evrntzzldpad.duckdns.org Open in urlscan Pro
20.212.187.164 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://evrntzzldpad.duckdns.org/
Submission: On January 17 via api (January 17th 2022, 8:10:02 am UTC) from JP — Scanned from JP

Summary HTTP 30 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 30 HTTP transactions. The main IP is 20.212.187.164, located in Singapore, Singapore and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is evrntzzldpad.duckdns.org.
TLS certificate: Issued by R3 on January 15th 2022. Valid for: 3 months.

This is the only time evrntzzldpad.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
22	20.212.187.164 20.212.187.164	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:822::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	65.21.235.194 65.21.235.194	24940 (HETZNER-AS) (HETZNER-AS)
1	128.1.157.225 128.1.157.225	21859 (ZEN-ECN) (ZEN-ECN)
1	2404:6800:400... 2404:6800:4004:80b::2003	15169 (GOOGLE) (GOOGLE)
1 1	13.32.50.172 13.32.50.172	16509 (AMAZON-02) (AMAZON-02)
1	99.84.142.12 99.84.142.12	16509 (AMAZON-02) (AMAZON-02)
30	9

22 20.212.187.164 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

evrntzzldpad.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:822::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.21.235.194 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.194.235.21.65.clients.your-server.de

l.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 128.1.157.225 (United States)

ASN21859 (ZEN-ECN, US)

sdomino.boxiangyx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:80b::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.50.172 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-50-172.nrt57.r.cloudfront.net

d1490khl9dq1ow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.142.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-142-12.nrt57.r.cloudfront.net

dm0qx8t0i9gc9.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	duckdns.org evrntzzldpad.duckdns.org	4 MB
2	cloudfront.net 1 redirects d1490khl9dq1ow.cloudfront.net dm0qx8t0i9gc9.cloudfront.net	65 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	boxiangyx.com sdomino.boxiangyx.com — Cisco Umbrella Rank: 705957	4 KB
1	top4top.io l.top4top.io — Cisco Umbrella Rank: 962716	2 MB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 584	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	931 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2427	8 KB
30	9

	Domain	Requested by
22	evrntzzldpad.duckdns.org	evrntzzldpad.duckdns.org
1	dm0qx8t0i9gc9.cloudfront.net	evrntzzldpad.duckdns.org
1	d1490khl9dq1ow.cloudfront.net	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	sdomino.boxiangyx.com	evrntzzldpad.duckdns.org
1	l.top4top.io	evrntzzldpad.duckdns.org
1	code.jquery.com	evrntzzldpad.duckdns.org
1	cdnjs.cloudflare.com	evrntzzldpad.duckdns.org
1	fonts.googleapis.com	evrntzzldpad.duckdns.org
1	stackpath.bootstrapcdn.com	evrntzzldpad.duckdns.org
30	10

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
webmail.evrntzzldpad.duckdns.org R3	`2022-01-15` - `2022-04-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
top4top.io R3	`2022-01-13` - `2022-04-13`	3 months	crt.sh
*.boxiangyx.com RapidSSL RSA CA 2018	`2020-05-12` - `2022-07-11`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://evrntzzldpad.duckdns.org/
Frame ID: E15405945CD2D3435F38AF5F7A849ACC
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Higgs Domino : Event Lucky Spin

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

97 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

9
IPs

5
Countries

6216 kB
Transfer

6349 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/login/identify/?ctx=recover&ars=facebook_login/
Title: Lupa Kata Sandi?

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://d1490khl9dq1ow.cloudfront.net/sfx/mp3preview/wheel-spin_Gk0rCUV_.mp3 HTTP 301
https://dm0qx8t0i9gc9.cloudfront.net/watermarks/audio/BsTwCwBHBjzwub4i4/wheel-spin_Gk0rCUV__WM.mp3

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
evrntzzldpad.duckdns.org/ 13 KB
13 KB 825ms
96ms Document
text/html 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 04f38f60b6b09ceda22485d489ede4ff04048afe21b18a62a892a4ec3c56c505

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

Date: Mon, 17 Jan 2022 08:09:56 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK style.css
evrntzzldpad.duckdns.org/css/ 3 KB
3 KB 111ms
75ms Stylesheet
text/css 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://evrntzzldpad.duckdns.org/css/style.css
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: a79a39eb146bbf56d0bcaf3e70edbbc445c683bad3b0dfd8e8fdb4205b8316bb

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:56 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2903

GET
H/1.1 200
OK style-zone.css
evrntzzldpad.duckdns.org/css/ 13 KB
14 KB 186ms
75ms Stylesheet
text/css 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://evrntzzldpad.duckdns.org/css/style-zone.css
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 6775cd0935f89a69c812b2b8c2891910f21f81ccd3d15454a1319eb24c9bb02f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:56 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 13699

GET
H/1.1 200
OK zero-zone.css
evrntzzldpad.duckdns.org/css/ 4 KB
5 KB 225ms
75ms Stylesheet
text/css 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://evrntzzldpad.duckdns.org/css/zero-zone.css
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 649552ada4ccd682ae941409408fa4fbed8b728547d322f3e1ff679100e33530

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4569

GET
H/1.1 200
OK facebook.css
evrntzzldpad.duckdns.org/css/ 3 KB
4 KB 224ms
75ms Stylesheet
text/css 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://evrntzzldpad.duckdns.org/css/facebook.css
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 4007b5116851045d53b426c5681811cd2b87a878bb1b5d32a2e6199091054987

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3372

GET
H/1.1 200
OK twitter.css
evrntzzldpad.duckdns.org/css/ 1 KB
2 KB 226ms
74ms Stylesheet
text/css 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://evrntzzldpad.duckdns.org/css/twitter.css
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 3878d28d15feba7e3531c12a2de6eee6a8a2fb6603133bd2fffbc2da75f6cbbd

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1516

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
8 KB 178ms
171ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://evrntzzldpad.duckdns.org/
Origin: https://evrntzzldpad.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 08:09:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617
cdn-cachedat: 10/15/2021 13:58:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"269550530cc127b6aa5a35925a7de6ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2c934901adee3299a1ec5a182348c8ea
cdn-requestcountrycode: US
cf-ray: 6cee1ab25f0f80a1-NRT
cdn-cache: HIT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
931 B 75ms
37ms Stylesheet
text/css 2404:6800:4004:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Teko&display=swap

Requested by

Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:822::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

572b033ea8f1072b9cbbd17462095c08c070b3e898ec8952d3fc2228577e7dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 06:18:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 17 Jan 2022 08:09:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jan 2022 08:09:56 GMT

GET
H2 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 69 KB
6 KB 25ms
18ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 08:09:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1001438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5845
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5%2BApbxLRGQMiurl2CZD3WOln5LPI9yzlqnqcUm4TsiXKm6rg1xuh5x1dQGe4ENFe9RrnwnUQM392M99t6%2FhBbmWeaoxRv8cKHgwqeu8DgeaRUY5GwSZp71ABex6lcGVBDxGFBfqvyUJmMOX1Pj8Ugop"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cee1ab25be8efaa-NRT
expires: Sat, 07 Jan 2023 08:09:56 GMT

GET
H/1.1 200
OK spin.png
evrntzzldpad.duckdns.org/img/ 749 KB
749 KB 189ms
75ms Image
image/png 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/spin.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: b16134ff62d29e9b9c97e64dd2f9e0020910e104454d784ad9d5d6dee968b4be

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 766717

GET
H/1.1 200
OK logo.png
evrntzzldpad.duckdns.org/img/ 5 KB
5 KB 114ms
74ms Image
image/png 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/logo.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 246bfcc681a0143890127bf31f78382dab2b83c3d8809137ff416c3dd47f7bdd

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 5237

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 692ms
234ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://evrntzzldpad.duckdns.org/
Origin: https://evrntzzldpad.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 08:09:57 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 17:27:20 GMT
server: nginx
etag: W/"603e7578-15d9d"
vary: Accept-Encoding
x-hw: 1642406997.dop003.pa1.t,1642406997.cds202.pa1.hn,1642406997.cds047.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H/1.1 200
OK style.js Show response
evrntzzldpad.duckdns.org/js/ 1 KB
1 KB 259ms
74ms Script
application/javascript 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://evrntzzldpad.duckdns.org/js/style.js
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: cab0c6dc0debdf79124e922294930f3d637a5a5fe91d8b3df9938ca6d740a451

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1134

GET
H/1.1 200
OK facebook_text.png
evrntzzldpad.duckdns.org/img/login/ 28 KB
28 KB 76ms
75ms Image
image/png 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/login/facebook_text.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 28789

GET
H/1.1 200
OK thumbnail.png
evrntzzldpad.duckdns.org/img/ 252 KB
252 KB 225ms
75ms Image
image/png 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/thumbnail.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 13ec4a5f9b0724e1b674f02d0459ec8099677578285936cde90897ec5e2e13fc

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 257936

GET
H/1.1 200
OK 1.png
evrntzzldpad.duckdns.org/img/reward/ 400 KB
401 KB 225ms
75ms Image
image/png 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/reward/1.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 66f719d5112fefcc421096799ffc550b2ad31a925dba7969af98a569cd81ae90

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 409926

GET
H/1.1 200
OK 2.png
evrntzzldpad.duckdns.org/img/reward/ 468 KB
468 KB 112ms
75ms Image
image/png 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/reward/2.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 1a79f647d774ddeff9fa9cc43d0823772df1ffbac5a9b10dc35a11f23ce37e5c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 478922

GET
H/1.1 200
OK 3.png
evrntzzldpad.duckdns.org/img/reward/ 480 KB
480 KB 286ms
75ms Image
image/png 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/reward/3.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: eb7de2cf49044512a3e735e62e6038b850dedd84569d97a612a034f3e0bc86a6

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 491278

GET
H/1.1 200
OK 4.png
evrntzzldpad.duckdns.org/img/reward/ 411 KB
412 KB 350ms
74ms Image
image/png 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/reward/4.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 62765d7d74e2af9e5fcba1665adef75f9e900e3307a615ff0e30811dd346e98e

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 421134

GET
H/1.1 200
OK 5.png
evrntzzldpad.duckdns.org/img/reward/ 447 KB
447 KB 138ms
74ms Image
image/png 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/reward/5.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 4c5a39024eda9a75130801ae65c1543d139b3cc999e60c2c094d0ee15788ca0f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 457269

GET
H/1.1 200
OK 6.png
evrntzzldpad.duckdns.org/img/reward/ 398 KB
398 KB 78ms
77ms Image
image/png 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/reward/6.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 338cd463d7866cb42a822f096472fa463e81fa2aac59590582077131624b7fa2

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 407088

GET
H2 206 m_2067lyui91.mp4
l.top4top.io/ 2 MB
2 MB 1091ms
544ms Media
video/mp4 65.21.235.194
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l.top4top.io/m_2067lyui91.mp4
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.194.235.21.65.clients.your-server.de
Software: nginx /
Resource Hash: 79e261eea30722283327bffb52f115093c5dc49ce7e0dd6a1f9ad338879fac76

Request headers

Referer: https://evrntzzldpad.duckdns.org/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Range: bytes=0-

Response headers

x-file-id: x40415615x
date: Mon, 17 Jan 2022 08:09:57 GMT
last-modified: Sun, 29 Aug 2021 18:07:21 GMT
server: nginx
etag: "612bccd9-25371b"
content-type: video/mp4
Content-Range: bytes 0-2438938/2438939
cache-control: max-age=7200
content-disposition: inline; filename="header%20(1).mp4"
Content-Length: 2438939
expires: Mon, 17 Jan 2022 10:09:57 GMT

GET
H/1.1 200
OK twitter_text.png
evrntzzldpad.duckdns.org/img/login/ 2 KB
2 KB 93ms
74ms Image
image/png 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/login/twitter_text.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 153e896235ec6b790db8e822baa949a5dbd774b7060a5b68f97705a04d9e940a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2017

GET
H2 200 submit_btn.png
sdomino.boxiangyx.com/images/website/webShop/ 4 KB
4 KB 15ms
7ms Image
image/png 128.1.157.225
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdomino.boxiangyx.com/images/website/webShop/submit_btn.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 128.1.157.225 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software: Tengine /
Resource Hash: bd55d570d64508099db3b916fccc7a95a9234077087c9deeaf5d560b18619179

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 09 Jan 2022 22:42:41 GMT
via: cache38.l2hk71[0,0,304-0,H], cache38.l2hk71[1,0], cache17.jp6[0,0,200-0,H], cache2.jp6[4,0]
age: 638835
x-cache: HIT TCP_MEM_HIT dirn:13:835184717
x-swift-cachetime: 2572430
x-swift-savetime: Mon, 10 Jan 2022 04:08:51 GMT
content-length: 4165
last-modified: Wed, 12 Jun 2019 06:06:48 GMT
server: Tengine
etag: "5d009678-1045"
ali-swift-global-savetime: 1641768161
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
eagleid: 80019d9616424069969056059e
expires: Tue, 08 Feb 2022 22:42:41 GMT

GET
H/1.1 200
OK container.jpg
evrntzzldpad.duckdns.org/img/ 1 KB
2 KB 95ms
75ms Image
image/jpeg 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/container.jpg
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/css/style-zone.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: e2604abe9be04f13d3e207f22f8be96df9364700272c10a0f75d57765f04560a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/css/style-zone.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1512

GET
H/1.1 200
OK subheader.png
evrntzzldpad.duckdns.org/img/ 6 KB
6 KB 170ms
75ms Image
image/png 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/subheader.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/css/style-zone.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 11aa4f88089f576a689265136a18fbc0ff15ada4fbca903530a4cc458b0f2faa

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/css/style-zone.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5974

GET
H/1.1 200
OK item.png
evrntzzldpad.duckdns.org/img/ 1 KB
1 KB 133ms
74ms Image
image/png 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/img/item.png
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/css/zero-zone.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: dd08a3c5350279bba5d4b7f57e861d4f284f1d2f2b9ea983d190e1146a7551a8

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/css/zero-zone.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Last-Modified: Tue, 02 Nov 2021 14:44:46 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1077

GET
H2 200 LYjNdG7kmE0gfaN9pQ.woff2
fonts.gstatic.com/s/teko/v10/ 13 KB
14 KB 41ms
3ms Font
font/woff2 2404:6800:4004:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/teko/v10/LYjNdG7kmE0gfaN9pQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Teko&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80b::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51b6a852f98c7140040a19aeed7333059105f04271c132beef28e0f28b86ae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://evrntzzldpad.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 07:58:52 GMT
x-content-type-options: nosniff
age: 432665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:26:11 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 12 Jan 2023 07:58:52 GMT

GET
H/1.1 200
OK /
evrntzzldpad.duckdns.org/ 13 KB
13 KB 96ms
95ms Image
text/html 20.212.187.164
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evrntzzldpad.duckdns.org/
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.187.164 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 08:09:57 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2

206

wheel-spin_Gk0rCUV__WM.mp3
dm0qx8t0i9gc9.cloudfront.net/watermarks/audio/BsTwCwBHBjzwub4i4/
Redirect Chain

https://d1490khl9dq1ow.cloudfront.net/sfx/mp3preview/wheel-spin_Gk0rCUV_.mp3
https://dm0qx8t0i9gc9.cloudfront.net/watermarks/audio/BsTwCwBHBjzwub4i4/wheel-spin_Gk0rCUV__WM.mp3?

64 KB
64 KB

31ms
24ms

Media
audio/mpeg

99.84.142.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dm0qx8t0i9gc9.cloudfront.net/watermarks/audio/BsTwCwBHBjzwub4i4/wheel-spin_Gk0rCUV__WM.mp3?
Requested by: Host: evrntzzldpad.duckdns.org
URL: https://evrntzzldpad.duckdns.org/
Protocol: H2
Server: 99.84.142.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-142-12.nrt57.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 073078020f08a608e9d44790cae2932474de828460db511644e06c1036389f36

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: https://evrntzzldpad.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: ouoq1gBldIQ3t4fd9gcLxPg04__gEaBd
via: 1.1 296266eef550eb1ec243d30350141214.cloudfront.net (CloudFront)
etag: "dae4c980d2caf7c4fb5c85f0896a46c9"
age: 42191
x-cache: Hit from cloudfront
Content-Range: bytes 0-65155/65156
cross-origin-resource-policy: cross-origin
x-amz-request-id: XT1EQRMQV68TMK9P
x-amz-id-2: u93tWt8WIg4sy3nzBhpMnpzF0CG6R2STgnsrpgRXk/eYxyCRuzjLw3Ie1RnCdvBodclu5UMqhMM=
accept-ranges: bytes
last-modified: Thu, 01 Jul 2021 20:58:38 GMT
server: AmazonS3
date: Sun, 16 Jan 2022 20:26:47 GMT
content-type: audio/mpeg
x-amz-cf-pop: NRT57-C3
Content-Length: 65156
x-amz-cf-id: jRn3dtcaSovY3vrHRkCRR-Hdub_nJPPirr9zgwi3UFuN9hUYO4f73Q==

Redirect headers

date: Mon, 17 Jan 2022 04:52:36 GMT
via: 1.1 0706bdcc30b9021a492a2676497fddf2.cloudfront.net (CloudFront), 1.1 8322b7fb5ad2241eee2db427154f6fc4.cloudfront.net (CloudFront)
age: 11841
x-amzn-requestid: c920e027-9c1d-4860-b2ab-ba50c7e37eeb
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-disposition: attachment
x-amz-apigw-id: MEtjOFBXIAMFUYA=
content-length: 679
access-control-allow-origin: *
server: CloudFront
x-amzn-trace-id: Root=1-61e4f614-77feef5f62531374199acb78;Sampled=0
content-type: application/json
location: https://dm0qx8t0i9gc9.cloudfront.net/watermarks/audio/BsTwCwBHBjzwub4i4/wheel-spin_Gk0rCUV__WM.mp3?
cache-control: max-age=86400
x-amz-cf-pop: NRT12-C5, NRT57-C1
x-amz-cf-id: x3kbgRVj7V1tBcM34RXHFIQzfs7hEgNdOvYITW5xPchIdvg37eGxQQ==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
d1490khl9dq1ow.cloudfront.net
dm0qx8t0i9gc9.cloudfront.net
evrntzzldpad.duckdns.org
fonts.googleapis.com
fonts.gstatic.com
l.top4top.io
sdomino.boxiangyx.com
stackpath.bootstrapcdn.com
128.1.157.225
13.32.50.172
20.212.187.164
2001:4de0:ac18::1:a:1a
2404:6800:4004:80b::2003
2404:6800:4004:822::200a
2606:4700::6810:135e
2606:4700::6812:bcf
65.21.235.194
99.84.142.12
04f38f60b6b09ceda22485d489ede4ff04048afe21b18a62a892a4ec3c56c505
073078020f08a608e9d44790cae2932474de828460db511644e06c1036389f36
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
11aa4f88089f576a689265136a18fbc0ff15ada4fbca903530a4cc458b0f2faa
13ec4a5f9b0724e1b674f02d0459ec8099677578285936cde90897ec5e2e13fc
153e896235ec6b790db8e822baa949a5dbd774b7060a5b68f97705a04d9e940a
1a79f647d774ddeff9fa9cc43d0823772df1ffbac5a9b10dc35a11f23ce37e5c
246bfcc681a0143890127bf31f78382dab2b83c3d8809137ff416c3dd47f7bdd
338cd463d7866cb42a822f096472fa463e81fa2aac59590582077131624b7fa2
3878d28d15feba7e3531c12a2de6eee6a8a2fb6603133bd2fffbc2da75f6cbbd
4007b5116851045d53b426c5681811cd2b87a878bb1b5d32a2e6199091054987
4c5a39024eda9a75130801ae65c1543d139b3cc999e60c2c094d0ee15788ca0f
51b6a852f98c7140040a19aeed7333059105f04271c132beef28e0f28b86ae48
572b033ea8f1072b9cbbd17462095c08c070b3e898ec8952d3fc2228577e7dc4
62765d7d74e2af9e5fcba1665adef75f9e900e3307a615ff0e30811dd346e98e
649552ada4ccd682ae941409408fa4fbed8b728547d322f3e1ff679100e33530
66f719d5112fefcc421096799ffc550b2ad31a925dba7969af98a569cd81ae90
6775cd0935f89a69c812b2b8c2891910f21f81ccd3d15454a1319eb24c9bb02f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79e261eea30722283327bffb52f115093c5dc49ce7e0dd6a1f9ad338879fac76
a79a39eb146bbf56d0bcaf3e70edbbc445c683bad3b0dfd8e8fdb4205b8316bb
b16134ff62d29e9b9c97e64dd2f9e0020910e104454d784ad9d5d6dee968b4be
bd55d570d64508099db3b916fccc7a95a9234077087c9deeaf5d560b18619179
cab0c6dc0debdf79124e922294930f3d637a5a5fe91d8b3df9938ca6d740a451
dd08a3c5350279bba5d4b7f57e861d4f284f1d2f2b9ea983d190e1146a7551a8
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e2604abe9be04f13d3e207f22f8be96df9364700272c10a0f75d57765f04560a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb7de2cf49044512a3e735e62e6038b850dedd84569d97a612a034f3e0bc86a6
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

evrntzzldpad.duckdns.org Open in urlscan Pro 20.212.187.164 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

30 Requests

97 %HTTPS

50 %IPv6

9 Domains

10 Subdomains

9 IPs

5 Countries

6216 kBTransfer

6349 kBSize

0 Cookies

1 Outgoing links

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

evrntzzldpad.duckdns.org Open in urlscan Pro
20.212.187.164 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

50 %
IPv6

9
Domains

10
Subdomains

9
IPs

5
Countries

6216 kB
Transfer

6349 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!