Report - gafreefire.w3spaces.com/

Report Overview

Visited public
2024-09-14 01:29:21
Tags
URL
gafreefire.w3spaces.com/
Finishing URL
gafreefire.w3spaces.com/
IP / ASN
54.240.174.86
#16509 AMAZON-02
Title
404 - Not found | W3 Spaces

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.w3schools.com	17487	2000-03-21	2014-02-05 21:15:46	2024-09-13 17:38:30	434 B	622 B	0.0.0.0
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-09-13 18:12:03	1.3 kB	3.5 kB	23.36.77.32
gafreefire.w3spaces.com	unknown	2020-12-21	2022-06-19 01:23:06	2023-07-19 08:53:17	478 B	14 kB	54.240.174.20
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-09-13 18:19:19	1.6 kB	3.5 kB	142.250.74.131
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-09-14 00:54:02	1.6 kB	47 kB	142.250.74.3
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-09-14 00:50:48	463 B	3.4 kB	142.250.74.106
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-09-13 18:12:22	981 B	2.7 kB	23.36.77.32

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-09-13	medium	gafreefire.w3spaces.com/	Garena

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	gafreefire.w3spaces.com/	ScriptElement	190 B	2023-03-08	2025-04-27
Pretty URL gafreefire.w3spaces.com/ IP 54.240.174.20 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 07:15 Last Seen2025-04-27 10:24 Times Seen300 Hash 25a4fd7f025de5449a867ad8818f0b0c 807c2e66a2210abcf1bc5ccb44b843859e3bc752 168949afc1c8210b405c570490439bb6404368e5a701646478b461dcd94f8c4b Loading...

HTTP Transactions (18)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
8ddc0c958da73dfad4d42a6ae9a6dff6
6ed3ed6b818e91ac249cbfbb1fb14c96f19117c3
4320d78c549884fe858d0985285c94e70ac95e66ac557e8043514247c23feb0c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "4320D78C549884FE858D0985285C94E70AC95E66AC557E8043514247C23FEB0C"
Last-Modified: Fri, 13 Sep 2024 09:19:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18797
Expires: Sat, 14 Sep 2024 06:42:12 GMT
Date: Sat, 14 Sep 2024 01:28:55 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
6f417a1a5ebcee1534c03d401bc1e686
8044ec315b73dfc62fbba88aa848b26e6b9d0572
797b7242665c53d103116e758891ec7b61c10602e290a9f1bb0f190148860c7b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "797B7242665C53D103116E758891EC7B61C10602E290A9F1BB0F190148860C7B"
Last-Modified: Thu, 12 Sep 2024 12:20:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8125
Expires: Sat, 14 Sep 2024 03:44:20 GMT
Date: Sat, 14 Sep 2024 01:28:55 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
bc8db5dd6e1f6265c6f1233759c2b928
590e7f3a557d4739a724fed744a6521a4d50a2e8
0d4263632d9c683a030ee57aa35c7d06c71185e1cc00082e83881f55b20d2c9b

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "0D4263632D9C683A030EE57AA35C7D06C71185E1CC00082E83881F55B20D2C9B"
Last-Modified: Thu, 12 Sep 2024 14:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5130
Expires: Sat, 14 Sep 2024 02:54:26 GMT
Date: Sat, 14 Sep 2024 01:28:56 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
a90d1d70418e0bf8b2428c9e237794b4
25bd2901ccbc6b81d53336610cfa738314a657ba
e8f8bc42bf2e718fd4f5b54da5fef6e8f6cfc6c2b084818e558f63102c5f9a1e

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E8F8BC42BF2E718FD4F5B54DA5FEF6E8F6CFC6C2B084818E558F63102C5F9A1E"
Last-Modified: Thu, 12 Sep 2024 14:33:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3091
Expires: Sat, 14 Sep 2024 02:20:27 GMT
Date: Sat, 14 Sep 2024 01:28:56 GMT
Connection: keep-alive

gafreefire.w3spaces.com/

54.240.174.20

200 OK

13 kB

URL User Request GET HTTP/2
gafreefire.w3spaces.com/
IP
54.240.174.20:443
ASN
#16509 AMAZON-02

Certificate
IssuerAmazon
Subject*.w3spaces.com
FingerprintA9:98:F6:18:27:BE:04:5F:C4:F5:26:72:D6:C7:9D:AC:19:B1:0C:C0
ValidityFri, 10 May 2024 00:00:00 GMT - Sun, 08 Jun 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (1835)
Size
13 kB (12984 bytes)
Hash
577e7a60c9d61bb8273e7f376521983a
bc35181c3dba1e4f532117c931239e7dd95750a6
e8431284e03adf4088865c83fef75b9ea63d27fe695d18b6b84b258cd8d6c4e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Garena

HTTP Headers

GET / HTTP/1.1
Host: gafreefire.w3spaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 12984
x-amz-id-2: bqdCqJA8qKnc4gUqSkSw6zSODAjjys8S3m0PsFpKzmycKzPvLoPSwYUU59ZvkhfNDulMB/vniAk=
x-amz-request-id: RXBBDGW07FMYJXHR
date: Sat, 14 Sep 2024 01:28:58 GMT
last-modified: Mon, 20 Dec 2021 10:29:18 GMT
etag: "577e7a60c9d61bb8273e7f376521983a"
accept-ranges: bytes
server: AmazonS3
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HIszoCcVi26Usf8ukXHVEbUC_WVsgq86hxdz7-kSQgFP9295uXM_5A==
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
848b5613282a5db0192b8598bc70578b
dcc3a332827e1f0c902770051e36bcd1afc67ae3
211d5b4509af876058debf19795fdc7588cf349a9fc81f28ab9ec4bb833b0e60

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Sep 2024 01:28:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
848b5613282a5db0192b8598bc70578b
dcc3a332827e1f0c902770051e36bcd1afc67ae3
211d5b4509af876058debf19795fdc7588cf349a9fc81f28ab9ec4bb833b0e60

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Sep 2024 01:28:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7f711cb0ff9d05fd8e1aa8f8081fd717
ea19a419db486cb779861f7a6dbc889c907b3bf8
83ca3fbcaf1de9ab56ccbb4792992c617ae07656703c0569252acd99cce4103b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Sep 2024 01:28:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

142.250.74.3

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://gafreefire.w3spaces.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA8:8E:91:B3:04:E9:C9:F3:CD:3D:27:83:B0:53:22:C0:21:23:9A:92
ValidityMon, 12 Aug 2024 07:17:58 GMT - Mon, 04 Nov 2024 07:17:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14892, version 1.0
Size
15 kB (14892 bytes)
Hash
9ec6deaf6bada919e20b98f9f7b718b1
501d36403ad8205e4644532600019ecb10f5cb0a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

HTTP Headers

GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gafreefire.w3spaces.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Sep 2024 15:06:04 GMT
expires: Fri, 12 Sep 2025 15:06:04 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
age: 123773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7f711cb0ff9d05fd8e1aa8f8081fd717
ea19a419db486cb779861f7a6dbc889c907b3bf8
83ca3fbcaf1de9ab56ccbb4792992c617ae07656703c0569252acd99cce4103b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Sep 2024 01:28:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

142.250.74.3

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://gafreefire.w3spaces.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA8:8E:91:B3:04:E9:C9:F3:CD:3D:27:83:B0:53:22:C0:21:23:9A:92
ValidityMon, 12 Aug 2024 07:17:58 GMT - Mon, 04 Nov 2024 07:17:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14824, version 1.0
Size
15 kB (14824 bytes)
Hash
48598bad30f08e1c3eb3d0e69b420bd5
28c2cf160273c2062f909a875c4b4c0541ee2f84
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gafreefire.w3spaces.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Sep 2024 04:39:59 GMT
expires: Fri, 12 Sep 2025 04:39:59 GMT
cache-control: public, max-age=31536000
age: 161338
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,600,700

142.250.74.106

200 OK

2.8 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro:300,400,500,600,700
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://gafreefire.w3spaces.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint9F:01:79:20:AD:58:33:6E:BF:F2:BF:DA:69:ED:BD:8D:19:F9:2D:D9
ValidityMon, 12 Aug 2024 07:18:03 GMT - Mon, 04 Nov 2024 07:18:02 GMT

File type
data
Size
2.8 kB (2806 bytes)
Hash
8a5142491ed651dbef57d2b946d8e9c0
5d89755ec028e78a8592317b3d55a5e954c73b99
43d16cb3d9e44c8f9e0e726da764fb117177f2a6c0e21c1c28bde65d364ad2d2

HTTP Headers

GET /css?family=Source+Sans+Pro:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gafreefire.w3spaces.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 14 Sep 2024 01:28:57 GMT
date: Sat, 14 Sep 2024 01:28:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

142.250.74.3

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://gafreefire.w3spaces.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
FingerprintA8:8E:91:B3:04:E9:C9:F3:CD:3D:27:83:B0:53:22:C0:21:23:9A:92
ValidityMon, 12 Aug 2024 07:17:58 GMT - Mon, 04 Nov 2024 07:17:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14712, version 1.0
Size
15 kB (14712 bytes)
Hash
3afeae0d768769f5e5f30ac9805c5b70
3ada17c2b462db3e7a1fd85c3f4670dfe7704f4d
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://gafreefire.w3spaces.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 12 Sep 2024 15:19:45 GMT
expires: Fri, 12 Sep 2025 15:19:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
age: 122952
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

472 B

URL
o.pki.goog/wr2
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7f711cb0ff9d05fd8e1aa8f8081fd717
ea19a419db486cb779861f7a6dbc889c907b3bf8
83ca3fbcaf1de9ab56ccbb4792992c617ae07656703c0569252acd99cce4103b

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 14 Sep 2024 01:28:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
168d290815a20e464291c1d0c5277d95
4ae4ab90f60788a17dff631a381fc920823e458e
e319cc1080efb5754f0ec12e0be18d9248eb697a82d65b2775239e3ddfb36a6c

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E319CC1080EFB5754F0EC12E0BE18D9248EB697A82D65B2775239E3DDFB36A6C"
Last-Modified: Thu, 12 Sep 2024 14:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4796
Expires: Sat, 14 Sep 2024 02:48:54 GMT
Date: Sat, 14 Sep 2024 01:28:58 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
168d290815a20e464291c1d0c5277d95
4ae4ab90f60788a17dff631a381fc920823e458e
e319cc1080efb5754f0ec12e0be18d9248eb697a82d65b2775239e3ddfb36a6c

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E319CC1080EFB5754F0EC12E0BE18D9248EB697A82D65B2775239E3DDFB36A6C"
Last-Modified: Thu, 12 Sep 2024 14:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4796
Expires: Sat, 14 Sep 2024 02:48:54 GMT
Date: Sat, 14 Sep 2024 01:28:58 GMT
Connection: keep-alive

r11.o.lencr.org/

23.36.77.32

504 B

URL
r11.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
168d290815a20e464291c1d0c5277d95
4ae4ab90f60788a17dff631a381fc920823e458e
e319cc1080efb5754f0ec12e0be18d9248eb697a82d65b2775239e3ddfb36a6c

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "E319CC1080EFB5754F0EC12E0BE18D9248EB697A82D65B2775239E3DDFB36A6C"
Last-Modified: Thu, 12 Sep 2024 14:34:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4796
Expires: Sat, 14 Sep 2024 02:48:54 GMT
Date: Sat, 14 Sep 2024 01:28:58 GMT
Connection: keep-alive

www.w3schools.com/favicon.ico

0.0.0.0

0 B

URL GET
www.w3schools.com/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://gafreefire.w3spaces.com/
Certificate
IssuerDigiCert Inc
Subject*.w3schools.com
Fingerprint20:AF:FF:E1:FC:DB:58:C8:05:B7:D2:97:1F:8F:A1:C6:AD:ED:59:3A
ValidityWed, 03 Apr 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gafreefire.w3spaces.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 652823
cache-control: public,max-age=31536000,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
content-type: image/x-icon
date: Sat, 14 Sep 2024 01:28:57 GMT
etag: "0bf5ad8490db1:0+gzip"
last-modified: Fri, 06 Sep 2024 10:45:10 GMT
server: ECS (ska/F6FC)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
x-powered-by: ASP.NET
content-length: 2030
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (18)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2