garenaquafree.com Open in urlscan Pro
2606:4700:3031::6815:76f Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://garenaquafree.com/
Submission: On July 24 via automatic, source phishtank (July 24th 2022, 11:10:53 pm UTC) — Scanned from DE

Summary HTTP 46 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 13 domains to perform 46 HTTP transactions. The main IP is 2606:4700:3031::6815:76f, located in United States and belongs to CLOUDFLARENET, US. The main domain is garenaquafree.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 24th 2022. Valid for: a year.

This is the only time garenaquafree.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:303... 2606:4700:3031::6815:76f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.21.235.194 65.21.235.194	24940 (HETZNER-AS) (HETZNER-AS)
10	151.101.12.193 151.101.12.193	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	23.48.23.63 23.48.23.63	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.48.23.24 23.48.23.24	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	129.226.2.89 129.226.2.89	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
46	13

7 2606:4700:3031::6815:76f (United States)

ASN13335 (CLOUDFLARENET, US)

garenaquafree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.21.235.194 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.194.235.21.65.clients.your-server.de

h.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.12.193 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.kolpaper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.48.23.63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-63.deploy.static.akamaitechnologies.com

freefiremobile-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.48.23.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-24.deploy.static.akamaitechnologies.com

dl.dir.freefiremobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdngarenanow-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

files7.webydo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.226.2.89 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

na.apps.amsoveasea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	akamaihd.net freefiremobile-a.akamaihd.net — Cisco Umbrella Rank: 32778 cdngarenanow-a.akamaihd.net — Cisco Umbrella Rank: 7492	1 MB
10	imgur.com i.imgur.com — Cisco Umbrella Rank: 5853	308 KB
7	garenaquafree.com garenaquafree.com	258 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 424	17 KB
3	gstatic.com fonts.gstatic.com	38 KB
3	freefiremobile.com dl.dir.freefiremobile.com — Cisco Umbrella Rank: 38349	135 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 303 fonts.googleapis.com — Cisco Umbrella Rank: 72	35 KB
1	amsoveasea.com na.apps.amsoveasea.com — Cisco Umbrella Rank: 150225	176 B
1	webydo.com files7.webydo.com	21 KB
1	kolpaper.com www.kolpaper.com	409 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 613	30 KB
1	top4top.io h.top4top.io	85 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 226	14 KB
46	13

	Domain	Requested by
10	freefiremobile-a.akamaihd.net	garenaquafree.com
10	i.imgur.com	garenaquafree.com
7	garenaquafree.com	garenaquafree.com code.jquery.com
4	cdn.jsdelivr.net	garenaquafree.com
3	fonts.gstatic.com	fonts.googleapis.com
3	dl.dir.freefiremobile.com	garenaquafree.com
1	na.apps.amsoveasea.com	code.jquery.com
1	cdngarenanow-a.akamaihd.net	garenaquafree.com
1	files7.webydo.com	garenaquafree.com
1	www.kolpaper.com	garenaquafree.com
1	fonts.googleapis.com	garenaquafree.com
1	code.jquery.com	garenaquafree.com
1	h.top4top.io	garenaquafree.com
1	cdnjs.cloudflare.com	garenaquafree.com
1	ajax.googleapis.com	garenaquafree.com
46	15

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-24` - `2023-05-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
top4top.io R3	`2022-07-13` - `2022-10-11`	3 months	crt.sh
*.imgur.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-03-16`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
dl.kgtw.garenanow.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
na.apps.amsoveasea.com TrustAsia RSA DV TLS CA G2	`2022-05-17` - `2023-05-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://garenaquafree.com/
Frame ID: EFA8E005B06B747A743FE0C5670BA0E2
Requests: 46 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

GARENA FREE FIRE

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

46
Requests

100 %
HTTPS

62 %
IPv6

13
Domains

15
Subdomains

13
IPs

5
Countries

2399 kB
Transfer

2625 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
garenaquafree.com/ 8 KB
3 KB 395ms
365ms Document
text/html 2606:4700:3031::6815:76f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garenaquafree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:76f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e80ab504487a45fe9d4524d84fc04675afd60d3ddf2d7b99c74aee6c941dfb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 730054292e5090c7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 24 Jul 2022 23:10:21 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGFZIOqOj0BLEnlGN4CB97EV79H0LsAUg4Y%2FjLmqAubF3OPS8rQqkn2WyfpxJOVRlu%2BtedOX%2FlgWAZUD%2BZXj8Hb8QP9rfNYTy%2BipEIwIBX4r7bCLRCgNO0fgv7MTbpBc6TMAUd7NKCcjBAZnCigATA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 style.css
garenaquafree.com/css/ 23 KB
5 KB 350ms
349ms Stylesheet
text/css 2606:4700:3031::6815:76f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garenaquafree.com/css/style.css?v=3
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:76f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6ce950c644353eb73cbf7b1bed563cefbb0a3b91bb91a5a5aa0e930f0e34116

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 24 Jun 2022 02:58:17 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZfqO2EoTLhD1k7cYUDrLcur8jz95UU%2BvgdrR9KCnRXSFpqYM%2FjW%2BibCluUS7l7ysaC31CndJDPzcZ0ASfnhUmxd2LMQGlSuTXTI8r%2F4BGdSaoUKxw%2FbfiV%2F7kjKicHlcG%2BOCHgU4gUMIe426i9CFg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7300542b7f4490c7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 31 Jul 2022 23:10:22 GMT

GET
H2 200 ionic.esm.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 19 KB
6 KB 35ms
15ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a578b59eb4b32abeccfda98e4803db90cb6ddd7895a9c7bae15004b2569261c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://garenaquafree.com/
Origin: https://garenaquafree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18764
x-jsd-version: 6.1.15
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19134-FRA, cache-itm18840-ITM
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4a84-xHHVk4ncCOGd6AV5iLko2kkIW3Y"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sW%2F3%2BEFmW%2FkqDMdCPvGdTJK%2BieEg2tTUXkyVvitbyTs0qa%2B39%2BnChmLPjK7qIuCMtENiLxMId%2BJ52ZpZZjKtbHEW1omsxsnd8LrIOKyTVC9I6QX5oBfrYnBlTuSOXiNrmrrvPOiy%2FucMUB0mcSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7300542b99c9696f-FRA
access-control-expose-headers: *

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 22:42:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1697
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jul 2023 22:42:05 GMT

GET
H2 200 sweetalert2.all.js Show response
cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.11.5/ 76 KB
14 KB 32ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/6.11.5/sweetalert2.all.js

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae4de0464f907f90721557737e22dbadf629ec2f606a0f94e5c9dd1bb6261240

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7760024
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13437
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed1-12ec2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yA7%2BvaCi92b4alMVjl7crZ51HR9R0d9Q22m8fGD3AqyogMuUQWTZ1v0rXPE1yDdazKxAG52PdfPF2t5OVFJqRXCINFOwz4N72GSvRwjAdF5sVyGuZ97H4isv%2B07lsRJG3ngSjy3ao2gU%2Fu%2FzupPLXWlQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7300542b99cb9213-FRA
expires: Fri, 14 Jul 2023 23:10:22 GMT

GET
H2 200 p_2016h7ob71.gif
h.top4top.io/ 85 KB
85 KB 128ms
58ms Image
image/gif 65.21.235.194
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.top4top.io/p_2016h7ob71.gif
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.194.235.21.65.clients.your-server.de
Software: nginx /
Resource Hash: f2d0dae13baddb4ef853a0ea61bafaa18f9db27317019673a000df156ad86f92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-file-id: x39388555x
date: Sun, 24 Jul 2022 23:10:22 GMT
last-modified: Fri, 09 Jul 2021 10:29:09 GMT
server: nginx
etag: "60e824f5-15386"
content-type: image/gif
cache-control: max-age=7200
content-disposition: inline; filename="ezgif.com-gif-maker.gif"
accept-ranges: bytes
content-length: 86918
expires: Mon, 25 Jul 2022 01:10:22 GMT

GET
H2 200 OXdMMeV.jpg
i.imgur.com/ 236 KB
236 KB 33ms
10ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/OXdMMeV.jpg

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

b673e2b5804831830d722315f5d889bb3cadc09f514c97825a48692148772b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:22 GMT
x-content-type-options: nosniff
age: 2209961
x-cache: HIT, HIT
content-length: 241206
x-served-by: cache-iad-kiad7000118-IAD, cache-fra19180-FRA
last-modified: Sat, 28 May 2022 16:49:21 GMT
server: cat factory 1.0
x-timer: S1658704222.406046,VS0,VE2
etag: "4dee09c3573774f67e5d5f47c8908a16"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H3 200 1.jpg
garenaquafree.com/assets/incu/ 213 KB
214 KB 632ms
632ms Image
image/jpeg 2606:4700:3031::6815:76f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garenaquafree.com/assets/incu/1.jpg
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:76f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 432360a0d8577899a613c18a11150cb52fa83c4863e8495d8a5cb03fa431f9f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:23 GMT
cf-cache-status: MISS
last-modified: Tue, 05 Apr 2022 19:13:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lwf70j1O05hzl2maj7wkLu1Jo9RORomYoc6QX7fm23Uozum9HMuAuN7fbFxdbCv3eU1LAKWsX%2FAzGIbvawABWqlw0ml%2Byni1w63t%2BCfV6RzgJpgMrKZiLH6O1gIbNE%2FEfiUk2yXb8UB6%2BMkrgPI9Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7300542def5d9279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 218095
expires: Sun, 31 Jul 2022 23:10:22 GMT

GET
H3 200 facebook_text.png
garenaquafree.com/assets/img/ 28 KB
29 KB 535ms
535ms Image
image/png 2606:4700:3031::6815:76f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garenaquafree.com/assets/img/facebook_text.png
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:76f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:22 GMT
cf-cache-status: MISS
last-modified: Tue, 05 Apr 2022 19:13:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gwBfjVBpRmMsbzqlh1cXik9PYhJs6757Eq5CaxkgM7rXFuLa8qbJYxS%2Bjly5GAEkN7uWBkCUTuk%2B5P2uokIzVDqm5Fj3EeVpCnmUMbP4%2F2SnQcsvcRuGyeTROrtasLD%2BYpgQjlHmAhWlIjRHyQ6GHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7300542def5f9279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28789
expires: Sun, 31 Jul 2022 23:10:22 GMT

GET
H3 404 icon.png
garenaquafree.com/tan/ 708 B
708 B 344ms
343ms Image
text/html 2606:4700:3031::6815:76f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://garenaquafree.com/tan/icon.png
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:76f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Jul 2022 23:10:22 GMT
content-encoding: br
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xLDA2EGGiiIWtePNHstSUXSqYB7AWBC3FLRbkkN8zpQvuYypu4JP%2BpfSRBLszfIOFsLJW15tk8L3ncaIUEvJS6Yn2Yu0ZrF7JKsDnQ%2BwDhAUdpBVB4ntza4N3Oz168e567TlIgLmtUtZCDa3VDydGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
cf-ray: 7300542def619279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 45ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:22 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1658704222.dop201.fr8.t,1658704222.cds055.fr8.hn,1658704222.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H3 200 kensine.js Show response
garenaquafree.com/chuongdz/ 20 KB
7 KB 355ms
355ms Script
application/javascript 2606:4700:3031::6815:76f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garenaquafree.com/chuongdz/kensine.js?v=1.0
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:76f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44b2eac6db4b830e5c9e6cb26aa0c9d866dcb6f3e7cec0c14033a4a3e1470690

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:22 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 25 Jun 2022 01:34:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jEKGCTIKJCkwRNpDcJjlrfFSIZiQZblKafgtcoHovYvTjHDcAKItebrNXeyu9B%2Fy0cKj9cPJS9ZwDxK37AhrpDLATW4BYX49vT0xBx92N8RZ1wwN0bFSFvj17EQIu0GQiWcsrOsRrTa7WRTugFgpUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 7300542c4e4e9279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sun, 31 Jul 2022 23:10:22 GMT

GET
H3 200 p-48f74811.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 15 KB
8 KB 27ms
15ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-48f74811.js

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c54bdbd08da4ee85a0bae7af657e393c217f9d86cf44341a541f60be58702f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: https://garenaquafree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34760
x-jsd-version: 6.1.8
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19139-FRA, cache-hhn4033-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"3c7d-qy0EFwHa9vkaePhr9/fQXa2RnnA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltR7U6W49iI2mw2b7FmfBaRSrPmuisfZxCR1hCW0HMKRr7tp7TGKWKXpChgxRoeHystdKx0vMp35Wt%2FxGmfHi3L%2B17rh65QCK4VNhGmDwJM5%2BkSSuhUh8wmFIR3o6%2B9s3alF%2BFLy8bMT%2BrQXAk4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7300542bcdc7698b-FRA

GET
H3 200 p-234204d1.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 121 B
873 B 27ms
16ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-234204d1.js

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b81acf85faf238b5137223deb58217d72010480c62dfd614ad09661d9f1ae278

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: https://garenaquafree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34760
x-jsd-version: 6.1.8
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA, cache-itm18843-ITM
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"79-9bQkq+HhE17L4Ui3Tg1tGrR5K7U"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQgTyRqNNU%2BzirN4fJx78zuGZGt13ABadFMNcEfwk5ZI%2Bong58hvvZzZFU35w2Er%2BJHHNJUI%2FfLB3IG1MUrD4%2BkpEP%2F9C6Wwzs4A6zsYpmVV2YaM7J3opZcrjcMiTt6%2FbLOPnB1Y8JdRQl1Rqwc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7300542bcdc9698b-FRA
access-control-expose-headers: *

GET
H3 200 p-0d7ac9e6.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 3 KB
2 KB 34ms
23ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-0d7ac9e6.js

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8de0df5d1a7a0ff33b9ced7a50a4d482aaf09710cc78b8bded5e2f17f06bbe31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: https://garenaquafree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 34760
x-jsd-version: 6.1.8
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19127-FRA, cache-hhn4055-HHN
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"ce5-vLS/iL+7Tapa6WPjva6P1Ofqgf0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcYuhbp9blpliJDLUCPE5Ajg%2FCz04fS4PLPW0mWZ6LHDhJdlPL0Ptp805O2vuFkull7IbFXGwkr%2Bk8SXyd3cF0bewowAmzNhO1pMLZqMNIRBT6bBOKUKxEENzgYYZrVSVDs%2F2AEfKVP8G8IJ7S4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 7300542bcdcb698b-FRA

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
748 B 23ms
16ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Baloo+2:wght@600&display=swap

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c5abc921c9ac30248b7654de7e956f8fe66d1e54a7b3ec731600d35635c138c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Jul 2022 23:10:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Jul 2022 23:10:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Jul 2022 23:10:22 GMT

GET
H2 200 Free-Fire-Desktop-Wallpaper.jpg
www.kolpaper.com/wp-content/uploads/2020/12/ 408 KB
409 KB 43ms
15ms Image
image/jpeg 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kolpaper.com/wp-content/uploads/2020/12/Free-Fire-Desktop-Wallpaper.jpg

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

439fd9c373886a6039994ec5e13b5076d5f79f5e14506ea5679232dc0da51832

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 430794
x-cache: HIT from Backend
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 04 Dec 2020 21:09:18 GMT
server: cloudflare
etag: W/"5fcaa57e-6600b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouxlzAmkEURZThwrGT8W6GLI9OsMLRyj0qmDHTobEcy5lPTK%2FrDPls5nEHLfcyCuu4CRUcjZZyWHfOokIjgwR5wl44SLw%2FWdT%2BA%2FB60xBugohRk1T8P4iA8p%2FUbchUZAu8FH3INTJgt0LhAJ6PHa"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 7300542e19256955-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bg.jpg
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 40 KB
40 KB 71ms
10ms Image
image/jpeg 23.48.23.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/bg.jpg
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-63.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6e540389402e3ced8b111dca3b7f564046e027fdbc472359c9d0e0bced2c346e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 23:10:22 GMT
Last-Modified: Tue, 26 Apr 2022 06:20:49 GMT
Server: AkamaiNetStorage
ETag: "b622e31856ae444b6c4a8ce98c953ea0:1650954049.574072"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 41015

GET
H/1.1 200
OK bg_icon.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 30 KB
31 KB 73ms
12ms Image
image/png 23.48.23.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/bg_icon.png
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-63.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 33ea0b0fde442c704bb17650b00bf78e84e9eef9664159191df0a6c4850e849c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 23:10:22 GMT
Last-Modified: Tue, 26 Apr 2022 06:20:46 GMT
Server: AkamaiNetStorage
ETag: "5f0e05495e817397cea2a23208b997e8:1650954046.546329"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 31176

GET
H/1.1 200
OK header.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 58 KB
58 KB 87ms
11ms Image
image/png 23.48.23.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/header.png
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-63.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 73a43e9a3b24f10852bac31ff21a50e65bc24030b0db18afdeba5e632ba81072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 23:10:22 GMT
Last-Modified: Tue, 26 Apr 2022 06:20:45 GMT
Server: AkamaiNetStorage
ETag: "71057ee2a0c3e2a18ae5b044924a412c:1650954045.09411"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 59341

GET
H/1.1 200
OK arrow.gif
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 4 KB
5 KB 86ms
10ms Image
image/gif 23.48.23.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/arrow.gif
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-63.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 29685bc4737559acc10db79fd9536f3bf301e00ac20c497ed32ae6181e0ab260

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 23:10:22 GMT
Last-Modified: Tue, 26 Apr 2022 06:20:48 GMT
Server: AkamaiNetStorage
ETag: "e7ee2c678d2185905b0c5ac3307305ba:1650954048.90333"
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 4454

GET
H/1.1 200
OK modal.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 167 KB
168 KB 780ms
704ms Image
image/png 23.48.23.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/modal.png
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-63.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b8c0909154e5245f00756fd4dd8cdf388d279657314b07c550c6227cc7adaaad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 23:10:23 GMT
Last-Modified: Tue, 26 Apr 2022 06:20:45 GMT
Server: AkamaiNetStorage
ETag: "e8c82b6614df1742f5739c7f2933bcb9:1650954045.88108"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 171268

GET
H/1.1 200
OK toast.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 5 KB
5 KB 87ms
11ms Image
image/png 23.48.23.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/toast.png
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-63.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8df3d3b0eaf7487e08932291d8b2a135ad2ecb2e32bcaba6308df2e2fb7e3436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 23:10:22 GMT
Last-Modified: Tue, 26 Apr 2022 06:20:45 GMT
Server: AkamaiNetStorage
ETag: "1970383e1b289caa82622e38d4be9643:1650954045.247212"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 4723

GET
H/1.1 200
OK purchase.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 7 KB
8 KB 56ms
11ms Image
image/png 23.48.23.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/purchase.png
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-63.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c8827f7d38ae66631c5cc479dfb23d23a6131227f9ad8ae838d191aed191660f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 23:10:22 GMT
Last-Modified: Tue, 26 Apr 2022 06:20:47 GMT
Server: AkamaiNetStorage
ETag: "f8a1198fc0fd4e19cce68cb98cbd8ab1:1650954047.364735"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 7350

GET
H/1.1 200
OK purchase_g.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 6 KB
7 KB 57ms
13ms Image
image/png 23.48.23.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/purchase_g.png
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-63.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ba6e1178e628e430d7126f1fadc56ec7ede45d051320c0e8908b9a9de63f8fed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 23:10:22 GMT
Last-Modified: Tue, 26 Apr 2022 06:20:45 GMT
Server: AkamaiNetStorage
ETag: "030fa1f374bcf291bc5f5d66bcdd1873:1650954045.352173"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 6410

GET
H/1.1 200
OK pool.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 39 KB
39 KB 56ms
11ms Image
image/png 23.48.23.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/pool.png
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-63.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f936df3794653b1a21c936fed39043e31171b84fced1723991a7fb5eac30bc5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 23:10:22 GMT
Last-Modified: Tue, 26 Apr 2022 06:20:45 GMT
Server: AkamaiNetStorage
ETag: "404ef9fcf563fb04baa76b6967009967:1650954045.613205"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 39498

GET
H/1.1 200
OK left_tit.png
freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/ 6 KB
7 KB 56ms
12ms Image
image/png 23.48.23.63
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/b1get2/images/left_tit.png
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-63.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 020487b2ceebc26c8d309b0ab94170981c0a3b093eeb85a4dc5737e83e83f4fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 23:10:22 GMT
Last-Modified: Tue, 26 Apr 2022 06:20:47 GMT
Server: AkamaiNetStorage
ETag: "a7be21a739cb627134f7b4f727d22738:1650954047.686132"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 6411

GET
H/1.1 200
OK PressStart2P-Regular.ttf
dl.dir.freefiremobile.com/common/web_event/gamingdice/fonts/ 113 KB
114 KB 76ms
8ms Font
font/ttf 23.48.23.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dl.dir.freefiremobile.com/common/web_event/gamingdice/fonts/PressStart2P-Regular.ttf
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1732cbf0b83525ca6769c3a58d15de73f38122ed8c056ca7e30a6076767ef3d6

Request headers

Referer: https://garenaquafree.com/
Origin: https://garenaquafree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 23:10:22 GMT
Last-Modified: Tue, 29 Mar 2022 04:34:49 GMT
Server: AkamaiNetStorage
ETag: "2c404fd06cd67770807d242b2d2e5a16:1648528489.041381"
Content-Type: font/ttf
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 116008

GET
H2 200 805AD88C-21B4-02B8-4D75-342F16BCBE43.woff
files7.webydo.com/91/9140034/UploadedFiles/ 20 KB
21 KB 415ms
385ms Font
application/font-woff 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://files7.webydo.com/91/9140034/UploadedFiles/805AD88C-21B4-02B8-4D75-342F16BCBE43.woff
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bb88750901d69a3639be7393062bb2fdab860e075805eb733c4e547074ff0ea

Request headers

Referer: https://garenaquafree.com/
Origin: https://garenaquafree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:22 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1762
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 30 Aug 2015 12:10:46 GMT
server: cloudflare
etag: W/"55e2f2c6-5098"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TeXeV6Hkvi4nuP3DR0xXsBhx02F11EPMDf3LCc%2BKIUukTn6xcC3VR51bjT77OiqIb4r5INjRV2Cc0GldlhpYseKf8EVdL48oyuY%2B8HqJE315hWcYah83360sOi1Si1MJefmeu1EzCJF8PPh7va51yg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=2678400
cf-ray: 7300542e1ef59b88-FRA

GET
H2 200 wXK0E3kTposypRydzVT08TS3JnAmtdjEyppo_lc.woff2
fonts.gstatic.com/s/baloo2/v14/ 18 KB
19 KB 44ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baloo2/v14/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppo_lc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Baloo+2:wght@600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb8f68913c961d410bd8216c89008c183516309899999862829fd837b98020c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://garenaquafree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 18:43:23 GMT
x-content-type-options: nosniff
age: 361619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18648
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:20:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 18:43:23 GMT

GET
H2 200 wXK0E3kTposypRydzVT08TS3JnAmtdjEyppm_led7Q.woff2
fonts.gstatic.com/s/baloo2/v14/ 14 KB
14 KB 37ms
9ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baloo2/v14/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppm_led7Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Baloo+2:wght@600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcc493ff4d9cb4be491209c750b46025bdec913bb3f2ab58efe9a4ecc26464a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://garenaquafree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 17:58:28 GMT
x-content-type-options: nosniff
age: 537114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14284
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:23:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 18 Jul 2023 17:58:28 GMT

GET
H3 200 wXK0E3kTposypRydzVT08TS3JnAmtdjEyppn_led7Q.woff2
fonts.gstatic.com/s/baloo2/v14/ 5 KB
5 KB 24ms
7ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/baloo2/v14/wXK0E3kTposypRydzVT08TS3JnAmtdjEyppn_led7Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Baloo+2:wght@600&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c0cca1ec575caca60ead2e246efd6011b13e2f32cacae0e4912e8c13b205574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://garenaquafree.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Fri, 22 Jul 2022 04:10:27 GMT
x-content-type-options: nosniff
age: 241195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4764
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 19:28:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Jul 2023 04:10:27 GMT

GET
H2 200 bigtextbox.png
cdngarenanow-a.akamaihd.net/gstaticid/FF_ID/gamingdiceblue/ 681 KB
683 KB 1465ms
1388ms Image
image/png 23.48.23.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdngarenanow-a.akamaihd.net/gstaticid/FF_ID/gamingdiceblue/bigtextbox.png
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.48.23.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 60ec25fb8225d555e1752005ca6f5ef5ee1687c30dfeeae611be09652bd5db5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:23 GMT
content-encoding: gzip
last-modified: Wed, 04 Aug 2021 08:00:28 GMT
server: AkamaiNetStorage
etag: "3acd50783368316565bf9652ff5ede05:1628065097.031739"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"

GET
H/1.1 200
OK stars_wrap.png
dl.dir.freefiremobile.com/common/web_event/gamingdice/images/ 12 KB
12 KB 41ms
8ms Image
image/png 23.48.23.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/gamingdice/images/stars_wrap.png
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2ba55fd8b61112051e75db6e58b85d32e43b4d0c389f66aa7caeb9a08262b727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 23:10:22 GMT
Last-Modified: Tue, 29 Mar 2022 04:34:51 GMT
Server: AkamaiNetStorage
ETag: "3a313e7f8bb556ab30497c317beaf4fe:1648528491.46154"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11870

GET
H/1.1 200
OK btn_confirm.png
dl.dir.freefiremobile.com/common/web_event/gamingdice/images/ 9 KB
9 KB 48ms
12ms Image
image/png 23.48.23.24
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/gamingdice/images/btn_confirm.png
Requested by: Host: garenaquafree.com
URL: https://garenaquafree.com/css/style.css?v=3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.23.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-23-24.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 64d98b1e74915bfeb53adfada2fb0dc18b015d351c8858ceb8489a77e0fef66b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 24 Jul 2022 23:10:22 GMT
Last-Modified: Tue, 29 Mar 2022 04:34:54 GMT
Server: AkamaiNetStorage
ETag: "4e2cb3bc6a9baf6adaa8be4db930e7f6:1648528494.869337"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8826

GET
H3 200 old.php Show response
garenaquafree.com/pages/ 2 KB
753 B 322ms
322ms XHR
text/html 2606:4700:3031::6815:76f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://garenaquafree.com/pages/old.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3031::6815:76f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13022a9f5acf2c751ffa46234bee47fa80f84d81fa7caea4a615117cdfee02ab

Request headers

Accept: text/html, */*; q=0.01
Referer: https://garenaquafree.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:22 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3Cu0Kthvos4JdQ6hGSfjxte4LQ0KfQVElAGmIVN5qwOEQ7MHbwKKoMb6Tw2fiC%2FIvW6gJf%2BB48xbNSfhg9OzOlCbsg7QYqYuRxp1xnVZu3A96hgQALsjSNDeNTqkaktPgskXKHpzJ2H4beSrRYMMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 7300542eeff29279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
na.apps.amsoveasea.com/swoole/ 34 B
176 B 769ms
255ms XHR
text/html 129.226.2.89
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://na.apps.amsoveasea.com/swoole/?actid=2020&r=index/getCountry&_only_service_response_=1
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.2.89 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 026dcc63b01ca1bfe7ba3814791cd79082aabda65fba4f060854f64269bb9ba9

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://garenaquafree.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Jul 2022 23:10:23 GMT
content-encoding: gzip
server: nginx/1.20.1
content-length: 53
content-type: text/html

GET
H2 200 Ueq16Iu.jpg
i.imgur.com/ 13 KB
14 KB 11ms
9ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/Ueq16Iu.jpg

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

10d4e8e6da007b93cfb9394ca9a18fd49d109a620f57acb99cd0de791a763978

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:23 GMT
x-content-type-options: nosniff
age: 2219558
x-cache: HIT, HIT
content-length: 13822
x-served-by: cache-iad-kcgs7200121-IAD, cache-fra19180-FRA
last-modified: Tue, 07 Jun 2022 14:30:47 GMT
server: cat factory 1.0
x-timer: S1658704223.329121,VS0,VE2
etag: "c6a87e0ddeed2823edd69db03785d6c5"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 zi6J4Ie.jpg
i.imgur.com/ 7 KB
7 KB 12ms
9ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/zi6J4Ie.jpg

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

93134e1ad85c53a6ca7c5dfec9e9a7ac77a4ec2bc9ada5417219fc70bd246c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:23 GMT
x-content-type-options: nosniff
age: 1677416
x-cache: HIT, HIT
content-length: 6733
x-served-by: cache-iad-kiad7000106-IAD, cache-fra19180-FRA
last-modified: Sat, 28 May 2022 15:46:51 GMT
server: cat factory 1.0
x-timer: S1658704223.329912,VS0,VE1
etag: "e9da1490dbd21a2eca6a9b93149ed94b"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 7iDXxY0.jpg
i.imgur.com/ 6 KB
6 KB 13ms
11ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/7iDXxY0.jpg

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

632cc589aa073cddb6dc468216dd32b6ff05313f948fd6cd3f59c96176cf6b60

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:23 GMT
x-content-type-options: nosniff
age: 2212846
x-cache: HIT, HIT
content-length: 6382
x-served-by: cache-iad-kjyo7100169-IAD, cache-fra19180-FRA
last-modified: Sat, 28 May 2022 15:46:51 GMT
server: cat factory 1.0
x-timer: S1658704223.329875,VS0,VE2
etag: "f0566e4320ae84107785d057a774ae71"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 fcn2dyU.jpg
i.imgur.com/ 10 KB
10 KB 11ms
10ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/fcn2dyU.jpg

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9749e2710c1c8f7ce487d5ba51a55fb2cf2240e709a9a06774d0a4684b19d47c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:23 GMT
x-content-type-options: nosniff
age: 2025524
x-cache: HIT, HIT
content-length: 9806
x-served-by: cache-iad-kjyo7100130-IAD, cache-fra19180-FRA
last-modified: Sat, 28 May 2022 16:37:17 GMT
server: cat factory 1.0
x-timer: S1658704223.329842,VS0,VE1
etag: "04461dcfa2ccb9943a3acb64c2ea71d0"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 dvp1LoE.jpg
i.imgur.com/ 9 KB
10 KB 12ms
10ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/dvp1LoE.jpg

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

2c174f5fdbafe3ac5501e6b133d4965e0f6574e0472daeaa9b5294a28a85378f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:23 GMT
x-content-type-options: nosniff
age: 1525337
x-cache: HIT, HIT
content-length: 9546
x-served-by: cache-iad-kiad7000103-IAD, cache-fra19180-FRA
last-modified: Sat, 28 May 2022 16:37:17 GMT
server: cat factory 1.0
x-timer: S1658704223.329806,VS0,VE2
etag: "2ea346960b22614a759e312bbf4fa302"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 VQh8L4Q.jpg
i.imgur.com/ 10 KB
10 KB 29ms
28ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/VQh8L4Q.jpg

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

bbae609437d028b997620ba4e85389c1b317534ecb17881b19bc8b4edba08e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:23 GMT
x-content-type-options: nosniff
age: 2277780
x-cache: HIT, HIT
content-length: 9941
x-served-by: cache-iad-kiad7000051-IAD, cache-fra19180-FRA
last-modified: Sat, 28 May 2022 16:37:17 GMT
server: cat factory 1.0
x-timer: S1658704223.329774,VS0,VE20
etag: "760bffe1a5e62cee384c8151889762f1"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 tId6xK2.jpg
i.imgur.com/ 6 KB
6 KB 11ms
10ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/tId6xK2.jpg

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

4e25fa3fd784a6a1bd707310d5df5bc185d7d22a3b7662e6723a213d908a72b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:23 GMT
x-content-type-options: nosniff
age: 3457389
x-cache: HIT, HIT
content-length: 6440
x-served-by: cache-iad-kjyo7100144-IAD, cache-fra19180-FRA
last-modified: Sat, 28 May 2022 16:37:17 GMT
server: cat factory 1.0
x-timer: S1658704223.330332,VS0,VE1
etag: "ee255378cd76d12de00393ef0ba4b27a"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 b3ul9Dy.jpg
i.imgur.com/ 5 KB
5 KB 26ms
25ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/b3ul9Dy.jpg

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

8656859468ad039bc6df18c3692ffaaca8745290914e75a59ef444db47d78783

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:23 GMT
x-content-type-options: nosniff
age: 3492088
x-cache: HIT, HIT
content-length: 5064
x-served-by: cache-iad-kjyo7100025-IAD, cache-fra19180-FRA
last-modified: Sat, 28 May 2022 16:37:17 GMT
server: cat factory 1.0
x-timer: S1658704223.330340,VS0,VE17
etag: "0190b0e2079a28be59f0a5f9778fa332"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 sjp7ZrX.jpg
i.imgur.com/ 4 KB
4 KB 13ms
12ms Image
image/jpeg 151.101.12.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/sjp7ZrX.jpg

Requested by

Host: garenaquafree.com
URL: https://garenaquafree.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.193 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

c5b8e061a25203e1a014ff3d99b2939801dc4dfda113d36e9073ea6ba4e7dc05

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://garenaquafree.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Sun, 24 Jul 2022 23:10:23 GMT
x-content-type-options: nosniff
age: 3541414
x-cache: HIT, HIT
content-length: 4288
x-served-by: cache-iad-kiad7000175-IAD, cache-fra19180-FRA
last-modified: Sat, 28 May 2022 16:43:03 GMT
server: cat factory 1.0
x-timer: S1658704223.330345,VS0,VE1
etag: "5d6c689be8b115881b6bedfd9fdeda18"
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://garenaquafree.com/tan/icon.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdngarenanow-a.akamaihd.net
cdnjs.cloudflare.com
code.jquery.com
dl.dir.freefiremobile.com
files7.webydo.com
fonts.googleapis.com
fonts.gstatic.com
freefiremobile-a.akamaihd.net
garenaquafree.com
h.top4top.io
i.imgur.com
na.apps.amsoveasea.com
www.kolpaper.com
129.226.2.89
151.101.12.193
2001:4de0:ac18::1:a:1b
23.48.23.24
23.48.23.63
2606:4700:3031::6815:76f
2606:4700::6810:5514
2606:4700::6811:190e
2a00:1450:4001:813::2003
2a00:1450:4001:829::200a
2a06:98c1:3120::3
2a06:98c1:3121::3
65.21.235.194
020487b2ceebc26c8d309b0ab94170981c0a3b093eeb85a4dc5737e83e83f4fa
026dcc63b01ca1bfe7ba3814791cd79082aabda65fba4f060854f64269bb9ba9
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0c54bdbd08da4ee85a0bae7af657e393c217f9d86cf44341a541f60be58702f6
10d4e8e6da007b93cfb9394ca9a18fd49d109a620f57acb99cd0de791a763978
13022a9f5acf2c751ffa46234bee47fa80f84d81fa7caea4a615117cdfee02ab
1732cbf0b83525ca6769c3a58d15de73f38122ed8c056ca7e30a6076767ef3d6
29685bc4737559acc10db79fd9536f3bf301e00ac20c497ed32ae6181e0ab260
2ba55fd8b61112051e75db6e58b85d32e43b4d0c389f66aa7caeb9a08262b727
2c174f5fdbafe3ac5501e6b133d4965e0f6574e0472daeaa9b5294a28a85378f
33ea0b0fde442c704bb17650b00bf78e84e9eef9664159191df0a6c4850e849c
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
3c0cca1ec575caca60ead2e246efd6011b13e2f32cacae0e4912e8c13b205574
432360a0d8577899a613c18a11150cb52fa83c4863e8495d8a5cb03fa431f9f6
439fd9c373886a6039994ec5e13b5076d5f79f5e14506ea5679232dc0da51832
44b2eac6db4b830e5c9e6cb26aa0c9d866dcb6f3e7cec0c14033a4a3e1470690
4e25fa3fd784a6a1bd707310d5df5bc185d7d22a3b7662e6723a213d908a72b0
60ec25fb8225d555e1752005ca6f5ef5ee1687c30dfeeae611be09652bd5db5b
632cc589aa073cddb6dc468216dd32b6ff05313f948fd6cd3f59c96176cf6b60
64d98b1e74915bfeb53adfada2fb0dc18b015d351c8858ceb8489a77e0fef66b
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
69e80ab504487a45fe9d4524d84fc04675afd60d3ddf2d7b99c74aee6c941dfb
6e540389402e3ced8b111dca3b7f564046e027fdbc472359c9d0e0bced2c346e
73a43e9a3b24f10852bac31ff21a50e65bc24030b0db18afdeba5e632ba81072
7bb88750901d69a3639be7393062bb2fdab860e075805eb733c4e547074ff0ea
8656859468ad039bc6df18c3692ffaaca8745290914e75a59ef444db47d78783
8de0df5d1a7a0ff33b9ced7a50a4d482aaf09710cc78b8bded5e2f17f06bbe31
8df3d3b0eaf7487e08932291d8b2a135ad2ecb2e32bcaba6308df2e2fb7e3436
93134e1ad85c53a6ca7c5dfec9e9a7ac77a4ec2bc9ada5417219fc70bd246c5f
9749e2710c1c8f7ce487d5ba51a55fb2cf2240e709a9a06774d0a4684b19d47c
9a578b59eb4b32abeccfda98e4803db90cb6ddd7895a9c7bae15004b2569261c
ae4de0464f907f90721557737e22dbadf629ec2f606a0f94e5c9dd1bb6261240
b673e2b5804831830d722315f5d889bb3cadc09f514c97825a48692148772b0e
b81acf85faf238b5137223deb58217d72010480c62dfd614ad09661d9f1ae278
b8c0909154e5245f00756fd4dd8cdf388d279657314b07c550c6227cc7adaaad
ba6e1178e628e430d7126f1fadc56ec7ede45d051320c0e8908b9a9de63f8fed
bbae609437d028b997620ba4e85389c1b317534ecb17881b19bc8b4edba08e0d
c5abc921c9ac30248b7654de7e956f8fe66d1e54a7b3ec731600d35635c138c9
c5b8e061a25203e1a014ff3d99b2939801dc4dfda113d36e9073ea6ba4e7dc05
c6ce950c644353eb73cbf7b1bed563cefbb0a3b91bb91a5a5aa0e930f0e34116
c8827f7d38ae66631c5cc479dfb23d23a6131227f9ad8ae838d191aed191660f
dcc493ff4d9cb4be491209c750b46025bdec913bb3f2ab58efe9a4ecc26464a9
f2d0dae13baddb4ef853a0ea61bafaa18f9db27317019673a000df156ad86f92
f936df3794653b1a21c936fed39043e31171b84fced1723991a7fb5eac30bc5f
fb8f68913c961d410bd8216c89008c183516309899999862829fd837b98020c5
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

garenaquafree.com Open in urlscan Pro 2606:4700:3031::6815:76f Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

46 Requests

100 %HTTPS

62 %IPv6

13 Domains

15 Subdomains

13 IPs

5 Countries

2399 kBTransfer

2625 kBSize

0 Cookies

0 Outgoing links

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

garenaquafree.com Open in urlscan Pro
2606:4700:3031::6815:76f Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

100 %
HTTPS

62 %
IPv6

13
Domains

15
Subdomains

13
IPs

5
Countries

2399 kB
Transfer

2625 kB
Size

0
Cookies

46 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!