ab260
350071ae405fddbbcdd4d7732f32dd6e3ac86c75e64d7350983247d9d5ab89cd
4e25fa3fd784a6a1bd707310d5df5bc185d7d22a3b7662e6723a213d908a72b0
5d74fd40d034c75651f8f11efda925e3f914c2811fbfe2f09ad70c5d768fb2af
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5dee183ee159115d151a5fb3e65b4e080544db863fbe830abd8b3beeded329ff
632cc589aa073cddb6dc468216dd32b6ff05313f948fd6cd3f59c96176cf6b60
63d02da9b53f88176c43f95f11eafd5ef7e09502a6a7985823ac09c76ca9e38e
677aff0cc2ca154fbb857b9df9403bb24817d7c4560182c9424fcee889445588
68c7a3b71820f774f641bfe303ed3d34dd9ae59356d595e392aa362222b2d499
85838033c78bcce6d2da3e527d9af9d2f425c2c1c79e0ab8151f3e56ebf818bd
8bdb4322a6170d1d92b43e3be71e72673051835bd52152e216efba7cb4e9e1cb
900df859d906f3e2f5afa5e2cd77d94edef5238b4ab5536eb6df573ee17c0192
a7a67c8ed925fa570325a6d191554c91dbe6bc0e48221fcdf6323508e49e7b99
b86a9d6fe4017cb6977a43dee203eadb93687a465db14b44be0f8d06d229a199
b8c0909154e5245f00756fd4dd8cdf388d279657314b07c550c6227cc7adaaad
bbae609437d028b997620ba4e85389c1b317534ecb17881b19bc8b4edba08e0d
d2646602d0beed6bdf7af300b997903ae1ebf2fac68ccad2539410942814fe97
d9f85d39e4951db122d538f97c2ad5afa6ad63d144d2ce8b55de47154c1c2bd0
e1223740cba10a7f204fb64549538cfa3c75622ec50697b7f692733edbc866c4
e32d798ad35c67cd8ff9c983be6cfb5dc916d2b0d2eae3f7f735985f15dde55f
e98aa7686607f66850da25c62fa0bd1d506437c0bf4aed5eb3e50f4919fe163a
ec6b24a9a70a82d4b30ffc2c6df7287c21ad25ceb22f3c3edef904dbf7c08488
f4d985876d3a73f251ed09511dd02f8dd0dc706aacad39c96a5e9f2845dec2bc
f936df3794653b1a21c936fed39043e31171b84fced1723991a7fb5eac30bc5f
fb1664074515e90d38b70a6a0d65b8cd3c78a87bd90455d7bf2f0d25a56c13cd
fc7158e00b71e2e791bd3e483333cd639caca81fadae0f1f3a53a58be7590f5b