urlscan.io logo urlscan.io
SecurityTrails logo

one.eva1c.com Open in urlscan Pro
123.176.96.181  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://one.eva1c.com/
Effective URL: http://one.eva1c.com/home.php
Submission: On November 19 via api from FI — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 27 HTTP transactions. The main IP is 123.176.96.181, located in Hong Kong and belongs to LAYER-AS Layerstack Limited, HK. The main domain is one.eva1c.com.
This is the only time one.eva1c.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    123.176.96.181 (Hong Kong)

ASN133380 (LAYER-AS Layerstack Limited, HK)
PTR: 123.176.96.181.layerdns.cloud
one.eva1c.com
1    139.99.122.36 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ns548197.ip-139-99-122.net
poweredby.jads.co
3    2606:4700:3031::ac43:a0e8 (United States)

ASN13335 (CLOUDFLARENET, US)
help-me.live
2    2606:4700:3035::ac43:b8e8 (United States)

ASN13335 (CLOUDFLARENET, US)
18.img4u.click
3    2404:6800:4006:809::200e (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2404:6800:4003:c01::9a (Singapore, Singapore)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2404:6800:4006:80a::2008 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2404:6800:4006:80b::2004 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google.com
2    2404:6800:4006:80a::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.google.co.nz
1    2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
Apex Domain
Subdomains		 Transfer
13 eva1c.com
one.eva1c.com
160 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 help-me.live
help-me.live
1 KB
2 google.co.nz
www.google.co.nz — Cisco Umbrella Rank: 37533
517 B
2 google.com
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 157
661 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
398 B
2 img4u.click
18.img4u.click
136 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
81 KB
1 jads.co
poweredby.jads.co — Cisco Umbrella Rank: 36427
4 KB
27 9
Domain Requested by
13 one.eva1c.com 1 redirects one.eva1c.com
3 www.google-analytics.com one.eva1c.com
www.google-analytics.com
3 help-me.live 1 redirects one.eva1c.com
2 www.google.co.nz
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 18.img4u.click one.eva1c.com
1 analytics.google.com www.googletagmanager.com
1 www.google.com
1 www.googletagmanager.com www.google-analytics.com
1 poweredby.jads.co one.eva1c.com
27 10

This site contains links to these domains. Also see Links.

Domain
checkmm.com
findavgirl.com
download.myfiles.link
18.img4u.click
t.me
Subject Issuer Validity Valid
*.jads.co
Sectigo RSA Domain Validation Secure Server CA		 2022-12-26 -
2024-01-26		 a year crt.sh
*.img4u.click
GTS CA 1P5		 2023-10-01 -
2023-12-30		 3 months crt.sh
help-me.live
GTS CA 1P5		 2023-11-16 -
2024-02-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://one.eva1c.com/home.php
Frame ID: 38932E070035ABCF6B8DF89257E124EC
Requests: 27 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Welcome

Page URL History Show full URLs

  1. http://one.eva1c.com/ HTTP 302
    http://one.eva1c.com/home.php Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

52 %
HTTPS

80 %
IPv6

9
Domains

10
Subdomains

10
IPs

4
Countries

404 kB
Transfer

1093 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://one.eva1c.com/ HTTP 302
    http://one.eva1c.com/home.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://help-me.live/image.php?id=3&type=inlay?group=18PPS&ptl=zh-cn&hfk=MQ__&ovltwo=MQ__ HTTP 301
  • https://help-me.live/image.php?id=3&type=inlay?group=18PPS&ptl=zh-cn&hfk=MQ__&ovltwo=MQ__

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request home.php
one.eva1c.com/
Redirect Chain
  • http://one.eva1c.com/
  • http://one.eva1c.com/home.php
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://one.eva1c.com/home.php
Protocol
HTTP/1.1
Server
123.176.96.181 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.96.181.layerdns.cloud
Software
Tengine /
Resource Hash
541e788d534679e79552c0f83fc96abd910fa3b12f79343a81c46fb79bf0e8be
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0 no-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 19 Nov 2023 15:35:20 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
Tengine
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block

Redirect headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0 no-cache
Connection
keep-alive
Content-Type
text/html
Date
Sun, 19 Nov 2023 15:35:20 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Location
/home.php
Pragma
no-cache
Server
Tengine
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
bootstrap.css
one.eva1c.com/web/css/ 		155 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://one.eva1c.com/web/css/bootstrap.css
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
HTTP/1.1
Server
123.176.96.181 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.96.181.layerdns.cloud
Software
Tengine /
Resource Hash
1fc878969e4e6c3c04950e1d23972596658a39e90455ee49fff442bf136ae181
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/home.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 15:35:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Oct 2022 07:19:34 GMT
Server
Tengine
ETag
W/"633d3006-26c1c"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=60
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 19 Nov 2023 15:36:21 GMT
style.css
one.eva1c.com/web/css/ 		35 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://one.eva1c.com/web/css/style.css
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
HTTP/1.1
Server
123.176.96.181 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.96.181.layerdns.cloud
Software
Tengine /
Resource Hash
f96f2d2a5f1860342e8243fbdc27788883cf9829b5a9f60d6a62d2451d237f05
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/home.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 15:35:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jun 2023 08:53:24 GMT
Server
Tengine
ETag
W/"649d4684-8bd8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=60
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 19 Nov 2023 15:36:21 GMT
other.css
one.eva1c.com/web/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://one.eva1c.com/web/css/other.css
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
HTTP/1.1
Server
123.176.96.181 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.96.181.layerdns.cloud
Software
Tengine /
Resource Hash
81c3a21c8d70ddec65d8d040bea9862f67e9fe1ef564b1081042ac786a83d14d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/home.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 15:35:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jun 2023 08:53:24 GMT
Server
Tengine
ETag
W/"649d4684-1363"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=60
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 19 Nov 2023 15:36:21 GMT
other.css
one.eva1c.com/web/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://one.eva1c.com/web/css/other.css?18pps
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
HTTP/1.1
Server
123.176.96.181 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.96.181.layerdns.cloud
Software
Tengine /
Resource Hash
81c3a21c8d70ddec65d8d040bea9862f67e9fe1ef564b1081042ac786a83d14d
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/home.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 15:35:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jun 2023 08:53:24 GMT
Server
Tengine
ETag
W/"649d4684-1363"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=60
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 19 Nov 2023 15:36:21 GMT
font-awesome.css
one.eva1c.com/web/css/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://one.eva1c.com/web/css/font-awesome.css
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
HTTP/1.1
Server
123.176.96.181 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.96.181.layerdns.cloud
Software
Tengine /
Resource Hash
fc230c5d44279f45084181fa92d6233ef70d0954f4799b1e2cc7b955cd026b2e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/home.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 15:35:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Mar 2017 08:29:18 GMT
Server
Tengine
ETag
W/"58c7a9de-6a64"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=60
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 19 Nov 2023 15:36:21 GMT
datepicker.css
one.eva1c.com/web/css/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://one.eva1c.com/web/css/datepicker.css
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
HTTP/1.1
Server
123.176.96.181 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.96.181.layerdns.cloud
Software
Tengine /
Resource Hash
f35148c5dc8ee289d520659c87ba51e0fea9544a8888759a678dccb1af5d0ba8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/home.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 15:35:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 14 Mar 2017 08:29:18 GMT
Server
Tengine
ETag
W/"58c7a9de-51b2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=60
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 19 Nov 2023 15:36:21 GMT
chosen.css
one.eva1c.com/web/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://one.eva1c.com/web/css/chosen.css
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
HTTP/1.1
Server
123.176.96.181 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.96.181.layerdns.cloud
Software
Tengine /
Resource Hash
5b59bd2842201367f2307e9dc03473f77d4f042a15988671f8c5f91d36a71b55
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/home.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 15:35:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 29 Jun 2023 08:53:24 GMT
Server
Tengine
ETag
W/"649d4684-2f1d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=60
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 19 Nov 2023 15:36:22 GMT
jads.js
poweredby.jads.co/js/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://poweredby.jads.co/js/jads.js
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
139.99.122.36 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ns548197.ip-139-99-122.net
Software
nginx /
Resource Hash
4a80819c5ee89f3ea534b99fe485991302abc498d994ba29d5c893ac5d795f79

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 15:35:21 GMT
Last-Modified
Wed, 20 Sep 2023 21:26:09 GMT
Server
nginx
ETag
"650b6371-eb9"
Content-Type
application/javascript
Connection
close
Accept-Ranges
bytes
Content-Length
3769
image.php
help-me.live/
Redirect Chain
  • http://help-me.live/image.php?id=3&type=inlay?group=18PPS&ptl=zh-cn&hfk=MQ__&ovltwo=MQ__
  • https://help-me.live/image.php?id=3&type=inlay?group=18PPS&ptl=zh-cn&hfk=MQ__&ovltwo=MQ__
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://help-me.live/image.php?id=3&type=inlay?group=18PPS&ptl=zh-cn&hfk=MQ__&ovltwo=MQ__
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
H2
Server
2606:4700:3031::ac43:a0e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

Date
Sun, 19 Nov 2023 15:35:21 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kqakot7osGOyFmF2t%2F2IHx%2FjRaNNtKSOZMCbZDEU6jaje4V2ULFyZDj3JK%2Bcu%2BUbhdEqx8S77Hftes8Vhg0Xztsr5YpWZOIz5LS19QgK1a1%2FTYlVLZ2dm8uuZ3enf8Cd0gSkOYLCKjez8BM%3D"}],"group":"cf-nel","max_age":604800}
Location
https://help-me.live/image.php?id=3&type=inlay?group=18PPS&ptl=zh-cn&hfk=MQ__&ovltwo=MQ__
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
828985c54fe7aad1-SYD
alt-svc
h3=":443"; ma=86400
Expires
Sun, 19 Nov 2023 16:35:21 GMT
telegram_icon.png
18.img4u.click/pic/images/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18.img4u.click/pic/images/telegram_icon.png
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fae1fb264daf2a02174a9411c643d9dbad485ce266d5a50d9b87d44a0ec9cfd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 15:35:22 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
132591
last-modified
Tue, 17 Oct 2023 04:33:48 GMT
server
cloudflare
etag
"652e0eac-205ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UbymJCSEWo7p%2FOcW0Jvpfwi2tO%2BbEkF%2B8M1J6JNbcth6NzyshTVIvt%2BSBpIUiSyl7Z5kOUUO%2FHGX2AZgUsukkk%2FVWGqtCvTnMgXMeYStbI%2BQ7hhcvZFxz%2BwCPuDuvWYC%2FnlXHE5ZWdVHsr4laA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
828985c54ba07256-AKL
expires
Sun, 19 Nov 2023 15:35:35 GMT
script.php
help-me.live/ 		0
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://help-me.live/script.php?id=ca7e1937462198dc4b9061bd84758578
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:a0e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 15:35:21 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zA55sLzfH917W99Ohsopb2tXByIBWFuCl%2Bz7Q9RvgGEbByL3OvPEUSegw92WQCe4vsEy4fyg7g9g4fikk8myUQiiqavXctnuiZ0tYUpfHMRc6D3U3%2BOB0SDFx6y%2BFHvItdY98y5hq5SawcY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=utf-8
cache-control
no-cache
cf-ray
828985c5aac7572d-SYD
alt-svc
h3=":443"; ma=86400
jquery.min.js
one.eva1c.com/web/js/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://one.eva1c.com/web/js/jquery.min.js
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
HTTP/1.1
Server
123.176.96.181 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.96.181.layerdns.cloud
Software
Tengine /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/home.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 15:35:21 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Dec 2015 07:02:57 GMT
Server
Tengine
ETag
W/"567e3ba1-176f8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=60
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 19 Nov 2023 15:36:21 GMT
formValidation.min.js
one.eva1c.com/web/js/ 		117 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://one.eva1c.com/web/js/formValidation.min.js
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
HTTP/1.1
Server
123.176.96.181 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.96.181.layerdns.cloud
Software
Tengine /
Resource Hash
d987ca2846b9ff58a1838273642ce898adc63b6dabe67d60f8cfd88ae7d39c06
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/home.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 15:35:21 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Dec 2015 07:02:57 GMT
Server
Tengine
ETag
W/"567e3ba1-1d4ae"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=60
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 19 Nov 2023 15:36:21 GMT
bootstrap.js
one.eva1c.com/web/js/ 		142 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://one.eva1c.com/web/js/bootstrap.js
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
HTTP/1.1
Server
123.176.96.181 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.96.181.layerdns.cloud
Software
Tengine /
Resource Hash
4ea6de9832c8e17c55a323a97dfbfe1532f9a0f9e74f46bfa962c9cb6fc035e8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/home.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 15:35:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Nov 2022 08:05:47 GMT
Server
Tengine
ETag
W/"637c82db-23887"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=60
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 19 Nov 2023 15:36:21 GMT
animate.min.css
one.eva1c.com/web/css/ 		54 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://one.eva1c.com/web/css/animate.min.css
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/web/css/bootstrap.css
Protocol
HTTP/1.1
Server
123.176.96.181 , Hong Kong, ASN133380 (LAYER-AS Layerstack Limited, HK),
Reverse DNS
123.176.96.181.layerdns.cloud
Software
Tengine /
Resource Hash
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/web/css/bootstrap.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sun, 19 Nov 2023 15:35:21 GMT
Content-Encoding
gzip
Last-Modified
Tue, 16 Aug 2022 22:55:28 GMT
Server
Tengine
ETag
W/"62fc2060-d8e2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
X-Frame-Options
SAMEORIGIN
Cache-Control
max-age=60
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Sun, 19 Nov 2023 15:36:21 GMT
logo.png
18.img4u.click/pic/web/logo/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://18.img4u.click/pic/web/logo/logo.png
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:b8e8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
232d8ac2da489a54ad3fba7e578f284dae14f6bdf2c4feda452655ddc1410101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 15:35:22 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
5633
last-modified
Tue, 14 Jun 2022 02:51:41 GMT
server
cloudflare
etag
"62a7f7bd-1601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2Djrdtgw7T23AgtqUOfK31OmMUpc7IUnhUF3kM8ADpQyWniKccny%2FK%2BPUn2OzEF6efJNPzKKsIADCddZUuOLxL6zc4WNvX1WqUlVoLoJ7qwLVFAQoOKvrxCl8jVgAmv%2BxC8IWkooJSjWQZq%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
828985c8bd507256-AKL
expires
Sun, 19 Nov 2023 15:35:35 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 19 Nov 2023 15:16:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1124
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 19 Nov 2023 17:16:38 GMT
collect
www.google-analytics.com/j/ 		16 B
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2122894087&t=pageview&_s=1&dl=http%3A%2F%2Fone.eva1c.com%2Fhome.php&ul=en-us&de=UTF-8&dt=Welcome&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=1900056688&gjid=770720836&cid=1156094945.1700408123&tid=UA-46213395-30&_gid=967289002.1700408123&_r=1&_slc=1&z=1455948578
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f7f82f4d6308fa348ce7ff80f9f82ac780302996443d1fd39aa72a9c850288b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://one.eva1c.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 15:35:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://one.eva1c.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=2122894087&t=pageview&_s=2&dl=http%3A%2F%2Fone.eva1c.com%2Fhome.php&ul=en-us&de=UTF-8&dt=Welcome&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEDAAEABAAAAACAAI~&jid=&gjid=&cid=1156094945.1700408123&tid=UA-46213395-30&_gid=967289002.1700408123&z=1638756130
Requested by
Host: one.eva1c.com
URL: http://one.eva1c.com/home.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::200e Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Nov 2023 23:55:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
56403
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-46213395-30&cid=1156094945.1700408123&jid=1900056688&gjid=770720836&_gid=967289002.1700408123&_u=IEDAAEAAAAAAACAAI~&z=1329413158
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://one.eva1c.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 19 Nov 2023 15:35:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://one.eva1c.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		227 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4VVT7HLSP2&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80a::2008 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b9b3cd1570858739e8aa8862607873056193a790f3bfe94a34829f64164e398b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 19 Nov 2023 15:35:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82719
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 19 Nov 2023 15:35:23 GMT
ga-audiences
www.google.com/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-46213395-30&cid=1156094945.1700408123&jid=1900056688&_u=IEDAAEAAAAAAACAAI~&z=776361369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80b::2004 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 15:35:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-46213395-30&cid=1156094945.1700408123&jid=1900056688&_u=IEDAAEAAAAAAACAAI~&z=776361369
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80a::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 15:35:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-4VVT7HLSP2&_ono=1&gtm=45je3b81v9123163245&_p=1700408123427&_gaz=1&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1156094945.1700408123&_eu=ABAI&_s=1&dl=http%3A%2F%2Fone.eva1c.com%2Fhome.php&dt=Welcome&sid=1700408124&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4539
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4VVT7HLSP2&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 15:35:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://one.eva1c.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
48 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-4VVT7HLSP2&cid=1156094945.1700408123&gtm=45je3b81v9123163245&aip=1&dma=0&gcd=11l1l1l1l2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4VVT7HLSP2&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c01::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 15:35:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://one.eva1c.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-4VVT7HLSP2&cid=1156094945.1700408123&gtm=45je3b81v9123163245&aip=1&dma=0&gcd=11l1l1l1l2&z=701300334
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80a::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
http://one.eva1c.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Nov 2023 15:35:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| GS function| HZ object| Xa object| Ya function| Za function| Be function| ShSh function| Rn function| MA function| cV function| re function| GA function| Ae function| Ac function| rPE function| cp function| Fe function| Ge undefined| a string| x object| adsbyjuicy string| GoogleAnalyticsObject function| ga object| lz_data function| IOSDevice function| $ function| jQuery object| FormValidation number| uidEvent object| bootstrap object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| google_tag_manager

5 Cookies

Domain/Path Name / Value
one.eva1c.com/ Name: PHPSESSID
Value: vv3qsnnjgfrlatt28glj611l25
.eva1c.com/ Name: _ga
Value: GA1.2.1156094945.1700408123
.eva1c.com/ Name: _gid
Value: GA1.2.967289002.1700408123
.eva1c.com/ Name: _gat
Value: 1
.eva1c.com/ Name: _ga_4VVT7HLSP2
Value: GS1.2.1700408124.1.1.1700408124.60.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18.img4u.click
analytics.google.com
help-me.live
one.eva1c.com
poweredby.jads.co
stats.g.doubleclick.net
www.google-analytics.com
www.google.co.nz
www.google.com
www.googletagmanager.com
123.176.96.181
139.99.122.36
2001:4860:4802:36::181
2404:6800:4003:c01::9a
2404:6800:4006:809::200e
2404:6800:4006:80a::2003
2404:6800:4006:80a::2008
2404:6800:4006:80b::2004
2606:4700:3031::ac43:a0e8
2606:4700:3035::ac43:b8e8
0f7f82f4d6308fa348ce7ff80f9f82ac780302996443d1fd39aa72a9c850288b
1fc878969e4e6c3c04950e1d23972596658a39e90455ee49fff442bf136ae181
232d8ac2da489a54ad3fba7e578f284dae14f6bdf2c4feda452655ddc1410101
28b4c5c949bf53b79235cb7623e28d719e7e3b8587b1af376cadf89b7b865ac5
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
4a80819c5ee89f3ea534b99fe485991302abc498d994ba29d5c893ac5d795f79
4ea6de9832c8e17c55a323a97dfbfe1532f9a0f9e74f46bfa962c9cb6fc035e8
541e788d534679e79552c0f83fc96abd910fa3b12f79343a81c46fb79bf0e8be
5b59bd2842201367f2307e9dc03473f77d4f042a15988671f8c5f91d36a71b55
81c3a21c8d70ddec65d8d040bea9862f67e9fe1ef564b1081042ac786a83d14d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b9b3cd1570858739e8aa8862607873056193a790f3bfe94a34829f64164e398b
d987ca2846b9ff58a1838273642ce898adc63b6dabe67d60f8cfd88ae7d39c06
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35148c5dc8ee289d520659c87ba51e0fea9544a8888759a678dccb1af5d0ba8
f96f2d2a5f1860342e8243fbdc27788883cf9829b5a9f60d6a62d2451d237f05
fae1fb264daf2a02174a9411c643d9dbad485ce266d5a50d9b87d44a0ec9cfd7
fc230c5d44279f45084181fa92d6233ef70d0954f4799b1e2cc7b955cd026b2e