event-ff-gratis864.duckdns.org Open in urlscan Pro
104.208.82.172 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://event-ff-gratis864.duckdns.org/
Submission: On February 18 via automatic, source phishtank (February 18th 2022, 1:11:31 am UTC) — Scanned from DE

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 12 domains to perform 26 HTTP transactions. The main IP is 104.208.82.172, located in Central, Hong Kong and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is event-ff-gratis864.duckdns.org.

This is the only time event-ff-gratis864.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
3	104.208.82.172 104.208.82.172	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.32.238.137 23.32.238.137	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	23.32.238.106 23.32.238.106	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700:303... 2606:4700:3030::6815:29eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.68.52.216 188.68.52.216	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
1	23.79.135.178 23.79.135.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8000::154	54113 (FASTLY) (FASTLY)
1	129.226.2.89 129.226.2.89	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
26	12

3 104.208.82.172 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

event-ff-gratis864.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7baf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.32.238.137 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-137.deploy.static.akamaitechnologies.com

freefiremobile-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.32.238.106 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-106.deploy.static.akamaitechnologies.com

dl.dir.freefiremobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::6815:29eb (United States)

ASN13335 (CLOUDFLARENET, US)

www.svgrepo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.68.52.216 (Hitzacker, Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: i.im.ge

i.im.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.135.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-135-178.deploy.static.akamaitechnologies.com

img.utdstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8000::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.226.2.89 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

na.apps.amsoveasea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	freefiremobile.com dl.dir.freefiremobile.com — Cisco Umbrella Rank: 35386	2 MB
4	svgrepo.com www.svgrepo.com — Cisco Umbrella Rank: 334283	11 KB
4	akamaihd.net freefiremobile-a.akamaihd.net — Cisco Umbrella Rank: 25756	62 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 802	44 KB
3	duckdns.org event-ff-gratis864.duckdns.org	6 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	82 KB
1	amsoveasea.com na.apps.amsoveasea.com — Cisco Umbrella Rank: 265178	181 B
1	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 4514
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 401	32 KB
1	utdstc.com img.utdstc.com — Cisco Umbrella Rank: 109821	14 KB
1	im.ge i.im.ge — Cisco Umbrella Rank: 450680	28 KB
0	top4top.io Failed h.top4top.io Failed
26	12

	Domain	Requested by
5	dl.dir.freefiremobile.com	event-ff-gratis864.duckdns.org
4	www.svgrepo.com	event-ff-gratis864.duckdns.org
4	freefiremobile-a.akamaihd.net	event-ff-gratis864.duckdns.org
4	unpkg.com	2 redirects event-ff-gratis864.duckdns.org
3	event-ff-gratis864.duckdns.org	event-ff-gratis864.duckdns.org
2	cdnjs.cloudflare.com	event-ff-gratis864.duckdns.org cdnjs.cloudflare.com
1	na.apps.amsoveasea.com	cdn.jsdelivr.net
1	raw.githubusercontent.com	event-ff-gratis864.duckdns.org
1	cdn.jsdelivr.net	event-ff-gratis864.duckdns.org
1	img.utdstc.com	event-ff-gratis864.duckdns.org
1	i.im.ge	event-ff-gratis864.duckdns.org
0	h.top4top.io Failed	event-ff-gratis864.duckdns.org
26	12

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
dl.kgtw.garenanow.com DigiCert SHA2 Secure Server CA	`2022-02-16` - `2022-06-27`	4 months	crt.sh
i.im.ge Sectigo RSA Domain Validation Secure Server CA	`2021-09-25` - `2022-09-25`	a year	crt.sh
uptodown.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
na.apps.amsoveasea.com TrustAsia TLS RSA CA	`2021-05-31` - `2022-05-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://event-ff-gratis864.duckdns.org/
Frame ID: 69F43A7AE1AB9F92378318DF735E6EF3
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

26
Requests

77 %
HTTPS

45 %
IPv6

12
Domains

12
Subdomains

12
IPs

4
Countries

2255 kB
Transfer

2476 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://unpkg.com/swiper@7/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

Request Chain 21

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@8.0.6/swiper-bundle.min.js

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
event-ff-gratis864.duckdns.org/ 19 KB
5 KB 477ms
190ms Document
text/html 104.208.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://event-ff-gratis864.duckdns.org/
Protocol: HTTP/1.1
Server: 104.208.82.172 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 90b0614198653dba4da856899f139c9a85a208f88c2b7e8a88c5369eabcfd2c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
last-modified: Thu, 09 Dec 2021 11:51:32 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4771
date: Fri, 18 Feb 2022 01:11:24 GMT
server: LiteSpeed

GET
H/1.1 404
Not Found style.css
event-ff-gratis864.duckdns.org/css/ 0
0 190ms
190ms Stylesheet
text/html 104.208.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://event-ff-gratis864.duckdns.org/css/style.css
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: HTTP/1.1
Server: 104.208.82.172 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 01:11:25 GMT
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 1238

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@7.4.1/
Redirect Chain

https://unpkg.com/swiper@7/swiper-bundle.min.css
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

15 KB
5 KB

15ms
15ms

Stylesheet
text/css

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

Requested by

Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 01:11:25 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2049411
fly-request-id: 01FT83NDD9CG9QH06HNE09KEPB
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3ccb-5Koe10fACH1gYqRziowpfORPwas"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6df3619df83e6937-FRA

Redirect headers

date: Fri, 18 Feb 2022 01:11:25 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FW560K9435Y4GP03NA05EZ1A-fra
server: cloudflare
age: 170
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@7.4.1/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6df3619dd8196937-FRA
access-control-allow-origin: *

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 42ms
23ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 01:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2049413
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UWp0plRDC8kwwa1VD%2B2HUuumi%2FXw%2FubgJQ6zCAif1oLgbwhG4l8o3etHuTBlJkiBU1kbTuK0IqrxJIq%2BIbeBiFkDhhfd8rP7jAxC8b4N7zPh1DZ9WR9O%2BIqUQh%2Fbq%2B39R0P6Ev%2FW%2B3ch4pwuKWNt35Rz"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6df3619dde919034-FRA
expires: Wed, 08 Feb 2023 01:11:25 GMT

GET p_2016h7ob71.gif
h.top4top.io/ 0
0

GET
H/1.1 200
OK app_icon.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/ 22 KB
22 KB 31ms
10ms Image
image/png 23.32.238.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/app_icon.png
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.32.238.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-137.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b27a41813f7963b39fe1755ad31a133c30066d5a8fcabf9710b44556109aba17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 01:11:25 GMT
Last-Modified: Mon, 10 Aug 2020 10:06:25 GMT
Server: AkamaiNetStorage
ETag: "db8d665e878853bc4b041870b3661072:1597053985.699702"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22559

GET
H/1.1 200
OK logo_small.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/ 22 KB
23 KB 31ms
11ms Image
image/png 23.32.238.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/logo_small.png
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.32.238.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-137.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: adcab86657a7a2669c7d7434397486372c7b0b9b50e34c379166bf957e4e7da8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 01:11:25 GMT
Last-Modified: Wed, 14 Apr 2021 03:04:20 GMT
Server: AkamaiNetStorage
ETag: "57eaed1e025698432da8dfe2c49d9798:1618380359.988444"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22987

GET
H/1.1 200
OK appstore3.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/ 9 KB
10 KB 31ms
11ms Image
image/png 23.32.238.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/appstore3.png
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.32.238.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-137.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 07c60246a4ac7d8fe6078972ad94d08699ed1d5edd31d7fca05ea4c9b2d67599

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 01:11:25 GMT
Last-Modified: Thu, 24 May 2018 05:15:05 GMT
Server: AkamaiNetStorage
ETag: "46179f391c2582a95a1ba3dc308adf93:1543299092.856403"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9567

GET
H/1.1 200
OK googleplay3.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/ 7 KB
7 KB 30ms
10ms Image
image/png 23.32.238.137
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/googleplay3.png
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 23.32.238.137 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-137.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9fd6085027e4ac8bde87a63acb7f5f03f6297a7d40a353b9e2d37b380e03e67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 01:11:25 GMT
Last-Modified: Thu, 24 May 2018 05:15:05 GMT
Server: AkamaiNetStorage
ETag: "85f18ff18dd0df9e10ae947e8163a44e:1543299094.82307"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7281

GET
H/1.1 200
OK 8e822cf7230420e5a4240972cc11efdajpg
dl.dir.freefiremobile.com/common/web_event/hash/ 464 KB
465 KB 78ms
14ms Image
image/jpeg 23.32.238.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/8e822cf7230420e5a4240972cc11efdajpg
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b934f8e69730a987d53fa348b3bb37c6eee5d8b91e736726114d139abf8ac044

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 01:11:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 04:06:23 GMT
Server: AkamaiNetStorage
ETag: "3add39940ca36eadb2f32fe3b86b33b4:1630037183.24865"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H/1.1 200
OK c175292e0a856831eeeeb727bd33c324jpg
dl.dir.freefiremobile.com/common/web_event/hash/ 382 KB
380 KB 82ms
18ms Image
image/jpeg 23.32.238.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/c175292e0a856831eeeeb727bd33c324jpg
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5c91a3f8654051a93899960e8cc6053250bc90f8e4a9567c309d963dcd72c818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 01:11:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 04:06:24 GMT
Server: AkamaiNetStorage
ETag: "c777d5d6b49fa89f90f42e7a8e8c5b01:1630037183.894355"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H/1.1 200
OK 242c176892fae8907c4502dc6f745837jpg
dl.dir.freefiremobile.com/common/web_event/hash/ 427 KB
425 KB 49ms
17ms Image
image/jpeg 23.32.238.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/242c176892fae8907c4502dc6f745837jpg
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e1736ebdbb540fc361581e9254a04234e6f663af89db30ea15fe783d8f50827d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 01:11:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 04:06:24 GMT
Server: AkamaiNetStorage
ETag: "412f7a9187960146917b47861b2b4b84:1630037184.447298"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H/1.1 200
OK a0a4ae30805722476d7af24e8266c18ajpg
dl.dir.freefiremobile.com/common/web_event/hash/ 391 KB
389 KB 55ms
23ms Image
image/jpeg 23.32.238.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/a0a4ae30805722476d7af24e8266c18ajpg
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6754b08e6e658246f0d71f02c406517d88c1a0e1455b2d3bdc06db2f3d54739e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 01:11:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 04:06:24 GMT
Server: AkamaiNetStorage
ETag: "aebc670bd7bf24b2c94e3bd7443daf93:1630037184.448383"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H/1.1 200
OK caaa4b6f29bf5d772942932d761f831bjpg
dl.dir.freefiremobile.com/common/web_event/hash/ 318 KB
316 KB 51ms
19ms Image
image/jpeg 23.32.238.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/caaa4b6f29bf5d772942932d761f831bjpg
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.106 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b72ce72a315dc00af3e1c795fc82d5de366b76321782b0ead6f993ac9aecc95b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 01:11:25 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 04:06:23 GMT
Server: AkamaiNetStorage
ETag: "395d0e2ab95d0494241d48a63f63ce9d:1630037183.008532"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H2 200 gun.svg
www.svgrepo.com/show/27064/ 3 KB
2 KB 44ms
12ms Image
image/svg+xml 2606:4700:3030::6815:29eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.svgrepo.com/show/27064/gun.svg
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:29eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 614f7b8a798620fb1b02beb1b49d4e5c982cece2bfe985f7c686266e68a4f14f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 01:11:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2016 01:10:16 GMT
server: cloudflare
age: 2374
etag: W/"57c0e878-d44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EY9vaxtaZ1rOFkEMC%2Bd6KZpVZmq8O6oCk%2FAgoxzaKKAcz0kpHykeyCEeTwGkTqYNcWn75%2BTP40od5%2FxtzFaghb45JpOBAsiabj0X78bO5DLNVQJujLeGFcfZxKLSBZzJ656tMr3W0puOBCsego%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6df3619e2ef79213-FRA

GET
H2 200 shirt-clothes.svg
www.svgrepo.com/show/268997/ 10 KB
4 KB 46ms
14ms Image
image/svg+xml 2606:4700:3030::6815:29eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.svgrepo.com/show/268997/shirt-clothes.svg
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:29eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d42270853ccd3ef853f808abf5ef13825120f08db6393dedc6dfc5157e747079

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 01:11:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jul 2018 11:31:42 GMT
server: cloudflare
age: 2541
etag: W/"5b570e1e-292b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5HlzWw5Jz5EJ03W%2B6pWskP4zwbKaS%2FCbKqI7l87%2Be%2BNPaYgLQA7YXPLgwIrF5al2llpzb%2BK9%2F9rjde1ncQLO3Lm%2BckXiyzNZOpjsoLWcmffRmPBwP2tKL2hOLpFBb9XPn%2B0L0WUjWSV6PlECZs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6df3619e2ef89213-FRA

GET
H2 200 tap-hands-and-gestures.svg
www.svgrepo.com/show/243944/ 4 KB
2 KB 25ms
13ms Image
image/svg+xml 2606:4700:3030::6815:29eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.svgrepo.com/show/243944/tap-hands-and-gestures.svg
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:29eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0980f115ebee9838009d7cbdea0fca19b3961e4d13e38a4eaa5cf358a11de138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 01:11:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Jul 2018 22:02:02 GMT
server: cloudflare
age: 2374
etag: W/"5b56505a-11d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yIjbhXzP3t%2F1HTajszXv4fuxmhmbcT9cZXj0Lpt%2BeV1UT%2B3r%2BS1T1mI3oNwucZ844nZWslKZChKPEWCWW%2FiqZ1tCscuDHqnS0YkW14%2BuzwkCGfUzexX9xbtI5%2Bfy0e4LaTwj2gX62wrG3CPJtc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6df3619e2ef99213-FRA

GET
H2 200 chest.svg
www.svgrepo.com/show/250365/ 9 KB
3 KB 16ms
13ms Image
image/svg+xml 2606:4700:3030::6815:29eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.svgrepo.com/show/250365/chest.svg
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:29eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e1781299e080d117da4d8ad7afbd223bac1c7ac589b803edc3fea583b8bc34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 01:11:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jul 2018 08:17:22 GMT
server: cloudflare
age: 2418
etag: W/"5b56e092-2484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Z4sJZeKJaHGH%2BtTqsBG8eJMbJo0ShaHjRebMKBqcd1BPiNiI0wtOb%2BfAxGOEkOhhGkE6i%2BsYiMDbF2hpzdKssWP%2Bo1Tjx7OCA5eBxfXxj%2FN73pEOVbJ0ui2cPQnyo4dEf0CDDA79JIUAt53E5A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6df3619e4f0d9213-FRA

GET
H2 200 Tw3QNy.png
i.im.ge/2021/09/15/ 28 KB
28 KB 135ms
10ms Image
image/png 188.68.52.216
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.im.ge/2021/09/15/Tw3QNy.png

Requested by

Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.52.216 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

i.im.ge

Software

nginx /

Resource Hash

092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 01:11:25 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
strict-transport-security: max-age=31536000, max-age=31536000
expires: Sat, 18 Feb 2023 01:11:25 GMT

GET
H2 200 e61511ae88f7d52fac67cd4c4f9c739bf71572d2923e1acf512f249ae0544fd4:200
img.utdstc.com/icon/e61/511/ 14 KB
14 KB 264ms
7ms Image
image/webp 23.79.135.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/e61/511/e61511ae88f7d52fac67cd4c4f9c739bf71572d2923e1acf512f249ae0544fd4:200

Requested by

Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.135.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-135-178.deploy.static.akamaitechnologies.com

Software

nginx/1.14.2 /

Resource Hash

cd51bf0a5665e55258f20d1dc1fae0b2d953d0e057c3ce9285b04df70a547d4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Dec 2021 07:05:51 GMT
server: nginx/1.14.2
etag: "61af07cf-3896"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, max-age=6366
date: Fri, 18 Feb 2022 01:11:25 GMT
content-security-policy: default-src 'self'
accept-ranges: bytes
vary: Accept
content-length: 14486
x-xss-protection: 1; mode=block
expires: Fri, 18 Feb 2022 02:57:31 GMT

GET
H/1.1 404
Not Found 6.jpeg
event-ff-gratis864.duckdns.org/img/incubator/ 1 KB
1 KB 191ms
190ms Image
text/html 104.208.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://event-ff-gratis864.duckdns.org/img/incubator/6.jpeg
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: HTTP/1.1
Server: 104.208.82.172 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Feb 2022 01:11:25 GMT
server: LiteSpeed
content-type: text/html
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 1238

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/gh/cdn-jquery/jquery/3.6.3/ 88 KB
32 KB 55ms
34ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/cdn-jquery/jquery/3.6.3/jquery.min.js

Requested by

Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1746bbf46dd1333003166c7c99fe589b9da32f64100cbc82317285fe828d2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 01:11:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19136-FRA, cache-hhn4020-HHN
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"16081-D7DwsUvOSJbgf3Ea8QuTft7+RFU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6df3619deaf19186-FRA

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@8.0.6/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@8.0.6/swiper-bundle.min.js

136 KB
39 KB

18ms
18ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.0.6/swiper-bundle.min.js

Requested by

Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d449a5ed585c8edb37060e5279b84eb817406a5ef71d762e7fc785a68bce707b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 01:11:25 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 321326
fly-request-id: 01FVVKP8WYX3DJA2ND2MEHEKK3
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"21f5a-8s2kJOZevi0MQflOc1Iffkp5/nA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6df3619df83f6937-FRA

Redirect headers

date: Fri, 18 Feb 2022 01:11:25 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FW55XYDY5HFXWW10AQRGTE30-fra
server: cloudflare
age: 214
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@8.0.6/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6df3619dd81b6937-FRA
access-control-allow-origin: *

GET
H2 200 swiped-events.js Show response
raw.githubusercontent.com/john-doherty/swiped-events/master/src/ 0
0 196ms
154ms Script
text/plain 2606:50c0:8000::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.githubusercontent.com/john-doherty/swiped-events/master/src/swiped-events.js
Requested by: Host: event-ff-gratis864.duckdns.org
URL: http://event-ff-gratis864.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://event-ff-gratis864.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 27ms
15ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: http://event-ff-gratis864.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 01:11:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 15347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17TKGwZzo00e1Qd5Z5ksZ9e1%2F%2B6qAXHv%2F2m0jGBRizeNVV89KNs2cjTEvt5hsW0%2FIIrFp54Evyz69NyM6g8z1gh%2FYxxnAJ0N7VwUxaq1lNIJ08x80Im3EWDjkKMI02fLRKfVf8%2BvqScSS840nICvMhq5"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6df3619f1bf55be1-FRA
expires: Wed, 08 Feb 2023 01:11:25 GMT

GET
H2 200 / Show response
na.apps.amsoveasea.com/swoole/ 39 B
181 B 521ms
172ms XHR
text/html 129.226.2.89
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://na.apps.amsoveasea.com/swoole/?actid=2020&r=index/getCountry&_only_service_response_=1
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/cdn-jquery/jquery/3.6.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.2.89 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6c12d23460d0c93d822f13ef49baaa383908dbca0f74430246777592dd6fdfb4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://event-ff-gratis864.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Feb 2022 01:11:25 GMT
content-encoding: gzip
server: nginx/1.20.1
content-length: 58
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: h.top4top.io
URL: https://h.top4top.io/p_2016h7ob71.gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://event-ff-gratis864.duckdns.org/css/style.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://event-ff-gratis864.duckdns.org/img/incubator/6.jpeg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
dl.dir.freefiremobile.com
event-ff-gratis864.duckdns.org
freefiremobile-a.akamaihd.net
h.top4top.io
i.im.ge
img.utdstc.com
na.apps.amsoveasea.com
raw.githubusercontent.com
unpkg.com
www.svgrepo.com
h.top4top.io
104.208.82.172
129.226.2.89
188.68.52.216
23.32.238.106
23.32.238.137
23.79.135.178
2606:4700:3030::6815:29eb
2606:4700::6810:135e
2606:4700::6810:5514
2606:4700::6810:7baf
2606:50c0:8000::154
07c60246a4ac7d8fe6078972ad94d08699ed1d5edd31d7fca05ea4c9b2d67599
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0980f115ebee9838009d7cbdea0fca19b3961e4d13e38a4eaa5cf358a11de138
5c91a3f8654051a93899960e8cc6053250bc90f8e4a9567c309d963dcd72c818
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
614f7b8a798620fb1b02beb1b49d4e5c982cece2bfe985f7c686266e68a4f14f
6754b08e6e658246f0d71f02c406517d88c1a0e1455b2d3bdc06db2f3d54739e
6c12d23460d0c93d822f13ef49baaa383908dbca0f74430246777592dd6fdfb4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
90b0614198653dba4da856899f139c9a85a208f88c2b7e8a88c5369eabcfd2c1
a9fd6085027e4ac8bde87a63acb7f5f03f6297a7d40a353b9e2d37b380e03e67
adcab86657a7a2669c7d7434397486372c7b0b9b50e34c379166bf957e4e7da8
b27a41813f7963b39fe1755ad31a133c30066d5a8fcabf9710b44556109aba17
b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499
b72ce72a315dc00af3e1c795fc82d5de366b76321782b0ead6f993ac9aecc95b
b934f8e69730a987d53fa348b3bb37c6eee5d8b91e736726114d139abf8ac044
c9e1781299e080d117da4d8ad7afbd223bac1c7ac589b803edc3fea583b8bc34
cd51bf0a5665e55258f20d1dc1fae0b2d953d0e057c3ce9285b04df70a547d4b
d42270853ccd3ef853f808abf5ef13825120f08db6393dedc6dfc5157e747079
d449a5ed585c8edb37060e5279b84eb817406a5ef71d762e7fc785a68bce707b
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e1736ebdbb540fc361581e9254a04234e6f663af89db30ea15fe783d8f50827d
e1746bbf46dd1333003166c7c99fe589b9da32f64100cbc82317285fe828d2ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

event-ff-gratis864.duckdns.org Open in urlscan Pro 104.208.82.172 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

26 Requests

77 %HTTPS

45 %IPv6

12 Domains

12 Subdomains

12 IPs

4 Countries

2255 kBTransfer

2476 kBSize

0 Cookies

0 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

event-ff-gratis864.duckdns.org Open in urlscan Pro
104.208.82.172 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

77 %
HTTPS

45 %
IPv6

12
Domains

12
Subdomains

12
IPs

4
Countries

2255 kB
Transfer

2476 kB
Size

0
Cookies

26 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!