jagoanbajuitem.duckdns.org Open in urlscan Pro
103.147.32.33 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jagoanbajuitem.duckdns.org/
Submission: On August 22 via api (August 22nd 2022, 4:53:13 am UTC) from JP — Scanned from JP

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 6 countries across 18 domains to perform 38 HTTP transactions. The main IP is 103.147.32.33, located in Indonesia and belongs to IDNIC-GIMCLOUD-AS-ID PT. Global Indo Multimedia, ID. The main domain is jagoanbajuitem.duckdns.org.
TLS certificate: Issued by R3 on August 13th 2022. Valid for: 3 months.

This is the only time jagoanbajuitem.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
4	103.147.32.33 103.147.32.33	139944 (IDNIC-GIM...) (IDNIC-GIMCLOUD-AS-ID PT. Global Indo Multimedia)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4004:823::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::681a:78b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1 1	2606:4700:303... 2606:4700:3038::6815:eae6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8001::154	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3031::ac43:ab54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::347	54113 (FASTLY) (FASTLY)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.73.134 143.204.73.134	16509 (AMAZON-02) (AMAZON-02)
10	104.18.183.224 104.18.183.224	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2404:6800:400... 2404:6800:4004:810::200e	15169 (GOOGLE) (GOOGLE)
1	65.9.42.127 65.9.42.127	16509 (AMAZON-02) (AMAZON-02)
1	13.225.165.112 13.225.165.112	16509 (AMAZON-02) (AMAZON-02)
1	2404:6800:400... 2404:6800:4008:c01::9b	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:827::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:826::2003	15169 (GOOGLE) (GOOGLE)
1	13.225.165.21 13.225.165.21	16509 (AMAZON-02) (AMAZON-02)
1	35.161.174.131 35.161.174.131	16509 (AMAZON-02) (AMAZON-02)
38	20

4 103.147.32.33 (Indonesia)

ASN139944 (IDNIC-GIMCLOUD-AS-ID PT. Global Indo Multimedia, ID)
PTR: 33.32.147.103.verifikasi.id

jagoanbajuitem.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:823::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3038::6815:eae6 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rawcdn.githack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8001::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:ab54 (United States)

ASN13335 (CLOUDFLARENET, US)

iconape.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::347 (United States)

ASN54113 (FASTLY, US)

cdn.statically.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.73.134 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-73-134.nrt12.r.cloudfront.net

cdn.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.183.224 (None, )

ASN13335 (CLOUDFLARENET, US)

static.mediafire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4004:810::200e (Australia)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.42.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-42-127.nrt12.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.165.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-165-112.nrt12.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c01::9b (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:827::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:826::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.165.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-165-21.nrt12.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.161.174.131 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-161-174-131.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	mediafire.com static.mediafire.com — Cisco Umbrella Rank: 55911	9 KB
4	duckdns.org jagoanbajuitem.duckdns.org	150 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 853 vars.hotjar.com — Cisco Umbrella Rank: 858	68 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	172 KB
2	amplitude.com cdn.amplitude.com — Cisco Umbrella Rank: 3452 api.amplitude.com — Cisco Umbrella Rank: 1360	22 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	113 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 422	35 KB
1	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 19743	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 9	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 108	453 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	5 KB
1	statically.io cdn.statically.io — Cisco Umbrella Rank: 12991	11 KB
1	iconape.com iconape.com — Cisco Umbrella Rank: 139094	13 KB
1	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 4802	29 KB
1	githack.com 1 redirects rawcdn.githack.com — Cisco Umbrella Rank: 105362	652 B
1	btloader.com btloader.com — Cisco Umbrella Rank: 1038	6 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 219	6 KB
38	18

	Domain	Requested by
10	static.mediafire.com	jagoanbajuitem.duckdns.org
4	jagoanbajuitem.duckdns.org	jagoanbajuitem.duckdns.org static.cloudflareinsights.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	jagoanbajuitem.duckdns.org www.googletagmanager.com
2	code.jquery.com	jagoanbajuitem.duckdns.org
2	cdn.jsdelivr.net	jagoanbajuitem.duckdns.org
1	api.amplitude.com	cdn.amplitude.com
1	vars.hotjar.com	static.hotjar.com
1	www.google.co.jp	jagoanbajuitem.duckdns.org
1	www.google.com	jagoanbajuitem.duckdns.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	cdn.amplitude.com	jagoanbajuitem.duckdns.org
1	static.cloudflareinsights.com	jagoanbajuitem.duckdns.org
1	cdn.statically.io	jagoanbajuitem.duckdns.org
1	iconape.com	jagoanbajuitem.duckdns.org
1	raw.githubusercontent.com	jagoanbajuitem.duckdns.org
1	rawcdn.githack.com	1 redirects
1	btloader.com	jagoanbajuitem.duckdns.org
1	cdnjs.cloudflare.com	jagoanbajuitem.duckdns.org
38	21

This site contains no links.

Subject Issuer	Validity	Valid
mail.jagoanbajuitem.duckdns.org R3	`2022-08-13` - `2022-11-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
statically.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-02-18` - `2023-03-22`	a year	crt.sh
cdn.amplitude.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
*.mediafire.com Sectigo RSA Organization Validation Secure Server CA	`2021-08-28` - `2022-09-28`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://jagoanbajuitem.duckdns.org/
Frame ID: 0A92AEC447AEA68A9EFB5C09A74A6E8B
Requests: 37 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: 3F566B12D60ED11C3E52C55611962735
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VID-08763893890

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Amplitude (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.amplitude\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

38
Requests

97 %
HTTPS

67 %
IPv6

18
Domains

21
Subdomains

20
IPs

6
Countries

662 kB
Transfer

1613 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://rawcdn.githack.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/facebook_text.png HTTP 301
https://raw.githubusercontent.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/facebook_text.png

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
jagoanbajuitem.duckdns.org/ 27 KB
27 KB 24621ms
257ms Document
text/html 103.147.32.33
IDNIC-GIMCLOUD-AS...

General

Check archive.org

Show headers Download Go to

Full URL: https://jagoanbajuitem.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.147.32.33 , Indonesia, ASN139944 (IDNIC-GIMCLOUD-AS-ID PT. Global Indo Multimedia, ID),
Reverse DNS: 33.32.147.103.verifikasi.id
Software: Apache /
Resource Hash: 3885dee0afd65e65acb9b2b018e3f1c77a5cdb09b149ef399712fb418419646f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Aug 2022 04:53:08 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 19ms
11ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4000386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ldFwH7rXfJUUnFRFFvCpbIHr80QiwX2I6Tbaa%2F3eekx8jqCx57VSwWklL%2F4f8ws%2FEB7AZWwzuykvAV0sG68Wa3ZVeBQrn0STL93k4GWQegBocffTBzq51qe%2F2slNc7tw44Swo6pnBEA1DdJ2rVSMIKb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 73e900c949778a90-NRT
expires: Sat, 12 Aug 2023 04:53:08 GMT

GET
H/1.1 200
OK style.css
jagoanbajuitem.duckdns.org/css/ 117 KB
118 KB 102ms
101ms Stylesheet
text/css 103.147.32.33
IDNIC-GIMCLOUD-AS...

General

Check archive.org

Show headers Download Go to

Full URL: https://jagoanbajuitem.duckdns.org/css/style.css
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.147.32.33 , Indonesia, ASN139944 (IDNIC-GIMCLOUD-AS-ID PT. Global Indo Multimedia, ID),
Reverse DNS: 33.32.147.103.verifikasi.id
Software: Apache /
Resource Hash: e72cce4cabc1583737a7fc536dd29477bbafdcd192d5bd6dd122b0539a7fd4be

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 04:53:08 GMT
Last-Modified: Sat, 04 Jun 2022 21:24:11 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 120234

GET
H/1.1 200
OK facebook.css
jagoanbajuitem.duckdns.org/css/ 4 KB
4 KB 182ms
88ms Stylesheet
text/css 103.147.32.33
IDNIC-GIMCLOUD-AS...

General

Check archive.org

Show headers Download Go to

Full URL: https://jagoanbajuitem.duckdns.org/css/facebook.css
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.147.32.33 , Indonesia, ASN139944 (IDNIC-GIMCLOUD-AS-ID PT. Global Indo Multimedia, ID),
Reverse DNS: 33.32.147.103.verifikasi.id
Software: Apache /
Resource Hash: 42f9e7a507cf1eb2586521e317aa397380a6f9de1ddb2dc1480c706faf6d54eb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Date: Mon, 22 Aug 2022 04:53:08 GMT
Last-Modified: Sat, 04 Jun 2022 21:25:26 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4034

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/npm/jquery@3.6.0/dist/ 87 KB
32 KB 27ms
19ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery@3.6.0/dist/jquery.min.js

Requested by

Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13289483
x-jsd-version: 3.6.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19150-FRA, cache-tyo11935-TYO
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"15d9d-uC0jjU4x/fYYuuisEabIEsA90NQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bo90gnEgd%2FLWYCvMSZmsk2dHbStsuaGFCesttlIB6i%2FX1FkQzM5Fhihlyt3AKePUZLILMlkB0GRItMjuRTL3167SChXkTuFMWrLntPbVk%2BrH%2BJ1pDjjdaqutrOgBEBbPJ3ETyPLAlZF8Z2DkNZg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 73e900c94a168a8a-NRT

GET
H2 200 base64.min.js Show response
cdn.jsdelivr.net/npm/js-base64@3.7.1/ 5 KB
3 KB 25ms
18ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-base64@3.7.1/base64.min.js

Requested by

Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fae6b0eb07e3fbf137e7338ed11f8f3649723c71da033e02d86aabadbbc09fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13289273
x-jsd-version: 3.7.1
x-cache: MISS, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19153-FRA, cache-tyo11971-TYO
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"1403-Iw1GRY+LVjIB//oGCUa3Uouq6NQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xztX%2B013JdUfIiEO2ik1oiNxFrrI98%2BWKd5aZlsn2vk5RlAHplJsj8tT1JLNkiW0aPfNejBZ%2F0S8dr%2BoQYgeH5FLF49O63m8Qz2XHU7mqaFy79U%2FKPcAX8Z2NkbBjmzWtFzEuuu7IHXLXR6W8uE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 73e900c94a1a8a8a-NRT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 136ms
42ms Script
application/javascript 2404:6800:4004:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Requested by

Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e96d97bbe8ceb783c2e4312baaa0b75bb5b7941296958f8bc742f699702e44a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41862
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Aug 2022 04:53:08 GMT

GET
H2 200 tag Show response
btloader.com/ 12 KB
6 KB 30ms
10ms Script
application/javascript 2606:4700:20::681a:78b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5678961798414336&upapi=true
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02de91dd51ca95dee54488c658c58c17310bcde018a105713583fedb7f9a535a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

cf-ray: 73e900c97f1180c9-NRT
date: Mon, 22 Aug 2022 04:53:08 GMT
via: 1.1 google
cf-cache-status: HIT
last-modified: Mon, 22 Aug 2022 04:44:58 GMT
server: cloudflare
age: 359
etag: W/"df48150a5a0b6d5007577a68caccbea9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaROG941pB92IQ4mnbODhUEGSeYdikJh1P121Fg9uuoFocBsavr3ouWtR3aYN%2B4kXMs7fgQYj3t98cwQ%2FFQAoYwuI3yP7E3Rta0a0%2F%2Bvy6yV4d1ucqDdTzen1%2BKTeOJg%2BcuDYriMtGU9UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br

GET
H2 200 jquery-3.6.0.js Show response
code.jquery.com/ 282 KB
83 KB 352ms
115ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.js
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239

Request headers

Referer: https://jagoanbajuitem.duckdns.org/
Origin: https://jagoanbajuitem.duckdns.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-46744"
vary: Accept-Encoding
x-hw: 1661143989.dop091.sj3.t,1661143989.cds205.sj3.hn,1661143989.cds109.sj3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 84714

GET
H2

200

facebook_text.png
raw.githubusercontent.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/
Redirect Chain

https://rawcdn.githack.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/facebook_text.png
https://raw.githubusercontent.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/facebook_text.png

28 KB
29 KB

241ms
228ms

Image
image/png

2606:50c0:8001::154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://raw.githubusercontent.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/facebook_text.png

Requested by

Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/

Protocol

Server

2606:50c0:8001::154 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; style-src 'unsafe-inline'; sandbox
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id: de75ab2a5e054f00b7aa1d7dd833b904cf458a37
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
via: 1.1 varnish
x-content-type-options: nosniff
x-cache: HIT
x-cache-hits: 1
vary: Authorization,Accept-Encoding,Origin
content-length: 28789
x-xss-protection: 1; mode=block
x-served-by: cache-nrt-rjtf7700075-NRT
x-github-request-id: 9174:3D0E:36A3AD:4B8826:63030119
x-timer: S1661143989.831832,VS0,VE226
x-frame-options: deny
date: Mon, 22 Aug 2022 04:53:09 GMT
source-age: 0
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
etag: W/"abfa212cc4d7b3d4c8bdcd6b3f8299b10b8d2002dc23c03f0c0843062e616a61"
accept-ranges: bytes
expires: Mon, 22 Aug 2022 04:58:09 GMT

Redirect headers

date: Mon, 22 Aug 2022 04:53:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 68098
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 191
access-control-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d31%2Ba%2B7Qqh1ENCzqb%2BVyPu6C5fR8N0oNqYTk8r9bjw7BllOFR075SvyyhYnkIgwVkd3egWc6w454aHLIrSsc4RkmRdB%2BVTjyeQOnCDWDYvEebzCLnvpbFV9c3TLWpeRQl2x%2F%2Bdzi6EwiB%2B7Cxiu9K%2BA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://raw.githubusercontent.com/AlexHostX/logAlex/391a0879c14c7ba91729a2271cfc42f3f874c190/facebook_text.png
cache-control: max-age=86400
cf-ray: 73e900ca0e2f34ed-NRT
expires: Mon, 22 Aug 2022 08:55:03 GMT

GET
H2 200 mediafire.png
iconape.com/wp-content/png_logo_vector/ 13 KB
13 KB 37ms
8ms Image
image/png 2606:4700:3031::ac43:ab54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iconape.com/wp-content/png_logo_vector/mediafire.png
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:ab54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dce8fb053052f467bce25b2f43f370878c5e5efe1765f662ced8bd2adcb73b1d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:08 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 826857
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13009
pragma: public
last-modified: Fri, 15 Jan 2021 06:46:13 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3yTwyk6yi142zerwgDcCxeK6v0O9bvYvsgXuyA%2FVyMNC%2Fxi%2BtxspVfWIq9iuuZX6rCuJYK0NM%2FCJ6PGfCNsfkd%2FoKJL0%2FqC0HJp92OkpbQI%2BBlibOII6VjSQD3sqHvwvnAJzwt3Z%2FFi9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 73e900ca0a230aa4-NRT
expires: Tue, 11 Oct 2022 15:12:10 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 345ms
111ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1661143989.dop028.sj3.t,1661143989.cds207.sj3.hn,1661143989.cds046.sj3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 base64.min.js Show response
cdn.statically.io/gh/jqueryfoundation/base64/main/5.6.0/ 33 KB
11 KB 143ms
114ms Script
application/javascript 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.statically.io/gh/jqueryfoundation/base64/main/5.6.0/base64.min.js

Requested by

Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

statically /

Resource Hash

5b5913fc487ac777ca0123866eeace1e924788c15fdd12a30ecc00e025de7b03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4701
x-cache: HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 11295
x-served-by: cache-sjc10068-SJC, cache-nrt-rjtf7700033-NRT
server: statically
etag: W/"7cc42656955548b54d25fc822c8882ffff32ec0918fee276330bf6109ea852b9"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=86400
timing-allow-origin: *
access-control-expose-headers: *

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 60ms
32ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://jagoanbajuitem.duckdns.org/
Origin: https://jagoanbajuitem.duckdns.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:08 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 73e900ca0ec2340e-NRT

GET
H2 200 amplitude-8.5.0-min.gz.js Show response
cdn.amplitude.com/libs/ 68 KB
22 KB 460ms
440ms Script
application/javascript 143.204.73.134
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.73.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-73-134.nrt12.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4

Request headers

Referer: https://jagoanbajuitem.duckdns.org/
Origin: https://jagoanbajuitem.duckdns.org
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:10 GMT
content-encoding: gzip
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop: NRT12-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 22154
access-control-allow-origin: *
last-modified: Fri, 13 Aug 2021 22:37:42 GMT
server: AmazonS3
etag: "660c3b546f2a131de50b69b91f26c636"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
via: 1.1 876cb7e4a24cc65c5d4fe1273662a7b0.cloudfront.net (CloudFront)
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: C8XFBkX49OjBNLzA_Ox463oU6dadFFFvaPSjS-8PfPlxXY9yd1crMQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 218 KB
69 KB 41ms
40ms Script
application/javascript 2404:6800:4004:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Requested by

Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

322ed0e097054f522801044465ee6ad417cd6c81a4cf78968b570e9f68fd87e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70674
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Aug 2022 04:53:09 GMT

GET
H2 200 mf_logo_full_color.svg
static.mediafire.com/images/backgrounds/header/ 3 KB
2 KB 69ms
53ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/header/mf_logo_full_color.svg
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 28 Oct 2016 22:22:42 GMT
server: cloudflare
age: 7723
etag: W/"5813cfb2-d1d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73e900cbcd761d87-NRT

GET
H2 200 twitter.svg
static.mediafire.com/images/icons/svg_light/ 949 B
828 B 35ms
20ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_light/twitter.svg
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f15316721389b1b084e6fb85747089ea51ccf9d81fcfb1b33ace326898e2913f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 13788
etag: W/"62deda56-3b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73e900cbcd7b1d87-NRT

GET
H2 200 facebook.svg
static.mediafire.com/images/icons/svg_light/ 401 B
573 B 45ms
31ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_light/facebook.svg
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d98133ce0dc7033265505bffc7aebd92fad444a0cd0271832a877418ccc889c6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 2723
etag: W/"62deda56-191"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73e900cbcd7c1d87-NRT

GET
H2 200 file-zip-v3.png
static.mediafire.com/images/filetype/ 2 KB
2 KB 32ms
18ms Image
image/png 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/filetype/file-zip-v3.png
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 6464
etag: "62deda56-750"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 73e900cbcd7d1d87-NRT
content-length: 1872
expires: Tue, 20 Sep 2022 23:14:36 GMT

GET
H2 200 download.svg
static.mediafire.com/images/icons/svg_light/ 348 B
539 B 33ms
19ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_light/download.svg
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b719a37796ef8486a9e7948d9c206d65c28e1e076445e037163b28107d431705

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 5849
etag: W/"62deda56-15c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73e900cbcd7e1d87-NRT

GET
H2 200 link.svg
static.mediafire.com/images/icons/svg_dark/ 375 B
530 B 30ms
16ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/link.svg
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c120725f5033ebaffbfd7c7d32de0bd1e452a7cf68b5afa14bb6a40964b4585

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 1728
etag: W/"62deda56-177"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73e900cbcd801d87-NRT

GET
H2 200 facebook.svg
static.mediafire.com/images/icons/svg_dark/ 389 B
742 B 12ms
12ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/facebook.svg
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23c6fab55cca5617226b806344cdb35d568c69e54556bc726ab08e7dc1dd219a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 1728
etag: W/"62deda56-185"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73e900cbcd851d87-NRT

GET
H2 200 share.svg
static.mediafire.com/images/icons/svg_dark/ 737 B
715 B 16ms
15ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/share.svg
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bac2ecaebdb39fa5ab5231f9f02e57efcdcfbc7a2e34f8891dcb7911f14464ce

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 5849
etag: W/"62deda56-2e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73e900cbcd841d87-NRT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 48ms
2ms Script
text/javascript 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-829541-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4441
date: Mon, 22 Aug 2022 03:39:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 22 Aug 2022 05:39:08 GMT

GET
H2 200 add.svg
static.mediafire.com/images/icons/svg_dark/ 199 B
244 B 21ms
16ms Image
image/svg+xml 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/icons/svg_dark/add.svg
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5cd89fdfd6cd180e697226d00af75da1557bf2e6ea354a8f6f3e8491e852294f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 5848
etag: W/"62deda56-c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cf-ray: 73e900cbeda21d87-NRT

GET
H2 200 footerIcons.png
static.mediafire.com/images/backgrounds/footer/social/ 583 B
841 B 16ms
16ms Image
image/png 104.18.183.224
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.mediafire.com/images/backgrounds/footer/social/footerIcons.png
Requested by: Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.18.183.224 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
cf-cache-status: HIT
last-modified: Mon, 25 Jul 2022 18:00:54 GMT
server: cloudflare
age: 7339
etag: "62deda56-247"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 73e900cc1dcb1d87-NRT
content-length: 583
expires: Tue, 20 Sep 2022 23:13:32 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 78ms
39ms XHR
text/plain 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=397945921&t=pageview&_s=1&dl=https%3A%2F%2Fjagoanbajuitem.duckdns.org%2F&ul=en-us&de=UTF-8&dt=VID-08763893890&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=204259080&gjid=1719344123&cid=720179091.1661143989&tid=UA-829541-1&_gid=499779444.1661143989&_r=1&gtm=2ou8h0&cd1=unregistered&cd7=legacy&cd3=archive&cd4=4&cd5=zip&cd8=%2F5%2F10%2F20%2F50%2F100%2F&z=372399895

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://jagoanbajuitem.duckdns.org/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 04:53:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jagoanbajuitem.duckdns.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
62 KB 43ms
43ms Script
application/javascript 2404:6800:4004:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:823::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2fa9b86a24a3dcb079e6e17df164aefbbb6fa3ac7715b17e4c485dea919417e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:53:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63333
x-xss-protection: 0
expires: Mon, 22 Aug 2022 04:53:09 GMT

GET
H2 200 hotjar-1232118.js Show response
static.hotjar.com/c/ 5 KB
3 KB 34ms
8ms Script
application/javascript 65.9.42.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1232118.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-53LP4T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.42.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-42-127.nrt12.r.cloudfront.net

Software

Resource Hash

22b5614bca68b017b701b0deba4f03afe117fa5bb0d80cf658319b9c26d1006c

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 04:52:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
x-cache-hit: 1
etag: W/0d374db222a680347c5b04825e96ebf3
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
via: 1.1 c5796606c1eacbf0d14ec7649a330660.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-pop: NRT12-C5
x-amz-cf-id: OTKrmMvm5hvxeZDusIh4WOfApfhUW6hq0X6bboEk57ZL019uvt2r6Q==

GET
H2 200 modules.8b83be320cd47888a36c.js Show response
script.hotjar.com/ 249 KB
64 KB 28ms
5ms Script
application/javascript 13.225.165.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8b83be320cd47888a36c.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1232118.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.165.112 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-165-112.nrt12.r.cloudfront.net

Software

Resource Hash

3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 10:54:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 842342
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 65169
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 10:53:25 GMT
etag: "aa31991b0402338880bb68565eec8d76"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 0c765a2912f391b4e0a7e9ea69f2a9ba.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: NRT12-C4
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: pUgC9KIM48e5Uzo-Wo62ChhYHQ6MJDLoWFLKQ32aH6gZy5bxezIEzg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
453 B 114ms
38ms XHR
text/plain 2404:6800:4008:c01::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-829541-1&cid=720179091.1661143989&jid=204259080&gjid=1719344123&_gid=499779444.1661143989&_u=YEBAAUAAAAAAAC~&z=1629489686

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4008:c01::9b Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://jagoanbajuitem.duckdns.org/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Aug 2022 04:53:09 GMT
content-type: text/plain
access-control-allow-origin: https://jagoanbajuitem.duckdns.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 35ms
35ms Ping
text/plain 2404:6800:4004:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=2oe8h0&_p=397945921&cid=720179091.1661143989&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661143989&sct=1&seg=0&dl=https%3A%2F%2Fjagoanbajuitem.duckdns.org%2F&dt=VID-08763893890&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K68XP6D85D&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4004:810::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 04:53:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://jagoanbajuitem.duckdns.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 87ms
45ms Image
image/gif 2404:6800:4004:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-829541-1&cid=720179091.1661143989&jid=204259080&_u=YEBAAUAAAAAAAC~&z=1108253578

Requested by

Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:827::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 04:53:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.jp/ads/ 42 B
501 B 83ms
42ms Image
image/gif 2404:6800:4004:826::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-829541-1&cid=720179091.1661143989&jid=204259080&_u=YEBAAUAAAAAAAC~&z=1108253578

Requested by

Host: jagoanbajuitem.duckdns.org
URL: https://jagoanbajuitem.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:826::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://jagoanbajuitem.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Aug 2022 04:53:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-1ada912494ba7fc7aca15fcef1c2a7ae.html Show response
vars.hotjar.com/ Frame 3F56 2 KB
1 KB 19ms
3ms Document
text/html 13.225.165.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1232118.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.165.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-165-21.nrt12.r.cloudfront.net

Software

Resource Hash

90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://jagoanbajuitem.duckdns.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

accept-ranges: bytes
age: 1151114
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 08 Aug 2022 21:07:55 GMT
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified: Fri, 15 Jul 2022 13:07:48 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 47b4b177c4f8ebe08cb40fe8ee21a0b0.cloudfront.net (CloudFront)
x-amz-cf-id: bxOp1RClie7y6qRzZsjl_NZA7ruRbworiaLcNMz1hPdobBADUma0HA==
x-amz-cf-pop: NRT12-C4
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 / Show response
api.amplitude.com/ 7 B
205 B 406ms
136ms XHR
text/html 35.161.174.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: cdn.amplitude.com
URL: https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.161.174.131 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-161-174-131.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://jagoanbajuitem.duckdns.org/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Aug 2022 04:53:09 GMT
trace-id: Root=1-63030bb5-00c1a8991e816b006a46cf01
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

POST
H/1.1 404
Not Found rum Show response
jagoanbajuitem.duckdns.org/cdn-cgi/ 315 B
515 B 94ms
94ms XHR
text/html 103.147.32.33
IDNIC-GIMCLOUD-AS...

General

Check archive.org

Show headers Download Go to

Full URL: https://jagoanbajuitem.duckdns.org/cdn-cgi/rum?
Requested by: Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 103.147.32.33 , Indonesia, ASN139944 (IDNIC-GIMCLOUD-AS-ID PT. Global Indo Multimedia, ID),
Reverse DNS: 33.32.147.103.verifikasi.id
Software: Apache /
Resource Hash: d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3

Request headers

Referer: https://jagoanbajuitem.duckdns.org/
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
content-type: application/json

Response headers

Date: Mon, 22 Aug 2022 04:53:09 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mediafire.com/	1970-01-20 05:25:45	Name: __cf_bm Value: CSMGPdezY0h_fqwTaxMZ3VViDjfetlURYvDNQ_ENtqg-1661143989-0-AY0+9eLv1siEhpxHhgFu2RZiRCRgko8fuw9Ry9d47HSYKeupDxxWfSH+92wzQvW/Nn36UA9GibP9Mqa7OyjN9PY=
.jagoanbajuitem.duckdns.org/	1970-01-20 05:27:10	Name: _gid Value: GA1.3.499779444.1661143989
.jagoanbajuitem.duckdns.org/	1970-01-20 05:25:44	Name: _gat_gtag_UA_829541_1 Value: 1
.jagoanbajuitem.duckdns.org/	1970-01-20 15:01:43	Name: _ga_K68XP6D85D Value: GS1.1.1661143989.1.0.1661143989.0.0.0
.jagoanbajuitem.duckdns.org/	1970-01-20 15:01:43	Name: _ga Value: GA1.1.720179091.1661143989
.jagoanbajuitem.duckdns.org/	1970-01-20 14:11:19	Name: _hjSessionUser_1232118 Value: eyJpZCI6Ijk1YzEyMmYyLTNkZDYtNTFmNy04YzRhLTRjZWRmZjJmYzRhZCIsImNyZWF0ZWQiOjE2NjExNDM5ODkzMDAsImV4aXN0aW5nIjpmYWxzZX0=
.jagoanbajuitem.duckdns.org/	1970-01-20 05:25:45	Name: _hjFirstSeen Value: 1
jagoanbajuitem.duckdns.org/	1970-01-20 05:25:44	Name: _hjIncludedInSessionSample Value: 1
.jagoanbajuitem.duckdns.org/	1970-01-20 05:25:45	Name: _hjSession_1232118 Value: eyJpZCI6IjIyMmI0ZDdiLThmMjgtNDdiZC05OGRjLThjMmIyOWVkNjliNCIsImNyZWF0ZWQiOjE2NjExNDM5ODk0OTAsImluU2FtcGxlIjp0cnVlfQ==
.jagoanbajuitem.duckdns.org/	1970-01-20 05:25:45	Name: _hjAbsoluteSessionInProgress Value: 0
.jagoanbajuitem.duckdns.org/	1970-01-20 14:11:19	Name: amp_28916b Value: Dh99lAF_5QDN6Y-sJXsAXV...1gb1ubfcj.1gb1ubfcl.0.1.1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://jagoanbajuitem.duckdns.org/cdn-cgi/rum? Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.amplitude.com
btloader.com
cdn.amplitude.com
cdn.jsdelivr.net
cdn.statically.io
cdnjs.cloudflare.com
code.jquery.com
iconape.com
jagoanbajuitem.duckdns.org
raw.githubusercontent.com
rawcdn.githack.com
script.hotjar.com
static.cloudflareinsights.com
static.hotjar.com
static.mediafire.com
stats.g.doubleclick.net
vars.hotjar.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
103.147.32.33
104.18.183.224
13.225.165.112
13.225.165.21
143.204.73.134
2001:4de0:ac18::1:a:1b
2404:6800:4004:810::200e
2404:6800:4004:823::2008
2404:6800:4004:826::2003
2404:6800:4004:827::2004
2404:6800:4008:c01::9b
2606:4700:20::681a:78b
2606:4700:3031::ac43:ab54
2606:4700:3038::6815:eae6
2606:4700:440e::ac40:9c1a
2606:4700::6810:5614
2606:4700::6811:180e
2606:50c0:8001::154
2a04:4e42:400::347
35.161.174.131
65.9.42.127
02de91dd51ca95dee54488c658c58c17310bcde018a105713583fedb7f9a535a
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
1fe2bb5390a75e5d61e72c107cab528fc3c29a837d69aab7d200e1dbb5dcd239
22b5614bca68b017b701b0deba4f03afe117fa5bb0d80cf658319b9c26d1006c
23c6fab55cca5617226b806344cdb35d568c69e54556bc726ab08e7dc1dd219a
2450e5580136f94bda7ccf95e3167b57e15b05b513a430967943a50036fa47a4
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
2e96d97bbe8ceb783c2e4312baaa0b75bb5b7941296958f8bc742f699702e44a
2fa9b86a24a3dcb079e6e17df164aefbbb6fa3ac7715b17e4c485dea919417e6
322ed0e097054f522801044465ee6ad417cd6c81a4cf78968b570e9f68fd87e1
3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010
3885dee0afd65e65acb9b2b018e3f1c77a5cdb09b149ef399712fb418419646f
42f9e7a507cf1eb2586521e317aa397380a6f9de1ddb2dc1480c706faf6d54eb
4448e430d3c53bad548a5d135e1c7e2f9593e806ba47892640d430ea752e979e
4fae6b0eb07e3fbf137e7338ed11f8f3649723c71da033e02d86aabadbbc09fb
5b5913fc487ac777ca0123866eeace1e924788c15fdd12a30ecc00e025de7b03
5cd89fdfd6cd180e697226d00af75da1557bf2e6ea354a8f6f3e8491e852294f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8539c91ae0a82f8cab27d481ea38ac4e66d1e5b36701fe295bcba4399b9255bd
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
9c120725f5033ebaffbfd7c7d32de0bd1e452a7cf68b5afa14bb6a40964b4585
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b719a37796ef8486a9e7948d9c206d65c28e1e076445e037163b28107d431705
bac2ecaebdb39fa5ab5231f9f02e57efcdcfbc7a2e34f8891dcb7911f14464ce
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d98133ce0dc7033265505bffc7aebd92fad444a0cd0271832a877418ccc889c6
dce8fb053052f467bce25b2f43f370878c5e5efe1765f662ced8bd2adcb73b1d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e72cce4cabc1583737a7fc536dd29477bbafdcd192d5bd6dd122b0539a7fd4be
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15316721389b1b084e6fb85747089ea51ccf9d81fcfb1b33ace326898e2913f
f917a9105c311331b1d40f4d2bdbf11233c1c465616c1a9c46232f451463b061
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

jagoanbajuitem.duckdns.org Open in urlscan Pro 103.147.32.33 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

97 %HTTPS

67 %IPv6

18 Domains

21 Subdomains

20 IPs

6 Countries

662 kBTransfer

1613 kBSize

11 Cookies

0 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

jagoanbajuitem.duckdns.org Open in urlscan Pro
103.147.32.33 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

97 %
HTTPS

67 %
IPv6

18
Domains

21
Subdomains

20
IPs

6
Countries

662 kB
Transfer

1613 kB
Size

11
Cookies

38 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!