urlscan.io logo urlscan.io
SecurityTrails logo

freegamelooter.com Open in urlscan Pro
104.21.14.191  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/
Submission: On September 18 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 13 HTTP transactions. The main IP is 104.21.14.191, located in and belongs to CLOUDFLARENET, US. The main domain is freegamelooter.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 5th 2021. Valid for: a year.
This is the only time freegamelooter.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 5 104.21.14.191 13335 (CLOUDFLAR...)
1 13.224.194.163 16509 (AMAZON-02)
5 13.225.84.33 16509 (AMAZON-02)
3 104.16.203.237 13335 (CLOUDFLAR...)
13 4
Domain Requested by
5 dgu9g3a2kzqx2.cloudfront.net d13nu0oomnx5ti.cloudfront.net
5 freegamelooter.com 1 redirects freegamelooter.com
2 www.mediafire.com freegamelooter.com
1 static.mediafire.com freegamelooter.com
1 d13nu0oomnx5ti.cloudfront.net freegamelooter.com
13 5

This site contains links to these domains. Also see Links.

Domain
www.mediafire.com
store.winzip.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-02-05 -
2022-02-04		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.mediafire.com
Sectigo RSA Domain Validation Secure Server CA		 2019-10-11 -
2021-11-07		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/
Frame ID: B07BAC0139A7C9D4171619D4AD517402
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

POKEMON.UNITE_0.3.0-APK_AWARD_LEAKED.APK

Page URL History Show full URLs

  1. https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK HTTP 301
    https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/ Page URL

Page Statistics

13
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

80 kB
Transfer

200 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK HTTP 301
    https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/
Redirect Chain
  • https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK
  • https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/
10 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.14.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e82f6002a5fbbf8b7d7b136df7cd9c67b0072794133ea9e8e0a9432047197d4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
freegamelooter.com
:scheme
https
:path
/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 18 Sep 2021 23:27:39 GMT
content-type
text/html
last-modified
Sat, 18 Sep 2021 18:20:35 GMT
vary
Accept-Encoding
content-security-policy
upgrade-insecure-requests
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAGWznQetslFy%2B3e8eHyS8nYvfi0tS%2BfBuYd5FCV4IkEtSsCEQ3vv5%2Flh46zR3O577%2FgkfZrNPC3ZHLqS%2FPRSYiK%2FBVFQX7ubo5r%2FQLcHejO6mEsayPNthYXBeo0uaeLEwJEgyU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
690e589f686cee2b-CDG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Sat, 18 Sep 2021 23:27:39 GMT
content-type
text/html
location
https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/
content-security-policy
upgrade-insecure-requests
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-turbo-charged-by
LiteSpeed
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3pFdoqfm7uaw9qBNYwCi5U2F6xI8Ep7XIOG1%2BZolA5%2BXYM4wI48VOyldkb7s8ed5%2FMOrnf556w9MJBKfCTl3KFsry%2FvwAZdfUnBcmx9d6iGo3LQ2vw%2FC5K7yWNsJWmMletjTlU%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
690e589d0f69ee2b-CDG
main.css
freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/ 		106 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/main.css
Requested by
Host: freegamelooter.com
URL: https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.14.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7efe5cb71ae1f0ddfdb571ff732ede34b5645e67a5433f8f923f40fd834d1f7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:path
/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/main.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
freegamelooter.com
referer
https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 23:27:39 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 18 Sep 2021 14:57:00 GMT
server
cloudflare
etag
W/"1a7e4-6145fe3c-a47a32ffbb3a95d7;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JFxet9bCC9Cnb%2BLP1sw7qcPyvtPuydwxHFn01gAy9G57%2Bl538gGGtGFYvkpqjd3piIaPMoxXoaJ%2FbmuWmKXwFTWn7Y9JYGaDcX6Y3QLhg4kz%2FyepogbAT7HBL1W89O2nGd6dADI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
content-security-policy
upgrade-insecure-requests
cf-ray
690e58a05e773a8d-CDG
expires
Sat, 25 Sep 2021 23:27:39 GMT
aef1399.js
d13nu0oomnx5ti.cloudfront.net/ 		23 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d13nu0oomnx5ti.cloudfront.net/aef1399.js
Requested by
Host: freegamelooter.com
URL: https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.194.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-194-163.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d71b75f37cbaa198fcac72013ceb2a2fe5b68c89902dbcf4b52ae28812cb9268

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freegamelooter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 20:17:35 GMT
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
last-modified
Mon, 03 May 2021 01:43:32 GMT
server
AmazonS3
age
34177
etag
"6863f6e390060c097da580136d1dcaf2"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA2-C1
content-length
23438
x-amz-cf-id
eZBgB6iIVmb64aFrlRoYitvGcF98rhtlo6tKFwG0C3lWjrbVSEu5SA==
html.1819637.23737.0.js
dgu9g3a2kzqx2.cloudfront.net/public/external/v2/ 		12 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/v2/html.1819637.23737.0.js
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/aef1399.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-33.fra2.r.cloudfront.net
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
64697dcc3347c440621724fb623aef18d58c2248e8a70599f6f665e640db21e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freegamelooter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 23:27:40 GMT
via
1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA2-C2
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
vfOMeil5DQpHXWH1ofuRFJmMS99KyiKk996p37aaqD6K_I_2EiTWEA==
css_front.css
dgu9g3a2kzqx2.cloudfront.net/public/external/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/css_front.css
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/aef1399.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-33.fra2.r.cloudfront.net
Software
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freegamelooter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 23:27:40 GMT
via
1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jun 2020 20:06:47 GMT
server
Apache/2.4.48 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA2-C2
etag
"19c4-5a8c5e62e9d0a"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
6596
x-amz-cf-id
49TatjRqy7s2j2-SogYv4MGgS1Sq1tNekJs9hFfT0CaWPTgC2imcnA==
mf_logo_full_color.svg
static.mediafire.com/images/backgrounds/header/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
Requested by
Host: freegamelooter.com
URL: https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freegamelooter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 23:27:40 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 28 Oct 2016 22:22:42 GMT
server
cloudflare
age
4785
etag
W/"5813cfb2-d1d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/svg+xml
access-control-allow-origin
*
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
cf-ray
690e58a37c8a2187-DUS
file-zip-v3.png
freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/file-zip-v3.png
Requested by
Host: freegamelooter.com
URL: https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.14.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:path
/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/file-zip-v3.png
pragma
no-cache
cookie
_cpguid=tfyaik3ez
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
freegamelooter.com
referer
https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 23:27:40 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1872
last-modified
Sat, 18 Sep 2021 14:57:00 GMT
server
cloudflare
etag
"750-6145fe3c-fe27f3c94be1cfca;;;"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FbUsu5jEfx1YGar92sUVtNToMZmqh1kWgZqJ1w8do7zF3hkXY2VPG3mG1qm1lxpR%2F5RNxsHHXCY4WLk7NeK0BDi1%2Bl47a5xLzyPnygniu82z2Yh8w97a6pYUhJsurt39DWJWUCc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
cf-ray
690e58a338b33a8d-CDG
expires
Sat, 25 Sep 2021 23:27:40 GMT
icons_sprite.svg
www.mediafire.com/images/icons/svg_light/ 		36 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mediafire.com/images/icons/svg_light/icons_sprite.svg
Requested by
Host: freegamelooter.com
URL: https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ba1bc2084def769e77a7dbf97cd91d68fe6c6d55b5d183a7d36630da8da2b02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freegamelooter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 23:27:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 02 Sep 2021 16:41:59 GMT
server
cloudflare
etag
W/"6130fed7-90ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cf-ray
690e58a3798ec4b8-DUS
arrow_dropdown.svg
www.mediafire.com/images/icons/svg_dark/ 		315 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mediafire.com/images/icons/svg_dark/arrow_dropdown.svg
Requested by
Host: freegamelooter.com
URL: https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.203.237 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82b94716473aa225e715e117802145c5d2d725aa1ba9d476d61a5d3da16a8c26

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freegamelooter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 23:27:40 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Tue, 18 Dec 2018 18:09:53 GMT
server
cloudflare
etag
W/"5c1937f1-13b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"report_to": "mediafirenel", "max_age": 86400, "include_subdomains": true, "failure_fraction": 0.01}
report-to
{"group": "mediafirenel", "max_age": 86400, "include_subdomains": true, "endpoints": [{"url": "https://browser-reports.mediafire.dev/network-error"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cf-ray
690e58a37990c4b8-DUS
check_circle_green.svg
freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/ 		444 B
938 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/check_circle_green.svg
Requested by
Host: freegamelooter.com
URL: https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/main.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.14.191 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03c8d2dc7d985c3004ff2cd6d8148dd03560f37ed15efdf6c2d7f4d771d0e599
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:path
/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/check_circle_green.svg
pragma
no-cache
cookie
_cpguid=tfyaik3ez
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
freegamelooter.com
referer
https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/main.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://freegamelooter.com/Pokemon_Unite_Mobile_Android_DOWNLOAD_(LEAKED_Version)_APK/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 23:27:40 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 18 Sep 2021 14:57:00 GMT
server
cloudflare
etag
W/"1bc-6145fe3c-67373618b662623b;gz"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJuWPxIWzPS8amWHXucp%2FttizrVzeKzbQWMjw6Wra42F6Uu5GQO%2FBz8mr9SLbEPmfsVDOSjAcEmxW7Kj2g8xlcZO1ntJ%2Bd0bT2c5hFIgPUWL%2FCqYW7E5lAF8DVLK5fuAAhmRRVw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
content-security-policy
upgrade-insecure-requests
cf-ray
690e58a338b43a8d-CDG
expires
Sat, 25 Sep 2021 23:27:40 GMT
css.css
dgu9g3a2kzqx2.cloudfront.net/public/clockers/PrimeApps/ 		1010 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/clockers/PrimeApps/css.css
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/aef1399.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-33.fra2.r.cloudfront.net
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freegamelooter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 23:27:40 GMT
via
1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
last-modified
Fri, 10 Apr 2020 22:29:00 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA2-C2
etag
"3f2-5a2f7428ae907"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1010
x-amz-cf-id
XlKezoXKJj3Izi9vTu9CGPBN8lxqMyTN0R4oVp9qvkEjRfcPUmrpeQ==
guid
dgu9g3a2kzqx2.cloudfront.net/public/ 		0
284 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/guid?cpguid=tfyaik3ez&e=ll&t=1632007661021
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/aef1399.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-33.fra2.r.cloudfront.net
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freegamelooter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 23:27:41 GMT
via
1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA2-C2
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-length
0
x-amz-cf-id
37IkK06q77iyMdLaTZ5hOLqe1f4f7HF6jPLyis0sFxpSRqLVLCsEeA==
check.php
dgu9g3a2kzqx2.cloudfront.net/public/external/ 		78 B
370 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dgu9g3a2kzqx2.cloudfront.net/public/external/check.php?it=1819637&time=1632007662403
Requested by
Host: d13nu0oomnx5ti.cloudfront.net
URL: https://d13nu0oomnx5ti.cloudfront.net/aef1399.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-33.fra2.r.cloudfront.net
Software
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freegamelooter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 18 Sep 2021 23:27:42 GMT
via
1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
server
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
FRA2-C2
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
78
x-amz-cf-id
HJ_1oD8_FVuoDtpTp_dhupMRpGbLEKaXX8dOxqiLVurWKyYHPcOxag==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker object| compatSelect object| compat object| nonCompat number| clicks function| myfunction

2 Cookies

Domain/Path Name / Value
freegamelooter.com/ Name: _cpguid
Value: tfyaik3ez
.mediafire.com/ Name: __cf_bm
Value: TD.wLtbNuWgccAfwGRLnvvb7TZ4msUBp..uwTWC9GBQ-1632007660-0-AbmMXVfsx+HDhpyBaJsyJPUPCEjPUtkliIsb5BFM26Jl92YQ8MX68OLqeFJyFJ4Zo1XJF/NNAOnFhrnK0FJTG2Y=

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests