urlscan.io logo urlscan.io
SecurityTrails logo

claimz-ff.a-h4.tk Open in urlscan Pro
2606:4700:3033::ac43:b1ae  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://claimz-ff.a-h4.tk/
Submission: On July 25 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 20 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3033::ac43:b1ae, located in United States and belongs to CLOUDFLARENET, US. The main domain is claimz-ff.a-h4.tk.
TLS certificate: Issued by E1 on July 25th 2022. Valid for: 3 months.
This is the only time claimz-ff.a-h4.tk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

IP Address AS Autonomous System
26 2606:4700:303... 13335 (CLOUDFLAR...)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
7 2606:4700::68... 13335 (CLOUDFLAR...)
1 103.247.207.171 58521 (GARENA-SG...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 139.180.142.201 20473 (AS-CHOOPA)
2 23.48.23.63 20940 (AKAMAI-ASN1)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 208.110.80.77 32097 (WII)
1 51.210.32.103 16276 (OVH)
1 2a03:4000:6:e... 197540 (NETCUP-AS...)
1 23.205.232.74 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
4 23.48.23.24 20940 (AKAMAI-ASN1)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
62 21
26    2606:4700:3033::ac43:b1ae (United States)

ASN13335 (CLOUDFLARENET, US)
claimz-ff.a-h4.tk
4    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
7    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    103.247.207.171 (Singapore)

ASN58521 (GARENA-SG Garena Online Pte Ltd, SG)
beritabooyah.id
1    2606:4700:3032::6815:3b69 (United States)

ASN13335 (CLOUDFLARENET, US)
dailyspin.id
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.jakartastudio.com
1    2a02:26f0:1700:16::b856:fbca (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
larepublica.pe
1    139.180.142.201 (Singapore, Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 139.180.142.201.vultrusercontent.com
sesuaiaplikasi.com
2    23.48.23.63 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-63.deploy.static.akamaitechnologies.com
freefiremobile-a.akamaihd.net
2    2a02:26f0:3500:89a::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
i.pinimg.com
1    208.110.80.77 (United States)

ASN32097 (WII, US)
www.pngkit.com
1    51.210.32.103 (France)

ASN16276 (OVH, FR)
PTR: ns3172599.ip-51-210-32.eu
i.ibb.co
1    2a03:4000:6:e655:a85f:b5ff:fec5:f90b (Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
i.im.ge
1    23.205.232.74 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-232-74.deploy.static.akamaitechnologies.com
img.utdstc.com
3    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:3032::6815:5abc (United States)

ASN13335 (CLOUDFLARENET, US)
p4.wallpaperbetter.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.mordeo.org
4    23.48.23.24 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-24.deploy.static.akamaitechnologies.com
dl.dir.freefiremobile.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:26f0:3500:3::b818:4d22 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.pubgmobile.com
Apex Domain
Subdomains		 Transfer
26 a-h4.tk
claimz-ff.a-h4.tk
1 MB
7 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 424
44 KB
4 freefiremobile.com
dl.dir.freefiremobile.com — Cisco Umbrella Rank: 38349
97 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 893
43 KB
3 gstatic.com
fonts.gstatic.com
49 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 72
2 KB
2 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 1909
755 KB
2 akamaihd.net
freefiremobile-a.akamaihd.net — Cisco Umbrella Rank: 32778
5 KB
1 pubgmobile.com
www.pubgmobile.com — Cisco Umbrella Rank: 27048
295 B
1 mordeo.org
www.mordeo.org
294 KB
1 wallpaperbetter.com
p4.wallpaperbetter.com — Cisco Umbrella Rank: 300293
106 KB
1 utdstc.com
img.utdstc.com — Cisco Umbrella Rank: 119875
14 KB
1 im.ge
i.im.ge — Cisco Umbrella Rank: 806587
29 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 12486
101 KB
1 pngkit.com
www.pngkit.com — Cisco Umbrella Rank: 286725
511 KB
1 sesuaiaplikasi.com
sesuaiaplikasi.com
193 KB
1 larepublica.pe
larepublica.pe — Cisco Umbrella Rank: 91343
36 KB
1 jakartastudio.com
www.jakartastudio.com
69 KB
1 dailyspin.id
dailyspin.id
124 KB
1 beritabooyah.id
beritabooyah.id — Cisco Umbrella Rank: 423139
85 KB
62 20
Domain Requested by
26 claimz-ff.a-h4.tk claimz-ff.a-h4.tk
7 cdn.jsdelivr.net claimz-ff.a-h4.tk
4 dl.dir.freefiremobile.com claimz-ff.a-h4.tk
4 unpkg.com 2 redirects claimz-ff.a-h4.tk
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com claimz-ff.a-h4.tk
2 i.pinimg.com claimz-ff.a-h4.tk
2 freefiremobile-a.akamaihd.net claimz-ff.a-h4.tk
1 www.pubgmobile.com claimz-ff.a-h4.tk
1 www.mordeo.org claimz-ff.a-h4.tk
1 p4.wallpaperbetter.com claimz-ff.a-h4.tk
1 img.utdstc.com claimz-ff.a-h4.tk
1 i.im.ge claimz-ff.a-h4.tk
1 i.ibb.co claimz-ff.a-h4.tk
1 www.pngkit.com claimz-ff.a-h4.tk
1 sesuaiaplikasi.com claimz-ff.a-h4.tk
1 larepublica.pe claimz-ff.a-h4.tk
1 www.jakartastudio.com claimz-ff.a-h4.tk
1 dailyspin.id claimz-ff.a-h4.tk
1 beritabooyah.id claimz-ff.a-h4.tk
62 20

This site contains no links.

Subject Issuer Validity Valid
*.a-h4.tk
E1		 2022-07-25 -
2022-10-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.beritabooyah.id
R3		 2022-05-16 -
2022-08-14		 3 months crt.sh
*.dailyspin.id
E1		 2022-06-26 -
2022-09-24		 3 months crt.sh
gruporepublica.web.arc-cdn.net
R3		 2022-05-26 -
2022-08-24		 3 months crt.sh
sesuaiaplikasi.com
R3		 2022-06-05 -
2022-09-03		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-26 -
2022-08-05		 a year crt.sh
pngkit.com
R3		 2022-06-22 -
2022-09-20		 3 months crt.sh
ibb.co
R3		 2022-06-07 -
2022-09-05		 3 months crt.sh
image.01.cdn.im.ge
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-06-20		 a year crt.sh
uptodown.com
DigiCert SHA2 Secure Server CA		 2021-09-14 -
2022-09-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
dl.kgtw.garenanow.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-29 -
2023-05-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-04 -
2022-09-26		 3 months crt.sh
wetv.acc.qq.com
DigiCert SHA2 Secure Server CA		 2022-05-26 -
2023-01-17		 8 months crt.sh

This page contains 1 frames:

Primary Page: https://claimz-ff.a-h4.tk/
Frame ID: 318CB4DBB1871EFD21E80CF36E33549C
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

FREEFIRE X VENOM

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

62
Requests

95 %
HTTPS

65 %
IPv6

20
Domains

20
Subdomains

21
IPs

4
Countries

3712 kB
Transfer

3899 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://unpkg.com/swiper@7/swiper-bundle.min.css HTTP 302
  • https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css
Request Chain 3
  • https://unpkg.com/swiper@7/swiper-bundle.min.js HTTP 302
  • https://unpkg.com/swiper@7.4.1/swiper-bundle.min.js

62 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
claimz-ff.a-h4.tk/ 		28 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://claimz-ff.a-h4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6be8712cdf71d816321c81b56bbc66820195d0478bdb0910b41a2b930f339f0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7304950d7acbbb9b-FRA
content-encoding
br
content-type
text/html
date
Mon, 25 Jul 2022 11:33:42 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Fri, 22 Jul 2022 19:24:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BzbFgw%2B2gmqhah0Ak1tYU%2FbojM9j6V5vVP9DtAg5yAsfWO6F5Nu7ch0RVWwyECU3mZVV%2BXrSfQNLzAApBfVWR0hg5%2F7yrrS05h73%2FcbEEJa07wOH4rJf7jwHYaAvXm4qNWE6y4BTVkhfENUVhqA2w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
style.css
claimz-ff.a-h4.tk/assets/css/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://claimz-ff.a-h4.tk/assets/css/style.css
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0cbc58d1b7225487cab98d36e839a7e112c9bf43ab9117265cb7233454ef797

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 07 Oct 2021 05:56:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ep45oysvtBX8CXe2J1%2FqXVk6kVOMK0FKkn4blPaR5YwWbga2TuvuBPaMb6s%2BEN7HcTad7zDYEB%2BU49B0152aoKJrOw%2FX0GHqGkaNcEAaR5RsnoXXTSg%2BZ4fnhWQ9HkfQ%2BBRwpaglxmCsRAkV8OQkig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7304950fef15bb9b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
facebook.css
claimz-ff.a-h4.tk/assets/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://claimz-ff.a-h4.tk/assets/css/facebook.css
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12ebdf1b9b4182204387dd2d129cb7dfc29134515e083ebc95ed68ca9ac5edff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 16 Sep 2021 12:39:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGNtTH7xz%2FpUts%2BIBwxaP3M84iYspiTREDblbkDpg2U7BS2szQLwdyFepFKTfxzrwIduURgBsNMNn0yNVYMCC7W5uWe2FY3fblq4OgCtySHR0FDby0CfgAm0fcRKzP5IEch6NUD87rUzZYUr70eF1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7304950fef1abb9b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
swiper-bundle.min.css
unpkg.com/swiper@7.4.1/
Redirect Chain
  • https://unpkg.com/swiper@7/swiper-bundle.min.css
  • https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css
15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.css
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
15651550
fly-request-id
01FT83NCPQWRF53R9GQQCMCD9K
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3ccb-5Koe10fACH1gYqRziowpfORPwas"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
730495107914bbf5-FRA

Redirect headers

date
Mon, 25 Jul 2022 11:33:43 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G8THV0CVC3CPPSM96SGYKBHJ-fra
server
cloudflare
age
321
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@7.4.1/swiper-bundle.min.css
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
730495103865bbf5-FRA
access-control-allow-origin
*
swiper-bundle.min.js
unpkg.com/swiper@7.4.1/
Redirect Chain
  • https://unpkg.com/swiper@7/swiper-bundle.min.js
  • https://unpkg.com/swiper@7.4.1/swiper-bundle.min.js
133 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.4.1/swiper-bundle.min.js
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H2
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8954ae9654aea5d46a68bc5d91c063a3896a0d8a5927822049e4e06a4252b4a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
15651547
fly-request-id
01FT83NE2WA1CRFP7DZXAVZ2PR
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"212e8-+9I9CUbhY1/BprAUcnI5oGYQ/d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
730495107918bbf5-FRA

Redirect headers

date
Mon, 25 Jul 2022 11:33:43 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01G8THJGR1JMM82MM2TTPSBG2V-fra
server
cloudflare
age
577
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
location
/swiper@7.4.1/swiper-bundle.min.js
cache-control
public, s-maxage=600, max-age=60
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
730495103868bbf5-FRA
access-control-allow-origin
*
ionic.esm.js
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a578b59eb4b32abeccfda98e4803db90cb6ddd7895a9c7bae15004b2569261c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://claimz-ff.a-h4.tk/
Origin
https://claimz-ff.a-h4.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
24278
x-jsd-version
6.1.15
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19125-FRA, cache-iad-kiad7000160-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"4a84-xHHVk4ncCOGd6AV5iLko2kkIW3Y"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FrREHlpU0KK27xuO3VUUxadVXS8HXw9quQs8fuWxi52oED0xNmJ4I8cSmnqbXoXqJhbohAyYhtrFCU93YdsK1h45sTcdUuy1hoatUxHQsCgIWvK85qSayy6GURoWSrrzGPzQFwD9Ng8vRxzp5s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7304951039189191-FRA
access-control-expose-headers
*
YBYLX_jfslchd-1024x576.jpg
beritabooyah.id/wp-content/uploads/2021/09/ 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beritabooyah.id/wp-content/uploads/2021/09/YBYLX_jfslchd-1024x576.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
103.247.207.171 , Singapore, ASN58521 (GARENA-SG Garena Online Pte Ltd, SG),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
dff63d5490ed852b71cfc336933fac845503b1c2d6ac075a4671b23fe04d5101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:44 GMT
last-modified
Sat, 18 Sep 2021 01:18:31 GMT
server
nginx/1.14.2
etag
"61453e67-15350"
content-type
image/jpeg
expires
Tue, 25 Jul 2023 11:33:44 GMT
cache-control
max-age=31536000
accept-ranges
bytes
content-length
86864
x-proxy-cache
HIT
ff-x-venom.jpg
dailyspin.id/wp-content/uploads/2021/09/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dailyspin.id/wp-content/uploads/2021/09/ff-x-venom.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:3b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c805f582ab4e85673fa666226c4725e0af3eac6c4a3c62b1a3519bbbfc9ef5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:44 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
126526
last-modified
Mon, 20 Sep 2021 05:45:43 GMT
server
cloudflare
etag
"61482007-1ee3e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iuf77v56Gly01%2BQBK%2BaDJE0O4uy%2FSxX38pVD%2BLgHJt0iRD4FYT5wwsQ6c2pgV%2FFcL7C3%2B2FzAxlPFdctaT3ft0LA7u8I3iLkrVFleG0lMjFjVdO9NH02mZhtvrVpJLNz0E6onwN9KX%2BGcio%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
73049514bf9fbbc7-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
Free-Fire-x-Venom-4.jpg
www.jakartastudio.com/wp-content/uploads/2021/09/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.jakartastudio.com/wp-content/uploads/2021/09/Free-Fire-x-Venom-4.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62c31232936b20f7c92c6d5885f4724d4f55ad5aca2b733338c57ecc0e112371
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:44 GMT
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
69718
last-modified
Mon, 20 Sep 2021 02:17:57 GMT
server
cloudflare
etag
"6147ef55-11056"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gu%2Fm2PsiwDUFquZEEmoHd0pxDzEdWvhW2%2FzPq7f0S1JMVvNhQMoyyfRj%2Fc%2B3oLw4dTLvkVrDGIohz%2F45NDF6kLYQuUwpk4EweSWCwe%2B6KKChKe%2BOh239PJw30Yfcz9qIy3SfA48mk%2BuWOFt62v5L5o3dUWI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
730495148d199137-FRA
expires
Wed, 24 Aug 2022 11:33:44 GMT
G7CEWQB4QVEWZPEEKHL6QF565A.jpg
larepublica.pe/resizer/7iMhWABIkmW8JvfaQNaMyanHkco=/480x282/top/smart/cloudfront-us-east-1.images.arcpublishing.com/gruporepublica/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://larepublica.pe/resizer/7iMhWABIkmW8JvfaQNaMyanHkco=/480x282/top/smart/cloudfront-us-east-1.images.arcpublishing.com/gruporepublica/G7CEWQB4QVEWZPEEKHL6QF565A.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:16::b856:fbca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Akamai Image Manager /
Resource Hash
d97ed7442447dc0683bd1b69b89daf10ac2082e2378bf659cd744cbc564fb063

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

akamai-true-ttl
31536000, 31536000
date
Mon, 25 Jul 2022 11:33:44 GMT
last-modified
Wed, 13 Jul 2022 02:24:21 GMT
server
Akamai Image Manager
etag
"9d8b256d281eec90bb18f43b0f48bb1f4070bb76"
content-type
image/jpeg
cache-control
private, no-transform, max-age=30466182
server-timing
cdn-cache; desc=HIT, edge; dur=508
content-length
36921
expires
Thu, 13 Jul 2023 02:23:26 GMT
ff-x-venom.jpg
sesuaiaplikasi.com/wp-content/uploads/2021/09/ 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sesuaiaplikasi.com/wp-content/uploads/2021/09/ff-x-venom.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.180.142.201 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
139.180.142.201.vultrusercontent.com
Software
nginx /
Resource Hash
87cf806d0c4bc82287800541af959255b3def226fd5c6615e270cc88d123d9a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 19 Sep 2021 16:06:48 GMT
server
nginx
etag
W/"61476018-30288"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
expires
Tue, 25 Jul 2023 11:33:44 GMT
logo-small-fixed_20210113.png
freefiremobile-a.akamaihd.net/common/web_event/official/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefiremobile-a.akamaihd.net/common/web_event/official/logo-small-fixed_20210113.png
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.48.23.63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-63.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
867438f53a28cb6406b433a312fffc35e2364d1fe2a1839cdc64a935e61e7d69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 11:33:43 GMT
Last-Modified
Mon, 18 Jul 2022 06:46:15 GMT
Server
AkamaiNetStorage
ETag
"acd73dd1050cbc39a85dc89eadeaed5f:1658126775.715803"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
1352
c51cda89a29626ea7b655bd7f703218c.png
i.pinimg.com/originals/c5/1c/da/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/c5/1c/da/c51cda89a29626ea7b655bd7f703218c.png
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
f641c86e2fd4977207f044d47f7cde15eeb5df61ed7eb3ae168df3fdaca2aa5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.8aa12417.1658748823.bd0c64f
etag
"6b611aaa213c98b768a38bb04b256cc7"
vary
Origin
content-type
image/png
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
46514
587-5878760_venom-image-venom-4k-blu-ray.png
www.pngkit.com/png/full/ 		512 KB
511 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pngkit.com/png/full/587-5878760_venom-image-venom-4k-blu-ray.png
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.110.80.77 , United States, ASN32097 (WII, US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
c85b496779a816eef31abfe9a38c9b875469378e65fa08d15427daf1ecddca11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 11:33:44 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Jan 2019 00:53:53 GMT
Server
nginx/1.14.0
ETag
W/"5c47bb21-7ff08"
Vary
Accept-Encoding
Content-Type
image/png
Transfer-Encoding
chunked
Connection
keep-alive
1.jpg
claimz-ff.a-h4.tk/assets/spin/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/spin/1.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d122d0c27e7c41ea93839c9f30b3937377ba3221e2bfd474d14de4476cf913f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:44 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 14:28:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UhlCIxMKDYp6zb8WAEna5ggBlKpgKBPnSebtawGD4hAk8jMO4Qh%2FaHEAoddAC8YrKKxvRX93Nbl75MEdyTweFCI12wVEvEKcQ1ku5K7qfgBP88qngASliljd7corQUfRWeyAVLGTwSnstB6fUxDMSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140df691cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59014
2.jpg
claimz-ff.a-h4.tk/assets/spin/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/spin/2.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c66caa7b50d90c1c8a3c2d878a95a492df9b9a851a2eb75376d6240be7db66a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:51 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:06:48 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VU8sFLOC4skhTAA4uyw4bIbC50b6iwwWgcor9KG8eK35H5iNWdNo%2FNpSq0cHxjx063TBruu8AuIgU1I0Y0zQ3a5jgqcQgCvONEJC4xMyAjQrhHzbp3bf57VBuJruziEQYcQDBL0HMtgRjP5mt2AqPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140df891cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43227
3.jpg
claimz-ff.a-h4.tk/assets/spin/ 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/spin/3.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a540f8213c6f6c36ba1b3d0cfc13de6b14fb9008b8dda0169893e24c6e6080d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:48 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:10:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpRS97IHNONE%2FN8l0tfJ5Yz3xq9L6Mwh7sbmPAVw%2FrxjpYLLH%2BpFxblzkk0CBe8qbvlTU3DmHnCz5NnBlts%2BfScF%2BsD7CfnsqoEqb%2F4gCJKeCsWiXL7XJf3zKzn7xD9k1SwV7XlO8EMH9Npfe%2BhGog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140df991cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80000
4.jpg
claimz-ff.a-h4.tk/assets/spin/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/spin/4.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
178261e9f2cf3f066f1fd5fa1e1d5621cfaeb064dd317b4114d9b39ac7107fdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:48 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:04:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTbjObJ9d178k0i300Ez3mBmb%2BYoDDmCv9C6MPv9%2F7BPE3XeUuXGndb2XJMdVS0hDzl8x7gNU7%2BCtQFNnwk3e%2F8cAtSxes0%2Ba7Tme%2FNZDlJjCbm6E3D2dTuiGz%2FxMcOBc9BXpmSJ9bquwEYmi3iaoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140dfa91cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52172
5.jpg
claimz-ff.a-h4.tk/assets/spin/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/spin/5.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20916109e1e1cb9bce5adbe535efbd39b742d38e2fa50ccb574294f3e83ccbb0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:51 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:11:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iql6pdnaD9YZWOARRxvYahWHN88Ji7QpZESRi69IVfyshFqoLfDYTyj5W1ERt83OU6I5mEjwTKf4QXg4BmO%2FZnc7TnTlGhI%2F5ppDDgTvX0abfRttDh52x4Bhv6tfg%2BEuY0d%2FB5eQfvYTLVxNbpxXpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140dfb91cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18184
6.jpg
claimz-ff.a-h4.tk/assets/spin/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/spin/6.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8272a0e13f39fabff9c1c1d54a78067c7e32ad07085cbf29f8837873f1d96328

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:49 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:04:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2Py%2BNPqUeIoln%2BCN9wiJK18Vc2rlUXgtghgqbh7ldscl%2FX%2B2M2mgCJt5dGfiwTeqHAs7uE7Ln2I%2FBho%2Fxwn8xpOqlgErxOT%2B9PmShq84oLNr0kSLUZK1l60xYYVpOmDeAgJGHkVY22qCJb%2BcfQoow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140dfc91cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36821
7.jpg
claimz-ff.a-h4.tk/assets/spin/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/spin/7.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
022aed17356972346fc06c3fb3cdb34ce82a02bf81f67af826f242ac0142d0ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:48 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Jul 2022 08:11:24 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h0TKSJR2DJhuBWiUxQc%2F6FPVCoPrmMNf3GpcHN%2B5h7Jba05owC6YXiO013iB5cgKfsfC00jX7EUlIyPJEIYELXDrtlbt6IRLL%2FDTNW8jr7Z9KUw2BJyrBtayX7Q1yxowSVzytAw1xggWu81T022e6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140dfd91cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16803
8.jpg
claimz-ff.a-h4.tk/assets/spin/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/spin/8.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da907a6e41c4e300a3e5e77014b7434ee7d7ff241b8478704581a678b8d7b6c3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:49 GMT
cf-cache-status
MISS
last-modified
Fri, 22 Jul 2022 08:16:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3novZB6W8HeMh68KB2XMUtpp4JsuLOPfQJe1Jh8PKScdkWxymcTfZY%2B9i94P3B%2Flzq2F6Lzf04es41nnXE0pXqN5YNvQ4x%2BgpW6tDqORQk58mThzPi9kqseY7j9%2B%2B1%2FQqlcfZJ0V0PLB8EMFMHIk%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140dfe91cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
39085
1.jpg
claimz-ff.a-h4.tk/assets/claim/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/1.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8658285c0bb4e6dceb4f11c95f82206a5e47181b1559b48c40f3535136dc04f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:47 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:42:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfxenWG1TBET3FoR2A6qk%2F%2BaLtExlgfVjoNKQgtQy32ukIf3DKTbcxGRoggGhPZkRP5iG0ahnDvsgE3fcXW7TL6jxD5QTzuH3CJ1RjN8yCBjEeeA%2FIWcFm4ikTxO7UBumfyy3N8IYfCSU%2BO%2FtjBpFw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140dff91cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52572
2.jpg
claimz-ff.a-h4.tk/assets/claim/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/2.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6169a9f800b07bab0afa23371fd5994229a1e393ec2abaaaa86260df23121401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:44 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:43:32 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGWZxKhVC0%2FdrBMo1r98LFsRiY36gOxm%2FMJJBV98TErHlwucru7p00M%2BrLtmdouB65L0vbPL4DAcN7lMRpuPdcgnubMsOMbt4lNBSPndzz8paoDDMKEMeN6Sso3FDKmLetLZu7sw8FxuP0BqqbGjOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e0191cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59757
3.jpg
claimz-ff.a-h4.tk/assets/claim/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/3.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c9ff1fcdd46e7eafee33b1308c547c85df2f3fad8041291b9b554630f9ecfe5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:47 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:44:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKqjoOcfAhO9JZBVVKpPN8JK02eb0i5vMl8j9xjCzATdiAzUHQLO%2BtON3ODPG%2FmYWi84lk6%2Fh6hniFN7QEVvnx%2Bw4UePwex1f0I26CsDv8kQWB806vAyC3sMnE8o45O%2BLdceLH7%2B7UNOCAchzWH6Og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e0291cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59594
4.jpg
claimz-ff.a-h4.tk/assets/claim/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/4.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
829bec6db5dfe2d1c64a9007be7ffdf23dfdc45e097179085d4ef7d294c16764

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:51 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:44:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q48u9eY%2BQDBFUnOGhZuPC8nanPRXNkZl7a%2BjVDpqvwhJeCE5J1aOhQqC%2BUTOBpp4EYnjRrvP74h%2BG8CMfMamnbfDzHHrJlzxgc%2BIl4AFaSKo2iDHeWEVqT0cshppUIr%2FLZIwHGlJwmnrfg0k5QaoCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e0391cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
59462
5.jpg
claimz-ff.a-h4.tk/assets/claim/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/5.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d995aec512044af9b06d28d8a4116d70fc7295376745d334b4a6cebe01b6aaa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:48 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:44:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yB36RGwsUg4NopE1euX3aAFleDKSibZmnZAYUN%2BwqFnu4ogEsHeQSXypX1re5OKQd4rptCr1DkqjhW%2Fwvxcyuu2LzChDcsUCXpJXIQY2osb%2FV8gENOHLe1jCsHY21H%2BTpVp%2BKbSaiN7LhTz9tjjm%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e0491cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48195
6.jpg
claimz-ff.a-h4.tk/assets/claim/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/6.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30683eb4012731621281a158d896fb9bb0f3caee42e86987a51c3b1b62ae4131

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:51 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:45:14 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQDo%2BGA92pwll%2BFCVeEtEqtRiqg3Y77VkMsxikTTnPuAMRrjiA7PnIu879%2B7GapbahXinnZcMM1ld5idagFCPjL5hPWxjGN5r%2B6WQ5mqPHOTwTGga87WJxRlA2j27YT3HP7TormnR7iahc0lZ9M8ng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e0691cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68088
7.jpg
claimz-ff.a-h4.tk/assets/claim/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/7.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9013a876b89b261956473a059bc952408a1939a71eb557879a9d6e4a666d9a70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:47 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:45:34 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DLmgyKRdQVtaOtRtL%2FOG02cy2k0RdOXZjmGXdzB2UkmRn7uqy%2BpvLgGKSp3B9dZGadEFEpeqipjbfwe4nxbhLfZ0On33iZ7KcqoQ2plfjKzwDKjlYaZ6wVRHdzC8QFNX3%2BX356bXtEg0bCVgIkKZrA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e0791cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49324
8.jpg
claimz-ff.a-h4.tk/assets/claim/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/8.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
951a6e316a96ecc19f7439c793ab49e8225564136128acc0e20c2a5a26438fd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:47 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:46:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7ocxBMtLE6oWfcxZJtreyBt6meemKwvzO5UVlrVKQlyGyl%2FusfuANprtzZpCTOB66Z1PcEwzKMyM1P96Xb3OJAziImS6t290mjCx2QowiK4EGPPbjis%2B0C1W%2F9GhId7EQqdop0NFLFkWe0R3H7FSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e0991cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51461
9.jpg
claimz-ff.a-h4.tk/assets/claim/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/9.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bd4d49da206e4a777b0b2ff738ab8f22abff1fb61eb5eab49875215b425f5ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:45 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:46:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ka7JBUqtwkOYqiCsRaerGhJpNnFs03Kte58fuXEg4hzgiE07E%2F3g8Dwu6v1cveXW8HyTQ6pmRaQ9PFLmIUXHQEigBaK0X8idX0VQ5qSAUPjCetOZGWvTHlArhDaXmQQfArXXDUSfIAiGWVED07Infg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e0a91cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
63257
10.jpg
claimz-ff.a-h4.tk/assets/claim/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/10.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e609a8aa200999726893886a1c451ce206f04f982c8b127f6e45637c4ec401a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:46 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:47:44 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQnQZkt9fmOyz4zn%2FGIR%2F5waFgS0G2L8YjddbiQK2XNqB1lmJpxu4R0eF8hoRj4a0uH0CeuMF4fjF0vIeYedgtvRFzj81mf4w%2FMe2Dw8hB07kP39O7FrIMFBQA482ryNRH9DzFXqnrKHSPIT835Ieg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e0b91cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54276
11.jpg
claimz-ff.a-h4.tk/assets/claim/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/11.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9af0e6d92b654c354b5f99dc8e924f17c0154ca4eb0234bb080f45ff98bff6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:50 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:47:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoEUqa1YzzATetQtFbQC45XUK6QTLyEVKpHAn5bkP%2BY5HnA38Nh9WnvDgWHJs0Ev%2Fv8BvVopPn7%2BtH3ihmcwRfqmnF29RZvFXs9o0ysKjc1I%2B8lZJIMgn5ggubziIJ%2FZIUnMsNMlE5qpZKyayAJR%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e0c91cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38242
12.jpg
claimz-ff.a-h4.tk/assets/claim/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/12.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39a1b6e67a0ad5bb0ab3f957b01d19d91c21942dade502c87a7e1e62c31889b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:51 GMT
cf-cache-status
MISS
last-modified
Sat, 04 Dec 2021 13:48:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1za9Md6y9TOSzrytM4CIA8ux%2FAGTThCOFAiFLYztuVht1aNRowwgTdpOPjia8mVTc7SOmsvYjDkmz0W9MXzPi3kDLUgPEWkScJg2CH63eXg%2FgqqSN3adablrGzkYqyjprcvWrfoxRK59iNGRcltvbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e0e91cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
46292
13.jpg
claimz-ff.a-h4.tk/assets/claim/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/13.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b38cefb000b69213917efc33e40eb71bc03ac00670643d2dd4bee559fd3fd31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:47 GMT
cf-cache-status
MISS
last-modified
Sat, 12 Feb 2022 11:32:52 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfTIJDrad7t4r%2B0lQJjnUtGum4YJxBfgsxRdLVt93lbPpczG%2BFLejELGL0cE3%2Bxctdd6pYFTDlIKDVAfUwATUB5A2CUMfAZkFPW3psj%2FV2Vw7pRBSMfpsZThUapjb15QN%2B%2FZPULlE8cQGL2YStu%2BNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e0f91cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49392
14.jpg
claimz-ff.a-h4.tk/assets/claim/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/14.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
203df51c087cb473f5e3671b9eca50046e03911315e46a91f7df1201d072601e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:47 GMT
cf-cache-status
MISS
last-modified
Sat, 12 Feb 2022 11:33:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4x8zWCjA%2BKJrWEvRRGVpqM10D%2BcY2T5Krf28trkylZguR%2FOFCkxpZ4dN2aq2sqLkOda8R0swbnYSwWon2NN7CqNgxxE1z6aLlqJY%2B%2BuCIneB%2BX4eEnmsAxaXc1zl8uSNSkY3qhvhgiSdxmCucgQWYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e1091cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47916
15.jpg
claimz-ff.a-h4.tk/assets/claim/ 		63 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claimz-ff.a-h4.tk/assets/claim/15.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::ac43:b1ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d625dcde0afd2c591f7a93f5f7542c785d620bf96b535ed871e8da5ec7193f76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:52 GMT
cf-cache-status
MISS
last-modified
Sat, 12 Feb 2022 11:33:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HzLX9UI9PiiRdj4U%2FhmBOzcGrrbgIngqKL4Zv%2FJ3C2J22G7TaXc5YaKIONcShTJgmkzQeLdN45gqOAy%2FJYOqnC518Ct%2FBQuU2TGKtscehkVB1oNz4kM9CrsCTsnlEwNHxqY9Q0aYFzAiFGBqRDn0lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
730495140e1191cf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
64971
2.jpg
i.ibb.co/MncBXzv/ 		101 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/MncBXzv/2.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.210.32.103 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172599.ip-51-210-32.eu
Software
nginx /
Resource Hash
b72c8043029f9aa979b35a669e0b4cbbbcc7c6594179037b682f7a9a68b64816

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
last-modified
Fri, 24 Sep 2021 01:14:25 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
103170
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_small_foot.png
freefiremobile-a.akamaihd.net/ffwebsite/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freefiremobile-a.akamaihd.net/ffwebsite/images/logo_small_foot.png
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.48.23.63 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-63.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8831a2445b11d8d98fc3e121c0e53d66d8ef678a780588c6cda387d415628672

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 11:33:43 GMT
Last-Modified
Thu, 24 May 2018 05:14:58 GMT
Server
AkamaiNetStorage
ETag
"28e3613e41bf30be9a6ff398c2876731:1543299032.734554"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
keep-alive
Accept-Ranges
bytes
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
3265
Tw3QNy.png
i.im.ge/2021/09/15/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.im.ge/2021/09/15/Tw3QNy.png
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a03:4000:6:e655:a85f:b5ff:fec5:f90b , Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 11:33:43 GMT
Last-Modified
Tue, 07 Jun 2022 12:52:13 GMT
Server
nginx/1.22.0
Age
2
X-Amz-Meta-Mtime
1631696336.783
Content-Type
image/png
Access-Control-Expose-Headers
Content-Disposition
Cache-Control
max-age=3600, public
Content-Disposition
inline; filename="Tw3QNy.png"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28789
Expires
Mon, 25 Jul 2022 12:14:24 GMT
e61511ae88f7d52fac67cd4c4f9c739bf71572d2923e1acf512f249ae0544fd4:200
img.utdstc.com/icon/e61/511/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.utdstc.com/icon/e61/511/e61511ae88f7d52fac67cd4c4f9c739bf71572d2923e1acf512f249ae0544fd4:200
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.205.232.74 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-232-74.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cd51bf0a5665e55258f20d1dc1fae0b2d953d0e057c3ce9285b04df70a547d4b
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 07 Dec 2021 07:05:51 GMT
server
nginx
etag
"61af07cf-3896"
x-frame-options
SAMEORIGIN
content-type
image/webp
cache-control
private, max-age=2880
date
Mon, 25 Jul 2022 11:33:43 GMT
content-security-policy
default-src 'self'
accept-ranges
bytes
vary
Accept
content-length
14486
x-xss-protection
1; mode=block
expires
Mon, 25 Jul 2022 12:21:43 GMT
base64.min.js
cdn.jsdelivr.net/npm/js-base64@3.7.1/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/js-base64@3.7.1/base64.min.js
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fae6b0eb07e3fbf137e7338ed11f8f3649723c71da033e02d86aabadbbc09fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10894303
x-jsd-version
3.7.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19156-FRA, cache-hhn4081-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"1403-Iw1GRY+LVjIB//oGCUa3Uouq6NQ"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5tPhL5lbr95BoOxORrvhKFUg9uFgSXMRdSxw5a%2BFHOxp0qlrC%2B3v2Pr5NpVyNwEP462rYGmFIg6U%2BhfCqehPvn7VXuNC54JQETwn4dBHSzGv1bc0niNrCjL7fnIGNnQ9FzLcEKiTYVnF%2BbDPgWw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
730495128b4392b7-FRA
base.slim.js
unpkg.com/basecrypt@3.0.0/ 		0
0
ngSaltBae.js
cdn.jsdelivr.net/npm/ng-encrypt@1.0.0/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/ng-encrypt@1.0.0/ngSaltBae.js
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7f5024b78e40d2d079c82f0aebbbb0cbb714022a47539c6862b4b4e4cbddedc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10894038
x-jsd-version
1.0.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19135-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"83e-YpPB8HgR3sfq19NQba0+y56bVzU"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RfQg51LGB8OZDnkMeNc67oIV8DPEUiFgQ%2BoY6m7vdMRjrI4sWojvUxzf2udzMCvthobhX8qD0MvHXstkl61VRj1Sg3lAgiKh1svxlSpdtmmdngFvKHFVvy7oQlYGQ1VGpF2Zpzod87p77IgsI3w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
730495136c9892b7-FRA
base.min.js
cdn.jsdelivr.net/npm/basecrypt@3.1.0/ 		60 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/basecrypt@3.1.0/base.min.js
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57624bdaef21c25e5cc05866094746f3c598b5c1d78e6dc1344ca60ed4186e09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version
3.1.0
x-cache
MISS, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19161-FRA, cache-iad-kiad7000070-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"eed4-efITkrLMJ0kyO3CwqBVxOw1IhTs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A%2BbOMZrkmSpQAVVeR4sd%2FokH8SP8yZ4xxClC4MFNiuXdFrJFNMs5yfsGkdudOq3BH6%2BIyp%2FRxqy81JvDjF2EDrZtmiV3Ta1kQngLbgrHT8VpoAXaN8VOmZFWspy%2FD%2B8LSieCfyzgRv%2BjChu3eQQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
730495140d9292b7-FRA
access-control-expose-headers
*
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Montserrat:wght@700&display=swap
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
543134285160bea48b9973413b04ad78beaf89180af147f69ac6882fadd0d7e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 11:33:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Jul 2022 11:33:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Jul 2022 11:33:43 GMT
css2
fonts.googleapis.com/ 		1 KB
493 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Suez+One&display=swap
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0ddd26adab68c34938788f7e1bf104174c8b87db18c5a550891636035cc20ca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 11:28:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Jul 2022 11:33:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Jul 2022 11:33:43 GMT
css2
fonts.googleapis.com/ 		1 KB
498 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Signika&display=swap
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8fc7c113912c5664015490595f5d54f26cde1bb3bc76327a920aba0f7d71473c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 25 Jul 2022 11:33:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 25 Jul 2022 11:33:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 25 Jul 2022 11:33:43 GMT
venom-artwork-4k-8k-wallpaper-preview.jpg
p4.wallpaperbetter.com/wallpaper/194/846/328/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p4.wallpaperbetter.com/wallpaper/194/846/328/venom-artwork-4k-8k-wallpaper-preview.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:5abc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d9520519f425459a17b43c7ad7c0df36cc594376631190e4142b98a3291e433

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
107453
last-modified
Sun, 06 Jan 2019 20:03:40 GMT
server
cloudflare
etag
"5c325f1c-1a3bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KewZDwChvpUxh57%2F7nKf%2BdkxWrzYFzAaaTFEx33p2iXev4LwjxpRNOOli4aU5HOfN5teZCnRjLq3Hrp8GS04q5QIsvCCVvu9HNx8g4jeSxqQllPC%2FvUkAoqsVi2XEGiC4qLysHsOCzLbKGiWNLE3Mg4vlqQ8"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
730495147da49b31-FRA
expires
Thu, 20 Jul 2023 11:33:43 GMT
Venom-Artwork-4K-Ultra-HD-Mobile-Wallpaper-950x1689.jpg
www.mordeo.org/files/uploads/2018/10/ 		293 KB
294 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mordeo.org/files/uploads/2018/10/Venom-Artwork-4K-Ultra-HD-Mobile-Wallpaper-950x1689.jpg
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e120245c0e52241660a81a8dce1d2269fdb96cb605cf6118fbb4f0c267f3b0ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
300068
last-modified
Sat, 27 Jun 2020 10:58:41 GMT
server
cloudflare
etag
"5ef72661-49424"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmPPMS19S8cR5Q6wI%2FnTaufuvIN%2B2hnY%2BqVicO3Z%2BFITB1M8u3M4%2FFqiA4AlzdW7hG8wxbOaW%2Bvi8m1b9UeWYDfYvOnjirmWIFcNW7sRSme7aoU%2BXivHeDoqaxyjVxo9kOZEHAOoBqAVi3aa%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
730495147c549067-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
head_bg.png
dl.dir.freefiremobile.com/common/web_event/mocoparty/images/ 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/mocoparty/images/head_bg.png
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/assets/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-24.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c10785219fa0c2f6fc2b403dbb5f722c890c2d29ab79f8299d2b23e5e354a114

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 11:33:44 GMT
Last-Modified
Thu, 02 Sep 2021 07:17:02 GMT
Server
AkamaiNetStorage
ETag
"a32212bcf83c5c887c32bea018dc101f:1630567022.112978"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
85760
for_grand.png
dl.dir.freefiremobile.com/common/web_event/mocoparty/images/ 		654 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/mocoparty/images/for_grand.png
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/assets/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-24.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
e9ac0a265b75da8f4ba7d2bc783b76005e32c78f70fb9289120471e5e346f813

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 11:33:44 GMT
Last-Modified
Thu, 02 Sep 2021 07:16:52 GMT
Server
AkamaiNetStorage
ETag
"10a8e98571719498013dc2dd0502414f:1630567012.086091"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
654
2fd79ea4b67f795eaed61878ac4a1db8.png
i.pinimg.com/originals/2f/d7/9e/ 		707 KB
709 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/2f/d7/9e/2fd79ea4b67f795eaed61878ac4a1db8.png
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:89a::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
3681b6f7cc0b49e438d06807362508313b3bcb983f94d5707ee07fc99b5231ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.8aa12417.1658748823.bd0c64c
etag
"4a45f0f478efe50eccb60b0f68dc9fb1"
vary
Origin
content-type
image/png
cache-control
immutable, max-age=31536000
accept-ranges
bytes
content-length
724223
JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v9/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bebasneue/v9/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Montserrat:wght@700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5b4101d4a007ce5231c65dd082b9542ffd40b6e12cc9ea67de9b54063bbbf073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://claimz-ff.a-h4.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 23:50:00 GMT
x-content-type-options
nosniff
age
474223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13416
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:07:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Jul 2023 23:50:00 GMT
p-48f74811.js
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 		15 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-48f74811.js
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c54bdbd08da4ee85a0bae7af657e393c217f9d86cf44341a541f60be58702f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin
https://claimz-ff.a-h4.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36043
x-jsd-version
6.1.8
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19139-FRA, cache-hhn4033-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"3c7d-qy0EFwHa9vkaePhr9/fQXa2RnnA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rk3I99zUWt2l4xe5hAK2fB05Wt86WLVsp3XoUy%2FOaFd5F%2FBUroDJS0PcXGWUvKsaDsYru9qHgRD9Stn6kHzuKzedQnnyKYs73Os%2FvPP6gdpuPe%2FIKNu8vX4WIFrtFGwK3F1ZzEuOS9olWsxlZwQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
730495144d3d5c32-FRA
p-234204d1.js
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 		121 B
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-234204d1.js
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81acf85faf238b5137223deb58217d72010480c62dfd614ad09661d9f1ae278
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin
https://claimz-ff.a-h4.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36043
x-jsd-version
6.1.8
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19144-FRA, cache-itm18843-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"79-9bQkq+HhE17L4Ui3Tg1tGrR5K7U"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UO5rzsgMNeb%2B8gpvdmY6C8gsK1MGsWUiDvDlfR4rfh%2FPrfA2ncRnTb3dKml%2FODmRmlz45xi8jBNhtjHjlaGlZ24Gkd0eC46VGPfy8TvSfVqLUu4CnYLaxsx5aVSQQmPJHzyHVxMdU%2ByS9SpSi6I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
730495144d3a5c32-FRA
access-control-expose-headers
*
p-0d7ac9e6.js
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-0d7ac9e6.js
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8de0df5d1a7a0ff33b9ced7a50a4d482aaf09710cc78b8bded5e2f17f06bbe31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin
https://claimz-ff.a-h4.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
36043
x-jsd-version
6.1.8
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19127-FRA, cache-hhn4055-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"ce5-vLS/iL+7Tapa6WPjva6P1Ofqgf0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ViSgiVTtD771eENr143RGbL6On1dz8uGb5FzO9IQJpGLqEUkT%2FK8TPcKllq0PMOf1fKEFpHfY9w9qyenVVR%2BA7qSnWFS%2B4bxNqji5GsbsKOwjC4ZDNK0rgtQnmjBYXcLqCF0ZAh9T%2B0n8BL2SVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
730495144d375c32-FRA
spin.png
dl.dir.freefiremobile.com/common/web_event/mocoparty/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/mocoparty/images/spin.png
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/assets/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-24.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
deb6b511ce080ea06a49b0e20dea72737d6ee35fc69e0a295e768cd6bf4f51c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 11:33:44 GMT
Last-Modified
Thu, 02 Sep 2021 07:16:57 GMT
Server
AkamaiNetStorage
ETag
"616cd6e82d8ddc0fcd3b7c938ed61423:1630567017.381007"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8965
dialog_bg.png
dl.dir.freefiremobile.com/common/web_event/mocoparty/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dl.dir.freefiremobile.com/common/web_event/mocoparty/images/dialog_bg.png
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/assets/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.24 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-24.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8ad5485c2cc22251c70ac0dcdee116e87b518848b718f096d4ac63dfaea4ec6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date
Mon, 25 Jul 2022 11:33:44 GMT
Last-Modified
Thu, 02 Sep 2021 07:17:00 GMT
Server
AkamaiNetStorage
ETag
"f8e6f93d0d924d6b75137b78fff9246c:1630567020.984952"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2929
btn_2.png
www.pubgmobile.com/id/event/musicContest/images/m/ 		134 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pubgmobile.com/id/event/musicContest/images/m/btn_2.png
Requested by
Host: claimz-ff.a-h4.tk
URL: https://claimz-ff.a-h4.tk/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d22 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
261a38b242a6ab3195f0560e6dfd0b8c04993eed9c4649f9ed932f546889f12a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://claimz-ff.a-h4.tk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Mon, 25 Jul 2022 11:33:44 GMT
last-modified
Wed, 15 Sep 2021 06:42:00 GMT
server
nginx
etag
"614195b8-86"
content-type
image/png
cache-control
max-age=283
accept-ranges
bytes
content-length
134
expires
Mon, 25 Jul 2022 11:38:27 GMT
vEFO2_JTCgwQ5ejvMV0O96D01E8J0tJXHKbBjM4.woff2
fonts.gstatic.com/s/signika/v19/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/signika/v19/vEFO2_JTCgwQ5ejvMV0O96D01E8J0tJXHKbBjM4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Signika&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ceea5792ab87e3c628a280b30ecfe21e511872c41d6e19731df262a58e972555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://claimz-ff.a-h4.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 20:07:53 GMT
x-content-type-options
nosniff
age
401150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21764
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:10:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 20:07:53 GMT
taiJGmd_EZ6rqscQgOFOmos.woff2
fonts.gstatic.com/s/suezone/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/suezone/v11/taiJGmd_EZ6rqscQgOFOmos.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Suez+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58c27c47cb6a225f0c38b0b149808b44026b4ffd96efcad8f2200dc38514ca72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://claimz-ff.a-h4.tk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 22:04:01 GMT
x-content-type-options
nosniff
age
394182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14380
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:08:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 20 Jul 2023 22:04:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
unpkg.com
URL
https://unpkg.com/basecrypt@3.0.0/base.slim.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| Swiper object| Base64

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beritabooyah.id
cdn.jsdelivr.net
claimz-ff.a-h4.tk
dailyspin.id
dl.dir.freefiremobile.com
fonts.googleapis.com
fonts.gstatic.com
freefiremobile-a.akamaihd.net
i.ibb.co
i.im.ge
i.pinimg.com
img.utdstc.com
larepublica.pe
p4.wallpaperbetter.com
sesuaiaplikasi.com
unpkg.com
www.jakartastudio.com
www.mordeo.org
www.pngkit.com
www.pubgmobile.com
unpkg.com
103.247.207.171
139.180.142.201
208.110.80.77
23.205.232.74
23.48.23.24
23.48.23.63
2606:4700:3032::6815:3b69
2606:4700:3032::6815:5abc
2606:4700:3033::ac43:b1ae
2606:4700::6810:5614
2606:4700::6810:7aaf
2a00:1450:4001:813::200a
2a00:1450:4001:82b::2003
2a02:26f0:1700:16::b856:fbca
2a02:26f0:3500:3::b818:4d22
2a02:26f0:3500:89a::1931
2a03:4000:6:e655:a85f:b5ff:fec5:f90b
2a06:98c1:3120::3
2a06:98c1:3121::3
51.210.32.103
022aed17356972346fc06c3fb3cdb34ce82a02bf81f67af826f242ac0142d0ad
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0c54bdbd08da4ee85a0bae7af657e393c217f9d86cf44341a541f60be58702f6
0ddd26adab68c34938788f7e1bf104174c8b87db18c5a550891636035cc20ca2
12ebdf1b9b4182204387dd2d129cb7dfc29134515e083ebc95ed68ca9ac5edff
178261e9f2cf3f066f1fd5fa1e1d5621cfaeb064dd317b4114d9b39ac7107fdf
1c805f582ab4e85673fa666226c4725e0af3eac6c4a3c62b1a3519bbbfc9ef5a
203df51c087cb473f5e3671b9eca50046e03911315e46a91f7df1201d072601e
20916109e1e1cb9bce5adbe535efbd39b742d38e2fa50ccb574294f3e83ccbb0
261a38b242a6ab3195f0560e6dfd0b8c04993eed9c4649f9ed932f546889f12a
30683eb4012731621281a158d896fb9bb0f3caee42e86987a51c3b1b62ae4131
3681b6f7cc0b49e438d06807362508313b3bcb983f94d5707ee07fc99b5231ca
39a1b6e67a0ad5bb0ab3f957b01d19d91c21942dade502c87a7e1e62c31889b5
4c9ff1fcdd46e7eafee33b1308c547c85df2f3fad8041291b9b554630f9ecfe5
4fae6b0eb07e3fbf137e7338ed11f8f3649723c71da033e02d86aabadbbc09fb
543134285160bea48b9973413b04ad78beaf89180af147f69ac6882fadd0d7e9
57624bdaef21c25e5cc05866094746f3c598b5c1d78e6dc1344ca60ed4186e09
58c27c47cb6a225f0c38b0b149808b44026b4ffd96efcad8f2200dc38514ca72
5b4101d4a007ce5231c65dd082b9542ffd40b6e12cc9ea67de9b54063bbbf073
6169a9f800b07bab0afa23371fd5994229a1e393ec2abaaaa86260df23121401
62c31232936b20f7c92c6d5885f4724d4f55ad5aca2b733338c57ecc0e112371
7b38cefb000b69213917efc33e40eb71bc03ac00670643d2dd4bee559fd3fd31
8272a0e13f39fabff9c1c1d54a78067c7e32ad07085cbf29f8837873f1d96328
829bec6db5dfe2d1c64a9007be7ffdf23dfdc45e097179085d4ef7d294c16764
8658285c0bb4e6dceb4f11c95f82206a5e47181b1559b48c40f3535136dc04f9
867438f53a28cb6406b433a312fffc35e2364d1fe2a1839cdc64a935e61e7d69
87cf806d0c4bc82287800541af959255b3def226fd5c6615e270cc88d123d9a9
8831a2445b11d8d98fc3e121c0e53d66d8ef678a780588c6cda387d415628672
8954ae9654aea5d46a68bc5d91c063a3896a0d8a5927822049e4e06a4252b4a6
8ad5485c2cc22251c70ac0dcdee116e87b518848b718f096d4ac63dfaea4ec6e
8bd4d49da206e4a777b0b2ff738ab8f22abff1fb61eb5eab49875215b425f5ff
8d9520519f425459a17b43c7ad7c0df36cc594376631190e4142b98a3291e433
8de0df5d1a7a0ff33b9ced7a50a4d482aaf09710cc78b8bded5e2f17f06bbe31
8fc7c113912c5664015490595f5d54f26cde1bb3bc76327a920aba0f7d71473c
9013a876b89b261956473a059bc952408a1939a71eb557879a9d6e4a666d9a70
951a6e316a96ecc19f7439c793ab49e8225564136128acc0e20c2a5a26438fd7
9a578b59eb4b32abeccfda98e4803db90cb6ddd7895a9c7bae15004b2569261c
a540f8213c6f6c36ba1b3d0cfc13de6b14fb9008b8dda0169893e24c6e6080d1
b4c36bd623e62bea63b81dabb7ce6f9e3ae05c5d22f11d2c3a5802ced3c9c499
b72c8043029f9aa979b35a669e0b4cbbbcc7c6594179037b682f7a9a68b64816
b81acf85faf238b5137223deb58217d72010480c62dfd614ad09661d9f1ae278
c0cbc58d1b7225487cab98d36e839a7e112c9bf43ab9117265cb7233454ef797
c10785219fa0c2f6fc2b403dbb5f722c890c2d29ab79f8299d2b23e5e354a114
c66caa7b50d90c1c8a3c2d878a95a492df9b9a851a2eb75376d6240be7db66a5
c7f5024b78e40d2d079c82f0aebbbb0cbb714022a47539c6862b4b4e4cbddedc
c85b496779a816eef31abfe9a38c9b875469378e65fa08d15427daf1ecddca11
cd51bf0a5665e55258f20d1dc1fae0b2d953d0e057c3ce9285b04df70a547d4b
ceea5792ab87e3c628a280b30ecfe21e511872c41d6e19731df262a58e972555
d122d0c27e7c41ea93839c9f30b3937377ba3221e2bfd474d14de4476cf913f6
d625dcde0afd2c591f7a93f5f7542c785d620bf96b535ed871e8da5ec7193f76
d97ed7442447dc0683bd1b69b89daf10ac2082e2378bf659cd744cbc564fb063
d995aec512044af9b06d28d8a4116d70fc7295376745d334b4a6cebe01b6aaa8
da907a6e41c4e300a3e5e77014b7434ee7d7ff241b8478704581a678b8d7b6c3
deb6b511ce080ea06a49b0e20dea72737d6ee35fc69e0a295e768cd6bf4f51c1
dff63d5490ed852b71cfc336933fac845503b1c2d6ac075a4671b23fe04d5101
e120245c0e52241660a81a8dce1d2269fdb96cb605cf6118fbb4f0c267f3b0ea
e609a8aa200999726893886a1c451ce206f04f982c8b127f6e45637c4ec401a8
e9ac0a265b75da8f4ba7d2bc783b76005e32c78f70fb9289120471e5e346f813
e9af0e6d92b654c354b5f99dc8e924f17c0154ca4eb0234bb080f45ff98bff6e
f641c86e2fd4977207f044d47f7cde15eeb5df61ed7eb3ae168df3fdaca2aa5d
f6be8712cdf71d816321c81b56bbc66820195d0478bdb0910b41a2b930f339f0