gafreefire.w3spaces.com Open in urlscan Pro
2600:9000:2156:7c00:b:df74:43c0:93a1  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request index.html Show response gafreefire.w3spaces.com/	36 KB 36 KB	539ms 458ms	Document text/html	2600:9000:2156:7c00:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:7c00:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8f0467d96aaa05ebdfa84815333e632a0685f72f0a9572df44f75dac2f750615 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 36421 content-type text/html date Sat, 27 Aug 2022 12:24:07 GMT etag "d60843dcc00610be744dec6063757a9a" last-modified Thu, 18 Aug 2022 16:36:13 GMT server AmazonS3 vary Accept-Encoding via 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront) x-amz-cf-id KmLOXYwrSEiqO2v_ayPvoVqahAD2Ubzp7exFetiinSIKzE_mRgvOgA== x-amz-cf-pop FRA50-C1 x-amz-id-2 gz40WEPuexk3nOjjU3vCnf9CJMYRziwDV9SPnLj626/8tBDJqNE0y8LmflxBTRNIt4LSzTwsB+w= x-amz-request-id RHNT4X7M69QDZ8D1 x-cache Miss from cloudfront
GET H2	404	analytics.js gafreefire.w3spaces.com/Free%20Fire_files/	0 0	447ms 442ms	Script text/html	2600:9000:2156:7c00:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gafreefire.w3spaces.com/Free%20Fire_files/analytics.js Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:7c00:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:23:38 GMT via 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront) last-modified Mon, 20 Dec 2021 10:29:18 GMT server AmazonS3 age 50 etag "577e7a60c9d61bb8273e7f376521983a" vary Accept-Encoding x-cache Error from cloudfront content-type text/html x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 12984 x-amz-cf-id upRLA_NcfU7Iq7ejs2nlCQo8_AafT1J56QN7jzITlniH_pUZF4iiPA==
GET H2	404	js gafreefire.w3spaces.com/Free%20Fire_files/	0 0	444ms 439ms	Script text/html	2600:9000:2156:7c00:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gafreefire.w3spaces.com/Free%20Fire_files/js Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:7c00:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:23:38 GMT via 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront) last-modified Mon, 20 Dec 2021 10:29:18 GMT server AmazonS3 age 50 etag "577e7a60c9d61bb8273e7f376521983a" vary Accept-Encoding x-cache Error from cloudfront content-type text/html x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 12984 x-amz-cf-id -Kz2GtofQZo4v2E6MtjiuGWaKhjwCHPpy9UpwzZYw7QAbvsJ_6O19g==
GET H2	200	main.css evenits.xyz/assets/css/	55 KB 7 KB	233ms 143ms	Stylesheet text/css	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://evenits.xyz/assets/css/main.css Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b97e0270c8f659337e5ebaa5c90bd493b6d1c30a16d5139ea1fd554c7d03144b Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT content-encoding br cf-cache-status MISS last-modified Sun, 29 May 2022 09:12:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skb0qubN0kbmLr5mK9SbXb%2B5nefiGEthzUbJyCgST6EHXAfczvX95F8gN9urAh32B7ibPaT%2FcZn4prPfpUr5V7UuZAwoX8N%2FEW6aVLmSrguaRdj9pH0efN9RhAMDz3g4bnGxyfzmSKwvLg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7414c8466afe9c10-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	animate.css evenits.xyz/assets/css/	76 KB 5 KB	234ms 144ms	Stylesheet text/css	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://evenits.xyz/assets/css/animate.css Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT content-encoding br cf-cache-status MISS last-modified Sat, 26 Mar 2022 17:52:32 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QN4Jgu4Ryenfr8XjJCd1eTj58BV4taJryvm65kREc1uqCmGqZy8g1H7zQvkgIcXmGorokdbJ2eZ20mHgcA4d32g3XSlwOSUtXezLe%2Fd%2Fb2jLunpiauenyCpM%2BOCBRaEXrZp8sBIHQMVsQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7414c8466b009c10-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	facebook.css evenits.xyz/assets/css/login/	3 KB 1 KB	196ms 106ms	Stylesheet text/css	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://evenits.xyz/assets/css/login/facebook.css Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 161a69202cb14200a9c537031931baed56c85bb81841dc6f3272e21a50dbbdca Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT content-encoding br cf-cache-status MISS last-modified Sun, 18 Jul 2021 02:51:10 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YEQCXS91TosOm9EaiO4CFCGnrgXkaB5rKc%2Fz3esPY0JebzYd7gaQ4qfhliYLCoy%2BDS%2FhPc%2FbrmQY22Fi%2BYnmUfSW70fG3TsW3QSySQ%2F8%2B11x2vMQYTkLLWSp%2Bc6v9sSCpNyPpM9YlVzU9w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7414c8466b019c10-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	style.css evenits.xyz/assets/css/	12 KB 3 KB	205ms 115ms	Stylesheet text/css	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://evenits.xyz/assets/css/style.css Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 177a63ea440109196a4b86d074c28b57d5e17457f2faf7d657b8047bb335bed7 Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT content-encoding br cf-cache-status MISS last-modified Sat, 02 Apr 2022 01:40:34 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BxSHS9MjqH3bxX6izbEfgSNBvplx0LwTQjGzsKQxS5y4mSBBN0cz83zosuzJPpDruWOoTVR1DHdWXAhhwagUw%2BDEqpOICGs%2F09kaCENdu05S0oETLz029hU7NE1V7EyM%2BBhheUt9ZQuS1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 7414c8466b029c10-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	font-awesome.min.css stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	80ms 29ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 723 age 15548717 cdn-cachedat 11/15/2021 21:49:00 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.0 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:55 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 2729ae8f2fc6c761bdc17d91cc795f58 cf-ray 7414c8462ebe9199-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	material-design-iconic-font.min.css cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/	69 KB 6 KB	83ms 25ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 4455542 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5845 timing-allow-origin * last-modified Mon, 04 May 2020 16:12:09 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ed9-1149f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UCsbH03BzRMwwwiyHuFKmFwIcRnpUimje6fcS2V%2FGrDTy2W1HGwjlhodJ6CkEiJ0dfh5cLnNVrk8OZQ1pnEa2S%2FoT91g19J0yHCdMCFgExBq7AR6EPXPNA48A3ErAG%2F%2BHBJcn2QYohDv2sydcZKQRlAk"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 7414c8462ba0905e-FRA expires Thu, 17 Aug 2023 12:24:07 GMT
GET H2	200	facebook.png evenits.xyz/assets/img/	9 KB 9 KB	197ms 108ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://evenits.xyz/assets/img/facebook.png Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2 Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT cf-cache-status MISS last-modified Sun, 29 May 2022 09:12:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vplrwH%2BhMFMAz1T1%2FfornanbnggqoYlU2hwdkYy4UW%2BJfVo7ORtqC8Nyg5ro%2F%2FqnYnZUkHVa0AfUU2LfMvs1J%2BI1GOa%2FDLzL6kwjHd2obhWKQtNHiEsQGKc3xL%2FqcV826WXsULlC4IJOaA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7414c8466b049c10-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9175
GET H2	200	vk.png evenits.xyz/assets/img/	10 KB 10 KB	198ms 109ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://evenits.xyz/assets/img/vk.png Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8ffae0974acd7014b8e30ff2510ff2c8809103dca22a9e9d252cfd525cc7eff9 Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT cf-cache-status MISS last-modified Sun, 29 May 2022 09:12:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eGxBVF7PZ3%2F0quvUayYldC3536Qj3%2BD8dbKCMcEHbxCw9Ztx%2BsDgyTF5VU1M9TBi9d02QluPUNLsDhW5ct%2FwECCNHky7ukecMvg8AZcK4fo1fariGSj74WuNVH116myBXRcA8tPIMz94MA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7414c8466b039c10-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9846
GET H2	200	google.png evenits.xyz/assets/img/	6 KB 6 KB	108ms 107ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://evenits.xyz/assets/img/google.png Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash edefde11d13eb274cafd860dd219755352257187b374f313c810cb6a20f0a477 Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT cf-cache-status MISS last-modified Sun, 29 May 2022 09:12:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1%2F3p66QGz00mfockju7gf7MBRiEy6PrTwlg3JVGtQdJWibiGqqXbCi7JhJyGiX%2BzAGXKm0QrjapWpeRzRKHdysDww%2BFWxpQUQp129ptlC3zlBXo6c6vrhbYxhqfapVWXpQDmhP5%2B%2BshYQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7414c8467b279c10-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6351
GET H2	200	huawei.png evenits.xyz/assets/img/	3 KB 3 KB	101ms 100ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://evenits.xyz/assets/img/huawei.png Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38e377481a3abf35890dbc9abd19fd4657ab4ea449d24299073da019da5b4281 Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT cf-cache-status MISS last-modified Sun, 29 May 2022 09:12:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2F3n0uvvo9IWJLXBrGltbX%2Fp0yx6Y4Qd%2FFrNKUbh4J2dK8%2F27F2ywR%2B6NUTJqROGGNMUA2Iu0sI9cabLukSdWwuQhd70YSSwXqv8sGplJz9%2FI10UX5hmCfRY%2FrftFryNfE1nI%2B5Lgx4a1w%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7414c8467b289c10-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3010
GET H2	200	apple.png evenits.xyz/assets/img/	9 KB 9 KB	103ms 102ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://evenits.xyz/assets/img/apple.png Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3 Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT cf-cache-status MISS last-modified Sun, 29 May 2022 09:12:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xUFWofC9cgg%2BMHm023hZnTemFX95ViOXtoh9o%2BRYIZ6cJXuOZZf41F7g5Mt8a1w40z6UJdpfKtdiQLXVmXJ7kZtI2rs%2F1tPojqcqUiTp0usacZ0Xx1KQO%2B9gOSKb44Y5JGV6LRshYvUpQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7414c8467b299c10-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9069
GET H2	200	twitter.png evenits.xyz/assets/img/	10 KB 10 KB	110ms 109ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://evenits.xyz/assets/img/twitter.png Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 392c6ef45dc72dc2d72c2a2d16ff5fcd5943766e78e14f1f6bb008c59cf80877 Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT cf-cache-status MISS last-modified Sun, 29 May 2022 09:12:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XH4ccDqQ2NgPduBrpdIPp2OvAJyltR7F7oCgSI61dKAsrDXnAg1O9hqStlwM3cruA3F04WeuE4aFPHcrULeRYKWkV0oPqvS4B28UFYPkhnLg03wnafmPG%2FAzFoi1G4EnPCxAWCgttKW23g%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7414c8467b2a9c10-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 9812
GET H2	200	arrow.png evenits.xyz/assets/img/	449 B 932 B	111ms 110ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://evenits.xyz/assets/img/arrow.png Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861 Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT cf-cache-status MISS last-modified Sun, 29 May 2022 09:12:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILg%2FnQ8D7NwxzbAKGZWxRCwKQBRXD2jkyGISYjTGcA8Af86Yi3oa6wS%2FXrPXHPPHjUA4WQ%2F6WzN6aDEUA%2BO7YRYZ91aavtVoiggQ9hw6j8Mj2ePlHci4cmb0WkQquP7kkg1zuIIVaiYhIA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7414c8467b2b9c10-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 449
GET H2	200	logo_small_foot.jpg evenits.xyz/assets/img/	3 KB 4 KB	111ms 110ms	Image image/jpeg	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://evenits.xyz/assets/img/logo_small_foot.jpg Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346 Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT cf-cache-status MISS last-modified Sun, 29 May 2022 09:12:06 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvpJSRtRt3xiHNRTL6Qlv6JN4eAOBWlK%2FN5D160IgW%2FVY7HndkNs0b4Xw8%2FSwLuY4%2BdkUPRmjHT%2F9aVh9G9SuZ2PhBQaYghmarI0wSQhTgzPHMogzmsT%2BSHZgMVFp4BViuZRtyeTvkVqew%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7414c8467b2c9c10-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3522
GET H2	200	QkHHUqiTOSuo.png gcdnb.pbrd.co/images/	28 KB 29 KB	458ms 405ms	Image image/png	2606:4700:3033::ac43:c6f9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://gcdnb.pbrd.co/images/QkHHUqiTOSuo.png?o=1 Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:c6f9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401 Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers x-goog-hash crc32c=S25Vfw==, md5=dBkLk/xPXYjwyOZBG6IL2A== date Sat, 27 Aug 2022 12:24:07 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-guploader-uploadid ADPycduWKNHkpYdHefZ2bNp2s-8MOoy3oU-s1Ycbi2_CdBkFZw7rcp7Blv24Zd-MRQSoGrP0R9wdVdmOgcKx5O6LJNBfVUCW2Q0j x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 28789 last-modified Mon, 13 Jun 2022 17:12:52 GMT server cloudflare etag "74190b93fc4f5d88f0c8e6411ba20bd8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLbOufqckeoVIa%2BN4JHXCDhASFWWvkyKH%2BQI9AfMWlRHQLHYNZ0OVdl0y03%2FkJMrE46ZHWqheMT%2BMxyKMa2LWEopj7%2FIq17NcmwMEtPr%2BXjLI%2BwLPlTNyJ0JsqW6MxgciwOpv9IZwGPABksV"}],"group":"cf-nel","max_age":604800} x-goog-generation 1655140372917417 content-type image/png x-goog-expiration Sun, 11 Sep 2022 17:12:52 GMT cache-control public, max-age=14400 x-goog-stored-content-length 28789 accept-ranges bytes cf-ray 7414c8462ed79b55-FRA expires Sat, 27 Aug 2022 13:24:07 GMT
GET H2	200	app.png evenits.xyz/assets/img/	447 KB 448 KB	171ms 170ms	Image image/png	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://evenits.xyz/assets/img/app.png Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7b04355f0244b494dcb24527e89a2f9bc71c8d30eb92ffeec2bb495db7a718b5 Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:24:07 GMT cf-cache-status MISS last-modified Sun, 29 May 2022 07:25:53 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lcoTNaJz%2B9gPLTtYbYcVPccc0Gbu7IvwWONMCPzqj9g51j3%2F8iNDAvIMbxL6UciTmKV%2B4x%2BLJ0Qr2LMGdvwp9bEFU6kkyY6KgIZ3s9hc9%2FgDBVaYBrBPwchcDJhIJ%2BnCCSygMljrAa%2FWHQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 7414c8467b2d9c10-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 458179
GET H2	404	vendorsmain.js gafreefire.w3spaces.com/Free%20Fire_files/	0 0	438ms 436ms	Script text/html	2600:9000:2156:7c00:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gafreefire.w3spaces.com/Free%20Fire_files/vendorsmain.js Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:7c00:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:23:38 GMT via 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront) last-modified Mon, 20 Dec 2021 10:29:18 GMT server AmazonS3 age 50 etag "577e7a60c9d61bb8273e7f376521983a" vary Accept-Encoding x-cache Error from cloudfront content-type text/html x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 12984 x-amz-cf-id PjA7FMkjEZCmEuQgrl959s8jJxT2sy5h-emV7hSa4psOWAK2lc_5CA==
GET H2	404	main.js gafreefire.w3spaces.com/Free%20Fire_files/	0 0	468ms 466ms	Script text/html	2600:9000:2156:7c00:b:df74:43c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://gafreefire.w3spaces.com/Free%20Fire_files/main.js Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2156:7c00:b:df74:43c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer https://gafreefire.w3spaces.com/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Sat, 27 Aug 2022 12:23:38 GMT via 1.1 632ee301c4920b52f2463aa9e978c57e.cloudfront.net (CloudFront) last-modified Mon, 20 Dec 2021 10:29:18 GMT server AmazonS3 age 50 etag "577e7a60c9d61bb8273e7f376521983a" vary Accept-Encoding x-cache Error from cloudfront content-type text/html x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 12984 x-amz-cf-id S-vS1eNTd6HqOCp9EMrdOUjZFqr6ER8cVrjZwKgxCbd5MtMQmRA26g==
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.1/	82 KB 29 KB	103ms 41ms	Script text/javascript	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gafreefire.w3spaces.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Sat, 27 Aug 2022 12:13:07 GMT content-encoding gzip x-content-type-options nosniff age 660 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29671 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 27 Aug 2023 12:13:07 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.3/	82 KB 30 KB	82ms 20ms	Script text/javascript	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js Requested by Host: gafreefire.w3spaces.com URL: https://gafreefire.w3spaces.com/index.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://gafreefire.w3spaces.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Sat, 27 Aug 2022 12:13:07 GMT content-encoding gzip x-content-type-options nosniff age 660 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29707 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 27 Aug 2023 12:13:07 GMT
GET H2	200	css fonts.googleapis.com/	11 KB 1 KB	76ms 30ms	Stylesheet text/css	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 Requested by Host: evenits.xyz URL: https://evenits.xyz/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 2a8d95df9c0259875d71d6e03375346fa31e412ad4774c87a0ec0ec527b85252 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://evenits.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 27 Aug 2022 12:24:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 27 Aug 2022 12:24:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 27 Aug 2022 12:24:07 GMT
GET H2	404	background.png evenits.xyz/assets/img/	0 0	102ms 100ms	Image text/html	2a06:98c1:3120::c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://evenits.xyz/assets/img/background.png Requested by Host: evenits.xyz URL: https://evenits.xyz/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://evenits.xyz/assets/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers
GET H/1.1	200 OK	bg.jpg dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/	134 KB 134 KB	186ms 38ms	Image image/jpeg	23.48.23.34 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/bg.jpg Requested by Host: evenits.xyz URL: https://evenits.xyz/assets/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-48-23-34.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d Request headers accept-language de-DE,de;q=0.9 Referer https://evenits.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sat, 27 Aug 2022 12:24:07 GMT Last-Modified Mon, 07 Mar 2022 08:28:11 GMT Server AkamaiNetStorage ETag "57fd6fc58a09519be8012650efd9881d:1646641691.083794" Content-Type image/jpeg Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 136773
GET H/1.1	200 OK	top_teeth-l.png dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/	144 B 522 B	187ms 39ms	Image image/png	23.48.23.34 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/top_teeth-l.png Requested by Host: evenits.xyz URL: https://evenits.xyz/assets/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-48-23-34.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae Request headers accept-language de-DE,de;q=0.9 Referer https://evenits.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sat, 27 Aug 2022 12:24:07 GMT Last-Modified Mon, 07 Mar 2022 08:26:47 GMT Server AkamaiNetStorage ETag "fe98481dd3ffad514594309ceb2ef4ba:1646641607.0753" Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 144
GET H/1.1	200 OK	logo.png dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/	14 KB 14 KB	641ms 493ms	Image image/png	23.48.23.34 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://dlgarenanow-a.akamaihd.net/mgames/ffmhk/common/web_event/tweb-event/redemption/img/logo.png Requested by Host: evenits.xyz URL: https://evenits.xyz/assets/css/main.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 23.48.23.34 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a23-48-23-34.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 4bb88bccc5bd610423b63fba5ca6f98516d3d8fc631d6b1b977ac669104264be Request headers accept-language de-DE,de;q=0.9 Referer https://evenits.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers Date Sat, 27 Aug 2022 12:24:08 GMT Last-Modified Mon, 07 Mar 2022 08:28:05 GMT Server AkamaiNetStorage ETag "b3c9dc5b5bba47430a7da8301c09d45b:1646641685.19083" Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Alt-Svc h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" Content-Length 14297
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	149ms 19ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gafreefire.w3spaces.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 16:44:52 GMT x-content-type-options nosniff age 416355 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 22 Aug 2023 16:44:52 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 15 KB	154ms 24ms	Font font/woff2	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://gafreefire.w3spaces.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36 Response headers date Mon, 22 Aug 2022 19:07:55 GMT x-content-type-options nosniff age 407772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 22 Aug 2023 19:07:55 GMT
GET		jquery-1.10.2.min.js code.jquery.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

code.jquery.com

URL

http://code.jquery.com/jquery-1.10.2.min.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| e5d8430f string| k function| gtag object| dataLayer function| open_facebook function| tutup_facebook function| showFbPassword function| hideFbPassword function| showTwitterPassword function| hideTwitterPassword function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://code.jquery.com/jquery-1.10.2.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://evenits.xyz/assets/img/background.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gafreefire.w3spaces.com/Free%20Fire_files/vendorsmain.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gafreefire.w3spaces.com/Free%20Fire_files/js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gafreefire.w3spaces.com/Free%20Fire_files/analytics.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://gafreefire.w3spaces.com/Free%20Fire_files/main.js Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://gafreefire.w3spaces.com/index.html Message: Mixed Content: The page at 'https://gafreefire.w3spaces.com/index.html' was loaded over HTTPS, but requested an insecure script 'http://code.jquery.com/jquery-1.10.2.min.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
dlgarenanow-a.akamaihd.net
evenits.xyz
fonts.googleapis.com
fonts.gstatic.com
gafreefire.w3spaces.com
gcdnb.pbrd.co
stackpath.bootstrapcdn.com
code.jquery.com
23.48.23.34
2600:9000:2156:7c00:b:df74:43c0:93a1
2606:4700:3033::ac43:c6f9
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:811::200a
2a00:1450:4001:813::200a
2a00:1450:4001:829::2003
2a06:98c1:3120::c
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
161a69202cb14200a9c537031931baed56c85bb81841dc6f3272e21a50dbbdca
177a63ea440109196a4b86d074c28b57d5e17457f2faf7d657b8047bb335bed7
2a8d95df9c0259875d71d6e03375346fa31e412ad4774c87a0ec0ec527b85252
38e377481a3abf35890dbc9abd19fd4657ab4ea449d24299073da019da5b4281
392c6ef45dc72dc2d72c2a2d16ff5fcd5943766e78e14f1f6bb008c59cf80877
3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346
42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae
4bb88bccc5bd610423b63fba5ca6f98516d3d8fc631d6b1b977ac669104264be
756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b04355f0244b494dcb24527e89a2f9bc71c8d30eb92ffeec2bb495db7a718b5
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8f0467d96aaa05ebdfa84815333e632a0685f72f0a9572df44f75dac2f750615
8ffae0974acd7014b8e30ff2510ff2c8809103dca22a9e9d252cfd525cc7eff9
94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2
ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3
b97e0270c8f659337e5ebaa5c90bd493b6d1c30a16d5139ea1fd554c7d03144b
ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab
edefde11d13eb274cafd860dd219755352257187b374f313c810cb6a20f0a477
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615