claims1s2s3free.duckdns.org Open in urlscan Pro
13.82.123.121  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response claims1s2s3free.duckdns.org/	43 KB 6 KB	382ms 93ms	Document text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash eb2f053b15ee0a8bf17817db30aaf58d0fa60f0eb1cbf7c10c70d5037f3d6a5b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers content-type text/html; charset=UTF-8 content-length 5699 content-encoding br vary Accept-Encoding date Fri, 28 Jan 2022 10:59:26 GMT server LiteSpeed alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
GET H2	404	style.css claims1s2s3free.duckdns.org/assets/css/	0 0	98ms 97ms	Stylesheet text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/assets/css/style.css Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:26 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1238 content-type text/html
GET H2	200	ionic.esm.js Show response cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/	18 KB 6 KB	51ms 28ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66ce68897c6201835aa8f201b5ca1903c0e92ef096deff923d1949dfdfc58710 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://claims1s2s3free.duckdns.org/ Origin https://claims1s2s3free.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 10:59:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 3708 x-jsd-version 6.0.4 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19162-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"49df-Z5iwHA4+U+9EwamgvuXkLVamU4U" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 6d49b61ca8f19243-FRA
GET H2	403	ups.js claims1s2s3free.duckdns.org/	0 0	97ms 95ms	Script text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/ups.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:26 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1229 content-type text/html
GET H2	403	interface.js claims1s2s3free.duckdns.org/assets/js/	0 0	97ms 94ms	Script text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/assets/js/interface.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:26 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1229 content-type text/html
GET H2	403	tab.js claims1s2s3free.duckdns.org/assets/js/	0 0	97ms 93ms	Script text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/assets/js/tab.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:26 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1229 content-type text/html
GET H2	403	validFb.js claims1s2s3free.duckdns.org/assets/js/	0 0	97ms 93ms	Script text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/assets/js/validFb.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:26 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1229 content-type text/html
GET H2	403	navigator.js claims1s2s3free.duckdns.org/assets/js/	0 0	97ms 94ms	Script text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/assets/js/navigator.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:26 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1229 content-type text/html
GET H2	200	backend.js Show response claims1s2s3free.duckdns.org/assets/js/	3 KB 763 B	98ms 94ms	Script application/javascript	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/assets/js/backend.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash e05d451dd2a31b85f9e6b5767c90f217ff81d2ced47151baafd28a510d584e7d Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 10:59:26 GMT content-encoding br last-modified Tue, 18 Jan 2022 04:52:46 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 accept-ranges bytes content-length 645 expires Fri, 04 Feb 2022 10:59:26 GMT
GET H2	200	jquery-1.10.2.min.js Show response code.jquery.com/	91 KB 32 KB	60ms 21ms	Script application/javascript	2001:4de0:ac18::1:a:3a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-1.10.2.min.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988 Request headers Referer https://claims1s2s3free.duckdns.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Fri, 28 Jan 2022 10:59:26 GMT content-encoding gzip last-modified Fri, 24 Oct 2014 00:16:07 GMT server nginx etag W/"54499a47-16bb3" vary Accept-Encoding x-hw 1643367566.dop004.am5.t,1643367566.cds219.am5.hn,1643367566.cds012.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 32788
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.1/	82 KB 30 KB	126ms 38ms	Script text/javascript	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://claims1s2s3free.duckdns.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Thu, 27 Jan 2022 15:09:48 GMT content-encoding gzip x-content-type-options nosniff age 71378 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29671 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 27 Jan 2023 15:09:48 GMT
GET H2	200	jquery-3.5.7.slim.js Show response code-jquery.my.id/ajax/	61 KB 23 KB	756ms 382ms	Script application/javascript	2606:4700:3033::6815:551e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://code-jquery.my.id/ajax/jquery-3.5.7.slim.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:551e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 02fb51c7673af4278ac53f2e5281894e2c5b41bf18a88482b7742b2a742736fc Request headers Referer https://claims1s2s3free.duckdns.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Fri, 28 Jan 2022 10:59:27 GMT content-encoding br cf-cache-status MISS last-modified Tue, 18 Jan 2022 04:47:36 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fg6d%2Fe6iOOMEqkKz6R6Dsi2Y8VL0LSrBcrxiKY5LeOEujS2kLhBzG8W0pE98zCYytuppGSNRUZeTFqaVZny6sna8jMi%2BVb5e0N%2FXOvOivcEYXZiBQ4ZSv5Sv2nltI6BuXBG%2BP5rwPVBIJE3hIUbbMA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6d49b61ee87591ea-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.1.3/	82 KB 29 KB	165ms 78ms	Script text/javascript	2a00:1450:4001:82b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://claims1s2s3free.duckdns.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Fri, 21 Jan 2022 11:35:16 GMT content-encoding gzip x-content-type-options nosniff age 602650 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29707 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 21 Jan 2023 11:35:16 GMT
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	74ms 36ms	Script application/javascript	2001:4de0:ac18::1:a:3a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers Referer https://claims1s2s3free.duckdns.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers date Fri, 28 Jan 2022 10:59:26 GMT content-encoding gzip last-modified Tue, 02 Mar 2021 17:27:20 GMT server nginx etag W/"603e7578-15d9d" vary Accept-Encoding x-hw 1643367566.dop004.am5.t,1643367566.cds219.am5.hn,1643367566.cds007.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET		p_2199mg8ez0.jpeg h.top4top.io/	0 0
GET H2	200	p_219994jjn1.jpeg i.top4top.io/	46 KB 46 KB	97ms 44ms	Image image/jpeg	163.172.59.20 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://i.top4top.io/p_219994jjn1.jpeg Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 163.172.59.20 , France, ASN12876 (Online SAS, FR), Reverse DNS 163-172-59-20.rev.poneytelecom.eu Software nginx / Resource Hash e2428e8854e02f05ed315c2423f1439789d6ee9bee36bc6ee032a6e48ef351ad Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-file-id x43620272x date Fri, 28 Jan 2022 10:59:26 GMT last-modified Sat, 08 Jan 2022 23:35:05 GMT server nginx etag "61da1fa9-b673" content-type image/jpeg cache-control max-age=7200 content-disposition inline; filename="images%20(2).jpeg" accept-ranges bytes content-length 46707 expires Fri, 28 Jan 2022 12:59:26 GMT
GET H2	200	p_219996tda3.jpeg k.top4top.io/	61 KB 62 KB	145ms 61ms	Image image/jpeg	65.21.235.194 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://k.top4top.io/p_219996tda3.jpeg Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.194.235.21.65.clients.your-server.de Software nginx / Resource Hash 350f101287e4e3be49b918390042c6f37dd34d8f18c11dd89055e776c21b3bd5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-file-id x43620274x date Fri, 28 Jan 2022 10:59:26 GMT last-modified Sat, 08 Jan 2022 23:35:05 GMT server nginx etag "61da1fa9-f511" content-type image/jpeg cache-control max-age=7200 content-disposition inline; filename="images%20(3).jpeg" accept-ranges bytes content-length 62737 expires Fri, 28 Jan 2022 12:59:26 GMT
GET H2	200	p_2199l7l412.jpeg j.top4top.io/	53 KB 53 KB	140ms 61ms	Image image/jpeg	135.181.63.70 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://j.top4top.io/p_2199l7l412.jpeg Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS cdn15.top4top.io Software nginx / Resource Hash 73c035a2a7b35a1d6f83ee4915d0277b43bdcaca0f07dadb7d8fedc519079670 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-file-id x43620273x date Fri, 28 Jan 2022 10:59:26 GMT last-modified Sat, 08 Jan 2022 23:35:05 GMT server nginx etag "61da1fa9-d2c1" content-type image/jpeg cache-control max-age=7200 content-disposition inline; filename="images%20(4).jpeg" accept-ranges bytes content-length 53953 expires Fri, 28 Jan 2022 12:59:26 GMT
GET H2	200	p_2199ao49s4.jpg l.top4top.io/	635 KB 636 KB	141ms 60ms	Image image/jpeg	65.21.235.194 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://l.top4top.io/p_2199ao49s4.jpg Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS static.194.235.21.65.clients.your-server.de Software nginx / Resource Hash 227f75fe6b7df46ec50ddf8b5a51fe63569ac792e0489d8614ba713ab6985deb Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-file-id x43620275x date Fri, 28 Jan 2022 10:59:26 GMT last-modified Sat, 08 Jan 2022 23:35:05 GMT server nginx etag "61da1fa9-9eac7" content-type image/jpeg cache-control max-age=7200 content-disposition inline; filename="IMG_20220106_214534.jpg" accept-ranges bytes content-length 649927 expires Fri, 28 Jan 2022 12:59:26 GMT
GET H2	404	1.jpg claims1s2s3free.duckdns.org/assets/evo/	1 KB 1 KB	95ms 94ms	Image text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://claims1s2s3free.duckdns.org/assets/evo/1.jpg Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:26 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1238 content-type text/html
GET H2	200	done.gif www.cssmyschool.info/schimg/	224 KB 226 KB	2606ms 266ms	Image image/gif	216.10.241.191 PUBLIC-DOMAIN-REG...
General Check archive.org Show headers Download Go to Show image Full URL https://www.cssmyschool.info/schimg/done.gif Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 216.10.241.191 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US), Reverse DNS bh-in-36.webhostbox.net Software Apache / Resource Hash 015e702f358bf07268c55b496933858119325113af98556a913c77ea3b717f71 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 10:59:29 GMT last-modified Wed, 08 Jan 2020 10:17:40 GMT server Apache accept-ranges bytes content-length 229504 content-type image/gif
GET H2	404	facebook_text.png claims1s2s3free.duckdns.org/assets/img/	1 KB 1 KB	95ms 94ms	Image text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://claims1s2s3free.duckdns.org/assets/img/facebook_text.png Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:26 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1238 content-type text/html
GET H2	200	p_21877yoz50.png b.top4top.io/	2 KB 2 KB	86ms 22ms	Image image/png	163.172.80.128 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://b.top4top.io/p_21877yoz50.png Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 163.172.80.128 , France, ASN12876 (Online SAS, FR), Reverse DNS rev-163-172-80-128.embersyndicate.com Software nginx / Resource Hash b6b82bf5645626796f4768d65283f0d38d6ca833a1c1387eef36a8c4582fb077 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-file-id x43339861x date Fri, 28 Jan 2022 10:59:26 GMT last-modified Tue, 28 Dec 2021 01:25:03 GMT server nginx etag "61ca676f-77f" content-type image/png cache-control max-age=7200 content-disposition inline; filename="fb_icon_325x325.png" accept-ranges bytes content-length 1919 expires Fri, 28 Jan 2022 12:59:26 GMT
GET H2	200	p-70d27bbc.js Show response cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/	15 KB 7 KB	24ms 22ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-70d27bbc.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5593b3ed73b0f5627d9535e665faa82acd98bb29c5dffe1f25a9ee0802759fce Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js Origin https://claims1s2s3free.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 10:59:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 3480 x-jsd-version 6.0.3 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19142-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"3bfa-BycfJV6RDxNi6N96adnAPCQ7L8w" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 6d49b61ce9699243-FRA
GET H2	200	p-abe0bfcc.js Show response cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/	121 B 232 B	16ms 15ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-abe0bfcc.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 965a592054daada2e49c493a45da625004e23f239e4ca81cef059e3542d2991e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js Origin https://claims1s2s3free.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 10:59:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 3480 x-jsd-version 6.0.3 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19183-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"79-c7nA4d3rYuw+qyauiuuFYfo2qF0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 6d49b61ce96b9243-FRA
GET H2	200	p-6cc127f3.js Show response cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/	3 KB 2 KB	38ms 38ms	Script application/javascript	2606:4700::6810:5514 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-6cc127f3.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 930d272a9523b58f3a895806c64b26b4d6c4677b9b186e1f6ddffff44b101097 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js Origin https://claims1s2s3free.duckdns.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers date Fri, 28 Jan 2022 10:59:26 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT age 3480 x-jsd-version 6.0.3 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19182-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"c58-bCTqdJaVvxMqFYOPSN1byTl9rqk" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 6d49b61ce96d9243-FRA
GET H3	403	interface.js claims1s2s3free.duckdns.org/assets/js/	0 0	174ms 99ms	Script text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/assets/js/interface.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:27 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1229 content-type text/html
GET H3	403	tab.js claims1s2s3free.duckdns.org/assets/js/	0 0	175ms 99ms	Script text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/assets/js/tab.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:27 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1229 content-type text/html
GET H3	403	validFb.js claims1s2s3free.duckdns.org/assets/js/	0 0	175ms 100ms	Script text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/assets/js/validFb.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:27 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 1229 content-type text/html
GET H3	403	navigator.js claims1s2s3free.duckdns.org/assets/js/	0 0	175ms 100ms	Script text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/assets/js/navigator.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:27 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1229 content-type text/html
GET H3	403	navigator.js claims1s2s3free.duckdns.org/assets/js/	0 0	90ms 90ms	Script text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/assets/js/navigator.js Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:27 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1229 content-type text/html
GET H2	200	p_2195timkb3.png g.top4top.io/	354 KB 355 KB	181ms 115ms	Image image/png	163.172.24.234 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://g.top4top.io/p_2195timkb3.png Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 163.172.24.234 , France, ASN12876 (Online SAS, FR), Reverse DNS 163-172-24-234.rev.poneytelecom.eu Software nginx / Resource Hash 555cd223d44b14d2bbc36adcc6f2c0011437d10b02a630dfaf3cb2a2f63bbcaa Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-file-id x43526370x date Fri, 28 Jan 2022 10:59:27 GMT last-modified Tue, 04 Jan 2022 18:07:56 GMT server nginx etag "61d48cfc-588cf" content-type image/png cache-control max-age=7200 content-disposition inline; filename="trueid-alex.png" accept-ranges bytes content-length 362703 expires Fri, 28 Jan 2022 12:59:27 GMT
GET H2	200	p_2195uxetm0.png i.top4top.io/	3 KB 4 KB	24ms 23ms	Image image/png	163.172.59.20 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://i.top4top.io/p_2195uxetm0.png Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 163.172.59.20 , France, ASN12876 (Online SAS, FR), Reverse DNS 163-172-59-20.rev.poneytelecom.eu Software nginx / Resource Hash deadd58a578f88e7fb9156c4fb06d19ceaca0e665adcf0e40f0999c337957283 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claims1s2s3free.duckdns.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers x-file-id x43527584x date Fri, 28 Jan 2022 10:59:27 GMT last-modified Tue, 04 Jan 2022 19:02:52 GMT server nginx etag "61d499dc-de2" content-type image/png cache-control max-age=7200 content-disposition inline; filename="nick.png" accept-ranges bytes content-length 3554 expires Fri, 28 Jan 2022 12:59:27 GMT
GET H2	206	m_2207ye68p0.mp3 f.top4top.io/	80 KB 0	82ms 31ms	Media audio/mpeg	163.172.212.102 Online SAS
General Check archive.org Show headers Download Go to Full URL https://f.top4top.io/m_2207ye68p0.mp3 Requested by Host: claims1s2s3free.duckdns.org URL: https://claims1s2s3free.duckdns.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 163.172.212.102 Amsterdam, Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 163-172-212-102.rev.poneytelecom.eu Software nginx / Resource Hash Request headers Referer https://claims1s2s3free.duckdns.org/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Range bytes=0- Response headers x-file-id x43791929x date Fri, 28 Jan 2022 10:59:27 GMT last-modified Mon, 17 Jan 2022 01:22:18 GMT server nginx etag "61e4c4ca-1972d2" content-type audio/mpeg Content-Range bytes 0-1667793/1667794 cache-control max-age=7200 content-disposition inline; filename="bgm.mp3" Content-Length 1667794 expires Fri, 28 Jan 2022 12:59:27 GMT
GET H3	404	evo.php Show response claims1s2s3free.duckdns.org/pages/	1 KB 1 KB	91ms 90ms	XHR text/html	13.82.123.121 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://claims1s2s3free.duckdns.org/pages/evo.php Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 13.82.123.121 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers Accept text/html, */*; q=0.01 Referer https://claims1s2s3free.duckdns.org/ X-Requested-With XMLHttpRequest Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36 Response headers pragma no-cache date Fri, 28 Jan 2022 10:59:30 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 server LiteSpeed content-length 1238 content-type text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

h.top4top.io

URL

https://h.top4top.io/p_2199mg8ez0.jpeg

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| extend function| $ function| jQuery function| _0x59df function| _0x1a177b function| _0x225e8c function| _0x249354 function| _0x5c7a69 function| _0x5a991e function| intent function| _0x38caff function| _0x5987 function| IDalex function| __sc_import_ionic object| Ionic

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://claims1s2s3free.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-1.10.2.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://claims1s2s3free.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://claims1s2s3free.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code-jquery.my.id/ajax/jquery-3.5.7.slim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://claims1s2s3free.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://claims1s2s3free.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://claims1s2s3free.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://claims1s2s3free.duckdns.org/(Line 2) Message: Mixed Content: The page at 'https://claims1s2s3free.duckdns.org/' was loaded over HTTPS, but requested an insecure element 'http://www.cssmyschool.info/schimg/done.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://claims1s2s3free.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-1.10.2.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://claims1s2s3free.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://claims1s2s3free.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code-jquery.my.id/ajax/jquery-3.5.7.slim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://claims1s2s3free.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://claims1s2s3free.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://claims1s2s3free.duckdns.org/ Message: Mixed Content: The page at 'https://claims1s2s3free.duckdns.org/' was loaded over HTTPS, but requested an insecure element 'http://www.cssmyschool.info/schimg/done.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://h.top4top.io/p_2199mg8ez0.jpeg Message: Failed to load resource: net::ERR_CONNECTION_REFUSED
network	error	URL: https://claims1s2s3free.duckdns.org/assets/css/style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://claims1s2s3free.duckdns.org/ups.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://claims1s2s3free.duckdns.org/assets/js/interface.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://claims1s2s3free.duckdns.org/assets/js/tab.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://claims1s2s3free.duckdns.org/assets/js/validFb.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://claims1s2s3free.duckdns.org/assets/js/navigator.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://claims1s2s3free.duckdns.org/assets/evo/1.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://claims1s2s3free.duckdns.org/assets/img/facebook_text.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://claims1s2s3free.duckdns.org/assets/js/interface.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://claims1s2s3free.duckdns.org/assets/js/tab.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://claims1s2s3free.duckdns.org/assets/js/navigator.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://claims1s2s3free.duckdns.org/assets/js/validFb.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://claims1s2s3free.duckdns.org/assets/js/navigator.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://claims1s2s3free.duckdns.org/pages/evo.php Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
b.top4top.io
cdn.jsdelivr.net
claims1s2s3free.duckdns.org
code-jquery.my.id
code.jquery.com
f.top4top.io
g.top4top.io
h.top4top.io
i.top4top.io
j.top4top.io
k.top4top.io
l.top4top.io
www.cssmyschool.info
h.top4top.io
13.82.123.121
135.181.63.70
163.172.212.102
163.172.24.234
163.172.59.20
163.172.80.128
2001:4de0:ac18::1:a:3a
216.10.241.191
2606:4700:3033::6815:551e
2606:4700::6810:5514
2a00:1450:4001:82b::200a
65.21.235.194
015e702f358bf07268c55b496933858119325113af98556a913c77ea3b717f71
02fb51c7673af4278ac53f2e5281894e2c5b41bf18a88482b7742b2a742736fc
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
227f75fe6b7df46ec50ddf8b5a51fe63569ac792e0489d8614ba713ab6985deb
350f101287e4e3be49b918390042c6f37dd34d8f18c11dd89055e776c21b3bd5
555cd223d44b14d2bbc36adcc6f2c0011437d10b02a630dfaf3cb2a2f63bbcaa
5593b3ed73b0f5627d9535e665faa82acd98bb29c5dffe1f25a9ee0802759fce
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
66ce68897c6201835aa8f201b5ca1903c0e92ef096deff923d1949dfdfc58710
73c035a2a7b35a1d6f83ee4915d0277b43bdcaca0f07dadb7d8fedc519079670
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
930d272a9523b58f3a895806c64b26b4d6c4677b9b186e1f6ddffff44b101097
965a592054daada2e49c493a45da625004e23f239e4ca81cef059e3542d2991e
b6b82bf5645626796f4768d65283f0d38d6ca833a1c1387eef36a8c4582fb077
deadd58a578f88e7fb9156c4fb06d19ceaca0e665adcf0e40f0999c337957283
e05d451dd2a31b85f9e6b5767c90f217ff81d2ced47151baafd28a510d584e7d
e2428e8854e02f05ed315c2423f1439789d6ee9bee36bc6ee032a6e48ef351ad
eb2f053b15ee0a8bf17817db30aaf58d0fa60f0eb1cbf7c10c70d5037f3d6a5b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e