mediafireviralygy.duckdns.org Open in urlscan Pro
40.83.118.169  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mediafireviralygy.duckdns.org/	9 KB 3 KB	341ms 50ms	Document text/html	40.83.118.169 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 40.83.118.169 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash 8bc08c12d076f8195d02ad7e2b8b30c8801ee5f54f62c266d62f3ba2de849861 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 3250 content-type text/html; charset=UTF-8 date Sat, 09 Apr 2022 16:06:49 GMT server LiteSpeed vary Accept-Encoding
GET H2	410	debug.js jefanya.com/js/	0 0	1801ms 242ms	Script application/javascript	3.64.163.50 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://jefanya.com/js/debug.js Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.64.163.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-163-50.eu-central-1.compute.amazonaws.com Software openresty / Resource Hash Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:50 GMT server openresty content-type application/javascript
GET H2	200	style.css mediafireviralygy.duckdns.org/css/	4 KB 1 KB	49ms 49ms	Stylesheet text/css	40.83.118.169 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mediafireviralygy.duckdns.org/css/style.css Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 40.83.118.169 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash 74b8457bf6fc94155d74fcf2c8fab6809e5a3bf251c2ab007f334cfc96aa9cb9 Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:49 GMT content-encoding br last-modified Sun, 14 Mar 2021 20:24:38 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 1119 expires Sat, 16 Apr 2022 16:06:49 GMT
GET H2	200	facebook.css mediafireviralygy.duckdns.org/css/	4 KB 883 B	49ms 49ms	Stylesheet text/css	40.83.118.169 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mediafireviralygy.duckdns.org/css/facebook.css Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 40.83.118.169 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash 139fc22ed87280a2011dfa727ece25c6af12cd433576980a0a6c29e9bc1e5faf Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:49 GMT content-encoding br last-modified Sun, 14 Mar 2021 20:24:34 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 827 expires Sat, 16 Apr 2022 16:06:49 GMT
GET H2	200	IMG-20211101-152657.jpg i.ibb.co/QkGWZVZ/	94 KB 94 KB	1291ms 599ms	Image image/jpeg	172.96.160.123 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/QkGWZVZ/IMG-20211101-152657.jpg Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.96.160.123 Los Angeles, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash 1e4eb8304ef3864eba148d5d2a6a803fc9efe1b8d415d9b7e50a5ca7500a9d67 Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:51 GMT last-modified Mon, 01 Nov 2021 08:28:19 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 96023 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	IMG-20211101-152226.jpg i.ibb.co/VSHr0Fg/	74 KB 74 KB	1072ms 599ms	Image image/jpeg	172.96.160.123 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/VSHr0Fg/IMG-20211101-152226.jpg Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.96.160.123 Los Angeles, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash 8e6ae93c91ba75869d03d3a3811f567219fcfc5fa1db46a2542251de3319e4db Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:51 GMT last-modified Mon, 01 Nov 2021 08:23:20 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 75571 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	img1635753361174.png i.ibb.co/5shNSPj/	369 KB 370 KB	1072ms 599ms	Image image/png	172.96.160.123 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/5shNSPj/img1635753361174.png Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.96.160.123 Los Angeles, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash d4a3df6bfa080cbd0aa251806a22d84c310ea5aceb96b78a4f346febbbefb2a9 Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:51 GMT last-modified Mon, 01 Nov 2021 08:17:31 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 377802 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	IMG-20211101-153011.jpg i.ibb.co/zPq8QKk/	96 KB 96 KB	1072ms 599ms	Image image/jpeg	172.96.160.123 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/zPq8QKk/IMG-20211101-153011.jpg Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.96.160.123 Los Angeles, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash 6107e83ad8d607e6c17962d7cd12e15b13e56b88eeba169d5e394c7d55ef45fa Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:51 GMT last-modified Mon, 01 Nov 2021 08:30:56 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 98159 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	IMG-20211101-153234.jpg i.ibb.co/zbwMxTj/	77 KB 77 KB	1072ms 599ms	Image image/jpeg	172.96.160.123 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/zbwMxTj/IMG-20211101-153234.jpg Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.96.160.123 Los Angeles, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash 0b34c163d2d813da14c86a6fe080428d497382808c79cc2a6b70a734b2485978 Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:51 GMT last-modified Mon, 01 Nov 2021 08:33:03 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 78456 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	IMG-20211101-153448.jpg i.ibb.co/T4ZwdHc/	105 KB 105 KB	1072ms 600ms	Image image/jpeg	172.96.160.123 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/T4ZwdHc/IMG-20211101-153448.jpg Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.96.160.123 Los Angeles, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash fd79d74b0f5b09ecf9ae000cc66dc9d794fd5fc17534571385085972fd9f46fc Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:51 GMT last-modified Mon, 01 Nov 2021 08:35:17 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 107367 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	IMG-20211101-153840.jpg i.ibb.co/Jy532pN/	61 KB 61 KB	1020ms 1020ms	Image image/jpeg	172.96.160.123 RELIABLESITE
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/Jy532pN/IMG-20211101-153840.jpg Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.96.160.123 Los Angeles, United States, ASN23470 (RELIABLESITE, US), Reverse DNS Software nginx / Resource Hash 52d1465e72a493020ea372f3447d406b3eb2e22fb21c9433a8103b70d5341e59 Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:51 GMT last-modified Mon, 01 Nov 2021 08:39:25 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 62560 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	0*ptDX0HfJCYpo9Pcs.gif miro.medium.com/max/1600/	88 KB 89 KB	23ms 16ms	Image image/gif	2606:4700:7::a29f:9904 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://miro.medium.com/max/1600/0*ptDX0HfJCYpo9Pcs.gif Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::a29f:9904 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c2f413ec031122040ebc7dd93353b86cf8b29569f922838d04283425eb0c4fca Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:51 GMT x-content-type-options nosniff cf-cache-status HIT age 594814 x-envoy-upstream-service-time 102 strict-transport-security max-age=15552000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 90430 pragma public sepia-upstream medium server cloudflare etag "16.3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif access-control-allow-origin * cache-control public, max-age=2592000 medium-fulfilled-by miro/main-20210910-123150-2615267c7e accept-ranges bytes cf-ray 6f947e08ab580ac8-NRT expires Mon, 09 May 2022 16:06:50 GMT
GET H3	200	facebook_text.png mediafireviralygy.duckdns.org/img/	28 KB 28 KB	51ms 51ms	Image image/png	40.83.118.169 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://mediafireviralygy.duckdns.org/img/facebook_text.png Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 40.83.118.169 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401 Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:50 GMT last-modified Sun, 14 Mar 2021 20:25:12 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 28789 expires Sat, 16 Apr 2022 16:06:50 GMT
GET H2	200	580b57fcd9996e24bc43c543.png assets.stickpng.com/images/	149 KB 150 KB	27ms 18ms	Image image/png	2606:4700:3038::6815:eb02 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.stickpng.com/images/580b57fcd9996e24bc43c543.png Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eb02 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d15c880b55b3ed610b5af0bddb63b50e386da5d32658e069dac8d8c512f801e8 Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:51 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 2886 cf-ray 6f947e08a8d21eb8-NRT alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 152291 x-amz-id-2 46v3pSZGJ1T+YI/1roMhiEjoch+TUlXj6cfGy++aIIxAELZmB09Ek1U+Lv1CS9HiAKLwvrKzkZY= last-modified Sat, 22 Oct 2016 12:38:27 GMT server cloudflare etag "188a278629872508123e7bf25a4e4ae9" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S0WUkLgFRBW5BSf7owXKdSeXnaRbHyp9h3I%2F%2BsNb%2BjCSzYI5FuuV2pJ12l1f1plP1f44x9qAYOXCfyDad7UIt4n91fGjOtjsUBAd5TgkgRxbXs%2FgO69fG6Lq6muzqLVxCRxWFQ3ufNk3xfW1PLmE4nUn"}],"group":"cf-nel","max_age":604800} x-amz-request-id TNPDGEGQDEVJF35S cache-control max-age=14400 accept-ranges bytes content-type image/png
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	693ms 228ms	Script application/javascript	2001:4de0:ac18::1:a:2b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:49 GMT content-encoding gzip last-modified Fri, 20 Aug 2021 17:47:53 GMT server nginx etag W/"611feac9-15d84" vary Accept-Encoding x-hw 1649520409.dop207.pa1.t,1649520409.cds230.pa1.hn,1649520409.cds214.pa1.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/	85 KB 28 KB	562ms 21ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:50 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2229723 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27433 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1538f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BPT7orPzR%2FN1kRiPXLeeg99d8D3WTIlB2BjIvETYOSl1%2BdPGNdUg6KWVef5r542zT4EBomGJokwz%2FfTQ4beeqH%2BGqbGEznENRUbD69FVGnne6v3pf9HgiBH8YUDuL9aS5Q65jin8r7vOlt5Kq%2BMGfK2Z"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6f947e071d5c8a93-NRT expires Thu, 30 Mar 2023 16:06:50 GMT
GET H2	200	css2 fonts.googleapis.com/	1 KB 947 B	77ms 39ms	Stylesheet text/css	2404:6800:4004:80c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Yantramanav&display=swap Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4004:80c::200a , Australia, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d6c84700e9df89c5ac2d1ecd075b8e6c2e287375cf87098e76e4dd0195766ea8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 09 Apr 2022 16:06:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 09 Apr 2022 16:06:51 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 09 Apr 2022 16:06:51 GMT
GET H3	200	bege.jpeg mediafireviralygy.duckdns.org/css/	91 KB 92 KB	52ms 52ms	Image image/jpeg	40.83.118.169 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://mediafireviralygy.duckdns.org/css/bege.jpeg Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 40.83.118.169 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash fc38486ae929ac77f93331fa8afcdb1c6c7b7af2b03da4ceaf4b7f9ab5f35eee Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:51 GMT last-modified Sun, 14 Mar 2021 20:24:46 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 93670 expires Sat, 16 Apr 2022 16:06:51 GMT
GET H3	200	thin.ttf mediafireviralygy.duckdns.org/css/	39 KB 19 KB	101ms 101ms	Font font/ttf	40.83.118.169 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mediafireviralygy.duckdns.org/css/thin.ttf Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 40.83.118.169 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash 3153a06ba18e39e65902144be0e71ca8c0f14ac948a719c6aa8642414c1db3f3 Request headers Referer https://mediafireviralygy.duckdns.org/css/style.css Origin https://mediafireviralygy.duckdns.org accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:51 GMT content-encoding br last-modified Sun, 14 Mar 2021 20:24:52 GMT server LiteSpeed vary Accept-Encoding content-type font/ttf cache-control public, max-age=604800 accept-ranges bytes content-length 19870 expires Sat, 16 Apr 2022 16:06:51 GMT
GET H2	200	getcountry Show response api.pubgameshowtime.com/ip/	60 B 426 B	561ms 523ms	XHR application/json	18.65.223.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.pubgameshowtime.com/ip/getcountry Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.65.223.98 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-65-223-98.nrt57.r.cloudfront.net Software / Resource Hash 2b41bf0d6a4c0e59949024d5ae650bd9f4899bb4cffad0f61b74b027df94b6cb Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://mediafireviralygy.duckdns.org/ accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:51 GMT via 1.1 f9832575e3821f4db473b935967c7aaa.cloudfront.net (CloudFront) x-amz-cf-pop NRT57-P4 x-amzn-requestid d37fec10-348c-4269-90b3-85e6b7a79eca x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-6251af1b-6b00c82426415f4701c90ed8;Sampled=0 x-amz-apigw-id QUhMVFrjyK4FQcw= content-length 60 x-amz-cf-id ABfsxdaoSrhshkaoNa6nfERTcg2d3Gk3WdeSuU5NztB3Es8VizwOAQ==
GET H2	200	Korea.jpg img.inews.co.id/media/600/files/inews_new/2019/08/28/	25 KB 26 KB	552ms 4ms	Image image/jpeg	2600:9000:2219:8c00:c:5e3e:d280:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://img.inews.co.id/media/600/files/inews_new/2019/08/28/Korea.jpg Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2219:8c00:c:5e3e:d280:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash cabca93bbc61d812533fef8027de3b871e3496a47f7a75629eab7bed2f95be85 Request headers accept-language jp-JP,jp;q=0.9 Referer https://mediafireviralygy.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 15:36:50 GMT via 1.1 0faeaf783ed8eff257a8ebce44c8928a.cloudfront.net (CloudFront) x-original-content-length 31058 server nginx age 88203 etag W/"PSA-aj-otDXTDBSc_" x-cache Hit from cloudfront content-type image/jpeg access-control-allow-origin * cache-control max-age=315359052 x-amz-cf-pop NRT57-P1 content-length 25905 x-amz-cf-id nBOe4bDflUrSvCvI5JlNqEqJTZIEBZFV19yLcKeaZJrwpCc6v-DFdw== expires Mon, 05 Apr 2032 15:21:02 GMT
GET H3	200	font.ttf mediafireviralygy.duckdns.org/css/	39 KB 19 KB	53ms 52ms	Font font/ttf	40.83.118.169 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://mediafireviralygy.duckdns.org/css/font.ttf Requested by Host: mediafireviralygy.duckdns.org URL: https://mediafireviralygy.duckdns.org/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 40.83.118.169 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash 7d8c329264275748c586498a45884c20faa1f726a5fc694c6303c72258c3f5a6 Request headers Referer https://mediafireviralygy.duckdns.org/css/style.css Origin https://mediafireviralygy.duckdns.org accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Sat, 09 Apr 2022 16:06:52 GMT content-encoding br last-modified Sun, 14 Mar 2021 20:24:48 GMT server LiteSpeed vary Accept-Encoding content-type font/ttf cache-control public, max-age=604800 accept-ranges bytes content-length 19564 expires Sat, 16 Apr 2022 16:06:52 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| shortcut function| $ function| jQuery object| desc object| more function| checkip

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.medium.com/	1969-12-31 23:59:59	Name: __cfruid Value: 121611c68945b644b2b70afe82252a92de5bf698-1649520411

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://jefanya.com/js/debug.js Message: Failed to load resource: the server responded with a status of 410 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pubgameshowtime.com
assets.stickpng.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
i.ibb.co
img.inews.co.id
jefanya.com
mediafireviralygy.duckdns.org
miro.medium.com
172.96.160.123
18.65.223.98
2001:4de0:ac18::1:a:2b
2404:6800:4004:80c::200a
2600:9000:2219:8c00:c:5e3e:d280:93a1
2606:4700:3038::6815:eb02
2606:4700:7::a29f:9904
2606:4700::6811:180e
3.64.163.50
40.83.118.169
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0b34c163d2d813da14c86a6fe080428d497382808c79cc2a6b70a734b2485978
139fc22ed87280a2011dfa727ece25c6af12cd433576980a0a6c29e9bc1e5faf
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1e4eb8304ef3864eba148d5d2a6a803fc9efe1b8d415d9b7e50a5ca7500a9d67
2b41bf0d6a4c0e59949024d5ae650bd9f4899bb4cffad0f61b74b027df94b6cb
3153a06ba18e39e65902144be0e71ca8c0f14ac948a719c6aa8642414c1db3f3
52d1465e72a493020ea372f3447d406b3eb2e22fb21c9433a8103b70d5341e59
6107e83ad8d607e6c17962d7cd12e15b13e56b88eeba169d5e394c7d55ef45fa
74b8457bf6fc94155d74fcf2c8fab6809e5a3bf251c2ab007f334cfc96aa9cb9
7d8c329264275748c586498a45884c20faa1f726a5fc694c6303c72258c3f5a6
8bc08c12d076f8195d02ad7e2b8b30c8801ee5f54f62c266d62f3ba2de849861
8e6ae93c91ba75869d03d3a3811f567219fcfc5fa1db46a2542251de3319e4db
c2f413ec031122040ebc7dd93353b86cf8b29569f922838d04283425eb0c4fca
cabca93bbc61d812533fef8027de3b871e3496a47f7a75629eab7bed2f95be85
d15c880b55b3ed610b5af0bddb63b50e386da5d32658e069dac8d8c512f801e8
d4a3df6bfa080cbd0aa251806a22d84c310ea5aceb96b78a4f346febbbefb2a9
d6c84700e9df89c5ac2d1ecd075b8e6c2e287375cf87098e76e4dd0195766ea8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fc38486ae929ac77f93331fa8afcdb1c6c7b7af2b03da4ceaf4b7f9ab5f35eee
fd79d74b0f5b09ecf9ae000cc66dc9d794fd5fc17534571385085972fd9f46fc