event-ff-gratis864.duckdns.org
Open in
urlscan Pro
104.208.82.172
Malicious Activity!
Public Scan
Submission: On February 18 via automatic, source phishtank — Scanned from DE
Summary
This is the only time event-ff-gratis864.duckdns.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Gaming (Entertainment)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 104.208.82.172 104.208.82.172 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
2 4 | 2606:4700::68... 2606:4700::6810:7baf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700::68... 2606:4700::6810:135e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 23.32.238.137 23.32.238.137 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
5 | 23.32.238.106 23.32.238.106 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
4 | 2606:4700:303... 2606:4700:3030::6815:29eb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 188.68.52.216 188.68.52.216 | 197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH) | |
1 | 23.79.135.178 23.79.135.178 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2606:4700::68... 2606:4700::6810:5514 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:50c0:800... 2606:50c0:8000::154 | 54113 (FASTLY) (FASTLY) | |
1 | 129.226.2.89 129.226.2.89 | 132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building) | |
26 | 12 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
event-ff-gratis864.duckdns.org |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-137.deploy.static.akamaitechnologies.com
freefiremobile-a.akamaihd.net |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-106.deploy.static.akamaitechnologies.com
dl.dir.freefiremobile.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-79-135-178.deploy.static.akamaitechnologies.com
img.utdstc.com |
ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)
na.apps.amsoveasea.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
freefiremobile.com
dl.dir.freefiremobile.com — Cisco Umbrella Rank: 35386 |
2 MB |
4 |
svgrepo.com
www.svgrepo.com — Cisco Umbrella Rank: 334283 |
11 KB |
4 |
akamaihd.net
freefiremobile-a.akamaihd.net — Cisco Umbrella Rank: 25756 |
62 KB |
4 |
unpkg.com
2 redirects
unpkg.com — Cisco Umbrella Rank: 802 |
44 KB |
3 |
duckdns.org
event-ff-gratis864.duckdns.org |
6 KB |
2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197 |
82 KB |
1 |
amsoveasea.com
na.apps.amsoveasea.com — Cisco Umbrella Rank: 265178 |
181 B |
1 |
githubusercontent.com
raw.githubusercontent.com — Cisco Umbrella Rank: 4514 |
|
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 401 |
32 KB |
1 |
utdstc.com
img.utdstc.com — Cisco Umbrella Rank: 109821 |
14 KB |
1 |
im.ge
i.im.ge — Cisco Umbrella Rank: 450680 |
28 KB |
0 |
top4top.io
Failed
h.top4top.io Failed |
|
26 | 12 |
Domain | Requested by | |
---|---|---|
5 | dl.dir.freefiremobile.com |
event-ff-gratis864.duckdns.org
|
4 | www.svgrepo.com |
event-ff-gratis864.duckdns.org
|
4 | freefiremobile-a.akamaihd.net |
event-ff-gratis864.duckdns.org
|
4 | unpkg.com |
2 redirects
event-ff-gratis864.duckdns.org
|
3 | event-ff-gratis864.duckdns.org |
event-ff-gratis864.duckdns.org
|
2 | cdnjs.cloudflare.com |
event-ff-gratis864.duckdns.org
cdnjs.cloudflare.com |
1 | na.apps.amsoveasea.com |
cdn.jsdelivr.net
|
1 | raw.githubusercontent.com |
event-ff-gratis864.duckdns.org
|
1 | cdn.jsdelivr.net |
event-ff-gratis864.duckdns.org
|
1 | img.utdstc.com |
event-ff-gratis864.duckdns.org
|
1 | i.im.ge |
event-ff-gratis864.duckdns.org
|
0 | h.top4top.io Failed |
event-ff-gratis864.duckdns.org
|
26 | 12 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-09-21 - 2022-09-20 |
a year | crt.sh |
a248.e.akamai.net DigiCert SHA2 Secure Server CA |
2021-07-15 - 2022-07-20 |
a year | crt.sh |
dl.kgtw.garenanow.com DigiCert SHA2 Secure Server CA |
2022-02-16 - 2022-06-27 |
4 months | crt.sh |
i.im.ge Sectigo RSA Domain Validation Secure Server CA |
2021-09-25 - 2022-09-25 |
a year | crt.sh |
uptodown.com DigiCert SHA2 Secure Server CA |
2021-09-14 - 2022-09-14 |
a year | crt.sh |
www.github.com DigiCert SHA2 High Assurance Server CA |
2020-05-06 - 2022-04-14 |
2 years | crt.sh |
na.apps.amsoveasea.com TrustAsia TLS RSA CA |
2021-05-31 - 2022-05-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://event-ff-gratis864.duckdns.org/
Frame ID: 69F43A7AE1AB9F92378318DF735E6EF3
Requests: 26 HTTP requests in this frame
Screenshot
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://unpkg.com/swiper@7/swiper-bundle.min.css HTTP 302
- https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css
- https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
- https://unpkg.com/swiper@8.0.6/swiper-bundle.min.js
26 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
event-ff-gratis864.duckdns.org/ |
19 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
event-ff-gratis864.duckdns.org/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swiper-bundle.min.css
unpkg.com/swiper@7.4.1/ Redirect Chain
|
15 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ |
30 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
p_2016h7ob71.gif
h.top4top.io/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app_icon.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/ |
22 KB 22 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_small.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/ |
22 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
appstore3.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
googleplay3.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
8e822cf7230420e5a4240972cc11efdajpg
dl.dir.freefiremobile.com/common/web_event/hash/ |
464 KB 465 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
c175292e0a856831eeeeb727bd33c324jpg
dl.dir.freefiremobile.com/common/web_event/hash/ |
382 KB 380 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
242c176892fae8907c4502dc6f745837jpg
dl.dir.freefiremobile.com/common/web_event/hash/ |
427 KB 425 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a0a4ae30805722476d7af24e8266c18ajpg
dl.dir.freefiremobile.com/common/web_event/hash/ |
391 KB 389 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
caaa4b6f29bf5d772942932d761f831bjpg
dl.dir.freefiremobile.com/common/web_event/hash/ |
318 KB 316 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gun.svg
www.svgrepo.com/show/27064/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shirt-clothes.svg
www.svgrepo.com/show/268997/ |
10 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tap-hands-and-gestures.svg
www.svgrepo.com/show/243944/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chest.svg
www.svgrepo.com/show/250365/ |
9 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Tw3QNy.png
i.im.ge/2021/09/15/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e61511ae88f7d52fac67cd4c4f9c739bf71572d2923e1acf512f249ae0544fd4:200
img.utdstc.com/icon/e61/511/ |
14 KB 14 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
6.jpeg
event-ff-gratis864.duckdns.org/img/incubator/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
cdn.jsdelivr.net/gh/cdn-jquery/jquery/3.6.3/ |
88 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swiper-bundle.min.js
unpkg.com/swiper@8.0.6/ Redirect Chain
|
136 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
swiped-events.js
raw.githubusercontent.com/john-doherty/swiped-events/master/src/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ |
75 KB 76 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
na.apps.amsoveasea.com/swoole/ |
39 B 181 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- h.top4top.io
- URL
- https://h.top4top.io/p_2016h7ob71.gif
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Gaming (Entertainment)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| structuredClone function| $ function| jQuery function| Swiper function| gass function| tutup0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
cdnjs.cloudflare.com
dl.dir.freefiremobile.com
event-ff-gratis864.duckdns.org
freefiremobile-a.akamaihd.net
h.top4top.io
i.im.ge
img.utdstc.com
na.apps.amsoveasea.com
raw.githubusercontent.com
unpkg.com
www.svgrepo.com
h.top4top.io
104.208.82.172
129.226.2.89
188.68.52.216
23.32.238.106
23.32.238.137
23.79.135.178
2606:4700:3030::6815:29eb
2606:4700::6810:135e
2606:4700::6810:5514
2606:4700::6810:7baf
2606:50c0:8000::154
07c60246a4ac7d8fe6078972ad94d08699ed1d5edd31d7fca05ea4c9b2d67599
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0980f115ebee9838009d7cbdea0fca19b3961e4d13e38a4eaa5cf358a11de138
5c91a3f8654051a93899960e8cc6053250bc90f8e4a9567c309d963dcd72c818
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
614f7b8a798620fb1b02beb1b49d4e5c982cece2bfe985f7c686266e68a4f14f
6754b08e6e658246f0d71f02c406517d88c1a0e1455b2d3bdc06db2f3d54739e
6c12d23460d0c93d822f13ef49baaa383908dbca0f74430246777592dd6fdfb4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
90b0614198653dba4da856899f139c9a85a208f88c2b7e8a88c5369eabcfd2c1
a9fd6085027e4ac8bde87a63acb7f5f03f6297a7d40a353b9e2d37b380e03e67
adcab86657a7a2669c7d7434397486372c7b0b9b50e34c379166bf957e4e7da8
b27a41813f7963b39fe1755ad31a133c30066d5a8fcabf9710b44556109aba17
b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499
b72ce72a315dc00af3e1c795fc82d5de366b76321782b0ead6f993ac9aecc95b
b934f8e69730a987d53fa348b3bb37c6eee5d8b91e736726114d139abf8ac044
c9e1781299e080d117da4d8ad7afbd223bac1c7ac589b803edc3fea583b8bc34
cd51bf0a5665e55258f20d1dc1fae0b2d953d0e057c3ce9285b04df70a547d4b
d42270853ccd3ef853f808abf5ef13825120f08db6393dedc6dfc5157e747079
d449a5ed585c8edb37060e5279b84eb817406a5ef71d762e7fc785a68bce707b
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e1736ebdbb540fc361581e9254a04234e6f663af89db30ea15fe783d8f50827d
e1746bbf46dd1333003166c7c99fe589b9da32f64100cbc82317285fe828d2ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855