mail.freexjoin47.duckdns.org Open in urlscan Pro
109.205.183.187  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mail.freexjoin47.duckdns.org/	18 KB 4 KB	3290ms 3166ms	Document text/html	109.205.183.187 CONTABO
General Check archive.org Show headers Download Go to Full URL https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.205.183.187 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi739826.contaboserver.net Software LiteSpeed / Resource Hash 5ade2c1a33d4f40e1e4dc31db56bbd948e6d15d6da3b2673cc45477ed56dd185 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html; charset=UTF-8 content-length 4030 content-encoding br vary Accept-Encoding date Sun, 12 Dec 2021 01:04:11 GMT server LiteSpeed alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	124ms 39ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 186 date Sun, 12 Dec 2021 01:01:06 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Sun, 12 Dec 2021 03:01:06 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	90 KB 36 KB	134ms 48ms	Script application/javascript	2a00:1450:4001:801::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-180844756-1 Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 30d1cc84b2adbbe2e7a144cd326b61845698cc34990bf4853e63b703f9b4fa3a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 36166 x-xss-protection 0 last-modified Sun, 12 Dec 2021 00:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 12 Dec 2021 01:04:12 GMT
GET H2	200	style-AlexHost.css mail.freexjoin47.duckdns.org/assets/css/	40 KB 5 KB	24ms 22ms	Stylesheet text/css	109.205.183.187 CONTABO
General Check archive.org Show headers Download Go to Full URL https://mail.freexjoin47.duckdns.org/assets/css/style-AlexHost.css Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.205.183.187 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi739826.contaboserver.net Software LiteSpeed / Resource Hash 5d40c79196cf9f9da4bdc857e8e1b5094ff3fa0aa0f314985c5a513edb89a6b7 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:11 GMT content-encoding br last-modified Fri, 19 Nov 2021 04:55:38 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes content-length 5335 expires Sun, 19 Dec 2021 01:04:11 GMT
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	35ms 14ms	Stylesheet text/css	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2595112 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5631 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BtMQKcddi9TQGn%2Be32nsKp1DnbtdE6frGhxtLdPtgj0qU1NVfSCo64hJn3syHqNMuhqsyahuU8D7ZJ%2FkNfB6dtk%2BRzgX%2BS5AZT2aS5liCgUHpa6eCZtDEaF0siDS5VMXT%2BUC9kC6yL3qD7FEFGav66Tg"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6bc3098b2d1f6939-FRA expires Fri, 02 Dec 2022 01:04:12 GMT
GET H2	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/	58 KB 11 KB	39ms 18ms	Stylesheet text/css	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 194074 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 10472 timing-allow-origin * last-modified Wed, 13 Jan 2021 22:29:05 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5fff7431-e7d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kp6WHbZvJtdgtwIJmJh5AheublQj4RI3SF4TKifh4DIy6Q1rHS8iV6adQ3u74jHjhcsIhQQQyh%2F208RUe35ghP3E7G%2BnP0Kq%2B%2FvvLBtAgvjMDabE7Y2jkHbgyW76tIyzLog3NXrtw%2BA6SW8ceAgQz1Rf"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6bc3098b2d216939-FRA expires Fri, 02 Dec 2022 01:04:12 GMT
GET H2	200	font-awesome.min.css stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/	30 KB 7 KB	37ms 16ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 723, 617, 617 age 22824499 cdn-cachedat 2021-03-11 11:57:51 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:55 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 6fc1a75116c932681ed09108db37b84c cf-ray 6bc3098b2a5e5b38-FRA cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H2	200	material-design-iconic-font.min.css cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/	69 KB 6 KB	41ms 20ms	Stylesheet text/css	2606:4700::6810:135e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3874232 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5845 timing-allow-origin * last-modified Mon, 04 May 2020 16:12:09 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ed9-1149f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMpy8kuZyljUsosDPT78NPROw2gRdScXllk0oT%2BLmXd40uIHArkZNgDG5NRIO9zm82QBS3dvov59lCHFUmcVV0a%2BeYjbE4C2FJ07DHbW4itcswP%2B0xuLxcpq814Xm9SH5liTNEn%2BBlLVvjpVLVVCdPzt"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6bc3098b2d226939-FRA expires Fri, 02 Dec 2022 01:04:12 GMT
GET H2	200	alex-facebook.css rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/	5 KB 1 KB	54ms 22ms	Stylesheet text/css	2606:4700:3038::6815:eae6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/alex-facebook.css Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eae6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cff81f8984cdebd9f5039cd4c058d7d67bba4b92666dc0605f47c44b6a761df2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-fastly-request-id d65497281f49c8b5ea79529d59a8d01f85a77ae2 date Sun, 12 Dec 2021 01:04:12 GMT via 1.1 varnish x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 7769164 source-age 0 x-cache MISS expires Thu, 31 Dec 2037 23:55:55 GMT content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by cache-bma1674-BMA x-robots-tag none server cloudflare x-github-request-id 1402:13FBA:5A0A3B:6348EA:613E473D x-timer S1631471421.216065,VS0,VE184 etag W/"0a8f3f8981d9c9102640cd89134620b5b03a473db8c3d339e31ddde5838eb64c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Authorization,Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sey6jUjrG9PYfE57bOR1RNn4UPNd%2BIL4H5FrWwxRWry1cxptIPj%2F%2B7sJw0LsW5Mnlpcjudm1LvlJsZE2Yj42mtulwUoMkYjJE03wvpZSRuUcdrJgFE7YP2Vlwl5prV%2FkN1XbPkk3PcAiVtI%2FKGDRgeo%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * x-githack-cache-status STALE cache-control max-age=315360000, public, immutable cf-ray 6bc3098b38be4a8c-FRA x-cache-hits 0
GET H2	200	alex-google.css rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/	3 KB 2 KB	46ms 14ms	Stylesheet text/css	2606:4700:3038::6815:eae6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eae6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4abb644266a5139ed69498a2f9522afe373c41787fda172dad55ce1afb18a8df Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-fastly-request-id 5e49b5b2f43e9dc3959c8f9e810e6487ca33ebe0 date Sun, 12 Dec 2021 01:04:12 GMT via 1.1 varnish x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3798252 source-age 0 x-cache MISS expires Thu, 31 Dec 2037 23:55:55 GMT content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by cache-bma1662-BMA x-robots-tag none server cloudflare x-github-request-id B6B6:A20F:176E463:18784E1:617B484C x-timer S1635469388.217313,VS0,VE200 etag W/"7652d432e77389d2064f55511cc6b91d5be6c83a7c4a508c20c6cd28cb795570" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Authorization,Accept-Encoding,Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TyZhrM33zTC6fbPqzKaortdpNHwUUoyemXi%2Fh5QZKncg5d49KasjNusuZrtHpliTDLO1VHkZC41t6WWo86MCPiP3y%2Ft1ygLQ6lvPi7VOEWRUxw3rHy2XH77X3WjgIRlhnRORJITgNz5XUQGJnP7pi4%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * x-githack-cache-status HIT cache-control max-age=315360000, public, immutable cf-ray 6bc3098b48bf4a8c-FRA x-cache-hits 0
GET H2	200	e328a85faf3ec595e525860c98e34098.png reward.ff.garena.com//images/	9 KB 9 KB	560ms 180ms	Image image/png	164.52.101.14 CDSC-AS1
General Check archive.org Show headers Download Go to Show image Full URL https://reward.ff.garena.com//images/e328a85faf3ec595e525860c98e34098.png Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.52.101.14 , Singapore, ASN63199 (CDSC-AS1, US), Reverse DNS Software openresty / Resource Hash 94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT last-modified Fri, 29 Oct 2021 03:05:14 GMT server openresty accept-ranges bytes etag "617b64ea-23d7" content-length 9175 content-type image/png
GET H2	200	vkcircle-Alex.png mail.freexjoin47.duckdns.org/assets/img/	10 KB 10 KB	35ms 34ms	Image image/png	109.205.183.187 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://mail.freexjoin47.duckdns.org/assets/img/vkcircle-Alex.png Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.205.183.187 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi739826.contaboserver.net Software LiteSpeed / Resource Hash 8ffae0974acd7014b8e30ff2510ff2c8809103dca22a9e9d252cfd525cc7eff9 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT last-modified Mon, 08 Nov 2021 15:24:38 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 9846 expires Sun, 19 Dec 2021 01:04:12 GMT
GET H2	200	gpcircle-Alex.png mail.freexjoin47.duckdns.org/assets/img/	6 KB 6 KB	35ms 34ms	Image image/png	109.205.183.187 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://mail.freexjoin47.duckdns.org/assets/img/gpcircle-Alex.png Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.205.183.187 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi739826.contaboserver.net Software LiteSpeed / Resource Hash edefde11d13eb274cafd860dd219755352257187b374f313c810cb6a20f0a477 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT last-modified Mon, 08 Nov 2021 14:23:48 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 6351 expires Sun, 19 Dec 2021 01:04:12 GMT
GET H2	200	hwcircle-Alex.png mail.freexjoin47.duckdns.org/assets/img/	3 KB 3 KB	58ms 57ms	Image image/png	109.205.183.187 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://mail.freexjoin47.duckdns.org/assets/img/hwcircle-Alex.png Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.205.183.187 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi739826.contaboserver.net Software LiteSpeed / Resource Hash 38e377481a3abf35890dbc9abd19fd4657ab4ea449d24299073da019da5b4281 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT last-modified Mon, 08 Nov 2021 15:24:36 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 3010 expires Sun, 19 Dec 2021 01:04:12 GMT
GET H2	200	applcircle-Alex.png mail.freexjoin47.duckdns.org/assets/img/	9 KB 9 KB	58ms 58ms	Image image/png	109.205.183.187 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://mail.freexjoin47.duckdns.org/assets/img/applcircle-Alex.png Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.205.183.187 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi739826.contaboserver.net Software LiteSpeed / Resource Hash ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT last-modified Mon, 08 Nov 2021 15:24:36 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 9069 expires Sun, 19 Dec 2021 01:04:12 GMT
GET H2	200	twcircle-Alex.png mail.freexjoin47.duckdns.org/assets/img/	10 KB 10 KB	59ms 59ms	Image image/png	109.205.183.187 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://mail.freexjoin47.duckdns.org/assets/img/twcircle-Alex.png Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.205.183.187 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi739826.contaboserver.net Software LiteSpeed / Resource Hash 392c6ef45dc72dc2d72c2a2d16ff5fcd5943766e78e14f1f6bb008c59cf80877 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT last-modified Mon, 08 Nov 2021 15:24:36 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 9812 expires Sun, 19 Dec 2021 01:04:12 GMT
GET H2	200	garena-Alex.jpg mail.freexjoin47.duckdns.org/assets/img/	3 KB 3 KB	46ms 45ms	Image image/jpeg	109.205.183.187 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://mail.freexjoin47.duckdns.org/assets/img/garena-Alex.jpg Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.205.183.187 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi739826.contaboserver.net Software LiteSpeed / Resource Hash 3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT last-modified Mon, 08 Nov 2021 14:23:48 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 3522 expires Sun, 19 Dec 2021 01:04:12 GMT
GET H2	200	facebook-text.png i.ibb.co/wWvFFK6/	28 KB 28 KB	73ms 16ms	Image image/png	152.228.223.13 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/wWvFFK6/facebook-text.png Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 152.228.223.13 , France, ASN16276 (OVH, FR), Reverse DNS ns3190386.ip-152-228-223.eu Software nginx / Resource Hash 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT last-modified Thu, 24 Jun 2021 19:26:23 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 28789 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	k9mpwq-PYChfe-PRt-Ul-TSEk-X73-TCDnwyv-Sk-D5-Avsd-UTAQ4-H0c2-OAIEiii-Uwr-VEd7-k1-E8-s180-rw.webp i.ibb.co/DVjmT33/	53 KB 54 KB	73ms 17ms	Image image/webp	152.228.223.13 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/DVjmT33/k9mpwq-PYChfe-PRt-Ul-TSEk-X73-TCDnwyv-Sk-D5-Avsd-UTAQ4-H0c2-OAIEiii-Uwr-VEd7-k1-E8-s180-rw.webp Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 152.228.223.13 , France, ASN16276 (OVH, FR), Reverse DNS ns3190386.ip-152-228-223.eu Software nginx / Resource Hash 4f8698bca7f3a855b339edf3337864b6b9f1914c653e2ca5127136af9b7d37a4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT last-modified Fri, 06 Aug 2021 06:05:19 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/webp access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 54750 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	googlelogo-color-272x92dp.png i.ibb.co/v1CZkTr/	6 KB 6 KB	106ms 51ms	Image image/png	152.228.223.13 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/v1CZkTr/googlelogo-color-272x92dp.png Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 152.228.223.13 , France, ASN16276 (OVH, FR), Reverse DNS ns3190386.ip-152-228-223.eu Software nginx / Resource Hash 5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT last-modified Thu, 24 Jun 2021 22:08:20 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/png access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 5969 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.1/	82 KB 30 KB	136ms 38ms	Script text/javascript	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Thu, 09 Dec 2021 04:41:47 GMT content-encoding gzip x-content-type-options nosniff age 246145 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29671 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 09 Dec 2022 04:41:47 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.3/	82 KB 29 KB	185ms 88ms	Script text/javascript	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Mon, 06 Dec 2021 02:28:03 GMT content-encoding gzip x-content-type-options nosniff age 513369 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29707 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 06 Dec 2022 02:28:03 GMT
GET H2	200	jquery-3.5.1.min.js Show response code.jquery.com/	87 KB 30 KB	59ms 18ms	Script application/javascript	2001:4de0:ac18::1:a:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.min.js Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT content-encoding gzip last-modified Mon, 04 May 2020 23:02:39 GMT server nginx etag W/"5eb09f0f-15d84" vary Accept-Encoding x-hw 1639271052.dop240.am5.t,1639271052.cds241.am5.hn,1639271052.cds203.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30879
GET H2	200	2974217.js Show response rawcdn.githack.com/32323474/47328789/62269b50e7837c3ded793b5f9e681e5394956018/	335 B 677 B	25ms 22ms	Script application/javascript	2606:4700:3038::6815:eae6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rawcdn.githack.com/32323474/47328789/62269b50e7837c3ded793b5f9e681e5394956018/2974217.js Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eae6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 572f86050126a4138ce65d5f0f3a1f7889f42e396095fceef48dfe4acd0df06a Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-fastly-request-id cbe23aaf395e211b154569135fbbb6394bf7d892 date Sun, 12 Dec 2021 01:04:12 GMT via 1.1 varnish x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 135038 source-age 0 x-cache MISS expires Thu, 31 Dec 2037 23:55:55 GMT content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by cache-hel1410031-HEL x-robots-tag none server cloudflare x-github-request-id 38DC:1E1E:7763A3:7C70C6:61B14E01 x-timer S1639009794.830756,VS0,VE390 etag W/"027eca69988e89f2e99db11008f06ad905bb10b2c7e85e88ac130ffa22656acd" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Authorization,Accept-Encoding,Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHKiQ%2B9oHsC0%2BXB5dRGpB%2BTkESNY3243u%2BIvB%2BX%2FQWJzgFb6DKqryFWBL5jUMGmHr6JhJ5Qfe4GZnu6IXVIXIXDMrD%2BuX%2FuPI%2FedNqsEhxDeCMnf%2Fyiz6e%2FjJkuQ%2FV9%2FQ6BlhVmmZficWM7aLpTN%2FI8%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * x-githack-cache-status HIT cache-control max-age=315360000, public, immutable cf-ray 6bc3098b48c04a8c-FRA x-cache-hits 0
GET H2	200	input-exception.js Show response rawcdn.githack.com/AlexHostX/protect/aaa1462a19b8d8b6cbd68101a5ac89f4955b49de/	9 KB 2 KB	19ms 17ms	Script application/javascript	2606:4700:3038::6815:eae6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rawcdn.githack.com/AlexHostX/protect/aaa1462a19b8d8b6cbd68101a5ac89f4955b49de/input-exception.js Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eae6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 96df2f4735650bfe911e983781783284646ff7cc8109e0dfeb6de8056f1a7654 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-fastly-request-id 2968395e49a587a29857d33c1bf83301af93ca16 date Sun, 12 Dec 2021 01:04:12 GMT via 1.1 varnish x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 3800141 source-age 0 x-cache MISS expires Thu, 31 Dec 2037 23:55:55 GMT content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by cache-bma1643-BMA x-robots-tag none server cloudflare x-github-request-id E350:4E9F:16F9DA:228C16:6179F975 x-timer S1635410709.975620,VS0,VE199 etag W/"7efc1fe69d2bae7cf5f7f6503e53cd6825675b937514a5660fadff678c23ad05" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Authorization,Accept-Encoding,Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LwHCH5Xvh58xLR%2BG6DN7z%2Fr7uRF%2B8VpwCglJe0ELQHLJZrFW38DGEEs%2FcSvEF09oJF1Vs2fjcZYu23iRRPnu%2B0tNNt0cPvKZbNH3EYhmk6zcAKTyTt63yIfVG7xUO38lHnDqdJY5jFUiS5kT21iYc30%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * x-githack-cache-status STALE cache-control max-age=315360000, public, immutable cf-ray 6bc3098b48c84a8c-FRA x-cache-hits 0
GET H2	200	watermark.css rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/	105 B 525 B	18ms 17ms	Stylesheet text/css	2606:4700:3038::6815:eae6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/watermark.css Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3038::6815:eae6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 03845ae6fc5097c5f107ffc206c3fe329a962d045b23151188b6dab3ef4fbcc5 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-fastly-request-id dcc029460b7079d0408d67398975352052220bdd date Sun, 12 Dec 2021 01:04:12 GMT via 1.1 varnish x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 12297231 source-age 0 x-cache MISS expires Thu, 31 Dec 2037 23:55:55 GMT content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 x-served-by cache-hel6832-HEL x-robots-tag none server cloudflare x-github-request-id B0CA:2D34:506660:5736D3:60F00525 x-timer S1626345774.807742,VS0,VE197 etag W/"8cbc601be6a6a4a8de11e874a08f4635bb2103954e29be8f44a2287251cf89b8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Authorization,Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4E9q5I5t4wE2yVgziuecqCfT%2B158KwndC3o0IrVVGvxTBJt8C6Y2WAg2MqzAQwgew%2FuPbkqnsEGo5LQRJxNiuJwfqj27ExMRYX%2BJAcYYSDXPOaDA76BH2nNYNMyKolhl25A04nDmkFmOKGp480hvCxU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * x-githack-cache-status STALE cache-control max-age=315360000, public, immutable cf-ray 6bc3098b48c94a8c-FRA x-cache-hits 0
GET DATA	200 OK	truncated /	449 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET		NotoSansTC-Thin.woff2 fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Thin.woff fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Thin.otf fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Light.woff2 fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Light.woff fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Light.otf fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Regular.woff2 fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Regular.woff fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Regular.otf fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Medium.woff2 fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Medium.woff fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Medium.otf fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Bold.woff2 fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Bold.woff fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Bold.otf fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Black.woff2 fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Black.woff fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET		NotoSansTC-Black.otf fonts.gstatic.com/ea/notosanstc/v1/	0 0
GET H2	200	bgAlex-d.jpg mail.freexjoin47.duckdns.org/assets/img/	134 KB 134 KB	22ms 22ms	Image image/jpeg	109.205.183.187 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://mail.freexjoin47.duckdns.org/assets/img/bgAlex-d.jpg Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/assets/css/style-AlexHost.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.205.183.187 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi739826.contaboserver.net Software LiteSpeed / Resource Hash ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/assets/css/style-AlexHost.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT last-modified Mon, 08 Nov 2021 14:31:20 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 accept-ranges bytes content-length 136773 expires Sun, 19 Dec 2021 01:04:12 GMT
GET DATA	200 OK	truncated /	144 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Content-Type image/png
GET H2	200	fftext-Alex.png mail.freexjoin47.duckdns.org/assets/img/	14 KB 14 KB	86ms 85ms	Image image/png	109.205.183.187 CONTABO
General Check archive.org Show headers Download Go to Show image Full URL https://mail.freexjoin47.duckdns.org/assets/img/fftext-Alex.png Requested by Host: mail.freexjoin47.duckdns.org URL: https://mail.freexjoin47.duckdns.org/assets/css/style-AlexHost.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 109.205.183.187 Düsseldorf, Germany, ASN51167 (CONTABO, DE), Reverse DNS vmi739826.contaboserver.net Software LiteSpeed / Resource Hash 4bb88bccc5bd610423b63fba5ca6f98516d3d8fc631d6b1b977ac669104264be Request headers Accept-Language de-DE,de;q=0.9 Referer https://mail.freexjoin47.duckdns.org/assets/css/style-AlexHost.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sun, 12 Dec 2021 01:04:12 GMT last-modified Mon, 08 Nov 2021 14:23:50 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 14297 expires Sun, 19 Dec 2021 01:04:12 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Thin.woff2

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Thin.woff

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Thin.otf

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Light.woff2

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Light.woff

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Light.otf

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Regular.woff2

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Regular.woff

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Regular.otf

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Medium.woff2

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Medium.woff

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Medium.otf

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Bold.woff2

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Bold.woff

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Bold.otf

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Black.woff2

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Black.woff

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Black.otf

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| google_tag_data function| ga object| gaplugins object| google_tag_manager object| dataLayer function| $ function| jQuery function| openfbAlex function| closefbAlex function| opengpAlex function| closegpAlex function| AlexHostingNetFB function| AlexHostingNetGP object| _0x768a

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Thin.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Thin.woff'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Thin.otf'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Light.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Light.woff'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Light.otf'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Regular.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Regular.woff'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Regular.otf'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Medium.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Medium.woff'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Medium.otf'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Bold.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Bold.woff'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Bold.otf'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Black.woff2'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Black.woff'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://mail.freexjoin47.duckdns.org/ Message: Mixed Content: The page at 'https://mail.freexjoin47.duckdns.org/' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Black.otf'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
fonts.gstatic.com
i.ibb.co
mail.freexjoin47.duckdns.org
rawcdn.githack.com
reward.ff.garena.com
stackpath.bootstrapcdn.com
www.google-analytics.com
www.googletagmanager.com
fonts.gstatic.com
109.205.183.187
152.228.223.13
164.52.101.14
2001:4de0:ac18::1:a:1a
2606:4700:3038::6815:eae6
2606:4700::6810:135e
2606:4700::6812:bcf
2a00:1450:4001:801::2008
2a00:1450:4001:801::200a
2a00:1450:4001:803::200e
03845ae6fc5097c5f107ffc206c3fe329a962d045b23151188b6dab3ef4fbcc5
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
30d1cc84b2adbbe2e7a144cd326b61845698cc34990bf4853e63b703f9b4fa3a
38e377481a3abf35890dbc9abd19fd4657ab4ea449d24299073da019da5b4281
392c6ef45dc72dc2d72c2a2d16ff5fcd5943766e78e14f1f6bb008c59cf80877
3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346
42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae
4abb644266a5139ed69498a2f9522afe373c41787fda172dad55ce1afb18a8df
4bb88bccc5bd610423b63fba5ca6f98516d3d8fc631d6b1b977ac669104264be
4f8698bca7f3a855b339edf3337864b6b9f1914c653e2ca5127136af9b7d37a4
572f86050126a4138ce65d5f0f3a1f7889f42e396095fceef48dfe4acd0df06a
5776cd87617eacec3bc00ebcf530d1924026033eda852f706c1a675a98915826
5ade2c1a33d4f40e1e4dc31db56bbd948e6d15d6da3b2673cc45477ed56dd185
5d40c79196cf9f9da4bdc857e8e1b5094ff3fa0aa0f314985c5a513edb89a6b7
756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8ffae0974acd7014b8e30ff2510ff2c8809103dca22a9e9d252cfd525cc7eff9
94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2
96df2f4735650bfe911e983781783284646ff7cc8109e0dfeb6de8056f1a7654
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3
ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d
cff81f8984cdebd9f5039cd4c058d7d67bba4b92666dc0605f47c44b6a761df2
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
edefde11d13eb274cafd860dd219755352257187b374f313c810cb6a20f0a477
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d