register-turnamen.free.nf Open in urlscan Pro
185.27.134.205 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://register-turnamen.free.nf/?i=2
Effective URL:
http://register-turnamen.free.nf/?i=3
Submission: On June 27 via api (June 27th 2024, 2:27:27 am UTC) from US — Scanned from GB

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 5 countries across 8 domains to perform 24 HTTP transactions. The main IP is 185.27.134.205, located in United Kingdom and belongs to WILDCARD-AS Wildcard UK Limited, GB. The main domain is register-turnamen.free.nf.

This is the only time register-turnamen.free.nf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
12	185.27.134.205 185.27.134.205	34119 (WILDCARD-...) (WILDCARD-AS Wildcard UK Limited)
2	42.1.110.84 42.1.110.84	131429 (MOBIFONE-...) (MOBIFONE-AS-VN MOBIFONE Corporation)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:8::c16c:9916	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	() ()
24	10

12 185.27.134.205 (United Kingdom)

ASN34119 (WILDCARD-AS Wildcard UK Limited, GB)

register-turnamen.free.nf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 42.1.110.84 (Ho Chi Minh City, Viet Nam)

ASN131429 (MOBIFONE-AS-VN MOBIFONE Corporation, VN)

img.zing.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:8::c16c:9916 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.pubgmobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (None, )

ASN- ()

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	free.nf register-turnamen.free.nf	160 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83 ajax.googleapis.com — Cisco Umbrella Rank: 469	60 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	45 KB
2	zing.vn img.zing.vn — Cisco Umbrella Rank: 743374
1	gstatic.com fonts.gstatic.com	21 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 816	33 KB
1	pubgmobile.com www.pubgmobile.com — Cisco Umbrella Rank: 35445	74 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3406	8 KB
24	8

	Domain	Requested by
12	register-turnamen.free.nf	register-turnamen.free.nf
2	ajax.googleapis.com	register-turnamen.free.nf
2	cdnjs.cloudflare.com	register-turnamen.free.nf cdnjs.cloudflare.com
2	img.zing.vn	register-turnamen.free.nf
1	fonts.gstatic.com	fonts.googleapis.com
1	code.jquery.com	register-turnamen.free.nf
1	www.pubgmobile.com	register-turnamen.free.nf
1	fonts.googleapis.com	register-turnamen.free.nf
1	stackpath.bootstrapcdn.com	register-turnamen.free.nf
24	9

This site contains no links.

Subject Issuer	Validity	Valid
*.zing.vn DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-06-13` - `2024-07-13`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
wetv.acc.qq.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-30` - `2024-10-30`	a year	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://register-turnamen.free.nf/?i=3
Frame ID: 0BDD2164B713213FE55BD9E3EED9B76E
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PUBG MOBILE - Online Tournament

Page URL History Show full URLs

http://register-turnamen.free.nf/?i=2 HTTP 307
https://register-turnamen.free.nf/?i=2 HTTP 307
http://register-turnamen.free.nf/?i=2 Page URL
http://register-turnamen.free.nf/?i=3 Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

42 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

10
IPs

5
Countries

399 kB
Transfer

823 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://register-turnamen.free.nf/?i=2 HTTP 307
https://register-turnamen.free.nf/?i=2 HTTP 307
http://register-turnamen.free.nf/?i=2 Page URL
http://register-turnamen.free.nf/?i=3 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://register-turnamen.free.nf/?i=2 HTTP 307
https://register-turnamen.free.nf/?i=2 HTTP 307
http://register-turnamen.free.nf/?i=2

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
register-turnamen.free.nf/
Redirect Chain

http://register-turnamen.free.nf/?i=2
https://register-turnamen.free.nf/?i=2
http://register-turnamen.free.nf/?i=2

836 B
1 KB

43ms
42ms

Document
text/html

185.27.134.205
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://register-turnamen.free.nf/?i=2
Protocol: HTTP/1.1
Server: 185.27.134.205 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: c91ad36d8a462c9bba9d81e0dd2812aa794fcd779022d3bbbc25b6ef9a6d626b

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Length: 836
Content-Type: text/html
Date: Thu, 27 Jun 2024 02:26:46 GMT
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Server: nginx

Redirect headers

Location: http://register-turnamen.free.nf/?i=2
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK aes.js Show response
register-turnamen.free.nf/ 13 KB
14 KB 45ms
45ms Script
application/javascript 185.27.134.205
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://register-turnamen.free.nf/aes.js
Requested by: Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=2
Protocol: HTTP/1.1
Server: 185.27.134.205 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://register-turnamen.free.nf/?i=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 27 Jun 2024 02:26:47 GMT
Last-Modified: Sun, 15 Oct 2023 16:36:19 GMT
Server: nginx
ETag: "652c1503-35a5"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13733

GET
H/1.1 200
OK Primary Request / Show response
register-turnamen.free.nf/ 9 KB
9 KB 56ms
51ms Document
text/html 185.27.134.205
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://register-turnamen.free.nf/?i=3
Requested by: Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=2
Protocol: HTTP/1.1
Server: 185.27.134.205 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2b203fcb8afda11173d64ec36ed42da972c7637d18034c0e95bcdf186171eb33

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://register-turnamen.free.nf/?i=2
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Cache-Control: max-age=0
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 27 Jun 2024 02:26:47 GMT
Expires: Thu, 27 Jun 2024 02:26:47 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 main.css
img.zing.vn/products/pubgm/skin-2020/dist/main/ 155 KB
0 2850ms
686ms Stylesheet
text/css 42.1.110.84
MOBIFONE-AS-VN MO...

General

Check archive.org

Show headers Download Go to

Full URL

https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.css

Requested by

Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

42.1.110.84 Ho Chi Minh City, Viet Nam, ASN131429 (MOBIFONE-AS-VN MOBIFONE Corporation, VN),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=946080000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: http://register-turnamen.free.nf/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:26:49 GMT
strict-transport-security: max-age=946080000;includeSubDomains;preload
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 10:59:52 GMT
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-request-time: 0.000
accept-ranges: bytes
x-cache-version: 1719373502234
content-length: 835049
expires: Mon, 23 Dec 2024 05:40:23 GMT

GET
H/1.1 200
OK style.css
register-turnamen.free.nf/css/ 4 KB
4 KB 48ms
46ms Stylesheet
text/css 185.27.134.205
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://register-turnamen.free.nf/css/style.css
Requested by: Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3
Protocol: HTTP/1.1
Server: 185.27.134.205 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: db92b120255461f254281e328849412a8e18b9c4892276d4a272e80345cdcce5

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://register-turnamen.free.nf/?i=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 27 Jun 2024 02:26:47 GMT
Last-Modified: Sat, 10 Jul 2021 11:40:46 GMT
Server: nginx
ETag: "1048-5c6c35be1cb80"
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4168
Expires: Sat, 27 Jul 2024 02:26:47 GMT

GET
H/1.1 200
OK facebook.css
register-turnamen.free.nf/css/ 3 KB
3 KB 91ms
47ms Stylesheet
text/css 185.27.134.205
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://register-turnamen.free.nf/css/facebook.css
Requested by: Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3
Protocol: HTTP/1.1
Server: 185.27.134.205 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://register-turnamen.free.nf/?i=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 27 Jun 2024 02:26:47 GMT
Last-Modified: Sat, 10 Jul 2021 11:40:46 GMT
Server: nginx
ETag: "c40-5c6c35be1cb80"
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3136
Expires: Sat, 27 Jul 2024 02:26:47 GMT

GET
H/1.1 200
OK twitter.css
register-turnamen.free.nf/css/ 2 KB
2 KB 91ms
48ms Stylesheet
text/css 185.27.134.205
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://register-turnamen.free.nf/css/twitter.css
Requested by: Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3
Protocol: HTTP/1.1
Server: 185.27.134.205 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 096419a5c82a883441ece55e606bf1f9c4c8c7d8679549d70610a46691cd1cb9

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://register-turnamen.free.nf/?i=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 27 Jun 2024 02:26:47 GMT
Last-Modified: Sat, 10 Jul 2021 11:40:46 GMT
Server: nginx
ETag: "72b-5c6c35be1cb80"
Content-Type: text/css
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1835
Expires: Sat, 27 Jul 2024 02:26:47 GMT

GET
H3 200 material-design-iconic-font.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 83 KB
7 KB 134ms
65ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css

Requested by

Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f37d6f502a5a961ac5c3f17c8d58685ff6b0dc0f69c2dcdd379ccabc96ec3bf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: http://register-turnamen.free.nf/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:26:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1445535
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6252
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-14d38"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rJTdqbIzFGtPd8satY0ZG9RkXAYKoJK%2FbqIdnjxPXtO7K2zpsIx7CNrNKTC7Vy%2FKTvN99BRT57yCKTINa8NpqiOsEqeGqy0HUCO%2BHwsFemkZ009SUwxP21cJdgJdUGCPg41KNBtb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a1fe87ee7a63e8-LHR
expires: Tue, 17 Jun 2025 02:26:47 GMT

GET
H3 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
8 KB 132ms
63ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: http://register-turnamen.free.nf/
Origin: http://register-turnamen.free.nf
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:26:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 947
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 6500
cdn-cachedat: 06/14/2024 08:17:10
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e8d63c180636825b1439a61a1324e189
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 89a1fe87edea93fe-LHR
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
1 KB 188ms
70ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap

Requested by

Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

286b689e6def6e4f0e84c5ab255bc8798d1b393378dbfd3fcd8ac1130fe346af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: http://register-turnamen.free.nf/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 27 Jun 2024 02:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 27 Jun 2024 01:26:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 27 Jun 2024 02:26:47 GMT

GET Logo-mb-game.png
img.zing.vn/products/pubgm/skin-2020/dist/main/images/icons/ 0
0

GET
H/1.1 200
OK facebook_icon.png
register-turnamen.free.nf/img/login/ 78 KB
78 KB 89ms
46ms Image
image/png 185.27.134.205
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://register-turnamen.free.nf/img/login/facebook_icon.png
Requested by: Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3
Protocol: HTTP/1.1
Server: 185.27.134.205 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4c5e70219e34e87735a3b1b930dd0ae8e344bef36b1732780d8a2ac0571c0be7

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://register-turnamen.free.nf/?i=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 27 Jun 2024 02:26:47 GMT
Last-Modified: Sat, 10 Jul 2021 11:40:46 GMT
Server: nginx
ETag: "1364f-5c6c35be1cb80"
Content-Type: image/png
Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79439
Expires: Sat, 27 Jul 2024 02:26:47 GMT

GET
H/1.1 200
OK twitter_icon.png
register-turnamen.free.nf/img/login/ 9 KB
9 KB 91ms
51ms Image
image/png 185.27.134.205
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://register-turnamen.free.nf/img/login/twitter_icon.png
Requested by: Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3
Protocol: HTTP/1.1
Server: 185.27.134.205 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: fb71fa5156501b3ca8ff3c88e4501917c651ac60eaaf58c22c2bed6e933d82c5

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://register-turnamen.free.nf/?i=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 27 Jun 2024 02:26:47 GMT
Last-Modified: Sat, 10 Jul 2021 11:40:46 GMT
Server: nginx
ETag: "229e-5c6c35be1cb80"
Content-Type: image/png
Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8862
Expires: Sat, 27 Jul 2024 02:26:47 GMT

GET
H/1.1 200
OK facebook_text.png
register-turnamen.free.nf/img/login/ 28 KB
28 KB 97ms
53ms Image
image/png 185.27.134.205
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://register-turnamen.free.nf/img/login/facebook_text.png
Requested by: Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3
Protocol: HTTP/1.1
Server: 185.27.134.205 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://register-turnamen.free.nf/?i=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 27 Jun 2024 02:26:47 GMT
Last-Modified: Sat, 10 Jul 2021 11:40:46 GMT
Server: nginx
ETag: "7075-5c6c35be1cb80"
Content-Type: image/png
Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 28789
Expires: Sat, 27 Jul 2024 02:26:47 GMT

GET
H2 200 icon_logo.jpg
www.pubgmobile.com/id/event/royalepass10/images/ 73 KB
74 KB 684ms
53ms Image
image/jpeg 2a02:26f0:3500:8::c16c:9916
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/royalepass10/images/icon_logo.jpg
Requested by: Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:8::c16c:9916 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: http://register-turnamen.free.nf/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:26:48 GMT
last-modified: Wed, 15 Sep 2021 06:46:59 GMT
server: nginx
akamai-grn: 0.16ce3617.1719455208.63c59a5c
etag: "614196e3-1258d"
content-type: image/jpeg
cache-control: max-age=232
accept-ranges: bytes
content-length: 75149
expires: Thu, 27 Jun 2024 02:30:40 GMT

GET
H/1.1 200
OK twitter_text.png
register-turnamen.free.nf/img/login/ 4 KB
5 KB 48ms
47ms Image
image/png 185.27.134.205
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://register-turnamen.free.nf/img/login/twitter_text.png
Requested by: Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3
Protocol: HTTP/1.1
Server: 185.27.134.205 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://register-turnamen.free.nf/?i=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 27 Jun 2024 02:26:47 GMT
Last-Modified: Sat, 10 Jul 2021 11:40:46 GMT
Server: nginx
ETag: "10ca-5c6c35be1cb80"
Content-Type: image/png
Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4298
Expires: Sat, 27 Jul 2024 02:26:47 GMT

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
code.jquery.com/ 91 KB
33 KB 74ms
30ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-1.10.2.min.js
Requested by: Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3
Protocol: HTTP/1.1
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://register-turnamen.free.nf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 27 Jun 2024 02:26:47 GMT
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Age: 24653010
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 32788
X-Served-By: cache-lga13622-LGA, cache-man4131-MAN
Last-Modified: Fri, 18 Oct 1991 12:00:00 GMT
Server: nginx
X-Timer: S1719455208.646614,VS0,VE0
ETag: W/"28feccc0-16bb3"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000, stale-while-revalidate=604800
Accept-Ranges: bytes
X-Cache-Hits: 17, 11318

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 240ms
114ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: http://register-turnamen.free.nf/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 16:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Jun 2025 16:15:24 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
30 KB 186ms
60ms Script
text/javascript 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: http://register-turnamen.free.nf/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 26 Jun 2024 16:15:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 Jun 2025 16:15:24 GMT

GET
H2 200 main.js
img.zing.vn/products/pubgm/skin-2020/dist/main/ 8 KB
0 18291ms
16140ms Script
application/x-javascript 42.1.110.84
MOBIFONE-AS-VN MO...

General

Check archive.org

Show headers Download Go to

Full URL

https://img.zing.vn/products/pubgm/skin-2020/dist/main/main.js

Requested by

Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

42.1.110.84 Ho Chi Minh City, Viet Nam, ASN131429 (MOBIFONE-AS-VN MOBIFONE Corporation, VN),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=946080000;includeSubDomains;preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: http://register-turnamen.free.nf/
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:26:49 GMT
strict-transport-security: max-age=946080000;includeSubDomains;preload
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 07:38:55 GMT
x-cache: HIT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-request-time: 0.000
accept-ranges: bytes
x-cache-version: 1719373502234
content-length: 328449
expires: Mon, 23 Dec 2024 06:02:46 GMT

GET
H/1.1 200
OK popup.js Show response
register-turnamen.free.nf/js/ 496 B
860 B 52ms
46ms Script
application/javascript 185.27.134.205
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to

Full URL: http://register-turnamen.free.nf/js/popup.js
Requested by: Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/?i=3
Protocol: HTTP/1.1
Server: 185.27.134.205 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 2a76d43b0748ccba65ed3b8980967f3f30f94ee6a27a2e6857c9ad165eed9bca

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://register-turnamen.free.nf/?i=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 27 Jun 2024 02:26:47 GMT
Last-Modified: Sat, 10 Jul 2021 11:40:46 GMT
Server: nginx
ETag: "1f0-5c6c35be1cb80"
Content-Type: application/javascript
Cache-Control: max-age=2592000, public, proxy-revalidate, must-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 496
Expires: Sat, 27 Jul 2024 02:26:47 GMT

GET
H/1.1 200
OK popup_bg.jpg
register-turnamen.free.nf/img/ 5 KB
6 KB 43ms
43ms Image
image/jpeg 185.27.134.205
WILDCARD-AS Wildc...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://register-turnamen.free.nf/img/popup_bg.jpg
Requested by: Host: register-turnamen.free.nf
URL: http://register-turnamen.free.nf/css/style.css
Protocol: HTTP/1.1
Server: 185.27.134.205 , United Kingdom, ASN34119 (WILDCARD-AS Wildcard UK Limited, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7d64611020756b3f60adf20b347aa22956021a901ca1d7df47936c560189005d

Request headers

Accept-Language: en-GB,en;q=0.9;q=0.9
Referer: http://register-turnamen.free.nf/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 27 Jun 2024 02:27:17 GMT
Last-Modified: Sat, 10 Jul 2021 11:40:46 GMT
Server: nginx
ETag: "15c0-5c6c35be1cb80"
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5568
Expires: Sat, 27 Jul 2024 02:27:17 GMT

GET
H3 200 Material-Design-Iconic-Font.woff2
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/ 37 KB
38 KB 110ms
60ms Font
application/octet-stream 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/fonts/Material-Design-Iconic-Font.woff2?v=2.2.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.css
Origin: http://register-turnamen.free.nf
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 02:27:17 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 551971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 38384
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-95f0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iFlAU7rLkKzxGvbSqOrCeJLBNpEbx1Tto1cIuYZvsIj9PJSY9lopy7vvgZTRCyixoz6b3jH%2F2mY0pM7phyCikopRDa6Td70eQZENesiPfSVOeYEuUVIRe1lGR46VJ86%2B%2B%2Bcroy5I"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a1ff4239d579bd-LHR
expires: Tue, 17 Jun 2025 02:27:17 GMT

GET
H2 200 ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 20 KB
21 KB 149ms
50ms Font
font/woff2 2a00:1450:4001:829::2003

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVo2ZhZI2eCN5jzbjEETS9weq8-_d6T_POl0fRJeyWyosBO5Xw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://fonts.googleapis.com/
Origin: http://register-turnamen.free.nf
Accept-Language: en-GB,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 22:06:14 GMT
x-content-type-options: nosniff
age: 102063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20824
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 22:06:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: img.zing.vn
URL: https://img.zing.vn/products/pubgm/skin-2020/dist/main/images/icons/Logo-mb-game.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			register-turnamen.free.nf/	1970-01-21 07:13:35	Name: __test Value: 478a6451503b807e47c91999b918dab0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
img.zing.vn
register-turnamen.free.nf
stackpath.bootstrapcdn.com
www.pubgmobile.com
img.zing.vn
104.17.24.14
104.18.10.207
185.27.134.205
2a00:1450:4001:800::200a
2a00:1450:4001:806::200a
2a00:1450:4001:829::2003
2a02:26f0:3500:8::c16c:9916
2a04:4e42:600::649
42.1.110.84
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
096419a5c82a883441ece55e606bf1f9c4c8c7d8679549d70610a46691cd1cb9
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0d9cf7eb8fb12be77685134e63f7dae9a95fbf9306ae0529bd0347582d18a8ef
1be5d05ce6faad469f7f9c5a5879f2d9f8d267b60eb394e92c19217268bcea8f
286b689e6def6e4f0e84c5ab255bc8798d1b393378dbfd3fcd8ac1130fe346af
2a76d43b0748ccba65ed3b8980967f3f30f94ee6a27a2e6857c9ad165eed9bca
2b203fcb8afda11173d64ec36ed42da972c7637d18034c0e95bcdf186171eb33
4c5e70219e34e87735a3b1b930dd0ae8e344bef36b1732780d8a2ac0571c0be7
5069425b121346b36f730910d05402d50920fc2178b01e0c878b71af4ef1eb96
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d64611020756b3f60adf20b347aa22956021a901ca1d7df47936c560189005d
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
948d25dc34ee935a5254468691714c9f2e53a2927652a077c2ca84cb03fa4895
a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870
c91ad36d8a462c9bba9d81e0dd2812aa794fcd779022d3bbbc25b6ef9a6d626b
db92b120255461f254281e328849412a8e18b9c4892276d4a272e80345cdcce5
e8eea96e29a7c0a72612ab85ca3229979666467a28349642c2176e7189a1a39c
f37d6f502a5a961ac5c3f17c8d58685ff6b0dc0f69c2dcdd379ccabc96ec3bf2
fb71fa5156501b3ca8ff3c88e4501917c651ac60eaaf58c22c2bed6e933d82c5

register-turnamen.free.nf Open in urlscan Pro 185.27.134.205 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

42 %HTTPS

56 %IPv6

8 Domains

9 Subdomains

10 IPs

5 Countries

399 kBTransfer

823 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

2 JavaScript Global Variables

1 Cookies

Indicators

register-turnamen.free.nf Open in urlscan Pro
185.27.134.205 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

42 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

10
IPs

5
Countries

399 kB
Transfer

823 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!