mail.contohfomain55.duckdns.org Open in urlscan Pro
40.87.64.77 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mail.contohfomain55.duckdns.org/
Submission Tags: fd s0 duckdns Search All
Submission: On February 12 via api (February 12th 2022, 6:49:21 pm UTC) from US — Scanned from DE

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 14 domains to perform 40 HTTP transactions. The main IP is 40.87.64.77, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is mail.contohfomain55.duckdns.org.
TLS certificate: Issued by R3 on February 12th 2022. Valid for: 3 months.

This is the only time mail.contohfomain55.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
3	40.87.64.77 40.87.64.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	92.123.194.148 92.123.194.148	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	2.16.107.121 2.16.107.121	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2606:4700:303... 2606:4700:3030::6815:29eb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.68.52.216 188.68.52.216	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
1	23.79.135.178 23.79.135.178	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8000::154	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	129.226.2.89 129.226.2.89	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
40	14

3 40.87.64.77 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

mail.contohfomain55.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7caf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 92.123.194.148 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-194-148.deploy.static.akamaitechnologies.com

freefiremobile-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.16.107.121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-121.deploy.static.akamaitechnologies.com

dl.dir.freefiremobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3030::6815:29eb (United States)

ASN13335 (CLOUDFLARENET, US)

www.svgrepo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.68.52.216 (Hitzacker, Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: i.im.ge

i.im.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.135.178 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-135-178.deploy.static.akamaitechnologies.com

img.utdstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8000::154 (United States)

ASN54113 (FASTLY, US)

raw.githubusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.226.2.89 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

na.apps.amsoveasea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	akamaihd.net freefiremobile-a.akamaihd.net — Cisco Umbrella Rank: 25756	640 KB
7	freefiremobile.com dl.dir.freefiremobile.com — Cisco Umbrella Rank: 35386	2 MB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	3 KB
4	svgrepo.com www.svgrepo.com — Cisco Umbrella Rank: 334283	11 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 802	44 KB
3	gstatic.com fonts.gstatic.com	58 KB
3	duckdns.org mail.contohfomain55.duckdns.org	94 KB
1	amsoveasea.com na.apps.amsoveasea.com — Cisco Umbrella Rank: 265178	181 B
1	githubusercontent.com raw.githubusercontent.com — Cisco Umbrella Rank: 4514
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 401	32 KB
1	utdstc.com img.utdstc.com — Cisco Umbrella Rank: 109821	14 KB
1	im.ge i.im.ge — Cisco Umbrella Rank: 450680	28 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	6 KB
0	top4top.io Failed h.top4top.io Failed
40	14

	Domain	Requested by
9	freefiremobile-a.akamaihd.net	mail.contohfomain55.duckdns.org
7	dl.dir.freefiremobile.com	mail.contohfomain55.duckdns.org
5	fonts.googleapis.com	mail.contohfomain55.duckdns.org
4	www.svgrepo.com	mail.contohfomain55.duckdns.org
4	unpkg.com	2 redirects mail.contohfomain55.duckdns.org
3	fonts.gstatic.com	fonts.googleapis.com
3	mail.contohfomain55.duckdns.org	mail.contohfomain55.duckdns.org
1	na.apps.amsoveasea.com	cdn.jsdelivr.net
1	raw.githubusercontent.com	mail.contohfomain55.duckdns.org
1	cdn.jsdelivr.net	mail.contohfomain55.duckdns.org
1	img.utdstc.com	mail.contohfomain55.duckdns.org
1	i.im.ge	mail.contohfomain55.duckdns.org
1	cdnjs.cloudflare.com	mail.contohfomain55.duckdns.org
0	h.top4top.io Failed	mail.contohfomain55.duckdns.org
40	14

This site contains no links.

Subject Issuer	Validity	Valid
mail.contohfomain55.duckdns.org R3	`2022-02-12` - `2022-05-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
dl.kgtw.garenanow.com DigiCert SHA2 Secure Server CA	`2021-12-28` - `2022-06-27`	6 months	crt.sh
i.im.ge Sectigo RSA Domain Validation Secure Server CA	`2021-09-25` - `2022-09-25`	a year	crt.sh
uptodown.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
na.apps.amsoveasea.com TrustAsia TLS RSA CA	`2021-05-31` - `2022-05-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://mail.contohfomain55.duckdns.org/
Frame ID: 28F43BAA2C050C7FDDB77C034B247354
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

40
Requests

93 %
HTTPS

54 %
IPv6

14
Domains

14
Subdomains

14
IPs

3
Countries

3360 kB
Transfer

3568 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://unpkg.com/swiper@7/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

Request Chain 21

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@8.0.5/swiper-bundle.min.js

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
mail.contohfomain55.duckdns.org/ 19 KB
19 KB 398ms
92ms Document
text/html 40.87.64.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.contohfomain55.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.87.64.77 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: 90b0614198653dba4da856899f139c9a85a208f88c2b7e8a88c5369eabcfd2c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Server: Apache
Last-Modified: Thu, 09 Dec 2021 11:51:32 GMT
Accept-Ranges: bytes
Content-Length: 19069
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

GET
H/1.1 200
OK style.css
mail.contohfomain55.duckdns.org/css/ 25 KB
25 KB 161ms
91ms Stylesheet
text/css 40.87.64.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.contohfomain55.duckdns.org/css/style.css
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.87.64.77 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: a5e491774e8d0a8d5dfdd0611e0ae8eb3302524512c9ce7b38d44e83735d1cc3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Last-Modified: Sun, 14 Nov 2021 08:13:32 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 25215

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@7.4.1/
Redirect Chain

https://unpkg.com/swiper@7/swiper-bundle.min.css
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

15 KB
5 KB

26ms
26ms

Stylesheet
text/css

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css

Requested by

Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 18:49:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1594482
fly-request-id: 01FT83NCH2QVHAH0PJ04DV855M
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3ccb-5Koe10fACH1gYqRziowpfORPwas"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6dc7fef01e479164-FRA

Redirect headers

date: Sat, 12 Feb 2022 18:49:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FVQM2AS7QX6WDG4R5YXT166E
server: cloudflare
age: 223
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@7.4.1/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dc7feeffdd39164-FRA
access-control-allow-origin: *

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 35ms
17ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 18:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 260650
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TY93C32tfQ8%2FJ%2BB1TKeg5vp6j%2B6wgjRuF1FHS9dbFZ5VjiBdhXSqvKwKpK9bm0whP0oubtH1BgBKVKvUGgOyrd1X2hNkcTq5%2FUi83XIY9Glc9TQ3xYToeILQQVX90ghB5lu2VgGqifpH%2FPaCNGO0iuv7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6dc7feefed7491ed-FRA
expires: Thu, 02 Feb 2023 18:49:15 GMT

GET p_2016h7ob71.gif
h.top4top.io/ 0
0

GET
H/1.1 200
OK app_icon.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/ 22 KB
22 KB 83ms
37ms Image
image/png 92.123.194.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/app_icon.png
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.194.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b27a41813f7963b39fe1755ad31a133c30066d5a8fcabf9710b44556109aba17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Last-Modified: Mon, 10 Aug 2020 10:06:25 GMT
Server: AkamaiNetStorage
ETag: "db8d665e878853bc4b041870b3661072:1597053985.699702"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22559

GET
H/1.1 200
OK logo_small.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/ 22 KB
23 KB 55ms
9ms Image
image/png 92.123.194.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/logo_small.png
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.194.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: adcab86657a7a2669c7d7434397486372c7b0b9b50e34c379166bf957e4e7da8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Last-Modified: Wed, 14 Apr 2021 03:04:20 GMT
Server: AkamaiNetStorage
ETag: "57eaed1e025698432da8dfe2c49d9798:1618380359.988444"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22987

GET
H/1.1 200
OK appstore3.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/ 9 KB
10 KB 65ms
19ms Image
image/png 92.123.194.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/appstore3.png
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.194.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 07c60246a4ac7d8fe6078972ad94d08699ed1d5edd31d7fca05ea4c9b2d67599

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Last-Modified: Thu, 24 May 2018 05:15:05 GMT
Server: AkamaiNetStorage
ETag: "46179f391c2582a95a1ba3dc308adf93:1543299092.856403"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9567

GET
H/1.1 200
OK googleplay3.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/ 7 KB
7 KB 67ms
21ms Image
image/png 92.123.194.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/googleplay3.png
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.194.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9fd6085027e4ac8bde87a63acb7f5f03f6297a7d40a353b9e2d37b380e03e67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Last-Modified: Thu, 24 May 2018 05:15:05 GMT
Server: AkamaiNetStorage
ETag: "85f18ff18dd0df9e10ae947e8163a44e:1543299094.82307"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7281

GET
H/1.1 200
OK 8e822cf7230420e5a4240972cc11efdajpg
dl.dir.freefiremobile.com/common/web_event/hash/ 464 KB
464 KB 121ms
84ms Image
image/jpeg 2.16.107.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/8e822cf7230420e5a4240972cc11efdajpg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b934f8e69730a987d53fa348b3bb37c6eee5d8b91e736726114d139abf8ac044

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 04:06:23 GMT
Server: AkamaiNetStorage
ETag: "3add39940ca36eadb2f32fe3b86b33b4:1630037183.24865"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H/1.1 200
OK c175292e0a856831eeeeb727bd33c324jpg
dl.dir.freefiremobile.com/common/web_event/hash/ 382 KB
380 KB 52ms
15ms Image
image/jpeg 2.16.107.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/c175292e0a856831eeeeb727bd33c324jpg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5c91a3f8654051a93899960e8cc6053250bc90f8e4a9567c309d963dcd72c818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 04:06:24 GMT
Server: AkamaiNetStorage
ETag: "c777d5d6b49fa89f90f42e7a8e8c5b01:1630037183.894355"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H/1.1 200
OK 242c176892fae8907c4502dc6f745837jpg
dl.dir.freefiremobile.com/common/web_event/hash/ 427 KB
425 KB 55ms
18ms Image
image/jpeg 2.16.107.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/242c176892fae8907c4502dc6f745837jpg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e1736ebdbb540fc361581e9254a04234e6f663af89db30ea15fe783d8f50827d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 04:06:24 GMT
Server: AkamaiNetStorage
ETag: "412f7a9187960146917b47861b2b4b84:1630037184.447298"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H/1.1 200
OK a0a4ae30805722476d7af24e8266c18ajpg
dl.dir.freefiremobile.com/common/web_event/hash/ 391 KB
389 KB 53ms
16ms Image
image/jpeg 2.16.107.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/a0a4ae30805722476d7af24e8266c18ajpg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6754b08e6e658246f0d71f02c406517d88c1a0e1455b2d3bdc06db2f3d54739e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 04:06:24 GMT
Server: AkamaiNetStorage
ETag: "aebc670bd7bf24b2c94e3bd7443daf93:1630037184.448383"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H/1.1 200
OK caaa4b6f29bf5d772942932d761f831bjpg
dl.dir.freefiremobile.com/common/web_event/hash/ 318 KB
316 KB 62ms
26ms Image
image/jpeg 2.16.107.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/caaa4b6f29bf5d772942932d761f831bjpg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b72ce72a315dc00af3e1c795fc82d5de366b76321782b0ead6f993ac9aecc95b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 04:06:23 GMT
Server: AkamaiNetStorage
ETag: "395d0e2ab95d0494241d48a63f63ce9d:1630037183.008532"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H2 200 gun.svg
www.svgrepo.com/show/27064/ 3 KB
2 KB 59ms
17ms Image
image/svg+xml 2606:4700:3030::6815:29eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.svgrepo.com/show/27064/gun.svg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:29eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 614f7b8a798620fb1b02beb1b49d4e5c982cece2bfe985f7c686266e68a4f14f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 18:49:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 27 Aug 2016 01:10:16 GMT
server: cloudflare
age: 1020
etag: W/"57c0e878-d44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3FucRov7x%2F5m%2B79dnWVAMYySFHwVVyCX%2BMROZobQlyX%2FLb8kLQ0nFFtJ3Q%2BMQMA%2Bdh5HVUg4LTGn7wLo8qfcatFxLDl7XVZ3VnZtBoatbzI4wWHWGM0GfrapK9zDAc%2FyWQrHw%2FMQFEySOj%2BDvM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dc7fef06f696903-FRA

GET
H2 200 shirt-clothes.svg
www.svgrepo.com/show/268997/ 10 KB
4 KB 53ms
19ms Image
image/svg+xml 2606:4700:3030::6815:29eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.svgrepo.com/show/268997/shirt-clothes.svg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:29eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d42270853ccd3ef853f808abf5ef13825120f08db6393dedc6dfc5157e747079

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 18:49:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jul 2018 11:31:42 GMT
server: cloudflare
age: 1
etag: W/"5b570e1e-292b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6zlzpQqlDBhMBxnZyBllLKqnKJNELemFTR5p2Dc98OxJxA5UHksyNmHbaJ1OlD67CNPVmcgiPa1O%2FSCDcXgiUqSSur14GBSgpzDNqF9qeWpjJrEZl3V6x5OXHEGRdQIClPgl1pF45GnJdwhO92w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dc7fef06f6b6903-FRA

GET
H2 200 tap-hands-and-gestures.svg
www.svgrepo.com/show/243944/ 4 KB
2 KB 37ms
20ms Image
image/svg+xml 2606:4700:3030::6815:29eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.svgrepo.com/show/243944/tap-hands-and-gestures.svg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:29eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0980f115ebee9838009d7cbdea0fca19b3961e4d13e38a4eaa5cf358a11de138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 18:49:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Jul 2018 22:02:02 GMT
server: cloudflare
age: 1017
etag: W/"5b56505a-11d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ei5o78IhgSBhJqN5dQq2bNSUGyV9UvsIY1xx48sKkxuF0o%2BK2Yhevkh%2FHNd6CPGFi%2B73EU73dU87Il%2FfYGZY7DgpEvBnmIb8ySB%2BTefs961LveH1%2F08E1xdqi%2BgfMWTBN36%2Bk17A3jxoZyGTeg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dc7fef06f6e6903-FRA

GET
H2 200 chest.svg
www.svgrepo.com/show/250365/ 9 KB
4 KB 32ms
17ms Image
image/svg+xml 2606:4700:3030::6815:29eb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.svgrepo.com/show/250365/chest.svg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::6815:29eb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e1781299e080d117da4d8ad7afbd223bac1c7ac589b803edc3fea583b8bc34

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 18:49:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 24 Jul 2018 08:17:22 GMT
server: cloudflare
age: 1017
etag: W/"5b56e092-2484"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6FFZ7qYHXHtrgu0hne6OmXtxarbeF1tI0IKisJtLtzd%2Bt70AzBkD9i74aLVZ9weryQfRnrKuNcQCDamuroSYswWr6y1WwxXqNKiaEe7pGknAn9WZDw3yRYn7u3FC3TkEIqDWgGbAx%2BURtpKDrxQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6dc7fef06f6d6903-FRA

GET
H2 200 Tw3QNy.png
i.im.ge/2021/09/15/ 28 KB
28 KB 58ms
10ms Image
image/png 188.68.52.216
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.im.ge/2021/09/15/Tw3QNy.png

Requested by

Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.52.216 Hitzacker, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

i.im.ge

Software

nginx /

Resource Hash

092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 18:49:15 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
strict-transport-security: max-age=31536000, max-age=31536000
expires: Sun, 12 Feb 2023 18:49:15 GMT

GET
H2 200 e61511ae88f7d52fac67cd4c4f9c739bf71572d2923e1acf512f249ae0544fd4:200
img.utdstc.com/icon/e61/511/ 14 KB
14 KB 190ms
7ms Image
image/webp 23.79.135.178
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/e61/511/e61511ae88f7d52fac67cd4c4f9c739bf71572d2923e1acf512f249ae0544fd4:200

Requested by

Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.135.178 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-135-178.deploy.static.akamaitechnologies.com

Software

nginx/1.14.2 /

Resource Hash

cd51bf0a5665e55258f20d1dc1fae0b2d953d0e057c3ce9285b04df70a547d4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Dec 2021 07:05:51 GMT
server: nginx/1.14.2
etag: "61af07cf-3896"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, max-age=8653
date: Sat, 12 Feb 2022 18:49:15 GMT
content-security-policy: default-src 'self'
accept-ranges: bytes
vary: Accept
content-length: 14486
x-xss-protection: 1; mode=block
expires: Sat, 12 Feb 2022 21:13:28 GMT

GET
H/1.1 200
OK 6.jpeg
mail.contohfomain55.duckdns.org/img/incubator/ 50 KB
50 KB 159ms
91ms Image
image/jpeg 40.87.64.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mail.contohfomain55.duckdns.org/img/incubator/6.jpeg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 40.87.64.77 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Apache /
Resource Hash: d8034b5e6a10c30dd1dcf0c9305ee3a3f09e18fc2c8f66599f1a312893a71ad3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Last-Modified: Thu, 25 Nov 2021 23:17:38 GMT
Server: Apache
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 50805

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/gh/cdn-jquery/jquery/3.6.3/ 88 KB
32 KB 58ms
33ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/cdn-jquery/jquery/3.6.3/jquery.min.js

Requested by

Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1746bbf46dd1333003166c7c99fe589b9da32f64100cbc82317285fe828d2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 18:49:15 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32787
x-jsd-version: master
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19139-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"16081-D7DwsUvOSJbgf3Ea8QuTft7+RFU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6dc7fef06e4f8fd1-FRA

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@8.0.5/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@8.0.5/swiper-bundle.min.js

136 KB
39 KB

21ms
21ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.0.5/swiper-bundle.min.js

Requested by

Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e6977cc0a6e65fdaef2386d95b6e392ca2fa9ee5dcd9f572baa26c50c88ef16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 18:49:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 194863
fly-request-id: 01FVHTEC600X3Z3GBQCMCAHRD6
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"21f5a-uG6YLkuNmd7L2rrj9g25jD1Ltq8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6dc7fef05eeb9164-FRA

Redirect headers

date: Sat, 12 Feb 2022 18:49:15 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FVQKS834D5TYZ7K9YEHWBC7C
server: cloudflare
age: 520
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@8.0.5/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6dc7fef03e9a9164-FRA
access-control-allow-origin: *

GET
H2 200 swiped-events.js Show response
raw.githubusercontent.com/john-doherty/swiped-events/master/src/ 0
0 368ms
133ms Script
text/plain 2606:50c0:8000::154
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://raw.githubusercontent.com/john-doherty/swiped-events/master/src/swiped-events.js
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8000::154 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H2 200 css2
fonts.googleapis.com/ 414 B
376 B 132ms
45ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Londrina+Solid:wght@300&display=swap

Requested by

Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ebfaa2c47635aae7a2fc4e656e05d3d58615866ddc0046ad45eb453069f7058e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 12 Feb 2022 18:49:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 12 Feb 2022 18:49:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Feb 2022 18:49:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
929 B 131ms
45ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:wght@600&display=swap

Requested by

Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1eb4578c7a98a0fc3f7f8a0255ecd38c3200f7be808f20b063fd822b43030d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 12 Feb 2022 18:49:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 12 Feb 2022 18:49:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Feb 2022 18:49:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
522 B 133ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Chakra+Petch&display=swap

Requested by

Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5665c37ad532962e92e1b3c575b43836397bf99a94b7206f8c58aa8ec8fa42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 12 Feb 2022 18:49:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 12 Feb 2022 18:49:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Feb 2022 18:49:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
521 B 132ms
46ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Saira+Condensed&display=swap

Requested by

Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae825c7239d7ae2ac58c768adedd6a4c354ae624baaca4700ca1c8da069e5556

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 12 Feb 2022 18:49:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 12 Feb 2022 18:49:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Feb 2022 18:49:15 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
580 B 133ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik&display=swap

Requested by

Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d55e70c66fc78d97fd4cb5152c09f977c628a392e7439728e4aeea3e2edeaa0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 12 Feb 2022 17:31:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 12 Feb 2022 18:49:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 12 Feb 2022 18:49:15 GMT

GET
H/1.1 200
OK pop11.jpg
dl.dir.freefiremobile.com/common/web_event/officialwebsite/wallpapers/1009/ 450 KB
450 KB 482ms
482ms Image
image/jpeg 2.16.107.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/officialwebsite/wallpapers/1009/pop11.jpg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 43e884e2569225d938fce86bef26c381514fb51bc753eb5eb2208c872be9cdc6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:16 GMT
Last-Modified: Sat, 09 Oct 2021 08:32:11 GMT
Server: AkamaiNetStorage
ETag: "d0ac89933049023c3eb5185336973eaf:1633768331.129468"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 460901

GET
H/1.1 200
OK max_bg.jpg
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/v4/ 196 KB
196 KB 10ms
10ms Image
image/jpeg 92.123.194.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/v4/max_bg.jpg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.194.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4567c16ce470c07ab310d0e5b7207e23825881d98ca809de9ad82552e296d2f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Last-Modified: Thu, 13 May 2021 09:23:25 GMT
Server: AkamaiNetStorage
ETag: "ddeafb2245860ea532ce14df7acf9327:1620897907.441393"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 200774

GET
H/1.1 200
OK guidance_bg.jpg
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/v4/ 112 KB
112 KB 30ms
30ms Image
image/jpeg 92.123.194.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/v4/guidance_bg.jpg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.194.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 393c8eea25be37f6ac4a81df262cbda08ef9a9fe432393e7d569fb0cfb5ff9ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Last-Modified: Sun, 09 May 2021 23:05:38 GMT
Server: AkamaiNetStorage
ETag: "3d805e3d272b001955c84aa71a36db63:1620630424.184161"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114659

GET
H/1.1 200
OK brushed_metal.jpg
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/ 253 KB
253 KB 10ms
10ms Image
image/jpeg 92.123.194.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/brushed_metal.jpg
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.194.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2ebd8a8e1938ff33366a70f72ac90bcd80e04024e220fa2bd570a21c952acaae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Last-Modified: Fri, 23 Apr 2021 02:46:09 GMT
Server: AkamaiNetStorage
ETag: "7d3f40127316b51c3ed7eff0399bff8c:1619146646.85788"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 258656

GET
H/1.1 200
OK swiper_light.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/v4/ 12 KB
12 KB 11ms
10ms Image
image/png 92.123.194.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/v4/swiper_light.png
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.194.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3efb19f7cb50d2fde0a12e2b0e8388c9d8ab0ac6140a61ec159b18eafc450ac1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Last-Modified: Tue, 27 Apr 2021 07:44:11 GMT
Server: AkamaiNetStorage
ETag: "99aeeb8b0ec5008215a0423635beeb83:1619509505.86762"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12406

GET
H/1.1 200
OK dialog_bg.png
dl.dir.freefiremobile.com/common/web_event/collectionparty/images/ 5 KB
5 KB 484ms
483ms Image
image/png 2.16.107.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/collectionparty/images/dialog_bg.png
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 55aa2b435246d8a9c3b18777fa919278c8d41a4ac52c66ed271d58ec89c6ee2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:16 GMT
Last-Modified: Fri, 15 Jan 2021 06:12:47 GMT
Server: AkamaiNetStorage
ETag: "1997a3dc8b67ec9eea4c1e4ae4a37026:1610691167.456829"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5098

GET
H2 200 flUiRq6sw40kQEJxWNgkLuudGfv1CgYzlZw.woff2
fonts.gstatic.com/s/londrinasolid/v13/ 31 KB
32 KB 136ms
46ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/londrinasolid/v13/flUiRq6sw40kQEJxWNgkLuudGfv1CgYzlZw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Londrina+Solid:wght@300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f62331667bd4f8d6911fc1e59d3933d72a259936c5680b7025c6866bb77c74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.contohfomain55.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 19:47:23 GMT
x-content-type-options: nosniff
age: 169312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32232
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 21:58:06 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 10 Feb 2023 19:47:23 GMT

GET
H2 200 EJROQgErUN8XuHNEtX81i9TmEkrvoutF.woff2
fonts.gstatic.com/s/sairacondensed/v10/ 17 KB
17 KB 181ms
90ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sairacondensed/v10/EJROQgErUN8XuHNEtX81i9TmEkrvoutF.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Saira+Condensed&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b69d1fd92df65ab12f2598c0dea2a81394a5386d09c4e36da9fc521748cbd8bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.contohfomain55.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:50:51 GMT
x-content-type-options: nosniff
age: 248304
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17044
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:11:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 21:50:51 GMT

GET
H2 200 cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2
fonts.gstatic.com/s/chakrapetch/v8/ 9 KB
9 KB 130ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chakrapetch/v8/cIf6MapbsEk7TDLdtEz1BwkWn6pg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Chakra+Petch&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5452b4581af8fa4aa927665a835708f6298f75bfabeb99813ec585ec6bcfc494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://mail.contohfomain55.duckdns.org
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 21:25:14 GMT
x-content-type-options: nosniff
age: 249841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8912
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:25 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 21:25:14 GMT

GET
H/1.1 200
OK swiper_dark.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/v4/ 4 KB
4 KB 12ms
11ms Image
image/png 92.123.194.148
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/v4/swiper_dark.png
Requested by: Host: mail.contohfomain55.duckdns.org
URL: https://mail.contohfomain55.duckdns.org/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.194.148 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-194-148.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b3e76bd5cf1de26d7738809687e19d651f50f8ff2d1572713961040b4f739cae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://mail.contohfomain55.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Sat, 12 Feb 2022 18:49:15 GMT
Last-Modified: Fri, 23 Apr 2021 07:27:36 GMT
Server: AkamaiNetStorage
ETag: "cec5a237bb153ad1f9c16eb3919de398:1619509186.210663"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3851

GET
H2 200 / Show response
na.apps.amsoveasea.com/swoole/ 39 B
181 B 507ms
168ms XHR
text/html 129.226.2.89
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://na.apps.amsoveasea.com/swoole/?actid=2020&r=index/getCountry&_only_service_response_=1
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/cdn-jquery/jquery/3.6.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.2.89 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: 6c12d23460d0c93d822f13ef49baaa383908dbca0f74430246777592dd6fdfb4

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://mail.contohfomain55.duckdns.org/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 12 Feb 2022 18:49:16 GMT
content-encoding: gzip
server: nginx/1.20.1
content-length: 58
content-type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: h.top4top.io
URL: https://h.top4top.io/p_2016h7ob71.gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
dl.dir.freefiremobile.com
fonts.googleapis.com
fonts.gstatic.com
freefiremobile-a.akamaihd.net
h.top4top.io
i.im.ge
img.utdstc.com
mail.contohfomain55.duckdns.org
na.apps.amsoveasea.com
raw.githubusercontent.com
unpkg.com
www.svgrepo.com
h.top4top.io
129.226.2.89
188.68.52.216
2.16.107.121
23.79.135.178
2606:4700:3030::6815:29eb
2606:4700::6810:135e
2606:4700::6810:5614
2606:4700::6810:7caf
2606:50c0:8000::154
2a00:1450:4001:809::200a
2a00:1450:4001:831::2003
40.87.64.77
92.123.194.148
07c60246a4ac7d8fe6078972ad94d08699ed1d5edd31d7fca05ea4c9b2d67599
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0980f115ebee9838009d7cbdea0fca19b3961e4d13e38a4eaa5cf358a11de138
1eb4578c7a98a0fc3f7f8a0255ecd38c3200f7be808f20b063fd822b43030d0a
2ebd8a8e1938ff33366a70f72ac90bcd80e04024e220fa2bd570a21c952acaae
393c8eea25be37f6ac4a81df262cbda08ef9a9fe432393e7d569fb0cfb5ff9ca
3e6977cc0a6e65fdaef2386d95b6e392ca2fa9ee5dcd9f572baa26c50c88ef16
3efb19f7cb50d2fde0a12e2b0e8388c9d8ab0ac6140a61ec159b18eafc450ac1
43e884e2569225d938fce86bef26c381514fb51bc753eb5eb2208c872be9cdc6
4567c16ce470c07ab310d0e5b7207e23825881d98ca809de9ad82552e296d2f2
4f62331667bd4f8d6911fc1e59d3933d72a259936c5680b7025c6866bb77c74d
5452b4581af8fa4aa927665a835708f6298f75bfabeb99813ec585ec6bcfc494
55aa2b435246d8a9c3b18777fa919278c8d41a4ac52c66ed271d58ec89c6ee2d
5665c37ad532962e92e1b3c575b43836397bf99a94b7206f8c58aa8ec8fa42a5
5c91a3f8654051a93899960e8cc6053250bc90f8e4a9567c309d963dcd72c818
614f7b8a798620fb1b02beb1b49d4e5c982cece2bfe985f7c686266e68a4f14f
6754b08e6e658246f0d71f02c406517d88c1a0e1455b2d3bdc06db2f3d54739e
6c12d23460d0c93d822f13ef49baaa383908dbca0f74430246777592dd6fdfb4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
90b0614198653dba4da856899f139c9a85a208f88c2b7e8a88c5369eabcfd2c1
a5e491774e8d0a8d5dfdd0611e0ae8eb3302524512c9ce7b38d44e83735d1cc3
a9fd6085027e4ac8bde87a63acb7f5f03f6297a7d40a353b9e2d37b380e03e67
adcab86657a7a2669c7d7434397486372c7b0b9b50e34c379166bf957e4e7da8
ae825c7239d7ae2ac58c768adedd6a4c354ae624baaca4700ca1c8da069e5556
b27a41813f7963b39fe1755ad31a133c30066d5a8fcabf9710b44556109aba17
b3e76bd5cf1de26d7738809687e19d651f50f8ff2d1572713961040b4f739cae
b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499
b69d1fd92df65ab12f2598c0dea2a81394a5386d09c4e36da9fc521748cbd8bb
b72ce72a315dc00af3e1c795fc82d5de366b76321782b0ead6f993ac9aecc95b
b934f8e69730a987d53fa348b3bb37c6eee5d8b91e736726114d139abf8ac044
c9e1781299e080d117da4d8ad7afbd223bac1c7ac589b803edc3fea583b8bc34
cd51bf0a5665e55258f20d1dc1fae0b2d953d0e057c3ce9285b04df70a547d4b
d42270853ccd3ef853f808abf5ef13825120f08db6393dedc6dfc5157e747079
d55e70c66fc78d97fd4cb5152c09f977c628a392e7439728e4aeea3e2edeaa0b
d8034b5e6a10c30dd1dcf0c9305ee3a3f09e18fc2c8f66599f1a312893a71ad3
e1736ebdbb540fc361581e9254a04234e6f663af89db30ea15fe783d8f50827d
e1746bbf46dd1333003166c7c99fe589b9da32f64100cbc82317285fe828d2ce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebfaa2c47635aae7a2fc4e656e05d3d58615866ddc0046ad45eb453069f7058e

mail.contohfomain55.duckdns.org Open in urlscan Pro 40.87.64.77 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

40 Requests

93 %HTTPS

54 %IPv6

14 Domains

14 Subdomains

14 IPs

3 Countries

3360 kBTransfer

3568 kBSize

0 Cookies

0 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mail.contohfomain55.duckdns.org Open in urlscan Pro
40.87.64.77 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

93 %
HTTPS

54 %
IPv6

14
Domains

14
Subdomains

14
IPs

3
Countries

3360 kB
Transfer

3568 kB
Size

0
Cookies

40 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!