firearrest.fun - urlscan.io

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 6 HTTP transactions. The main IP is 2606:4700:30::6818:6dae, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is firearrest.fun.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 31st 2018. Valid for: 6 months.

This is the only time firearrest.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	172.104.235.28 172.104.235.28	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	2606:4700:30:... 2606:4700:30::681b:9693	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2606:4700:30:... 2606:4700:30::6818:6dae	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
6	4

1 172.104.235.28 (Absecon, United States)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1811-28.members.linode.com

ltgollersftr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:30::681b:9693 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

fireabsorb.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:30::6818:6dae (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

firearrest.fun	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	firearrest.fun firearrest.fun	41 KB
2	gstatic.com www.gstatic.com	22 KB
1	fireabsorb.fun 1 redirects fireabsorb.fun	506 B
1	ltgollersftr.com ltgollersftr.com	453 B
6	4

	Domain	Requested by
3	firearrest.fun	firearrest.fun
2	www.gstatic.com	firearrest.fun
1	fireabsorb.fun	1 redirects
1	ltgollersftr.com
6	4

This site contains no links.

Subject Issuer	Validity	Valid
ltgollersftr.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-25` - `2020-02-25`	a year	crt.sh
sni117747.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-12-31` - `2019-07-09`	6 months	crt.sh
*.google.com Google Internet Authority G3	`2019-03-01` - `2019-05-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01
Frame ID: C252D0954AB79665D39BF6DE5F867935
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://ltgollersftr.com/?sid=115703&site_id=1407888&conv_id=139682310948659200 Page URL
http://fireabsorb.fun/c2cdesktop.php?cid=3637119106748847471&zone=1231127&network=zet&country=[cou... HTTP 302
https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountr... Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

script /firebase.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

6
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

64 kB
Transfer

199 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ltgollersftr.com/?sid=115703&site_id=1407888&conv_id=139682310948659200 Page URL
http://fireabsorb.fun/c2cdesktop.php?cid=3637119106748847471&zone=1231127&network=zet&country=[country]&utm_medium=zet&utm_source=[zone] HTTP 302
https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 /
ltgollersftr.com/ 295 B
453 B 1873ms
29ms Document
text/html 172.104.235.28
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL: https://ltgollersftr.com/?sid=115703&site_id=1407888&conv_id=139682310948659200
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 172.104.235.28 Absecon, United States, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1811-28.members.linode.com
Software: /
Resource Hash

Request headers

Host: ltgollersftr.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: text/html;charset=UTF-8
Content-Language: en-US
Transfer-Encoding: chunked
Date: Sat, 13 Apr 2019 07:03:20 GMT

GET
H2

200

Primary Request enter.php Show response
firearrest.fun/
Redirect Chain

http://fireabsorb.fun/c2cdesktop.php?cid=3637119106748847471&zone=1231127&network=zet&country=[country]&utm_medium=zet&utm_source=[zone]
https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01

39 KB
11 KB

82ms
40ms

Document
text/html

2606:4700:30::6818:6dae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6dae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 947afb7492cc54808152253c47601e57c5fa284c89f2dbe4322fd2a63fc61aa8

Request headers

:method: GET
:authority: firearrest.fun
:scheme: https
:path: /enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Sat, 13 Apr 2019 07:03:20 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d3cf4db3ba54863063576dd22669a39b11555139000; expires=Sun, 12-Apr-20 07:03:20 GMT; path=/; domain=.firearrest.fun; HttpOnly
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4c6b9460bd29c2e7-FRA
content-encoding: br

Redirect headers

Date: Sat, 13 Apr 2019 07:03:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=dde9bf7b41e177952e9a7238f297d29561555139000; expires=Sun, 12-Apr-20 07:03:20 GMT; path=/; domain=.fireabsorb.fun; HttpOnly
Location: https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01
Server: cloudflare
CF-RAY: 4c6b94604fc2c2c4-FRA

GET
H2 200 jquery.js Show response
firearrest.fun/files/ 85 KB
29 KB 29ms
28ms Script
application/javascript 2606:4700:30::6818:6dae
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://firearrest.fun/files/jquery.js
Requested by: Host: firearrest.fun
URL: https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6dae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

:path: /files/jquery.js
pragma: no-cache
cookie: __cfduid=d3cf4db3ba54863063576dd22669a39b11555139000
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: */*
cache-control: no-cache
:authority: firearrest.fun
referer: https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01
:scheme: https
:method: GET
Referer: https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 13 Apr 2019 07:03:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 03 Nov 2018 05:47:14 GMT
server: cloudflare
etag: W/"5bdd3662-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 4c6b94613e85c2e7-FRA
expires: Sun, 14 Apr 2019 07:03:20 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/5.7.0/ 34 KB
12 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.7.0/firebase-app.js

Requested by

Host: firearrest.fun
URL: https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c16b5e0a7baf923398f1a497be1d4cd389abd3352b5e148eaa24354fb6a66a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 05:23:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 01:03:40 GMT
server: sffe
age: 3030006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 12419
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 05:23:14 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/5.7.0/ 35 KB
10 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/5.7.0/firebase-messaging.js

Requested by

Host: firearrest.fun
URL: https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01

Protocol

H2

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 09 Mar 2019 03:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 07 Dec 2018 01:03:41 GMT
server: sffe
age: 3038121
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 10096
x-xss-protection: 1; mode=block
expires: Sun, 08 Mar 2020 03:07:59 GMT

GET
H2 200 green-up-arrow.png
firearrest.fun/files/ 691 B
802 B 33ms
33ms Image
image/png 2606:4700:30::6818:6dae
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://firearrest.fun/files/green-up-arrow.png
Requested by: Host: firearrest.fun
URL: https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:30::6818:6dae , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ec70d32dbe754677768f28b1c5861efc2e059f46a016a4c48eb7f2a11e674e5

Request headers

:path: /files/green-up-arrow.png
pragma: no-cache
cookie: __cfduid=d3cf4db3ba54863063576dd22669a39b11555139000
accept-encoding: gzip, deflate, br
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: image/webp,image/apng,image/*,*/*;q=0.8
cache-control: no-cache
:authority: firearrest.fun
referer: https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01
:scheme: https
:method: GET
Referer: https://firearrest.fun/enter.php?cid=3637119106748847471&zone=1231127&network=zet&country=%5Bcountry%5D&utm_medium=zet&utm_source=%5Bzone%5D&tr=0.01
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 13 Apr 2019 07:03:20 GMT
cf-cache-status: HIT
last-modified: Sat, 03 Nov 2018 05:47:13 GMT
server: cloudflare
etag: "5bdd3661-2b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 4c6b94613e8ac2e7-FRA
content-length: 691
expires: Sun, 14 Apr 2019 07:03:20 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5787993c9360b96b23eeb19a9164dcc4849a41bcc63b0846d91ab00a78e9ad17

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.firearrest.fun/	1970-01-19 08:44:35	Name: __cfduid Value: d3cf4db3ba54863063576dd22669a39b11555139000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fireabsorb.fun
firearrest.fun
ltgollersftr.com
www.gstatic.com
172.104.235.28
2606:4700:30::6818:6dae
2606:4700:30::681b:9693
2a00:1450:4001:819::2003
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
5787993c9360b96b23eeb19a9164dcc4849a41bcc63b0846d91ab00a78e9ad17
947afb7492cc54808152253c47601e57c5fa284c89f2dbe4322fd2a63fc61aa8
9ec70d32dbe754677768f28b1c5861efc2e059f46a016a4c48eb7f2a11e674e5
c16b5e0a7baf923398f1a497be1d4cd389abd3352b5e148eaa24354fb6a66a21

firearrest.fun Open in urlscan Pro 2606:4700:30::6818:6dae Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

2 Countries

64 kBTransfer

199 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

1 Cookies

Indicators

firearrest.fun Open in urlscan Pro
2606:4700:30::6818:6dae Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

64 kB
Transfer

199 kB
Size

1
Cookies

6 HTTP transactions
1 data transactions