official-nguyen.duckdns.org Open in urlscan Pro
40.88.36.128 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://official-nguyen.duckdns.org/
Submission: On January 26 via api (January 26th 2022, 8:04:33 pm UTC) from JP — Scanned from JP

Summary HTTP 35 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 9 countries across 19 domains to perform 35 HTTP transactions. The main IP is 40.88.36.128, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is official-nguyen.duckdns.org.

This is the only time official-nguyen.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
2	40.88.36.128 40.88.36.128	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:310... 2606:4700:3108::ac42:283b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:1a::84 2a04:4e42:1a::84	54113 (FASTLY) (FASTLY)
1	2001:df2:e500... 2001:df2:e500:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
1	2404:6800:400... 2404:6800:4004:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:827::2001	15169 (GOOGLE) (GOOGLE)
1	138.199.24.219 138.199.24.219	60068 (CDN77 ^_^) (CDN77 ^_^)
2	23.15.14.82 23.15.14.82	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	101.50.1.75 101.50.1.75	55688 (BEON-AS-I...) (BEON-AS-ID PT. Beon Intermedia)
1	65.21.235.194 65.21.235.194	24940 (HETZNER-AS) (HETZNER-AS)
2	135.181.63.70 135.181.63.70	24940 (HETZNER-AS) (HETZNER-AS)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	216.250.97.93 216.250.97.93	63473 (HOSTHATCH) (HOSTHATCH)
1	65.9.42.105 65.9.42.105	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700:303... 2606:4700:3032::6815:5abc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	96.7.251.185 96.7.251.185	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	163.172.24.234 163.172.24.234	12876 (Online SAS) (Online SAS)
1	129.226.2.89 129.226.2.89	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
35	22

2 40.88.36.128 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

official-nguyen.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:7daf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:283b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn0.iconfinder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:1a::84 (United States)

ASN54113 (FASTLY, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:df2:e500:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80f::2001 (Australia)

ASN15169 (GOOGLE, US)

c.tenor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:827::2001 (Australia)

ASN15169 (GOOGLE, US)

4.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.199.24.219 (Singapore, Singapore)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-138-199-24-219.datapacket.com

cdn.kibrispdr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.15.14.82 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-15-14-82.deploy.static.akamaitechnologies.com

s1.bukalapak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s4.bukalapak.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 101.50.1.75 (Indonesia)

ASN55688 (BEON-AS-ID PT. Beon Intermedia, ID)
PTR: medusa.jagoanhosting.com

inilahsultra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.21.235.194 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.194.235.21.65.clients.your-server.de

l.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 135.181.63.70 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: cdn15.top4top.io

j.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.250.97.93 (Hong Kong)

ASN63473 (HOSTHATCH, US)
PTR: hkg-01.onat.webhorizon.in

i.im.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.42.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-105.nrt12.r.cloudfront.net

cdn.worldvectorlogo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:5abc (United States)

ASN13335 (CLOUDFLARENET, US)

p4.wallpaperbetter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.7.251.185 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-7-251-185.deploy.static.akamaitechnologies.com

lf16-tiktok-common.ibytedtos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 163.172.24.234 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-24-234.rev.poneytelecom.eu

g.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.226.2.89 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

na.apps.amsoveasea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	top4top.io l.top4top.io — Cisco Umbrella Rank: 962716 j.top4top.io — Cisco Umbrella Rank: 865818 c.top4top.io Failed g.top4top.io	213 KB
6	unpkg.com unpkg.com — Cisco Umbrella Rank: 881	41 KB
3	pinimg.com i.pinimg.com — Cisco Umbrella Rank: 669	215 KB
2	bukalapak.com s1.bukalapak.com — Cisco Umbrella Rank: 97227 s4.bukalapak.com — Cisco Umbrella Rank: 114248	59 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	82 KB
2	duckdns.org official-nguyen.duckdns.org	32 KB
1	amsoveasea.com na.apps.amsoveasea.com — Cisco Umbrella Rank: 92491	180 B
1	ibytedtos.com lf16-tiktok-common.ibytedtos.com — Cisco Umbrella Rank: 8447	22 KB
1	wallpaperbetter.com p4.wallpaperbetter.com — Cisco Umbrella Rank: 214475	8 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 584
1	worldvectorlogo.com cdn.worldvectorlogo.com — Cisco Umbrella Rank: 230633	2 KB
1	im.ge i.im.ge — Cisco Umbrella Rank: 604577	28 KB
1	wp.com i0.wp.com — Cisco Umbrella Rank: 3215	204 KB
1	inilahsultra.com inilahsultra.com	74 KB
1	kibrispdr.org cdn.kibrispdr.org — Cisco Umbrella Rank: 268677	23 KB
1	blogspot.com 4.bp.blogspot.com — Cisco Umbrella Rank: 11201	727 KB
1	tenor.com c.tenor.com — Cisco Umbrella Rank: 9173	1008 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 2447	57 KB
1	iconfinder.com cdn0.iconfinder.com — Cisco Umbrella Rank: 124031	1 KB
35	19

	Domain	Requested by
6	unpkg.com	official-nguyen.duckdns.org unpkg.com
3	g.top4top.io	official-nguyen.duckdns.org
3	i.pinimg.com	official-nguyen.duckdns.org
2	j.top4top.io	official-nguyen.duckdns.org
2	cdnjs.cloudflare.com	official-nguyen.duckdns.org cdnjs.cloudflare.com
2	official-nguyen.duckdns.org	official-nguyen.duckdns.org
1	na.apps.amsoveasea.com	unpkg.com
1	lf16-tiktok-common.ibytedtos.com	official-nguyen.duckdns.org
1	p4.wallpaperbetter.com	official-nguyen.duckdns.org
1	code.jquery.com	official-nguyen.duckdns.org
1	cdn.worldvectorlogo.com	official-nguyen.duckdns.org
1	i.im.ge	official-nguyen.duckdns.org
1	i0.wp.com	official-nguyen.duckdns.org
1	l.top4top.io	official-nguyen.duckdns.org
1	inilahsultra.com	official-nguyen.duckdns.org
1	s4.bukalapak.com	official-nguyen.duckdns.org
1	s1.bukalapak.com	official-nguyen.duckdns.org
1	cdn.kibrispdr.org	official-nguyen.duckdns.org
1	4.bp.blogspot.com	official-nguyen.duckdns.org
1	c.tenor.com	official-nguyen.duckdns.org
1	upload.wikimedia.org	official-nguyen.duckdns.org
1	cdn0.iconfinder.com	official-nguyen.duckdns.org
0	c.top4top.io Failed	official-nguyen.duckdns.org
35	23

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.iconfinder.com R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-27` - `2022-08-05`	a year	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-10-19` - `2022-11-17`	a year	crt.sh
c.tenor.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
cdn.kibrispdr.org R3	`2022-01-16` - `2022-04-16`	3 months	crt.sh
*.bukalapak.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-28` - `2022-02-20`	a year	crt.sh
inilahsultra.com cPanel, Inc. Certification Authority	`2022-01-25` - `2022-04-25`	3 months	crt.sh
top4top.io R3	`2022-01-13` - `2022-04-13`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
i.im.ge Sectigo RSA Domain Validation Secure Server CA	`2021-09-25` - `2022-09-25`	a year	crt.sh
*.worldvectorlogo.com Amazon	`2021-04-18` - `2022-05-17`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.ibytedtos.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
na.apps.amsoveasea.com TrustAsia TLS RSA CA	`2021-05-31` - `2022-05-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://official-nguyen.duckdns.org/
Frame ID: A704B9D6EB79EE6C0DA43C4D4C3B0075
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tiktok Khusus Dewasa | 18+

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

91 %
HTTPS

43 %
IPv6

19
Domains

23
Subdomains

22
IPs

9
Countries

2798 kB
Transfer

3038 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
official-nguyen.duckdns.org/ 19 KB
19 KB 477ms
156ms Document
text/html 40.88.36.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://official-nguyen.duckdns.org/
Protocol: HTTP/1.1
Server: 40.88.36.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 2ebbd1e40181c69ce21f94f345f71310d6b25a1744f6f4405e6fb43bee03f28b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

Date: Wed, 26 Jan 2022 20:04:26 GMT
Server: Apache
Last-Modified: Sun, 19 Dec 2021 19:48:00 GMT
Accept-Ranges: bytes
Content-Length: 19625
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK style.css
official-nguyen.duckdns.org/css/ 13 KB
13 KB 160ms
160ms Stylesheet
text/css 40.88.36.128
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://official-nguyen.duckdns.org/css/style.css
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: HTTP/1.1
Server: 40.88.36.128 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: c2f771b53a6b3edea619e33ef8bbcb0fb6d9f95c4afcc45bcb0d10945a401ba5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 26 Jan 2022 20:04:27 GMT
Last-Modified: Sun, 19 Dec 2021 18:20:14 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12838

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 13ms
6ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6128041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EtmFokzFeqA8YZakomiP6JsLkai9dAsVXBawIAg5kak%2BWVgogQYJHjDawUbcPsuUJefZUzCwgI5PfABgacONVuyxCxymnQu51O1RliQk7tbAYytUEQ0gD62RcfCz3yu1geKvV%2B1BP3uVfJlNvlSFsZhH"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3c59b46d68342c-NRT
expires: Mon, 16 Jan 2023 20:04:26 GMT

GET
H2 200 ionicon.js Show response
unpkg.com/ionicio@5.0.0/ 93 KB
34 KB 20ms
13ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicio@5.0.0/ionicon.js

Requested by

Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

561636cb85f1245a17da3943c74ecdf14f7e7f018c374cd27f7e070c442cc41e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:26 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 186823
fly-request-id: 01FT6DN4Y2VBRCBVKXHWFWMK8V
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"172ee-FemWXGgdkt1tW8sbf0Pd/wnXYo0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6d3c59b46b582062-NRT

GET
H2 200 591277-arrow-left-512.png
cdn0.iconfinder.com/data/icons/feather/96/ 888 B
1 KB 26ms
13ms Image
image/webp 2606:4700:3108::ac42:283b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn0.iconfinder.com/data/icons/feather/96/591277-arrow-left-512.png

Requested by

Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:283b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f24611ec55db9e70685ea48bf7081855c7e0dd2b5666d562517ee10bd16d4e58

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:26 GMT
via: 1.1 vegur
x-content-type-options: nosniff
cf-cache-status: HIT
age: 218002
cf-polished: origFmt=png, origSize=3183
content-disposition: inline; filename="591277-arrow-left-512.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 888
x-request-id: 37243e7c-3bf9-4400-aae6-b97a92833064
expires: Thu, 26 Jan 2023 20:04:26 GMT
last-modified: Thu, 20 Jan 2022 22:11:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
access-control-allow-origin: *
vary: Accept
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6d3c59b4a84480f3-NRT
cf-bgj: imgq:100,h2pri

GET
H2 200 93072c53ea1949e368bfcb98ca664cd5.png
i.pinimg.com/originals/93/07/2c/ 10 KB
11 KB 31ms
2ms Image
image/png 2a04:4e42:1a::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/93/07/2c/93072c53ea1949e368bfcb98ca664cd5.png
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1a::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 036d8b05704528ce1e27f93841d6f7993feb8dcab16d4ddd80cef85b6c295f43

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:27 GMT
x-cdn: fastly
etag: "b509fbabe3cb64911bb9d51220de92dd"
vary: Origin
content-type: image/png
cache-control: max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
content-length: 10678

GET
H2 200 2048px-Kebab-menu-ui-icon-1.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/3/39/Kebab-menu-ui-icon-1.svg/ 56 KB
57 KB 473ms
159ms Image
image/png 2001:df2:e500:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/3/39/Kebab-menu-ui-icon-1.svg/2048px-Kebab-menu-ui-icon-1.svg.png

Requested by

Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2001:df2:e500:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

dbe84f16e39e8d4e3a400ec428679674a479e7f00ca269734f176bde78713448

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 04:24:05 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 56421
x-cache-status: hit-front
x-cache: cp5003 hit, cp5004 hit/82
content-disposition: inline;filename*=UTF-8''Kebab-menu-ui-icon-1.svg.png
server-timing: cache;desc="hit-front", host;desc="cp5004"
content-length: 57584
x-client-ip: 2a00:1633:128:4::4
last-modified: Fri, 27 Aug 2021 00:07:13 GMT
server: ATS/8.0.8
etag: 3e18262fac845d6fca21d8ca669a2e09
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
x-timestamp: 1630022832.35723
permissions-policy: interest-cohort=()
accept-ranges: bytes
timing-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache

GET
H2 200 cewek-cantik.gif
c.tenor.com/YSRFiu3tAPYAAAAM/ 1006 KB
1008 KB 117ms
4ms Image
image/gif 2404:6800:4004:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.tenor.com/YSRFiu3tAPYAAAAM/cewek-cantik.gif

Requested by

Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

863583903a5a4d40e5f37b92cf964a6f7f738fad5158d14bf92ad2d8ffd0acb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 12:07:37 GMT
x-content-type-options: nosniff
age: 28610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-tenor-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1030572
x-xss-protection: 0
last-modified: Fri, 09 Oct 2020 05:31:12 GMT
server: sffe
report-to: {"group":"media-tenor-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-tenor-team"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="media-tenor-team"
expires: Thu, 27 Jan 2022 12:07:37 GMT

GET
H2 200 25d0a54f0e8e18b721b41de9ab76d907.jpg
i.pinimg.com/736x/25/d0/a5/ 78 KB
79 KB 7ms
2ms Image
image/jpeg 2a04:4e42:1a::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/736x/25/d0/a5/25d0a54f0e8e18b721b41de9ab76d907.jpg
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1a::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6a76d89e13a08cd398b11718512b7494ec7c1f1ddc4ba0e2986518959352f227

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:27 GMT
x-cdn: fastly
etag: "efbb49623d607bbc88e6e4a5507d1259"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
content-length: 80298

GET
H2 200 IMG_20190326_150406.png
4.bp.blogspot.com/-XsE6gppkfd8/XJoEWs3yQTI/AAAAAAAADmg/FXjnzbuUKwg09F5IjjzgojO6o8fiwjK4gCLcBGAs/s1600/ 726 KB
727 KB 90ms
48ms Image
image/png 2404:6800:4004:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://4.bp.blogspot.com/-XsE6gppkfd8/XJoEWs3yQTI/AAAAAAAADmg/FXjnzbuUKwg09F5IjjzgojO6o8fiwjK4gCLcBGAs/s1600/IMG_20190326_150406.png

Requested by

Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2001 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

732c2bb1dcd68fe34568309437abc4838b16dbb09343778f1fd2fb6fa2aef213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:27 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="IMG_20190326_150406.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 743534
x-xss-protection: 0
server: fife
etag: "ve74"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Tue, 25 Jan 2022 16:10:43 GMT

GET
H2 200 gambar-orang-seksi-0.jpg
cdn.kibrispdr.org/data/ 22 KB
23 KB 254ms
79ms Image
image/webp 138.199.24.219
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.kibrispdr.org/data/gambar-orang-seksi-0.jpg
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.24.219 Singapore, Singapore, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-138-199-24-219.datapacket.com
Software: BunnyCDN-SG1-783 /
Resource Hash: d9ffacda3b8f092ae6b78d0e3f2c52a117589dda543314832f8443dba9ae03ab

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:27 GMT
x-downloadsize: 42112
cdn-edgestorageid: 782
x-bo-processingtime: 4
cdn-cachedat: 01/26/2022 08:06:32
cdn-pullzone: 468518
content-length: 23022
server: BunnyCDN-SG1-783
x-bo-server: UK-24
last-modified: Fri, 21 Jan 2022 17:13:57 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
x-bo-origindownloadtime: 9
content-type: image/webp
cdn-cache: HIT
cdn-uid: ebfacbba-3f01-4cc9-acc6-9429f1eac9e7
cache-control: public, max-age=2592000
x-bo-compressionratio: 45.33%
cdn-requestid: 989ea4a773bc3e294a03891593893d80
cdn-requestcountrycode: JP
x-bo-cachehit: MISS
link: <https://www.kibrispdr.org/data/gambar-orang-seksi-0.jpg>; rel="canonical"
cdn-status: 200
x-bo-lb-server: UK-24
cdn-requestpullsuccess: True

GET
H2 200 data.jpeg
s1.bukalapak.com/img/14194399422/s-300-300/ 16 KB
16 KB 248ms
4ms Image
image/jpeg 23.15.14.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s1.bukalapak.com/img/14194399422/s-300-300/data.jpeg
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.15.14.82 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-15-14-82.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9a2cb917ab86e84f2072d3a64db9fabfe12b0f1e58a772d4ad38611bac3e4e19

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Jan 2022 20:04:27 GMT
cache-control: public, max-age=10368000
expires: Fri, 15 Apr 2022 07:17:45 GMT
content-length: 16734
content-type: image/jpeg

GET
H2 200 95068d4061f9eaefc1de579178fcf3fd.jpg
i.pinimg.com/originals/95/06/8d/ 126 KB
126 KB 8ms
5ms Image
image/jpeg 2a04:4e42:1a::84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/95/06/8d/95068d4061f9eaefc1de579178fcf3fd.jpg
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:1a::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fed5b3ba0f0106e5a38777e7397878b6cf20cfaf5c1026f67fac6859fb1d113a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:27 GMT
x-cdn: fastly
etag: "7a0ece71e86078107205383809672cc1"
vary: Origin
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
content-length: 129233

GET
H2 200 AIKOSWEET_bikini_cewek_sexy___hot___cocok_buat_istri___sekin.png
s4.bukalapak.com/img/973424375/large/ 42 KB
42 KB 100ms
7ms Image
image/jpeg 23.15.14.82
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s4.bukalapak.com/img/973424375/large/AIKOSWEET_bikini_cewek_sexy___hot___cocok_buat_istri___sekin.png
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.15.14.82 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-15-14-82.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b17125e54944f129ba37ce708b849f7421ecabf7f168f44b9ceefc88f4bca51c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Jan 2022 20:04:27 GMT
cache-control: public, max-age=10368000
expires: Fri, 04 Mar 2022 02:55:45 GMT
content-length: 42895
content-type: image/jpeg

GET
H2 200 20190830_102822.jpg
inilahsultra.com/wp-content/uploads/2019/08/ 74 KB
74 KB 411ms
98ms Image
image/jpeg 101.50.1.75
BEON-AS-ID PT. Be...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inilahsultra.com/wp-content/uploads/2019/08/20190830_102822.jpg
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 101.50.1.75 , Indonesia, ASN55688 (BEON-AS-ID PT. Beon Intermedia, ID),
Reverse DNS: medusa.jagoanhosting.com
Software: LiteSpeed /
Resource Hash: d06677b2924a5668dabda0ee5fd984609efb1409a0b94403cc0902af1c3619cf

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:03:38 GMT
last-modified: Mon, 30 Dec 2019 17:53:57 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 75727
expires: Wed, 02 Feb 2022 20:03:38 GMT

GET
H2 200 p_2166tu71p1.jpg
l.top4top.io/ 30 KB
31 KB 1103ms
545ms Image
image/jpeg 65.21.235.194
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.top4top.io/p_2166tu71p1.jpg
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.194.235.21.65.clients.your-server.de
Software: nginx /
Resource Hash: 67dd17936400598023a01ac12983c2c5e52e8f6a79c232df47f248d664eb2d78

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-file-id: x42827687x
date: Wed, 26 Jan 2022 20:04:27 GMT
last-modified: Mon, 06 Dec 2021 14:33:57 GMT
server: nginx
etag: "61ae1f55-7960"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="photo_2021-12-06_22-35-52.jpg"
accept-ranges: bytes
content-length: 31072
expires: Wed, 26 Jan 2022 22:04:27 GMT

GET
H2 200 p_2166hvb3g1.jpg
j.top4top.io/ 25 KB
25 KB 1048ms
517ms Image
image/jpeg 135.181.63.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.top4top.io/p_2166hvb3g1.jpg
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn15.top4top.io
Software: nginx /
Resource Hash: 19069b5ed5b98b7ebefe054fee9d26492031b71363832640d548f9df054c8974

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-file-id: x42827673x
date: Wed, 26 Jan 2022 20:04:27 GMT
last-modified: Mon, 06 Dec 2021 14:33:03 GMT
server: nginx
etag: "61ae1f1f-6306"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="photo_2021-11-17_03-12-01.jpg"
accept-ranges: bytes
content-length: 25350
expires: Wed, 26 Jan 2022 22:04:27 GMT

GET p_2166a4nmo1.jpg
c.top4top.io/ 0
0

GET
H2 200 p_2166fg6c91.jpg
j.top4top.io/ 87 KB
87 KB 1291ms
776ms Image
image/jpeg 135.181.63.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.top4top.io/p_2166fg6c91.jpg
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn15.top4top.io
Software: nginx /
Resource Hash: 60c281493c8f535767301b1bbe47543d2fef8bd05efdf32231ee73a2dc346524

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-file-id: x42827637x
date: Wed, 26 Jan 2022 20:04:27 GMT
last-modified: Mon, 06 Dec 2021 14:30:02 GMT
server: nginx
etag: "61ae1e6a-15a69"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="photo_2021-12-06_22-31-54.jpg"
accept-ranges: bytes
content-length: 88681
expires: Wed, 26 Jan 2022 22:04:27 GMT

GET
H2 200 Screen-Shot-2021-10-20-at-12.53.40.png
i0.wp.com/borobudurnews.com/wp-content/uploads/2021/10/ 204 KB
204 KB 22ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/borobudurnews.com/wp-content/uploads/2021/10/Screen-Shot-2021-10-20-at-12.53.40.png?fit=850%2C538&ssl=1

Requested by

Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

522b94e288c98217796e34d3dc324b71eae82dba07fad7a4188965ccf49ba61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-nc: HIT nrt 2
date: Wed, 26 Jan 2022 20:04:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 14 Dec 2021 17:50:34 GMT
server: nginx
etag: "daca9af603261c24"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://borobudurnews.com/wp-content/uploads/2021/10/Screen-Shot-2021-10-20-at-12.53.40.png>; rel="canonical"
content-length: 208612
expires: Fri, 15 Dec 2023 05:50:34 GMT

GET
H2 200 Tw3QNy.png
i.im.ge/2021/09/15/ 28 KB
28 KB 344ms
51ms Image
image/png 216.250.97.93
HOSTHATCH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.im.ge/2021/09/15/Tw3QNy.png

Requested by

Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

216.250.97.93 , Hong Kong, ASN63473 (HOSTHATCH, US),

Reverse DNS

hkg-01.onat.webhorizon.in

Software

nginx /

Resource Hash

092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:27 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
strict-transport-security: max-age=31536000, max-age=31536000
expires: Thu, 26 Jan 2023 20:04:27 GMT

GET
H2 200 tiktok-logo.svg
cdn.worldvectorlogo.com/logos/ 3 KB
2 KB 27ms
4ms Image
image/svg+xml 65.9.42.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.worldvectorlogo.com/logos/tiktok-logo.svg
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.42.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-42-105.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bf427039f141cd2a1b2be39923bb64324368a9e138dfcec86a1323fa86e20977

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 07:42:10 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 12:59:21 GMT
server: AmazonS3
age: 2809338
etag: W/"e393b73faa0c3281a3a932290e4e3b38"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 632916f9e737cfec58885186f21c18d2.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
x-amz-cf-pop: NRT12-C5
x-amz-meta-extension: svg
x-amz-cf-id: Wi2NAYKUI4vYIYEA2OXB6GZ3uDx57aC2nD9H7ZXc3QQtA4c9h_xN2w==
expires: Sun, 29 Mar 2020 09:29:26 GMT

GET
H2 404 jquery-3.6.8.min.js
code.jquery.com/ 0
0 1255ms
809ms Script
text/html 2001:4de0:ac18::1:a:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.8.min.js
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 ionicons.esm.js Show response
unpkg.com/ionicons@5.0.0/dist/ionicons/ 262 B
619 B 17ms
11ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js

Requested by

Host: unpkg.com
URL: https://unpkg.com/ionicio@5.0.0/ionicon.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28a06f4491def3fdc69ddefa5c850a2583ff312997aef3498e2f12e384c45115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://official-nguyen.duckdns.org/
Origin: http://official-nguyen.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:27 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20538740
fly-request-id: 01F77WJ0JJPE0SBM9W00BMFFSF
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"106-2QVIn+WWfE7GzXgXZTPbiG+yGbs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6d3c59b67ae60dfd-NRT

GET
H2 200 apple-music-colorful-blurred-hd-wallpaper-preview.jpg
p4.wallpaperbetter.com/wallpaper/126/494/520/ 7 KB
8 KB 553ms
538ms Image
image/jpeg 2606:4700:3032::6815:5abc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p4.wallpaperbetter.com/wallpaper/126/494/520/apple-music-colorful-blurred-hd-wallpaper-preview.jpg
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5abc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eed32262bb4b50b3e14b61c48b8e840353ba3f2a598d560ca7acce78492450c1

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:27 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7511
last-modified: Wed, 26 Dec 2018 04:11:14 GMT
server: cloudflare
etag: "5c22ff62-1d57"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BblGLlLOdXfIv1Kq9FYyfeNIg6bj6SdrZ5fTxKpZVaBbfHhMXnITe5hrEtHBMTdrYeTXpDrNdjebJqYE11oQZ2zzaK%2FTZy8PTvol6mLzzEw%2F7FQiNvD7BOdYdc%2FacVKBkOjkXUwB6lzp%2BqwJWNHic1eIGN2x"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 6d3c59b6ba1b3469-NRT
expires: Sat, 21 Jan 2023 20:04:27 GMT

GET
H2 200 Proxima-Nova-Regular.woff2
lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/ 21 KB
22 KB 19ms
3ms Font
font/woff2 96.7.251.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://lf16-tiktok-common.ibytedtos.com/obj/tiktok-web-common-sg/falcon/tiktok_fonts/Proxima-Nova-Regular.woff2
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.7.251.185 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a96-7-251-185.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 29a734dbe0c87dca942095cf4038b7a2519fb48ff2e06d1f49b8d8854493ac35

Request headers

Referer: http://official-nguyen.duckdns.org/
Origin: http://official-nguyen.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-akamai-request-id: a3b5feb
date: Wed, 26 Jan 2022 20:04:27 GMT
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
content-md5: SvWbAmfbEyPKXZVTcUBHkw==
x-cache: TCP_MEM_HIT from a96-7-251-181.deploy.akamaitechnologies.com (AkamaiGHost/10.7.0-38611996) (-)
x-bdcdn-cache-status: TCP_HIT
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 21908
x-tos-request-id: bc3f81db0a3e8d3-af54b33
x-tos-response-time: Thu, 19 Aug 2021 01:15:15 GMT
last-modified: Tue, 27 Jul 2021 09:37:24 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: font/woff2
access-control-allow-origin: *
x-check-cacheable: YES
cache-control: max-age=326180
access-control-allow-credentials: false
x-tt-trace-host: 0107ed56be781f9c0e21f6f647b5219e8a6c52badea199dde58a6aea1414cf21c9fbdbadb88b36a324f28beabd23f7c00a239d5c2fad2203401474467c6eceab890096a8d48aa5109df071cca75703ac9ee8850b334ecc51813d769bf49c437975040e8c271e865965a03b89cfb2c3de8707242cac0c1506728618c9285cfb92ad
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 14ms
8ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://official-nguyen.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3695393
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSjn9tRRX%2F5Pq8gvsSqGfHzEfKLN0Fb8c07FLnoRgzW6NWigvjNUTaVYYvT7%2B49Coyq%2FSwPcpL45L%2F%2BRkOQdFFlFsMcNBfX2HN1JjIJDagxJSZCRefilKi4AetpPSyJJlywMXwMSsbO66z7EZunnOqqk"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d3c59b698f18aa4-NRT
expires: Mon, 16 Jan 2023 20:04:27 GMT

GET
H2 206 m_2166prhh11.mp4
g.top4top.io/ 96 KB
0 1010ms
538ms Media
video/mp4 163.172.24.234
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://g.top4top.io/m_2166prhh11.mp4
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.24.234 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-24-234.rev.poneytelecom.eu
Software: nginx /
Resource Hash

Request headers

Referer: http://official-nguyen.duckdns.org/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

x-file-id: x42827538x
date: Wed, 26 Jan 2022 20:04:27 GMT
last-modified: Mon, 06 Dec 2021 14:23:48 GMT
server: nginx
etag: "61ae1cf4-489872"
content-type: video/mp4
Content-Range: bytes 0-4757617/4757618
cache-control: max-age=7200
content-disposition: inline; filename="video_2021-12-06_22-25-27.mp4"
Content-Length: 4757618
expires: Wed, 26 Jan 2022 22:04:27 GMT

GET
H2 200 p-af480238.js Show response
unpkg.com/ionicons@5.0.0/dist/ionicons/ 9 KB
4 KB 13ms
13ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.0.0/dist/ionicons/p-af480238.js

Requested by

Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35a79935107f53fa3b2f923363b50be53bd42e446f64f457c5e74a526bfa29b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://unpkg.com/ionicons@5.0.0/dist/ionicons/ionicons.esm.js
Origin: http://official-nguyen.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:27 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20634934
fly-request-id: 01F750TBM1ZHWK61XPZG4P9B9A
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"232c-uchF0l8mHJgXmaMGCPlWLIIn3tc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6d3c59b6aafd0dfd-NRT

GET
H2 200 p-vsz5ekad.entry.js Show response
unpkg.com/ionicons@5.0.0/dist/ionicons/ 4 KB
2 KB 10ms
10ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.0.0/dist/ionicons/p-vsz5ekad.entry.js

Requested by

Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ec3da80f3d285712b9b5d0ee81c7ea121b1eb1f1c6b1588edd0d41aac54cf8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://official-nguyen.duckdns.org/
Origin: http://official-nguyen.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:27 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 19342351
fly-request-id: 01F8BHGWJE7HQ5BQMJENJPJPF8
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"e34-Tn/fBtCpAXg6tUKDGbgozKhyxLU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6d3c59b6db140dfd-NRT

GET
H2 200 p-763ce0c6.js Show response
unpkg.com/ionicons@5.0.0/dist/ionicons/ 766 B
604 B 10ms
10ms Script
application/javascript 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.0.0/dist/ionicons/p-763ce0c6.js

Requested by

Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c476b63f6e5134d4e0287dde58239d74a195ce57555f0c0dd3b2ddf148da70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://unpkg.com/ionicons@5.0.0/dist/ionicons/p-vsz5ekad.entry.js
Origin: http://official-nguyen.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 26095149
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"2fe-nFoH10sI1sMZTGbQl1tybJVCa9k"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 53c74ce10dfb3ba399d905ce967bab6e
cache-control: public, max-age=31536000
cf-ray: 6d3c59b6eb2a0dfd-NRT

GET
H2 200 heart-outline.svg Show response
unpkg.com/ionicons@5.0.0/dist/ionicons/svg/ 394 B
393 B 11ms
11ms Fetch
image/svg+xml 2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/ionicons@5.0.0/dist/ionicons/svg/heart-outline.svg

Requested by

Host: unpkg.com
URL: https://unpkg.com/ionicons@5.0.0/dist/ionicons/p-vsz5ekad.entry.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

577bae0eba7fb48bfae95d4c00ec14d4bdee62f6e8dc2f1276f20457d31f791d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://official-nguyen.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 20:04:27 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 20634922
fly-request-id: 01F750TPV2SJ1KRH6N03H60TVT
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"18a-wA/cgRXQ2WRGOJZfUAIM79weiT8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6d3c59b70b330dfd-NRT

GET
H2 200 / Show response
na.apps.amsoveasea.com/swoole/ 38 B
180 B 294ms
80ms XHR
text/html 129.226.2.89
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://na.apps.amsoveasea.com/swoole/?actid=2020&r=index/getCountry&_only_service_response_=1
Requested by: Host: unpkg.com
URL: https://unpkg.com/ionicio@5.0.0/ionicon.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.2.89 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: a91e42f1b7e23f26f903a39ceb0474522bb1b244a5d7765e3be8931999b64e28

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://official-nguyen.duckdns.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 26 Jan 2022 20:04:28 GMT
content-encoding: gzip
server: nginx/1.20.1
content-length: 57
content-type: text/html

GET
H2 206 m_2166prhh11.mp4
g.top4top.io/ 70 KB
71 KB 412ms
411ms Media
video/mp4 163.172.24.234
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://g.top4top.io/m_2166prhh11.mp4
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.24.234 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-24-234.rev.poneytelecom.eu
Software: nginx /
Resource Hash: d1f6e8ec006c85d1a6c0c5265102f1e64d99a2e06a300e81e9a927067dc39e4d

Request headers

Referer: http://official-nguyen.duckdns.org/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=4685824-

Response headers

x-file-id: x42827538x
date: Wed, 26 Jan 2022 20:04:29 GMT
last-modified: Mon, 06 Dec 2021 14:23:48 GMT
server: nginx
etag: "61ae1cf4-489872"
content-type: video/mp4
Content-Range: bytes 4685824-4757617/4757618
cache-control: max-age=7200
content-disposition: inline; filename="video_2021-12-06_22-25-27.mp4"
Content-Length: 71794
expires: Wed, 26 Jan 2022 22:04:29 GMT

GET
H2 206 m_2166prhh11.mp4
g.top4top.io/ 64 KB
0 304ms
304ms Media
video/mp4 163.172.24.234
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://g.top4top.io/m_2166prhh11.mp4
Requested by: Host: official-nguyen.duckdns.org
URL: http://official-nguyen.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.24.234 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-24-234.rev.poneytelecom.eu
Software: nginx /
Resource Hash

Request headers

Referer: http://official-nguyen.duckdns.org/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=65536-

Response headers

x-file-id: x42827538x
date: Wed, 26 Jan 2022 20:04:29 GMT
last-modified: Mon, 06 Dec 2021 14:23:48 GMT
server: nginx
etag: "61ae1cf4-489872"
content-type: video/mp4
Content-Range: bytes 65536-4757617/4757618
cache-control: max-age=7200
content-disposition: inline; filename="video_2021-12-06_22-25-27.mp4"
Content-Length: 4692082
expires: Wed, 26 Jan 2022 22:04:29 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.top4top.io
URL: https://c.top4top.io/p_2166a4nmo1.jpg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://code.jquery.com/jquery-3.6.8.min.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4.bp.blogspot.com
c.tenor.com
c.top4top.io
cdn.kibrispdr.org
cdn.worldvectorlogo.com
cdn0.iconfinder.com
cdnjs.cloudflare.com
code.jquery.com
g.top4top.io
i.im.ge
i.pinimg.com
i0.wp.com
inilahsultra.com
j.top4top.io
l.top4top.io
lf16-tiktok-common.ibytedtos.com
na.apps.amsoveasea.com
official-nguyen.duckdns.org
p4.wallpaperbetter.com
s1.bukalapak.com
s4.bukalapak.com
unpkg.com
upload.wikimedia.org
c.top4top.io
101.50.1.75
129.226.2.89
135.181.63.70
138.199.24.219
163.172.24.234
192.0.77.2
2001:4de0:ac18::1:a:2b
2001:df2:e500:ed1a::2:b
216.250.97.93
23.15.14.82
2404:6800:4004:80f::2001
2404:6800:4004:827::2001
2606:4700:3032::6815:5abc
2606:4700:3108::ac42:283b
2606:4700::6810:135e
2606:4700::6810:7daf
2a04:4e42:1a::84
40.88.36.128
65.21.235.194
65.9.42.105
96.7.251.185
036d8b05704528ce1e27f93841d6f7993feb8dcab16d4ddd80cef85b6c295f43
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0ec3da80f3d285712b9b5d0ee81c7ea121b1eb1f1c6b1588edd0d41aac54cf8b
19069b5ed5b98b7ebefe054fee9d26492031b71363832640d548f9df054c8974
28a06f4491def3fdc69ddefa5c850a2583ff312997aef3498e2f12e384c45115
29a734dbe0c87dca942095cf4038b7a2519fb48ff2e06d1f49b8d8854493ac35
2ebbd1e40181c69ce21f94f345f71310d6b25a1744f6f4405e6fb43bee03f28b
35a79935107f53fa3b2f923363b50be53bd42e446f64f457c5e74a526bfa29b9
522b94e288c98217796e34d3dc324b71eae82dba07fad7a4188965ccf49ba61c
561636cb85f1245a17da3943c74ecdf14f7e7f018c374cd27f7e070c442cc41e
577bae0eba7fb48bfae95d4c00ec14d4bdee62f6e8dc2f1276f20457d31f791d
60c281493c8f535767301b1bbe47543d2fef8bd05efdf32231ee73a2dc346524
67dd17936400598023a01ac12983c2c5e52e8f6a79c232df47f248d664eb2d78
6a76d89e13a08cd398b11718512b7494ec7c1f1ddc4ba0e2986518959352f227
732c2bb1dcd68fe34568309437abc4838b16dbb09343778f1fd2fb6fa2aef213
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
863583903a5a4d40e5f37b92cf964a6f7f738fad5158d14bf92ad2d8ffd0acb9
9a2cb917ab86e84f2072d3a64db9fabfe12b0f1e58a772d4ad38611bac3e4e19
a91e42f1b7e23f26f903a39ceb0474522bb1b244a5d7765e3be8931999b64e28
b17125e54944f129ba37ce708b849f7421ecabf7f168f44b9ceefc88f4bca51c
b5c476b63f6e5134d4e0287dde58239d74a195ce57555f0c0dd3b2ddf148da70
bf427039f141cd2a1b2be39923bb64324368a9e138dfcec86a1323fa86e20977
c2f771b53a6b3edea619e33ef8bbcb0fb6d9f95c4afcc45bcb0d10945a401ba5
d06677b2924a5668dabda0ee5fd984609efb1409a0b94403cc0902af1c3619cf
d1f6e8ec006c85d1a6c0c5265102f1e64d99a2e06a300e81e9a927067dc39e4d
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d9ffacda3b8f092ae6b78d0e3f2c52a117589dda543314832f8443dba9ae03ab
dbe84f16e39e8d4e3a400ec428679674a479e7f00ca269734f176bde78713448
eed32262bb4b50b3e14b61c48b8e840353ba3f2a598d560ca7acce78492450c1
f24611ec55db9e70685ea48bf7081855c7e0dd2b5666d562517ee10bd16d4e58
fed5b3ba0f0106e5a38777e7397878b6cf20cfaf5c1026f67fac6859fb1d113a

official-nguyen.duckdns.org Open in urlscan Pro 40.88.36.128 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

35 Requests

91 %HTTPS

43 %IPv6

19 Domains

23 Subdomains

22 IPs

9 Countries

2798 kBTransfer

3038 kBSize

0 Cookies

0 Outgoing links

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

official-nguyen.duckdns.org Open in urlscan Pro
40.88.36.128 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

91 %
HTTPS

43 %
IPv6

19
Domains

23
Subdomains

22
IPs

9
Countries

2798 kB
Transfer

3038 kB
Size

0
Cookies

35 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!