urlscan.io logo urlscan.io
SecurityTrails logo

frt4.tk Open in urlscan Pro
34.74.170.74  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://frt4.tk/
Effective URL: https://frt4.tk/
Submission: On March 31 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 1 countries across 5 domains to perform 24 HTTP transactions. The main IP is 34.74.170.74, located in North Charleston, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is frt4.tk.
TLS certificate: Issued by R3 on March 31st 2023. Valid for: 3 months.
This is the only time frt4.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Scam (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 34.74.37.249 396982 (GOOGLE-CL...)
1 34.74.170.74 396982 (GOOGLE-CL...)
9 2606:4700::68... 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
3 2600:9000:251... 16509 (AMAZON-02)
7 2600:9000:21d... 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
24 7
1    34.74.37.249 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.37.74.34.bc.googleusercontent.com
frt4.tk
1    34.74.170.74 (North Charleston, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 74.170.74.34.bc.googleusercontent.com
frt4.tk
9    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2607:f8b0:4006:80b::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2140:6000:d:e9c:2500:21 (United States)

ASN16509 (AMAZON-02, US)
d2bb5k76l7oivo.cloudfront.net
3    2600:9000:2512:e600:1c:b3e3:eb40:21 (United States)

ASN16509 (AMAZON-02, US)
d13pxqgp3ixdbh.cloudfront.net
7    2600:9000:21da:6400:1c:8de0:8c80:21 (United States)

ASN16509 (AMAZON-02, US)
d2punpeg7vtjci.cloudfront.net
2    2607:f8b0:4006:823::200e (Nutley, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
11 cloudfront.net
d2bb5k76l7oivo.cloudfront.net
d13pxqgp3ixdbh.cloudfront.net
d2punpeg7vtjci.cloudfront.net
147 KB
9 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
218 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 frt4.tk
frt4.tk
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
44 KB
24 5
Domain Requested by
9 cdn.jsdelivr.net frt4.tk
7 d2punpeg7vtjci.cloudfront.net d2bb5k76l7oivo.cloudfront.net
cdn.jsdelivr.net
3 d13pxqgp3ixdbh.cloudfront.net frt4.tk
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 frt4.tk 1 redirects
1 d2bb5k76l7oivo.cloudfront.net frt4.tk
1 www.googletagmanager.com frt4.tk
24 7

This site contains no links.

Subject Issuer Validity Valid
*.frt4.tk
R3		 2023-03-31 -
2023-06-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-13 -
2023-06-05		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh

This page contains 1 frames:

Primary Page: https://frt4.tk/
Frame ID: 27B0CE85BA95BC9D4F03671AAE33F9EC
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

File sharing and storage made simpleworld

Page URL History Show full URLs

  1. http://frt4.tk/ HTTP 301
    https://frt4.tk/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

24
Requests

100 %
HTTPS

75 %
IPv6

5
Domains

7
Subdomains

7
IPs

1
Countries

433 kB
Transfer

903 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://frt4.tk/ HTTP 301
    https://frt4.tk/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
frt4.tk/
Redirect Chain
  • http://frt4.tk/
  • https://frt4.tk/
7 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://frt4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.74.170.74 North Charleston, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
74.170.74.34.bc.googleusercontent.com
Software
Netlify /
Resource Hash
d6dd2430ea34be20c6baee2523fdda769533e33a6d895309c547d2e4ef979f94
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
23410
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-length
3421
content-type
text/html; charset=UTF-8
date
Fri, 31 Mar 2023 08:38:04 GMT
etag
"f0ad88edb6118b10b88f6159e6bb62ba-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01GWW3CJ9P247AXFR2PTMYMY7W

Redirect headers

Content-Length
31
Content-Type
text/plain; charset=utf-8
Date
Fri, 31 Mar 2023 15:08:14 GMT
Location
https://frt4.tk/
Server
Netlify
X-Nf-Request-Id
01GWW3CHSHT6RPY841G2YEVEAG
index.e971c767.js
cdn.jsdelivr.net/gh/woktoba/mdfr/ 		231 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/woktoba/mdfr/index.e971c767.js
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2114450d838746f32ca3d57fcfbe06f9d95dc5e1562a6953a2e3936df8725d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://frt4.tk/
Origin
https://frt4.tk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1698
x-jsd-version
master
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230083-FRA, cache-yyz4550-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"39dce-p6cbax7deGzaHH+TibFzqgDZhI8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q01UM2Eja5Uu2oNlfcjrT%2FvK63CXzEFQLjwknwoJbau%2F2F45LOYOsaZvmE6gfWoJdGEwmcPb%2BMwsw%2B54DA0aZEcqcuiS9dz4xI7ouBCPVb7S2RVIzkQEe1U7sKJv%2BGDdmLb%2Fn%2BB3qUS4VRFrgmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7b0981b328b54322-EWR
vendor.41566de1.js
cdn.jsdelivr.net/gh/woktoba/mdfr/ 		246 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/woktoba/mdfr/vendor.41566de1.js
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
164e3a8cf004dfcfeebdf644729bdf52e32b3814ffa3685dc0df471e52468a79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://frt4.tk/
Origin
https://frt4.tk
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230051-FRA, cache-yyz4538-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"3d6b0-LeWMc09WntiWKOihSvv3y/jV4s8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yBWEoYE9qTJd3Mse%2BhfEY6ZoFPfC6EkX%2BYqAnaq10QW1r8PSETi9vONbBJl9jUUnP8tANZsWipbi00S8Nv1C9Unal8awp1taALDQ8qUzZD4%2FeTFFJ%2FvkogmAXI1zUwog5MJnwRICkcgUsz2exGQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7b0981b328b64322-EWR
index.2dba99ef.css
cdn.jsdelivr.net/gh/woktoba/mdfr/ 		43 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/woktoba/mdfr/index.2dba99ef.css
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0960be97e22b89f37a1328f120c4caa6670a2e5ec6a44148b2af465c4b309cd8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230066-FRA, cache-yyz4556-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"ac34-LDUP82VXHqwiq/YDJ6VtQUbnJXM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwKkdxxe4x6Lhi3MkRmiOFBM9ib0T15o9x8VNeGHMWHc8IXGknO6Gq8jwRQJMce5ZtlA8HnB2%2F1BoeUWJw9%2FAC%2F55BL6SqeXL%2Be%2BolED8a1tb8apnv3U0UpkkI64yg%2Frzo0973q5ukri5qLYP3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7b0981b32dab3342-EWR
js
www.googletagmanager.com/gtag/ 		113 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-00000-0
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2008 Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
05c6827f2db952f37a0bc58ddc125ee7f845a2fdb4b69c4f00bf6751513360ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
44995
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 31 Mar 2023 15:08:15 GMT
xUEL3H.js
d2bb5k76l7oivo.cloudfront.net/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2bb5k76l7oivo.cloudfront.net/xUEL3H.js
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:6000:d:e9c:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d212a5a732e0632cb7a63412830a021c8c0a4aaa835a604ef008c1b0e4b00300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
content-encoding
br
via
1.1 6e24e95f882f20707346a032d1fa2948.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 21:50:46 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C1
age
953
etag
W/"8ab72c4473621e1b30a24ec89af90bcf"
vary
Accept-Encoding
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-id
EeK2CabTHkvHAfPfLs_O5zIFXAP4oqxAWDlEpZQCYeFQhM479XwLTA==
14859274931dd77b79350953c8e835afaced491210.js
d13pxqgp3ixdbh.cloudfront.net/uploads/assets/ 		94 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/uploads/assets/14859274931dd77b79350953c8e835afaced491210.js
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:e600:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
OtUYYqwtBoholUTDjGSvGGobkBeaK2NL
date
Thu, 30 Mar 2023 16:00:03 GMT
via
1.1 100ce1d37f67e6c59753cd4c9c473afc.cloudfront.net (CloudFront)
last-modified
Wed, 01 Feb 2017 05:38:14 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
83293
etag
"8101d596b2b8fa35fe3a634ea342d7c3"
x-cache
Hit from cloudfront
content-type
application/x-javascript
accept-ranges
bytes
content-length
95786
x-amz-cf-id
iDYBTGASIf28rtIEYh1I8Je9MomkWFaC1_ybNijdDnRGnx7hAgZ2fA==
html.3650960.f6e40.0.js
d2punpeg7vtjci.cloudfront.net/public/external/v2/ 		12 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2punpeg7vtjci.cloudfront.net/public/external/v2/html.3650960.f6e40.0.js
Requested by
Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/xUEL3H.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:6400:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
fa79d0a07ff0c989222c457414b96ebd91efca1897ffb176d11be2bd33b78a51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
server
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
EWR53-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
x-amz-cf-id
MP-R0ReIucvlLUBg3YfXlC2hQZCJIMmMLWOKasT07ZyXkVIyPGBGAQ==
css_front.css
d2punpeg7vtjci.cloudfront.net/public/external/ 		6 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2punpeg7vtjci.cloudfront.net/public/external/css_front.css
Requested by
Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/xUEL3H.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:6400:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
last-modified
Tue, 23 Jun 2020 20:06:47 GMT
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
EWR53-C1
etag
"19c4-5a8c5e62e9d0a"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
6596
x-amz-cf-id
0V7dSKcGyQJ7Cf0pOLvLGRxY2WWnSq8LlL92Z6nI6RPprhk6HQjoXg==
check.php
d2punpeg7vtjci.cloudfront.net/public/external/ 		78 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2punpeg7vtjci.cloudfront.net/public/external/check.php?it=3650960&time=1680275295424
Requested by
Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/xUEL3H.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:6400:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
server
Apache/2.4.41 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
EWR53-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
78
x-amz-cf-id
D0I4_IFznBuvkQdA5-AULhNLArd_vliAnqq0QFnYYBgUEhU2kH-eaA==
16378790659ea8cce376455823c84d741409a00d27.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/uploads/16378790659ea8cce376455823c84d741409a00d27.png
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:e600:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
671101551c485c66cf1157ef83c59ce3649b08c79297bdcb233b1a4f5bb1c2a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
olnx.HgkInILssXwJSqN6kW2J5lJGaJi
date
Fri, 31 Mar 2023 12:03:48 GMT
via
1.1 100ce1d37f67e6c59753cd4c9c473afc.cloudfront.net (CloudFront)
last-modified
Thu, 25 Nov 2021 22:24:26 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
11068
etag
"4df3eaed5ae12b94feabea04faa42302"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
16841
x-amz-cf-id
HX1mtI3sLyRRqb3sKJllqs-HM7bUY6U12VG-DaGsQAk-XDjwfub9uw==
163687897046395e783acfa439affb1b28cbcf3311.png
d13pxqgp3ixdbh.cloudfront.net/uploads/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d13pxqgp3ixdbh.cloudfront.net/uploads/163687897046395e783acfa439affb1b28cbcf3311.png
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2512:e600:1c:b3e3:eb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e6fd253070f62388a1cc65cf757a8ca141eabab5ca2760afba0bff0580b1829c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-amz-version-id
1vbaqQaIcTFTx9voq2FHXjm0UwIUJf61
date
Fri, 31 Mar 2023 11:44:33 GMT
via
1.1 100ce1d37f67e6c59753cd4c9c473afc.cloudfront.net (CloudFront)
last-modified
Sun, 14 Nov 2021 08:36:11 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
12223
etag
"701759a1b32bc98a82bc2213445d2e22"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1311
x-amz-cf-id
YLfQcKHkU6Tf0nXH6RvvTRTc8lv9PYnWi-9YLo3MDQwp2SGP5-lyLg==
us.png
cdn.jsdelivr.net/gh/iDevMore/countries/flags/128x128/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/iDevMore/countries/flags/128x128/us.png
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4f56fde2e2da5f53631b48d4741fee789ded99f711867505d0d96995ea2fc9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8159
x-served-by
cache-fra-eddf8230094-FRA, cache-yyz4570-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"1fdf-PF/vsH5zp4ZFFRp+1Qzs40gWZzY"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vaj%2BDjscz%2FGP%2FA9ciVfBGXQxM6k6DNHPrgdGscS8QJ2%2BmF7070vu3bUG1AC2%2FMSfvCv3%2FT0FjAhpzqQ88E3Zvww%2Bm04VSUKK5z1wvW22Y6I3kIlSPciLmrtVMxBPVAXJiJ48XL3sPKwuQO2ZLcU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7b0981b52f213342-EWR
virustotal.svg
cdn.jsdelivr.net/gh/iDevMore/mdfr/ 		259 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/iDevMore/mdfr/virustotal.svg
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d8bff9216f278fe68410da7ee6e119700b5edb009dd54b41f52b9ffd2eb35a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230057-FRA, cache-yyz4571-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"103-QM0pPNDukP79qGumV2zDRY4m9Q4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9YIDRKPVaQ6rODRPQPOFlGmZw4ZPSSesoXViiR7taz9JM7%2FiVV%2FtA4BRWpQuCQeoW6L3OSwZRulLJpJiS4OfErexIfUTPUcVRWaIVLWJdmSkzqhsqnYeMDE%2BSGMCN3ITryQ43MCisvQ123n08pQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7b0981b52f233342-EWR
mediafile-small.svg
cdn.jsdelivr.net/gh/iDevMore/mdfr/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.jsdelivr.net/gh/iDevMore/mdfr/mediafile-small.svg
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c52fdeac2118722887c37f927f98f49b8cefb4a91bfcf566ff84c5601400d7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
master
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230112-FRA, cache-yyz4545-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"11ba-mnuUJET0qVn1D5BD8ICIM+aNsWg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RZZjFIPm%2FmbZTjFHu8bxSpYFD2nQpFL7jDI0W1yFjQLSrg1fybfmS7s8yIcuKlM8LjtWq9hYM3PC1ROh3gu8ChpbEgtYXiPlP2lRKElf1s7Q27NDVHvl5lawh7SzHjPaYYPrz%2FgmfV788yKscH4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7b0981b52f243342-EWR
error.mp3
cdn.jsdelivr.net/gh/iDevMore/audios-2021-Q4/ui-sounds/ 		9 KB
10 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/iDevMore/audios-2021-Q4/ui-sounds/error.mp3
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34602caf4ab9e08ecfbf6acd663e006604e00c0e7c199cea8e4fd3b7cceadead
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://frt4.tk/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16358
x-jsd-version
master
x-cache
HIT, MISS
Content-Range
bytes 0-9205/9206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
9206
x-served-by
cache-fra-eddf8230118-FRA, cache-jnb7023-JNB
x-jsd-version-type
branch
server
cloudflare
etag
W/"23f6-2fgkwxAdx3vfYLHa3H3acugl20M"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JUjspQHNRbEKf3fsbIzy7EA7VCmEq4EdNGeCf5Gq5eRa6gIW%2FeBzfKSeHMe6tpgqqwwetE%2FBh1pUlGNdK5oiglpXJz8Z2IVrfJ1kZk41OqeJWS9%2BvTx0Y37ixfvaVZrxXcgismCwPdeXJJ4AGr4%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7b0981b5eea31819-EWR
success-long.mp3
cdn.jsdelivr.net/gh/iDevMore/audios-2021-Q4/ui-sounds/ 		23 KB
24 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/iDevMore/audios-2021-Q4/ui-sounds/success-long.mp3
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea9e527a7e9eeb85057e42c900ae26b712c5e21b2f0e609c9b9a37285cce89e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://frt4.tk/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16358
x-jsd-version
master
x-cache
HIT, MISS
Content-Range
bytes 0-23383/23384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
23384
x-served-by
cache-fra-eddf8230033-FRA, cache-yyz4560-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"5b58-7ywMWGaQElE5JazsVINuRsLRFAc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfg%2BBCPF7AF%2B9sT4pbtJcBs01huhCMtAcGdsT%2BfAEYLkGIVz55KDSr0IUpERXuCl52ZXa1FBjLL%2FQZv9JdRy3VlYqr0YP%2F%2Bpb4ikjgpD4gZh4YW6zvh4ew0CcMTvnOJ010gCwkVzsvoLzkZDVUk%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7b0981b5eea61819-EWR
pop.mp3
cdn.jsdelivr.net/gh/iDevMore/audios-2021-Q4/ui-sounds/ 		9 KB
10 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/iDevMore/audios-2021-Q4/ui-sounds/pop.mp3
Requested by
Host: frt4.tk
URL: https://frt4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4ef7369f720aaec85b49916182e03ce4fefee1651279d55dd46a9f19fd21081
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://frt4.tk/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
16357
x-jsd-version
master
x-cache
MISS, MISS
Content-Range
bytes 0-9205/9206
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length
9206
x-served-by
cache-fra-eddf8230087-FRA, cache-yyz4520-YYZ
x-jsd-version-type
branch
server
cloudflare
etag
W/"23f6-8eNelotANfGwyuW4JrW2EsSwy/I"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePBKh2H1YLvhnLEqEuxBjf5woZpBCZLVAsNSuUF71SGfJ1BMMYClDhyeo2Lg46keB07mbOb%2BlhqjK50gowVRI78Y8XugW%2BZkgUWfEKSxEK6SY0Vwtj61QWpYvPnyazw%2B8Ltxx3qpy9NNMZb7GzY%3D"}],"group":"cf-nel","max_age":604800}
content-type
audio/mpeg
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7b0981b5eeac1819-EWR
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-00000-0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 31 Mar 2023 14:05:11 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
3785
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Fri, 31 Mar 2023 16:05:11 GMT
css.css
d2punpeg7vtjci.cloudfront.net/public/clockers/CustomButton/ 		1010 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2punpeg7vtjci.cloudfront.net/public/clockers/CustomButton/css.css
Requested by
Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/xUEL3H.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:6400:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 /
Resource Hash
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:15 GMT
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
last-modified
Fri, 10 Apr 2020 22:29:00 GMT
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
EWR53-C1
etag
"3f2-5a2f7428ae907"
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
1010
x-amz-cf-id
zzloeHspCLfkqyjGPmzaADAkUOi-cNcsBrthvcfjyWSh2RknJgGZCQ==
f_it
d2punpeg7vtjci.cloudfront.net/public/ 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2punpeg7vtjci.cloudfront.net/public/f_it?cpguid=ain1p1bl6&it=3650960&w=1600&h=1200&key=f6e40&m=0&s1=iDev_MediaFire&user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.146%20Safari%2F537.36&s2=s2-tag-MediaFile
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/woktoba/mdfr/vendor.41566de1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:6400:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
15ca1a788981a981106887ede5950eb82d40d30ffc2d2afc1afff7ea10ed8e0a

Request headers

Accept
application/json, text/plain, */*
Referer
https://frt4.tk/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:16 GMT
via
1.1 34d27d5dec8d9c8d04bc61d1e0056be2.cloudfront.net (CloudFront)
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
EWR53-C1
x-powered-by
PHP/7.4.11
access-control-max-age
0
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With
content-length
5478
x-amz-cf-id
7L8S-GZgQWpi_OZShoOf7v0A1qRBExhHnAHBQ9C7gvPhF1gvl8wqtA==
guid
d2punpeg7vtjci.cloudfront.net/public/ 		0
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2punpeg7vtjci.cloudfront.net/public/guid?cpguid=ain1p1bl6&e=ll&t=1680275296373
Requested by
Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/xUEL3H.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:6400:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:16 GMT
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
server
Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
EWR53-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
content-length
0
x-amz-cf-id
MK2gkj5tis_mQub9ooVQ3JOQFPnqgnpKGhin40xXoUb5ZTJvA_ArgQ==
collect
www.google-analytics.com/j/ 		1 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1982942730&t=pageview&_s=1&dl=https%3A%2F%2Ffrt4.tk%2F&ul=en-us&de=UTF-8&dt=File%20sharing%20and%20storage%20made%20simple&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=1391928202&gjid=808640042&cid=451984233.1680275297&tid=UA-00000-0&_gid=1771232269.1680275297&_r=1&gtm=457e33t0&jsscut=1&z=2117066108
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Nutley, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://frt4.tk/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 31 Mar 2023 15:08:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://frt4.tk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
check.php
d2punpeg7vtjci.cloudfront.net/public/external/ 		78 B
372 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d2punpeg7vtjci.cloudfront.net/public/external/check.php?it=3650960&time=1680275297779
Requested by
Host: d2bb5k76l7oivo.cloudfront.net
URL: https://d2bb5k76l7oivo.cloudfront.net/xUEL3H.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:6400:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11
Resource Hash
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://frt4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Fri, 31 Mar 2023 15:08:17 GMT
via
1.1 98c9abb82906e5df5d993116d0614420.cloudfront.net (CloudFront)
server
Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11
x-amz-cf-pop
EWR53-C1
x-powered-by
PHP/7.4.11
x-cache
Miss from cloudfront
content-type
application/javascript
content-length
78
x-amz-cf-id
um5YzCCenzrAiFyXjHc7HzABBusEowTcFm4jEtXPn-rcepC61WSxkQ==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| Globals number| currentLeads number| currentCents function| gtag object| dataLayer object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| $ function| jQuery number| leads_required string| redirect_url boolean| __VUE__ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
frt4.tk/ Name: _cpguid
Value: ain1p1bl6
.frt4.tk/ Name: _ga
Value: GA1.2.451984233.1680275297
.frt4.tk/ Name: _gid
Value: GA1.2.1771232269.1680275297
.frt4.tk/ Name: _gat_gtag_UA_00000_0
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
d13pxqgp3ixdbh.cloudfront.net
d2bb5k76l7oivo.cloudfront.net
d2punpeg7vtjci.cloudfront.net
frt4.tk
www.google-analytics.com
www.googletagmanager.com
2600:9000:2140:6000:d:e9c:2500:21
2600:9000:21da:6400:1c:8de0:8c80:21
2600:9000:2512:e600:1c:b3e3:eb40:21
2606:4700::6810:5614
2607:f8b0:4006:80b::2008
2607:f8b0:4006:823::200e
34.74.170.74
34.74.37.249
05c6827f2db952f37a0bc58ddc125ee7f845a2fdb4b69c4f00bf6751513360ae
0960be97e22b89f37a1328f120c4caa6670a2e5ec6a44148b2af465c4b309cd8
15ca1a788981a981106887ede5950eb82d40d30ffc2d2afc1afff7ea10ed8e0a
164e3a8cf004dfcfeebdf644729bdf52e32b3814ffa3685dc0df471e52468a79
1d8bff9216f278fe68410da7ee6e119700b5edb009dd54b41f52b9ffd2eb35a9
34602caf4ab9e08ecfbf6acd663e006604e00c0e7c199cea8e4fd3b7cceadead
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
671101551c485c66cf1157ef83c59ce3649b08c79297bdcb233b1a4f5bb1c2a3
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c52fdeac2118722887c37f927f98f49b8cefb4a91bfcf566ff84c5601400d7b
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a4ef7369f720aaec85b49916182e03ce4fefee1651279d55dd46a9f19fd21081
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
c4f56fde2e2da5f53631b48d4741fee789ded99f711867505d0d96995ea2fc9f
d2114450d838746f32ca3d57fcfbe06f9d95dc5e1562a6953a2e3936df8725d1
d212a5a732e0632cb7a63412830a021c8c0a4aaa835a604ef008c1b0e4b00300
d6dd2430ea34be20c6baee2523fdda769533e33a6d895309c547d2e4ef979f94
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6fd253070f62388a1cc65cf757a8ca141eabab5ca2760afba0bff0580b1829c
ea9e527a7e9eeb85057e42c900ae26b712c5e21b2f0e609c9b9a37285cce89e3
fa79d0a07ff0c989222c457414b96ebd91efca1897ffb176d11be2bd33b78a51