thefreestuff.xyz Open in urlscan Pro
51.83.37.23  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response thefreestuff.xyz/games/content/apex-legends-hack/	9 KB 10 KB	182ms 111ms	Document text/html	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash c955277b07034f668086a406322ddf8171ff4a88804080e1cf0825272c0688ec Request headers :method GET :authority thefreestuff.xyz :scheme https :path /games/content/apex-legends-hack/ pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT server Apache last-modified Mon, 09 Aug 2021 14:28:32 GMT accept-ranges bytes content-length 9697 content-type text/html
GET H2	200	js Show response www.googletagmanager.com/gtag/	101 KB 40 KB	21ms 19ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-71893807-22 Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a6fa07c0a76e0d0ad233321808915b091030d60aaead24d0ae9c8fa77c2f1553 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 41042 x-xss-protection 0 expires Mon, 23 Aug 2021 06:03:38 GMT
GET H2	200	_bower.css thefreestuff.xyz/games/content/apex-legends-hack/css/	157 KB 158 KB	57ms 56ms	Stylesheet text/css	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/css/_bower.css Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash eb72719b4263ed4e6c347bb7431bc036b7b00103b0b330c16bfb7b72f242e88e Request headers :path /games/content/apex-legends-hack/css/_bower.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:22 GMT server Apache accept-ranges bytes content-length 160909 content-type text/css
GET H2	200	style.css thefreestuff.xyz/games/content/apex-legends-hack/css/	14 KB 14 KB	57ms 56ms	Stylesheet text/css	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/css/style.css Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash 7af0562d70b091c3aaa78c67dd9e7ea18db8f6759c8843e56249e22520304723 Request headers :path /games/content/apex-legends-hack/css/style.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:20 GMT server Apache accept-ranges bytes content-length 14064 content-type text/css
GET H2	200	18d7cae.js Show response d13nu0oomnx5ti.cloudfront.net/	23 KB 23 KB	385ms 348ms	Script application/javascript	2600:9000:20eb:2a00:3:b5aa:ad80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d13nu0oomnx5ti.cloudfront.net/18d7cae.js Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:2a00:3:b5aa:ad80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d71b75f37cbaa198fcac72013ceb2a2fe5b68c89902dbcf4b52ae28812cb9268 Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sun, 22 Aug 2021 00:06:58 GMT via 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront) last-modified Mon, 03 May 2021 01:43:32 GMT server AmazonS3 age 107825 etag "6863f6e390060c097da580136d1dcaf2" x-cache Error from cloudfront content-type application/javascript x-amz-cf-pop FRA2-C1 content-length 23438 x-amz-cf-id wSpyOAa1kdyBwFVuCOTwFm1e-xSWUOJ2kvuQ0F1-LMBznhFoaTmXVQ==
GET H/1.1	200 OK	uTFnt95DuOrsG5xp Show response www.lockyluke.com/	13 KB 5 KB	366ms 296ms	Script text/html	94.23.162.58 OVH
General Check archive.org Show headers Download Go to Full URL https://www.lockyluke.com/uTFnt95DuOrsG5xp Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 94.23.162.58 Saarbrücken, Germany, ASN16276 (OVH, FR), Reverse DNS ip58.ip-94-23-162.eu Software LiteSpeed / PHP/8.0.7 Resource Hash d26d9ce2a6efffed7aaf31d1f12d98694dc9e698706c73eee2e3830c8d5b1565 Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 23 Aug 2021 06:03:38 GMT content-encoding gzip server LiteSpeed x-powered-by PHP/8.0.7 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * cache-control no-store, no-cache, must-revalidate transfer-encoding chunked backend-id MT1 expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	confirm-icon.png thefreestuff.xyz/games/content/apex-legends-hack/img/	6 KB 6 KB	94ms 91ms	Image image/png	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/img/confirm-icon.png Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash 471c801e6e7ff1a427ca57089c178ac628453a599ea5db442ad0bc90818d6667 Request headers :path /games/content/apex-legends-hack/img/confirm-icon.png pragma no-cache cookie _cpguid=50t80jqqh accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:18 GMT server Apache accept-ranges bytes content-length 6267 content-type image/png
GET H2	200	user.png thefreestuff.xyz/games/content/apex-legends-hack/img/	15 KB 15 KB	94ms 91ms	Image image/png	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/img/user.png Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash ecac24ceca2a02ea1cce0da5aab315dee8da0323eda4b3063c9de1033998f0b9 Request headers :path /games/content/apex-legends-hack/img/user.png pragma no-cache cookie _cpguid=50t80jqqh accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:22 GMT server Apache accept-ranges bytes content-length 15313 content-type image/png
GET H2	200	platform.png thefreestuff.xyz/games/content/apex-legends-hack/img/	3 KB 3 KB	94ms 91ms	Image image/png	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/img/platform.png Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash e8b13d99f828370923953dfb7480fa260968206c42be91f792801db58e5078c2 Request headers :path /games/content/apex-legends-hack/img/platform.png pragma no-cache cookie _cpguid=50t80jqqh accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:20 GMT server Apache accept-ranges bytes content-length 2878 content-type image/png
GET H2	200	gold-icon.png thefreestuff.xyz/games/content/apex-legends-hack/img/	5 KB 5 KB	94ms 91ms	Image image/png	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/img/gold-icon.png Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash 1469f2455f575b156e3e6c08d62ae76a17d52e1912a595dead0b837550f48654 Request headers :path /games/content/apex-legends-hack/img/gold-icon.png pragma no-cache cookie _cpguid=50t80jqqh accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:20 GMT server Apache accept-ranges bytes content-length 5465 content-type image/png
GET H2	200	success_icon_32.png thefreestuff.xyz/games/content/apex-legends-hack/img/	9 KB 9 KB	94ms 91ms	Image image/png	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/img/success_icon_32.png Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash 43d7977e40842a30573239834df28dcd59fd7f8f95ab44a48e9fd5d008e99f54 Request headers :path /games/content/apex-legends-hack/img/success_icon_32.png pragma no-cache cookie _cpguid=50t80jqqh accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:20 GMT server Apache accept-ranges bytes content-length 9352 content-type image/png
GET H2	200	app-icon.png thefreestuff.xyz/games/content/apex-legends-hack/img/	25 KB 25 KB	94ms 92ms	Image image/png	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/img/app-icon.png Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash a2f9fb1965a5500a64dfadd152ea5b6c8d250b1c99a0e73cba041b81a497f0ce Request headers :path /games/content/apex-legends-hack/img/app-icon.png pragma no-cache cookie _cpguid=50t80jqqh accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:18 GMT server Apache accept-ranges bytes content-length 25700 content-type image/png
GET H2	404	chip-icon.png thefreestuff.xyz/games/content/apex-legends-hack/img/	315 B 315 B	95ms 92ms	Image text/html	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/img/chip-icon.png Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers :path /games/content/apex-legends-hack/img/chip-icon.png pragma no-cache cookie _cpguid=50t80jqqh accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	200	server-icon.png thefreestuff.xyz/games/content/apex-legends-hack/img/	22 KB 22 KB	94ms 92ms	Image image/png	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/img/server-icon.png Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash 5710760182a03173bc2d297d4c860f5ecf2eaf3402959bf15a819ea1f9bb4ac9 Request headers :path /games/content/apex-legends-hack/img/server-icon.png pragma no-cache cookie _cpguid=50t80jqqh accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:20 GMT server Apache accept-ranges bytes content-length 22572 content-type image/png
GET H2	200	firewall-icon.png thefreestuff.xyz/games/content/apex-legends-hack/img/	21 KB 21 KB	94ms 92ms	Image image/png	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/img/firewall-icon.png Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash cd15caa5c538acd8396c47778402a973b6b6cd8958bbffeb922d527e350bd436 Request headers :path /games/content/apex-legends-hack/img/firewall-icon.png pragma no-cache cookie _cpguid=50t80jqqh accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:20 GMT server Apache accept-ranges bytes content-length 21633 content-type image/png
GET H2	200	encryption-icon.png thefreestuff.xyz/games/content/apex-legends-hack/img/	29 KB 29 KB	94ms 92ms	Image image/png	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/img/encryption-icon.png Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash 511d1e745fe5b3e85f6d34ed5a0caf2158fe95a831d2d2fcf71efb257131f746 Request headers :path /games/content/apex-legends-hack/img/encryption-icon.png pragma no-cache cookie _cpguid=50t80jqqh accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:20 GMT server Apache accept-ranges bytes content-length 29671 content-type image/png
GET H2	200	_bower.js Show response thefreestuff.xyz/games/content/apex-legends-hack/js/	328 KB 331 KB	42ms 42ms	Script application/javascript	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/js/_bower.js Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash aa7d89419595d06338eb50abc1e739cccd33750a351eb92ea9ffcd441c445a61 Request headers :path /games/content/apex-legends-hack/js/_bower.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:20 GMT server Apache accept-ranges bytes content-length 336175 content-type application/javascript
GET H2	200	scripts.js Show response thefreestuff.xyz/games/content/apex-legends-hack/js/	52 KB 52 KB	45ms 44ms	Script application/javascript	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/js/scripts.js Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash 88f8c9c1789e781d46978a603491412910a3b88887c2c65c5c0ab6e9f56e4086 Request headers :path /games/content/apex-legends-hack/js/scripts.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:20 GMT server Apache accept-ranges bytes content-length 52892 content-type application/javascript
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-71893807-22 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 13 Jul 2021 18:24:06 GMT server Golfe2 age 1624 date Mon, 23 Aug 2021 05:36:34 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19672 expires Mon, 23 Aug 2021 07:36:34 GMT
GET H2	200	html.1450374.61204.0.js Show response dgu9g3a2kzqx2.cloudfront.net/public/external/v2/	8 KB 8 KB	360ms 320ms	Script application/javascript	2600:9000:21f3:ba00:13:652b:c180:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dgu9g3a2kzqx2.cloudfront.net/public/external/v2/html.1450374.61204.0.js Requested by Host: d13nu0oomnx5ti.cloudfront.net URL: https://d13nu0oomnx5ti.cloudfront.net/18d7cae.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:ba00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash dfbaaf6f017a086db165b89f9a3aff3aed6775b1f284abb30292a30b09ea8258 Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:39 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA2-C2 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id uEDpGFyttdulpUNtv11zgFBHhd-rJIr8MtI7VRpcSQ3wM-ERCzO9oA==
GET H2	200	css_front.css dgu9g3a2kzqx2.cloudfront.net/public/external/	6 KB 7 KB	208ms 166ms	Stylesheet text/css	2600:9000:21f3:ba00:13:652b:c180:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dgu9g3a2kzqx2.cloudfront.net/public/external/css_front.css Requested by Host: d13nu0oomnx5ti.cloudfront.net URL: https://d13nu0oomnx5ti.cloudfront.net/18d7cae.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:ba00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA2-C2 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id TJOxoHPKOmEsOY44GxsYgye5ik7wu1oUR5EX928V7dFKA3UtBVIk_g==
GET H2	200	AvenirLTStd-Roman.woff2 thefreestuff.xyz/games/content/apex-legends-hack/fonts/	11 KB 11 KB	67ms 66ms	Font font/woff2	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/fonts/AvenirLTStd-Roman.woff2 Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash b8224962b699dad2dc96117a714ce6ed12876f0029ee41a9dda1bb8348e12749 Request headers sec-fetch-mode cors origin https://thefreestuff.xyz accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie _cpguid=50t80jqqh :path /games/content/apex-legends-hack/fonts/AvenirLTStd-Roman.woff2 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/css/style.css :scheme https sec-fetch-site same-origin :method GET Origin https://thefreestuff.xyz Referer https://thefreestuff.xyz/games/content/apex-legends-hack/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:54 GMT server Apache accept-ranges bytes content-length 11016 content-type font/woff2
GET H2	200	AvenirLTStd-Black.woff2 thefreestuff.xyz/games/content/apex-legends-hack/fonts/	11 KB 11 KB	62ms 60ms	Font font/woff2	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/fonts/AvenirLTStd-Black.woff2 Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash bba198931af781e37457efe075ec2f12143707f840a976ffd703ef30f442ab28 Request headers sec-fetch-mode cors origin https://thefreestuff.xyz accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie _cpguid=50t80jqqh :path /games/content/apex-legends-hack/fonts/AvenirLTStd-Black.woff2 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/css/style.css :scheme https sec-fetch-site same-origin :method GET Origin https://thefreestuff.xyz Referer https://thefreestuff.xyz/games/content/apex-legends-hack/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:30 GMT server Apache accept-ranges bytes content-length 10752 content-type font/woff2
GET H2	200	AvenirLTStd-Light.woff2 thefreestuff.xyz/games/content/apex-legends-hack/fonts/	10 KB 11 KB	62ms 60ms	Font font/woff2	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/fonts/AvenirLTStd-Light.woff2 Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash 37eb4732be3823a3fd64bd86533dff8eb648cc8abffc1c28f32e9008ce3a559c Request headers sec-fetch-mode cors origin https://thefreestuff.xyz accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie _cpguid=50t80jqqh :path /games/content/apex-legends-hack/fonts/AvenirLTStd-Light.woff2 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/css/style.css :scheme https sec-fetch-site same-origin :method GET Origin https://thefreestuff.xyz Referer https://thefreestuff.xyz/games/content/apex-legends-hack/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:40 GMT server Apache accept-ranges bytes content-length 10744 content-type font/woff2
GET H2	200	AvenirLTStd-Medium.woff2 thefreestuff.xyz/games/content/apex-legends-hack/fonts/	11 KB 11 KB	62ms 60ms	Font font/woff2	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/fonts/AvenirLTStd-Medium.woff2 Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash 4a69d8fcc5c373ad1d82bfaf534bda2df20257bd4a26bfb9eb7752a7c4ace7cc Request headers sec-fetch-mode cors origin https://thefreestuff.xyz accept-encoding gzip, deflate, br accept-language en-US sec-fetch-dest font cookie _cpguid=50t80jqqh :path /games/content/apex-legends-hack/fonts/AvenirLTStd-Medium.woff2 pragma no-cache user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept */* cache-control no-cache :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/css/style.css :scheme https sec-fetch-site same-origin :method GET Origin https://thefreestuff.xyz Referer https://thefreestuff.xyz/games/content/apex-legends-hack/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:38 GMT last-modified Wed, 08 Apr 2020 05:36:46 GMT server Apache accept-ranges bytes content-length 10948 content-type font/woff2
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 22 B	13ms 13ms	XHR text/plain	2a00:1450:4001:828::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j92&a=791219507&t=pageview&_s=1&dl=https%3A%2F%2Fthefreestuff.xyz%2Fgames%2Fcontent%2Fapex-legends-hack%2F&ul=en-us&de=UTF-8&dt=Apex%20Legends%20Hack-%20An%20Online%20Coins%20Generator%20Free%20Tool%202021&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=625652552&gjid=1775777479&cid=405624368.1629698619&tid=UA-71893807-22&_gid=782710875.1629698619&_r=1&gtm=2ou8i0&z=1733872350 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 23 Aug 2021 06:03:38 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://thefreestuff.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 86 B	14ms 14ms	XHR text/plain	2a00:1450:400c:c08::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-71893807-22&cid=405624368.1629698619&jid=625652552&gjid=1775777479&_gid=782710875.1629698619&_u=YEBAAUAAAAAAAC~&z=92499090 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 23 Aug 2021 06:03:38 GMT content-type text/plain access-control-allow-origin https://thefreestuff.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	404	background.jpg thefreestuff.xyz/games/content/apex-legends-hack/img/	315 B 315 B	70ms 70ms	Image text/html	51.83.37.23 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://thefreestuff.xyz/games/content/apex-legends-hack/img/background.jpg Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 51.83.37.23 , France, ASN16276 (OVH, FR), Reverse DNS green.obambu.com Software Apache / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers :path /games/content/apex-legends-hack/img/background.jpg pragma no-cache cookie _cpguid=50t80jqqh; _ga=GA1.2.405624368.1629698619; _gid=GA1.2.782710875.1629698619; _gat_gtag_UA_71893807_22=1 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority thefreestuff.xyz referer https://thefreestuff.xyz/games/content/apex-legends-hack/ :scheme https sec-fetch-site same-origin :method GET Referer https://thefreestuff.xyz/games/content/apex-legends-hack/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:39 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
POST H/1.1	200 OK	creditcheck.php Show response www.lockyluke.com/	32 B 302 B	121ms 66ms	XHR text/html	94.23.162.58 OVH
General Check archive.org Show headers Download Go to Full URL https://www.lockyluke.com/creditcheck.php Requested by Host: www.lockyluke.com URL: https://www.lockyluke.com/uTFnt95DuOrsG5xp Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 94.23.162.58 Saarbrücken, Germany, ASN16276 (OVH, FR), Reverse DNS ip58.ip-94-23-162.eu Software LiteSpeed / PHP/8.0.7 Resource Hash f5a9970ba2bddd28a1aa3ebbe7a4bd53063d2abf5cb56f6f92b2e8306a8a03e2 Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Mon, 23 Aug 2021 06:03:39 GMT content-encoding gzip server LiteSpeed x-powered-by PHP/8.0.7 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * backend-id MT1 content-length 46
GET H2	200	css fonts.googleapis.com/	12 KB 982 B	15ms 14ms	Stylesheet text/css	2a00:1450:4001:829::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,700,700italic Requested by Host: thefreestuff.xyz URL: https://thefreestuff.xyz/games/content/apex-legends-hack/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash b574fadbf94a5b46b5d549f55fc03be934d1cb04903de36d73466244b42d8ebd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 23 Aug 2021 06:03:39 GMT server ESF date Mon, 23 Aug 2021 06:03:39 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 23 Aug 2021 06:03:39 GMT
POST H/1.1	200 OK	imprcount.php Show response www.lockyluke.com/	1 B 277 B	251ms 188ms	XHR text/html	94.23.162.58 OVH
General Check archive.org Show headers Download Go to Full URL https://www.lockyluke.com/imprcount.php Requested by Host: www.lockyluke.com URL: https://www.lockyluke.com/uTFnt95DuOrsG5xp Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 94.23.162.58 Saarbrücken, Germany, ASN16276 (OVH, FR), Reverse DNS ip58.ip-94-23-162.eu Software LiteSpeed / PHP/8.0.7 Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Mon, 23 Aug 2021 06:03:39 GMT content-encoding gzip server LiteSpeed x-powered-by PHP/8.0.7 vary Accept-Encoding content-type text/html; charset=UTF-8 access-control-allow-origin * backend-id MT1 content-length 21
GET H2	200	css.css dgu9g3a2kzqx2.cloudfront.net/public/clockers/Blank/	700 B 1 KB	165ms 164ms	Stylesheet text/css	2600:9000:21f3:ba00:13:652b:c180:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dgu9g3a2kzqx2.cloudfront.net/public/clockers/Blank/css.css Requested by Host: d13nu0oomnx5ti.cloudfront.net URL: https://d13nu0oomnx5ti.cloudfront.net/18d7cae.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:ba00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash 0b1e91559bf23d2dce422563b7f51f45fd5ce9e09ed759d384a5077474c3962d Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:39 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA2-C2 etag "2bc-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 700 x-amz-cf-id r7xZMo4BZsqG-dbGJam8hr9GQMmLcbioIXnUlfFQij8LD18wyrDZLw==
GET H2	200	guid Show response dgu9g3a2kzqx2.cloudfront.net/public/	0 285 B	313ms 313ms	Script text/html	2600:9000:21f3:ba00:13:652b:c180:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dgu9g3a2kzqx2.cloudfront.net/public/guid?cpguid=50t80jqqh&e=ll&t=1629698619872 Requested by Host: d13nu0oomnx5ti.cloudfront.net URL: https://d13nu0oomnx5ti.cloudfront.net/18d7cae.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:ba00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:40 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA2-C2 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id czWk9h0NLkr54-td66EG7g2WOS22LOCS_LF-VRfmdUjKE4qeuqKaAg==
GET H2	200	check.php Show response dgu9g3a2kzqx2.cloudfront.net/public/external/	78 B 371 B	168ms 168ms	Script application/javascript	2600:9000:21f3:ba00:13:652b:c180:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dgu9g3a2kzqx2.cloudfront.net/public/external/check.php?it=1450374&time=1629698621240 Requested by Host: d13nu0oomnx5ti.cloudfront.net URL: https://d13nu0oomnx5ti.cloudfront.net/18d7cae.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21f3:ba00:13:652b:c180:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers Referer https://thefreestuff.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 23 Aug 2021 06:03:41 GMT via 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA2-C2 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id kkxgf4gKgQqfnTk5jfB12l0K_cMI7zTfNTWCapnIGVRlirCDBFIWlg==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| loadLocker function| imprCountC function| __adl__callHook_uTFnt95DuOrsG5xp function| __adl__onload_c_uTFnt95DuOrsG5xp object| gaplugins object| gaGlobal object| gaData function| $ function| jQuery object| ko function| ES6Promise function| Chance object| chance function| Sweetalert2 function| swal function| sweetAlert object| _0x6dc7 function| _0x56d5 function| loadIframe function| isNumberKey object| viewModel function| KeyCheck undefined| onlongtouch undefined| timer undefined| lockTimer undefined| touchduration function| touchstart function| touchend function| _0x6dece9 boolean| desktopsuccess boolean| mobilesuccess string| lockerurl object| resourcesNum object| $clocker object| offerList object| oid_array number| listID string| adlAPIurl number| check

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.thefreestuff.xyz/	1970-01-19 20:41:38	Name: _gat_gtag_UA_71893807_22 Value: 1
			.thefreestuff.xyz/	1970-01-19 20:43:05	Name: _gid Value: GA1.2.782710875.1629698619
			.thefreestuff.xyz/	1970-01-20 14:12:50	Name: _ga Value: GA1.2.405624368.1629698619
			thefreestuff.xyz/	1970-01-19 20:56:02	Name: _cpguid Value: 50t80jqqh

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d13nu0oomnx5ti.cloudfront.net
dgu9g3a2kzqx2.cloudfront.net
fonts.googleapis.com
stats.g.doubleclick.net
thefreestuff.xyz
www.google-analytics.com
www.googletagmanager.com
www.lockyluke.com
2600:9000:20eb:2a00:3:b5aa:ad80:21
2600:9000:21f3:ba00:13:652b:c180:21
2a00:1450:4001:813::200e
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::200a
2a00:1450:400c:c08::9a
51.83.37.23
94.23.162.58
0b1e91559bf23d2dce422563b7f51f45fd5ce9e09ed759d384a5077474c3962d
1469f2455f575b156e3e6c08d62ae76a17d52e1912a595dead0b837550f48654
37eb4732be3823a3fd64bd86533dff8eb648cc8abffc1c28f32e9008ce3a559c
43d7977e40842a30573239834df28dcd59fd7f8f95ab44a48e9fd5d008e99f54
471c801e6e7ff1a427ca57089c178ac628453a599ea5db442ad0bc90818d6667
4a69d8fcc5c373ad1d82bfaf534bda2df20257bd4a26bfb9eb7752a7c4ace7cc
511d1e745fe5b3e85f6d34ed5a0caf2158fe95a831d2d2fcf71efb257131f746
5710760182a03173bc2d297d4c860f5ecf2eaf3402959bf15a819ea1f9bb4ac9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7af0562d70b091c3aaa78c67dd9e7ea18db8f6759c8843e56249e22520304723
88f8c9c1789e781d46978a603491412910a3b88887c2c65c5c0ab6e9f56e4086
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a2f9fb1965a5500a64dfadd152ea5b6c8d250b1c99a0e73cba041b81a497f0ce
a6fa07c0a76e0d0ad233321808915b091030d60aaead24d0ae9c8fa77c2f1553
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
aa7d89419595d06338eb50abc1e739cccd33750a351eb92ea9ffcd441c445a61
b574fadbf94a5b46b5d549f55fc03be934d1cb04903de36d73466244b42d8ebd
b8224962b699dad2dc96117a714ce6ed12876f0029ee41a9dda1bb8348e12749
bba198931af781e37457efe075ec2f12143707f840a976ffd703ef30f442ab28
c955277b07034f668086a406322ddf8171ff4a88804080e1cf0825272c0688ec
cd15caa5c538acd8396c47778402a973b6b6cd8958bbffeb922d527e350bd436
d26d9ce2a6efffed7aaf31d1f12d98694dc9e698706c73eee2e3830c8d5b1565
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d71b75f37cbaa198fcac72013ceb2a2fe5b68c89902dbcf4b52ae28812cb9268
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfbaaf6f017a086db165b89f9a3aff3aed6775b1f284abb30292a30b09ea8258
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8b13d99f828370923953dfb7480fa260968206c42be91f792801db58e5078c2
eb72719b4263ed4e6c347bb7431bc036b7b00103b0b330c16bfb7b72f242e88e
ecac24ceca2a02ea1cce0da5aab315dee8da0323eda4b3063c9de1033998f0b9
f5a9970ba2bddd28a1aa3ebbe7a4bd53063d2abf5cb56f6f92b2e8306a8a03e2