eventnewfree-fire.duckdns.org Open in urlscan Pro
104.208.82.172 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://eventnewfree-fire.duckdns.org/
Submission: On February 18 via api (February 18th 2022, 12:11:16 pm UTC) from JP — Scanned from JP

Summary HTTP 39 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 10 countries across 12 domains to perform 39 HTTP transactions. The main IP is 104.208.82.172, located in Central, Hong Kong and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is eventnewfree-fire.duckdns.org.

This is the only time eventnewfree-fire.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
10	104.208.82.172 104.208.82.172	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:400f:801::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:551e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	163.172.59.20 163.172.59.20	12876 (Online SAS) (Online SAS)
2	65.21.235.194 65.21.235.194	24940 (HETZNER-AS) (HETZNER-AS)
3	135.181.63.70 135.181.63.70	24940 (HETZNER-AS) (HETZNER-AS)
1	216.10.241.191 216.10.241.191	394695 (PUBLIC-DO...) (PUBLIC-DOMAIN-REGISTRY)
2	163.172.80.128 163.172.80.128	12876 (Online SAS) (Online SAS)
1	2404:6800:400... 2404:6800:4004:821::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3447	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.218.94.160 23.218.94.160	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:140b:a00... 2600:140b:a00:4::17d8:994e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	163.172.24.234 163.172.24.234	12876 (Online SAS) (Online SAS)
1	2a00:1450:400... 2a00:1450:400f:800::2003	15169 (GOOGLE) (GOOGLE)
1	129.226.2.89 129.226.2.89	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
1	163.172.212.102 163.172.212.102	12876 (Online SAS) (Online SAS)
39	19

10 104.208.82.172 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eventnewfree-fire.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400f:801::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:551e (United States)

ASN13335 (CLOUDFLARENET, US)

code-jquery.my.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.172.59.20 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-59-20.rev.poneytelecom.eu

i.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.21.235.194 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.194.235.21.65.clients.your-server.de

k.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 135.181.63.70 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: cdn15.top4top.io

j.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.10.241.191 (India)

ASN394695 (PUBLIC-DOMAIN-REGISTRY, US)
PTR: bh-in-36.webhostbox.net

www.cssmyschool.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.172.80.128 (France)

ASN12876 (Online SAS, FR)
PTR: rev-163-172-80-128.embersyndicate.com

b.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:821::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3447 (United States)

ASN13335 (CLOUDFLARENET, US)

wallpapercave.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.94.160 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-218-94-160.deploy.static.akamaitechnologies.com

dl.dir.freefiremobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:140b:a00:4::17d8:994e (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

www.pubgmobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.24.234 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-24-234.rev.poneytelecom.eu

g.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:800::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.226.2.89 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

na.apps.amsoveasea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.212.102 (Amsterdam, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 163-172-212-102.rev.poneytelecom.eu

f.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	top4top.io h.top4top.io Failed i.top4top.io k.top4top.io j.top4top.io — Cisco Umbrella Rank: 804977 l.top4top.io — Cisco Umbrella Rank: 847424 b.top4top.io g.top4top.io f.top4top.io	1 MB
10	duckdns.org eventnewfree-fire.duckdns.org	153 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 401	15 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 250 fonts.googleapis.com — Cisco Umbrella Rank: 35	60 KB
2	freefiremobile.com dl.dir.freefiremobile.com — Cisco Umbrella Rank: 35386	363 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 546	63 KB
1	amsoveasea.com na.apps.amsoveasea.com — Cisco Umbrella Rank: 265178	180 B
1	gstatic.com fonts.gstatic.com	16 KB
1	pubgmobile.com www.pubgmobile.com — Cisco Umbrella Rank: 29378	173 KB
1	wallpapercave.com wallpapercave.com — Cisco Umbrella Rank: 20325	701 KB
1	cssmyschool.info www.cssmyschool.info	224 KB
1	code-jquery.my.id code-jquery.my.id
39	12

	Domain	Requested by
10	eventnewfree-fire.duckdns.org	eventnewfree-fire.duckdns.org
4	cdn.jsdelivr.net	eventnewfree-fire.duckdns.org
3	j.top4top.io	eventnewfree-fire.duckdns.org
2	dl.dir.freefiremobile.com	eventnewfree-fire.duckdns.org
2	b.top4top.io	eventnewfree-fire.duckdns.org
2	i.top4top.io	eventnewfree-fire.duckdns.org
2	ajax.googleapis.com	eventnewfree-fire.duckdns.org
2	code.jquery.com	eventnewfree-fire.duckdns.org
1	f.top4top.io	eventnewfree-fire.duckdns.org
1	na.apps.amsoveasea.com	eventnewfree-fire.duckdns.org
1	fonts.gstatic.com	fonts.googleapis.com
1	g.top4top.io	eventnewfree-fire.duckdns.org
1	www.pubgmobile.com	eventnewfree-fire.duckdns.org
1	wallpapercave.com	eventnewfree-fire.duckdns.org
1	fonts.googleapis.com	eventnewfree-fire.duckdns.org
1	www.cssmyschool.info	eventnewfree-fire.duckdns.org
1	l.top4top.io	eventnewfree-fire.duckdns.org
1	k.top4top.io	eventnewfree-fire.duckdns.org
1	code-jquery.my.id	eventnewfree-fire.duckdns.org
0	h.top4top.io Failed	eventnewfree-fire.duckdns.org
39	20

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.code-jquery.my.id E1	`2022-01-15` - `2022-04-15`	3 months	crt.sh
top4top.io R3	`2022-01-13` - `2022-04-13`	3 months	crt.sh
wallpapercave.com Cloudflare Inc ECC CA-3	`2021-10-09` - `2022-10-08`	a year	crt.sh
dl.kgtw.garenanow.com DigiCert SHA2 Secure Server CA	`2022-02-16` - `2022-06-27`	4 months	crt.sh
wetv.acc.qq.com DigiCert SHA2 Secure Server CA	`2022-01-17` - `2023-01-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
na.apps.amsoveasea.com TrustAsia TLS RSA CA	`2021-05-31` - `2022-05-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: http://eventnewfree-fire.duckdns.org/
Frame ID: BBF2EE3C2F1F294C046CC5E3969B1AA0
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FREEFIRE EVENT 2022

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

39
Requests

69 %
HTTPS

44 %
IPv6

12
Domains

20
Subdomains

19
IPs

10
Countries

3219 kB
Transfer

3722 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
eventnewfree-fire.duckdns.org/ 43 KB
8 KB 284ms
51ms Document
text/html 104.208.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://eventnewfree-fire.duckdns.org/
Protocol: HTTP/1.1
Server: 104.208.82.172 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: eb2f053b15ee0a8bf17817db30aaf58d0fa60f0eb1cbf7c10c70d5037f3d6a5b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: jp-JP,jp;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
content-length: 7440
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 18 Feb 2022 12:10:54 GMT
server: LiteSpeed

GET
H/1.1 200
OK style.css
eventnewfree-fire.duckdns.org/assets/css/ 26 KB
4 KB 47ms
47ms Stylesheet
text/css 104.208.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://eventnewfree-fire.duckdns.org/assets/css/style.css
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: HTTP/1.1
Server: 104.208.82.172 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 1a85fc7351538ebb362da057565ce854ca5e9d8a69732ee8b89ddda2a0a23335

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 04:27:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4008
expires: Fri, 25 Feb 2022 12:10:54 GMT

GET
H2 200 ionic.esm.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 18 KB
6 KB 16ms
10ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js

Requested by

Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5a06761b0211bb33c9c968e43ce16fcd0b615c10f7186ea6e0dc6dbe54712ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://eventnewfree-fire.duckdns.org/
Origin: http://eventnewfree-fire.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4137
x-jsd-version: 6.0.8
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19175-FRA, cache-tyo11936-TYO
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"49df-Qo9LCG5Rfd2eCPV+fV8hcUlI/n8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6df727a94fe08a4a-NRT

GET
H/1.1 200
OK ups.js Show response
eventnewfree-fire.duckdns.org/ 183 KB
40 KB 96ms
47ms Script
application/javascript 104.208.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://eventnewfree-fire.duckdns.org/ups.js
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: HTTP/1.1
Server: 104.208.82.172 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 4d1213473da914e45f3212ac416ce316cce556505dc721fb330177b60e9d497f

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
content-encoding: gzip
last-modified: Sun, 05 Sep 2021 23:04:30 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 40676
expires: Fri, 25 Feb 2022 12:10:54 GMT

GET
H/1.1 200
OK interface.js Show response
eventnewfree-fire.duckdns.org/assets/js/ 1 KB
905 B 96ms
47ms Script
application/javascript 104.208.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://eventnewfree-fire.duckdns.org/assets/js/interface.js
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: HTTP/1.1
Server: 104.208.82.172 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 73d202634798707e7d182afa5f85310e69fb14e50d95abf46b423f54f321e92c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
content-encoding: gzip
last-modified: Sun, 05 Sep 2021 17:39:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 521
expires: Fri, 25 Feb 2022 12:10:54 GMT

GET
H/1.1 200
OK tab.js Show response
eventnewfree-fire.duckdns.org/assets/js/ 903 B
695 B 96ms
47ms Script
application/javascript 104.208.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://eventnewfree-fire.duckdns.org/assets/js/tab.js
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: HTTP/1.1
Server: 104.208.82.172 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f61b4e551a2ac3fcbd4950ada06f742c52bfffab7555caa2c4732397fc36407c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
content-encoding: gzip
last-modified: Sun, 05 Sep 2021 17:39:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 311
expires: Fri, 25 Feb 2022 12:10:54 GMT

GET
H/1.1 200
OK validFb.js Show response
eventnewfree-fire.duckdns.org/assets/js/ 2 KB
996 B 96ms
47ms Script
application/javascript 104.208.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://eventnewfree-fire.duckdns.org/assets/js/validFb.js
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: HTTP/1.1
Server: 104.208.82.172 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6d4874252f6c099e464f00c19d52138665d277b2bd443b549481b415d0c4aca0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
content-encoding: gzip
last-modified: Sun, 05 Sep 2021 17:39:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 612
expires: Fri, 25 Feb 2022 12:10:54 GMT

GET
H/1.1 200
OK navigator.js Show response
eventnewfree-fire.duckdns.org/assets/js/ 516 B
627 B 98ms
48ms Script
application/javascript 104.208.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://eventnewfree-fire.duckdns.org/assets/js/navigator.js
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: HTTP/1.1
Server: 104.208.82.172 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 76c22fad261ae80306fbe682139126ee438eab5cd48e212befbcbbed88a0933a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
content-encoding: gzip
last-modified: Sun, 05 Sep 2021 17:39:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 243
expires: Fri, 25 Feb 2022 12:10:54 GMT

GET
H/1.1 200
OK backend.js Show response
eventnewfree-fire.duckdns.org/assets/js/ 3 KB
1 KB 114ms
57ms Script
application/javascript 104.208.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: http://eventnewfree-fire.duckdns.org/assets/js/backend.js
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: HTTP/1.1
Server: 104.208.82.172 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e05d451dd2a31b85f9e6b5767c90f217ff81d2ced47151baafd28a510d584e7d

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 04:52:46 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 743
expires: Fri, 25 Feb 2022 12:10:54 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
code.jquery.com/ 91 KB
32 KB 658ms
221ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.2.min.js
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Referer: http://eventnewfree-fire.duckdns.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-16bb3"
vary: Accept-Encoding
x-hw: 1645186254.dop208.pa1.t,1645186254.cds228.pa1.hn,1645186254.cds229.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32788

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 730ms
240ms Script
text/javascript 2a00:1450:400f:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://eventnewfree-fire.duckdns.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 11 Feb 2022 15:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 Feb 2023 15:10:53 GMT

GET
H2 522 jquery-3.5.7.slim.js
code-jquery.my.id/ajax/ 0
0 16080ms
15612ms Script
text/html 2606:4700:3033::6815:551e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://code-jquery.my.id/ajax/jquery-3.5.7.slim.js
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:551e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: http://eventnewfree-fire.duckdns.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
29 KB 997ms
507ms Script
text/javascript 2a00:1450:400f:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://eventnewfree-fire.duckdns.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Sun, 13 Feb 2022 16:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416059
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Feb 2023 16:36:35 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 941ms
505ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: http://eventnewfree-fire.duckdns.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1645186254.dop208.pa1.t,1645186254.cds228.pa1.hn,1645186254.cds047.pa1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET p_2199mg8ez0.jpeg
h.top4top.io/ 0
0

GET
H2 200 p_219994jjn1.jpeg
i.top4top.io/ 46 KB
46 KB 3475ms
1781ms Image
image/jpeg 163.172.59.20
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.top4top.io/p_219994jjn1.jpeg
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.59.20 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-59-20.rev.poneytelecom.eu
Software: nginx /
Resource Hash: e2428e8854e02f05ed315c2423f1439789d6ee9bee36bc6ee032a6e48ef351ad

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-file-id: x43620272x
date: Fri, 18 Feb 2022 12:10:57 GMT
last-modified: Sat, 08 Jan 2022 23:35:05 GMT
server: nginx
etag: "61da1fa9-b673"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="images%20(2).jpeg"
accept-ranges: bytes
content-length: 46707
expires: Fri, 18 Feb 2022 14:10:57 GMT

GET
H2 200 p_219996tda3.jpeg
k.top4top.io/ 61 KB
62 KB 1228ms
529ms Image
image/jpeg 65.21.235.194
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k.top4top.io/p_219996tda3.jpeg
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.194.235.21.65.clients.your-server.de
Software: nginx /
Resource Hash: 350f101287e4e3be49b918390042c6f37dd34d8f18c11dd89055e776c21b3bd5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-file-id: x43620274x
date: Fri, 18 Feb 2022 12:10:55 GMT
last-modified: Sat, 08 Jan 2022 23:35:05 GMT
server: nginx
etag: "61da1fa9-f511"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="images%20(3).jpeg"
accept-ranges: bytes
content-length: 62737
expires: Fri, 18 Feb 2022 14:10:55 GMT

GET
H2 200 p_2199l7l412.jpeg
j.top4top.io/ 53 KB
53 KB 1174ms
502ms Image
image/jpeg 135.181.63.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.top4top.io/p_2199l7l412.jpeg
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn15.top4top.io
Software: nginx /
Resource Hash: 73c035a2a7b35a1d6f83ee4915d0277b43bdcaca0f07dadb7d8fedc519079670

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-file-id: x43620273x
date: Fri, 18 Feb 2022 12:10:55 GMT
last-modified: Sat, 08 Jan 2022 23:35:05 GMT
server: nginx
etag: "61da1fa9-d2c1"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="images%20(4).jpeg"
accept-ranges: bytes
content-length: 53953
expires: Fri, 18 Feb 2022 14:10:55 GMT

GET
H2 200 p_2199ao49s4.jpg
l.top4top.io/ 635 KB
636 KB 1028ms
508ms Image
image/jpeg 65.21.235.194
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.top4top.io/p_2199ao49s4.jpg
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 65.21.235.194 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.194.235.21.65.clients.your-server.de
Software: nginx /
Resource Hash: 227f75fe6b7df46ec50ddf8b5a51fe63569ac792e0489d8614ba713ab6985deb

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-file-id: x43620275x
date: Fri, 18 Feb 2022 12:10:54 GMT
last-modified: Sat, 08 Jan 2022 23:35:05 GMT
server: nginx
etag: "61da1fa9-9eac7"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="IMG_20220106_214534.jpg"
accept-ranges: bytes
content-length: 649927
expires: Fri, 18 Feb 2022 14:10:54 GMT

GET
H/1.1 200
OK 1.jpg
eventnewfree-fire.duckdns.org/assets/evo/ 68 KB
69 KB 48ms
47ms Image
image/jpeg 104.208.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://eventnewfree-fire.duckdns.org/assets/evo/1.jpg
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: HTTP/1.1
Server: 104.208.82.172 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 476a9819e2159c917a01876a7921d61ecdb31ada9a8dfd24872489fab5f9cea8

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
last-modified: Sat, 29 Jan 2022 19:47:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 70091
expires: Fri, 25 Feb 2022 12:10:54 GMT

GET
H/1.1 200
OK done.gif
www.cssmyschool.info/schimg/ 224 KB
224 KB 1451ms
145ms Image
image/gif 216.10.241.191
PUBLIC-DOMAIN-REG...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.cssmyschool.info/schimg/done.gif
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: HTTP/1.1
Server: 216.10.241.191 , India, ASN394695 (PUBLIC-DOMAIN-REGISTRY, US),
Reverse DNS: bh-in-36.webhostbox.net
Software: Apache /
Resource Hash: 015e702f358bf07268c55b496933858119325113af98556a913c77ea3b717f71

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:10:55 GMT
Last-Modified: Wed, 08 Jan 2020 10:17:40 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: image/gif
Keep-Alive: timeout=5, max=75
Content-Length: 229504

GET
H/1.1 200
OK facebook_text.png
eventnewfree-fire.duckdns.org/assets/img/ 28 KB
28 KB 48ms
47ms Image
image/png 104.208.82.172
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://eventnewfree-fire.duckdns.org/assets/img/facebook_text.png
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: HTTP/1.1
Server: 104.208.82.172 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
last-modified: Sun, 05 Sep 2021 17:36:36 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 28789
expires: Fri, 25 Feb 2022 12:10:54 GMT

GET
H2 200 p_21877yoz50.png
b.top4top.io/ 2 KB
2 KB 887ms
243ms Image
image/png 163.172.80.128
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.top4top.io/p_21877yoz50.png
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.80.128 , France, ASN12876 (Online SAS, FR),
Reverse DNS: rev-163-172-80-128.embersyndicate.com
Software: nginx /
Resource Hash: b6b82bf5645626796f4768d65283f0d38d6ca833a1c1387eef36a8c4582fb077

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-file-id: x43339861x
date: Fri, 18 Feb 2022 12:10:55 GMT
last-modified: Tue, 28 Dec 2021 01:25:03 GMT
server: nginx
etag: "61ca676f-77f"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="fb_icon_325x325.png"
accept-ranges: bytes
content-length: 1919
expires: Fri, 18 Feb 2022 14:10:55 GMT

GET
H2 200 p-70d27bbc.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 15 KB
7 KB 12ms
11ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-70d27bbc.js

Requested by

Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5593b3ed73b0f5627d9535e665faa82acd98bb29c5dffe1f25a9ee0802759fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: http://eventnewfree-fire.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7295
x-jsd-version: 6.0.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19154-FRA, cache-tyo11935-TYO
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"3bfa-BycfJV6RDxNi6N96adnAPCQ7L8w"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6df727a9680b8a4a-NRT

GET
H2 200 p-abe0bfcc.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 121 B
247 B 11ms
10ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-abe0bfcc.js

Requested by

Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965a592054daada2e49c493a45da625004e23f239e4ca81cef059e3542d2991e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: http://eventnewfree-fire.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7295
x-jsd-version: 6.0.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19149-FRA, cache-tyo11951-TYO
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"79-c7nA4d3rYuw+qyauiuuFYfo2qF0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6df727a9680c8a4a-NRT

GET
H2 200 p-6cc127f3.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 3 KB
2 KB 11ms
11ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-6cc127f3.js

Requested by

Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930d272a9523b58f3a895806c64b26b4d6c4677b9b186e1f6ddffff44b101097

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: http://eventnewfree-fire.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7295
x-jsd-version: 6.0.7
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19127-FRA, cache-tyo11980-TYO
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"c58-bCTqdJaVvxMqFYOPSN1byTl9rqk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6df727a9680d8a4a-NRT

GET
H2 200 css2
fonts.googleapis.com/ 755 B
888 B 80ms
39ms Stylesheet
text/css 2404:6800:4004:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Staatliches&display=swap

Requested by

Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:821::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5318474003821bdaa91588b102891513c06a012069619666c4e2defe4001122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 12:10:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 18 Feb 2022 12:10:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 18 Feb 2022 12:10:54 GMT

GET
H2 200 wp8348411.jpg
wallpapercave.com/wp/ 700 KB
701 KB 30ms
17ms Image
image/webp 2606:4700:10::6816:3447
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wallpapercave.com/wp/wp8348411.jpg
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3447 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4b2f3335d876445c820f440cf56fc947d14127bcc5e92276cb44bb9d15fe68b

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:54 GMT
cf-cache-status: HIT
age: 132
cf-polished: qual=85, origFmt=jpeg, origSize=964082
content-disposition: inline; filename="wp8348411.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 716922
last-modified: Sun, 17 Jan 2021 09:54:39 GMT
server: cloudflare
etag: "6004095f-eb5f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6df727aa3dfc1fb7-NRT
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK 736b57465bc098745b079bbf59b7645dc4548bc5e23e4805c92fa6a35eb0e3a9.png
dl.dir.freefiremobile.com/common/web_event/4thanniversary/images-hash/ 339 KB
339 KB 147ms
10ms Image
image/png 23.218.94.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/4thanniversary/images-hash/736b57465bc098745b079bbf59b7645dc4548bc5e23e4805c92fa6a35eb0e3a9.png
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.94.160 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-94-160.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: fee90f1ae50bddd5b39a5295b45e09f7f5cb4dc73cf1864b039f74d5fcf1b79a

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:10:54 GMT
Last-Modified: Fri, 30 Jul 2021 11:27:51 GMT
Server: AkamaiNetStorage
ETag: "aeafb33fbb3340a7b04cbcea9eb80475:1627644470.758489"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 347198

GET
H/1.1 200
OK 666394564b4683ef9b268862b8862290acc03a1ba3e22efe284ef2d9fa9767cb.png
dl.dir.freefiremobile.com/common/web_event/4thanniversary/images-hash/ 24 KB
24 KB 144ms
7ms Image
image/png 23.218.94.160
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/4thanniversary/images-hash/666394564b4683ef9b268862b8862290acc03a1ba3e22efe284ef2d9fa9767cb.png
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.94.160 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-218-94-160.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0c0660fd5a3d32b00b7b622a4b19a4fd860580b3c667a23e39b4478d12317369

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 18 Feb 2022 12:10:54 GMT
Last-Modified: Fri, 30 Jul 2021 11:27:59 GMT
Server: AkamaiNetStorage
ETag: "a1cbf8f65cf66cb8d46b733bf458e974:1627644478.890149"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24149

GET
H2 200 content_bg.png
www.pubgmobile.com/id/event/playerstory/images/ 172 KB
173 KB 1242ms
568ms Image
image/png 2600:140b:a00:4::17d8:994e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/playerstory/images/content_bg.png
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:140b:a00:4::17d8:994e Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: aae47f7e632e10fc3409bd1478e6c5050d2bf5b4e80bceb5214b4312bb4514b5

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 12:10:55 GMT
last-modified: Wed, 15 Sep 2021 05:01:52 GMT
server: nginx
etag: "61417e40-2b1b8"
content-type: image/png
cache-control: max-age=295
accept-ranges: bytes
content-length: 176568
expires: Fri, 18 Feb 2022 12:15:50 GMT

GET
H2 200 p_2195timkb3.png
g.top4top.io/ 354 KB
355 KB 968ms
514ms Image
image/png 163.172.24.234
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://g.top4top.io/p_2195timkb3.png
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/assets/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.24.234 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-24-234.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 555cd223d44b14d2bbc36adcc6f2c0011437d10b02a630dfaf3cb2a2f63bbcaa

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-file-id: x43526370x
date: Fri, 18 Feb 2022 12:10:55 GMT
last-modified: Tue, 04 Jan 2022 18:07:56 GMT
server: nginx
etag: "61d48cfc-588cf"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="trueid-alex.png"
accept-ranges: bytes
content-length: 362703
expires: Fri, 18 Feb 2022 14:10:55 GMT

GET
H2 200 p_2195d0rrg0.png
j.top4top.io/ 96 KB
97 KB 1027ms
502ms Image
image/png 135.181.63.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.top4top.io/p_2195d0rrg0.png
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/assets/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn15.top4top.io
Software: nginx /
Resource Hash: cc7841fa3086dfee4633fd3a55eb8feee7d8b83609bea9f20c29bcb29ca40685

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-file-id: x43527957x
date: Fri, 18 Feb 2022 12:10:55 GMT
last-modified: Tue, 04 Jan 2022 19:18:36 GMT
server: nginx
etag: "61d49d8c-18086"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="images-removebg-preview.png"
accept-ranges: bytes
content-length: 98438
expires: Fri, 18 Feb 2022 14:10:55 GMT

GET
H2 200 p_2195hedc60.png
b.top4top.io/ 25 KB
25 KB 975ms
476ms Image
image/png 163.172.80.128
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.top4top.io/p_2195hedc60.png
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/assets/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.80.128 , France, ASN12876 (Online SAS, FR),
Reverse DNS: rev-163-172-80-128.embersyndicate.com
Software: nginx /
Resource Hash: 79a48515fcb9e406488af99cf262ee548a101573817b4c5c6710819b19aca44c

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-file-id: x43527841x
date: Fri, 18 Feb 2022 12:10:55 GMT
last-modified: Tue, 04 Jan 2022 19:13:54 GMT
server: nginx
etag: "61d49c72-6271"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="modalLevel.012d751e.png"
accept-ranges: bytes
content-length: 25201
expires: Fri, 18 Feb 2022 14:10:55 GMT

GET
H2 200 p_2195y8fg30.png
j.top4top.io/ 172 KB
172 KB 1027ms
502ms Image
image/png 135.181.63.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.top4top.io/p_2195y8fg30.png
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/assets/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn15.top4top.io
Software: nginx /
Resource Hash: d3f4ba6b97d4c5185c9c559de3d6d1ee8cc525630a931f50c7d16072494864c0

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-file-id: x43528293x
date: Fri, 18 Feb 2022 12:10:55 GMT
last-modified: Tue, 04 Jan 2022 19:33:02 GMT
server: nginx
etag: "61d4a0ee-2ae56"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="20220105_023112.png"
accept-ranges: bytes
content-length: 175702
expires: Fri, 18 Feb 2022 14:10:55 GMT

GET
H2 200 HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2
fonts.gstatic.com/s/staatliches/v10/ 15 KB
16 KB 734ms
242ms Font
font/woff2 2a00:1450:400f:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/staatliches/v10/HI_OiY8KO6hCsQSoAPmtMYebvpA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Staatliches&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400f:800::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f17671ce030879a0b89ffce96fc31e6feb1a46b560ec7df7e8fb615682258a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://eventnewfree-fire.duckdns.org
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 19:46:19 GMT
x-content-type-options: nosniff
age: 577476
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:59:04 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 11 Feb 2023 19:46:19 GMT

GET
H2 200 / Show response
na.apps.amsoveasea.com/swoole/ 38 B
180 B 771ms
80ms XHR
text/html 129.226.2.89
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://na.apps.amsoveasea.com/swoole/?actid=2020&r=index/getCountry&_only_service_response_=1
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/ups.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.2.89 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 9a166380f3e0d76e61be70092e489d39c076c7ee791304d652866e4719d857f7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: http://eventnewfree-fire.duckdns.org/
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 18 Feb 2022 12:10:55 GMT
content-encoding: gzip
server: nginx/1.20.1
content-length: 57
content-type: text/html

GET
H2 200 p_2195uxetm0.png
i.top4top.io/ 3 KB
4 KB 498ms
498ms Image
image/png 163.172.59.20
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.top4top.io/p_2195uxetm0.png
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.59.20 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-59-20.rev.poneytelecom.eu
Software: nginx /
Resource Hash: deadd58a578f88e7fb9156c4fb06d19ceaca0e665adcf0e40f0999c337957283

Request headers

Accept-Language: jp-JP,jp;q=0.9
Referer: http://eventnewfree-fire.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-file-id: x43527584x
date: Fri, 18 Feb 2022 12:11:10 GMT
last-modified: Tue, 04 Jan 2022 19:02:52 GMT
server: nginx
etag: "61d499dc-de2"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="nick.png"
accept-ranges: bytes
content-length: 3554
expires: Fri, 18 Feb 2022 14:11:10 GMT

GET
H2 206 m_2207ye68p0.mp3
f.top4top.io/ 64 KB
0 1055ms
520ms Media
audio/mpeg 163.172.212.102
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://f.top4top.io/m_2207ye68p0.mp3
Requested by: Host: eventnewfree-fire.duckdns.org
URL: http://eventnewfree-fire.duckdns.org/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.212.102 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-212-102.rev.poneytelecom.eu
Software: nginx /
Resource Hash

Request headers

Referer: http://eventnewfree-fire.duckdns.org/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

x-file-id: x43791929x
date: Fri, 27 Aug 2021 16:57:14 GMT
last-modified: Mon, 17 Jan 2022 01:22:18 GMT
server: nginx
etag: "61e4c4ca-1972d2"
content-type: audio/mpeg
Content-Range: bytes 0-1667793/1667794
cache-control: max-age=7200
content-disposition: inline; filename="bgm.mp3"
Content-Length: 1667794
expires: Fri, 27 Aug 2021 18:57:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: h.top4top.io
URL: https://h.top4top.io/p_2199mg8ez0.jpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://eventnewfree-fire.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-1.10.2.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://eventnewfree-fire.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://eventnewfree-fire.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code-jquery.my.id/ajax/jquery-3.5.7.slim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://eventnewfree-fire.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://eventnewfree-fire.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://eventnewfree-fire.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://eventnewfree-fire.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-1.10.2.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://eventnewfree-fire.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://eventnewfree-fire.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code-jquery.my.id/ajax/jquery-3.5.7.slim.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://eventnewfree-fire.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://eventnewfree-fire.duckdns.org/(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://code.jquery.com/jquery-3.6.0.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://code-jquery.my.id/ajax/jquery-3.5.7.slim.js Message: Failed to load resource: the server responded with a status of 522 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
b.top4top.io
cdn.jsdelivr.net
code-jquery.my.id
code.jquery.com
dl.dir.freefiremobile.com
eventnewfree-fire.duckdns.org
f.top4top.io
fonts.googleapis.com
fonts.gstatic.com
g.top4top.io
h.top4top.io
i.top4top.io
j.top4top.io
k.top4top.io
l.top4top.io
na.apps.amsoveasea.com
wallpapercave.com
www.cssmyschool.info
www.pubgmobile.com
h.top4top.io
104.208.82.172
129.226.2.89
135.181.63.70
163.172.212.102
163.172.24.234
163.172.59.20
163.172.80.128
2001:4de0:ac18::1:a:3a
216.10.241.191
23.218.94.160
2404:6800:4004:821::200a
2600:140b:a00:4::17d8:994e
2606:4700:10::6816:3447
2606:4700:3033::6815:551e
2606:4700::6810:5914
2a00:1450:400f:800::2003
2a00:1450:400f:801::200a
65.21.235.194
015e702f358bf07268c55b496933858119325113af98556a913c77ea3b717f71
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0c0660fd5a3d32b00b7b622a4b19a4fd860580b3c667a23e39b4478d12317369
1a85fc7351538ebb362da057565ce854ca5e9d8a69732ee8b89ddda2a0a23335
227f75fe6b7df46ec50ddf8b5a51fe63569ac792e0489d8614ba713ab6985deb
350f101287e4e3be49b918390042c6f37dd34d8f18c11dd89055e776c21b3bd5
476a9819e2159c917a01876a7921d61ecdb31ada9a8dfd24872489fab5f9cea8
4d1213473da914e45f3212ac416ce316cce556505dc721fb330177b60e9d497f
555cd223d44b14d2bbc36adcc6f2c0011437d10b02a630dfaf3cb2a2f63bbcaa
5593b3ed73b0f5627d9535e665faa82acd98bb29c5dffe1f25a9ee0802759fce
5f17671ce030879a0b89ffce96fc31e6feb1a46b560ec7df7e8fb615682258a5
6d4874252f6c099e464f00c19d52138665d277b2bd443b549481b415d0c4aca0
73c035a2a7b35a1d6f83ee4915d0277b43bdcaca0f07dadb7d8fedc519079670
73d202634798707e7d182afa5f85310e69fb14e50d95abf46b423f54f321e92c
76c22fad261ae80306fbe682139126ee438eab5cd48e212befbcbbed88a0933a
79a48515fcb9e406488af99cf262ee548a101573817b4c5c6710819b19aca44c
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
930d272a9523b58f3a895806c64b26b4d6c4677b9b186e1f6ddffff44b101097
965a592054daada2e49c493a45da625004e23f239e4ca81cef059e3542d2991e
9a166380f3e0d76e61be70092e489d39c076c7ee791304d652866e4719d857f7
a5318474003821bdaa91588b102891513c06a012069619666c4e2defe4001122
aae47f7e632e10fc3409bd1478e6c5050d2bf5b4e80bceb5214b4312bb4514b5
b4b2f3335d876445c820f440cf56fc947d14127bcc5e92276cb44bb9d15fe68b
b6b82bf5645626796f4768d65283f0d38d6ca833a1c1387eef36a8c4582fb077
c5a06761b0211bb33c9c968e43ce16fcd0b615c10f7186ea6e0dc6dbe54712ad
cc7841fa3086dfee4633fd3a55eb8feee7d8b83609bea9f20c29bcb29ca40685
d3f4ba6b97d4c5185c9c559de3d6d1ee8cc525630a931f50c7d16072494864c0
deadd58a578f88e7fb9156c4fb06d19ceaca0e665adcf0e40f0999c337957283
e05d451dd2a31b85f9e6b5767c90f217ff81d2ced47151baafd28a510d584e7d
e2428e8854e02f05ed315c2423f1439789d6ee9bee36bc6ee032a6e48ef351ad
eb2f053b15ee0a8bf17817db30aaf58d0fa60f0eb1cbf7c10c70d5037f3d6a5b
f61b4e551a2ac3fcbd4950ada06f742c52bfffab7555caa2c4732397fc36407c
fee90f1ae50bddd5b39a5295b45e09f7f5cb4dc73cf1864b039f74d5fcf1b79a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

eventnewfree-fire.duckdns.org Open in urlscan Pro 104.208.82.172 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

39 Requests

69 %HTTPS

44 %IPv6

12 Domains

20 Subdomains

19 IPs

10 Countries

3219 kBTransfer

3722 kBSize

0 Cookies

0 Outgoing links

Redirected requests

39 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

eventnewfree-fire.duckdns.org Open in urlscan Pro
104.208.82.172 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

39
Requests

69 %
HTTPS

44 %
IPv6

12
Domains

20
Subdomains

19
IPs

10
Countries

3219 kB
Transfer

3722 kB
Size

0
Cookies

39 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!