congrats-claimforyou.osite0162.gq Open in urlscan Pro
2606:4700:3034::6815:30b0 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://congrats-claimforyou.osite0162.gq/
Submission: On December 22 via automatic, source certstream-suspicious (December 22nd 2021, 1:52:11 pm UTC) — Scanned from DE

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 23 domains to perform 62 HTTP transactions. The main IP is 2606:4700:3034::6815:30b0, located in United States and belongs to CLOUDFLARENET, US. The main domain is congrats-claimforyou.osite0162.gq.
TLS certificate: Issued by R3 on December 22nd 2021. Valid for: 3 months.

This is the only time congrats-claimforyou.osite0162.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
26	2606:4700:303... 2606:4700:3034::6815:30b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.15.189.129 51.15.189.129	12876 (Online SAS) (Online SAS)
1	103.247.207.171 103.247.207.171	58521 (GARENA-SG...) (GARENA-SG Garena Online Pte Ltd)
1	2606:4700:303... 2606:4700:3032::6815:3b69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3035::ac43:96ca	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:ef:... 2a02:26f0:ef::5c7b:c284	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	139.180.142.201 139.180.142.201	20473 (AS-CHOOPA) (AS-CHOOPA)
1	92.123.225.40 92.123.225.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2a0::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	208.110.80.75 208.110.80.75	32097 (WII) (WII)
1	104.194.11.156 104.194.11.156	23470 (RELIABLESITE) (RELIABLESITE)
1	164.52.101.14 164.52.101.14	63199 (CDSC-AS1) (CDSC-AS1)
1	188.68.52.216 188.68.52.216	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
1	104.90.137.209 104.90.137.209	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3030::ac43:9fc8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3032::6815:5a31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2.16.107.74 2.16.107.74	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba29	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	129.226.2.89 129.226.2.89	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
62	23

26 2606:4700:3034::6815:30b0 (United States)

ASN13335 (CLOUDFLARENET, US)

congrats-claimforyou.osite0162.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7eaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.189.129 (France)

ASN12876 (Online SAS, FR)
PTR: 51-15-189-129.rev.poneytelecom.eu

h.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.247.207.171 (Singapore)

ASN58521 (GARENA-SG Garena Online Pte Ltd, SG)

beritabooyah.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:3b69 (United States)

ASN13335 (CLOUDFLARENET, US)

dailyspin.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::ac43:96ca (United States)

ASN13335 (CLOUDFLARENET, US)

www.jakartastudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:ef::5c7b:c284 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

larepublica.pe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.180.142.201 (Singapore, Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 139.180.142.201.vultr.com

sesuaiaplikasi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.225.40 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-225-40.deploy.static.akamaitechnologies.com

freefiremobile-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2a0::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.110.80.75 (United States)

ASN32097 (WII, US)

www.pngkit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.194.11.156 (United States)

ASN23470 (RELIABLESITE, US)

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.52.101.14 (Singapore)

ASN63199 (CDSC-AS1, US)

reward.ff.garena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.68.52.216 (Sassenburg, Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: i.im.ge

i.im.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.137.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-137-209.deploy.static.akamaitechnologies.com

img.utdstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:9fc8 (United States)

ASN13335 (CLOUDFLARENET, US)

p4.wallpaperbetter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:5a31 (United States)

ASN13335 (CLOUDFLARENET, US)

www.mordeo.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.107.74 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-74.deploy.static.akamaitechnologies.com

dl.dir.freefiremobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba29 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.pubgmobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.226.2.89 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

na.apps.amsoveasea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	osite0162.gq congrats-claimforyou.osite0162.gq	3 MB
6	jsdelivr.net cdn.jsdelivr.net	49 KB
4	freefiremobile.com dl.dir.freefiremobile.com	97 KB
4	unpkg.com 2 redirects unpkg.com	43 KB
3	gstatic.com fonts.gstatic.com	49 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	pinimg.com i.pinimg.com	755 KB
1	amsoveasea.com na.apps.amsoveasea.com	179 B
1	pubgmobile.com www.pubgmobile.com	295 B
1	mordeo.org www.mordeo.org	294 KB
1	wallpaperbetter.com p4.wallpaperbetter.com	106 KB
1	utdstc.com img.utdstc.com	14 KB
1	im.ge i.im.ge	28 KB
1	garena.com reward.ff.garena.com
1	ibb.co i.ibb.co	101 KB
1	pngkit.com www.pngkit.com	511 KB
1	akamaihd.net freefiremobile-a.akamaihd.net	5 KB
1	sesuaiaplikasi.com sesuaiaplikasi.com	193 KB
1	larepublica.pe larepublica.pe	37 KB
1	jakartastudio.com www.jakartastudio.com	69 KB
1	dailyspin.id dailyspin.id	124 KB
1	beritabooyah.id beritabooyah.id	82 B
1	top4top.io h.top4top.io	85 KB
62	23

	Domain	Requested by
26	congrats-claimforyou.osite0162.gq	congrats-claimforyou.osite0162.gq
6	cdn.jsdelivr.net	congrats-claimforyou.osite0162.gq
4	dl.dir.freefiremobile.com	congrats-claimforyou.osite0162.gq
4	unpkg.com	2 redirects congrats-claimforyou.osite0162.gq
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	congrats-claimforyou.osite0162.gq
2	i.pinimg.com	congrats-claimforyou.osite0162.gq
1	na.apps.amsoveasea.com	cdn.jsdelivr.net
1	www.pubgmobile.com	congrats-claimforyou.osite0162.gq
1	www.mordeo.org	congrats-claimforyou.osite0162.gq
1	p4.wallpaperbetter.com	congrats-claimforyou.osite0162.gq
1	img.utdstc.com	congrats-claimforyou.osite0162.gq
1	i.im.ge	congrats-claimforyou.osite0162.gq
1	reward.ff.garena.com	congrats-claimforyou.osite0162.gq
1	i.ibb.co	congrats-claimforyou.osite0162.gq
1	www.pngkit.com	congrats-claimforyou.osite0162.gq
1	freefiremobile-a.akamaihd.net	congrats-claimforyou.osite0162.gq
1	sesuaiaplikasi.com	congrats-claimforyou.osite0162.gq
1	larepublica.pe	congrats-claimforyou.osite0162.gq
1	www.jakartastudio.com	congrats-claimforyou.osite0162.gq
1	dailyspin.id	congrats-claimforyou.osite0162.gq
1	beritabooyah.id	congrats-claimforyou.osite0162.gq
1	h.top4top.io	congrats-claimforyou.osite0162.gq
62	23

This site contains no links.

Subject Issuer	Validity	Valid
*.osite0162.gq R3	`2021-12-22` - `2022-03-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
top4top.io R3	`2021-10-30` - `2022-01-28`	3 months	crt.sh
*.beritabooyah.id R3	`2021-11-01` - `2022-01-30`	3 months	crt.sh
*.dailyspin.id R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
gruporepublica.web.arc-cdn.net R3	`2021-10-28` - `2022-01-26`	3 months	crt.sh
sesuaiaplikasi.com R3	`2021-12-06` - `2022-03-06`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
pngkit.com R3	`2021-12-21` - `2022-03-21`	3 months	crt.sh
ibb.co R3	`2021-12-05` - `2022-03-05`	3 months	crt.sh
*.ff.garena.com R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
i.im.ge Sectigo RSA Domain Validation Secure Server CA	`2021-09-25` - `2022-09-25`	a year	crt.sh
uptodown.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
dl.kgtw.garenanow.com DigiCert SHA2 Secure Server CA	`2021-07-07` - `2022-06-27`	a year	crt.sh
wetv.acc.qq.com DigiCert SHA2 Secure Server CA	`2021-07-29` - `2022-03-16`	8 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
na.apps.amsoveasea.com TrustAsia TLS RSA CA	`2021-05-31` - `2022-05-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://congrats-claimforyou.osite0162.gq/
Frame ID: 8FDE47B7FF786A1A27674F30B8C13345
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FREEFIRE X VENOM

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

62
Requests

97 %
HTTPS

52 %
IPv6

23
Domains

23
Subdomains

23
IPs

4
Countries

5362 kB
Transfer

5565 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://unpkg.com/swiper@7/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@7.3.4/swiper-bundle.min.css

Request Chain 3

https://unpkg.com/swiper@7/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@7.3.4/swiper-bundle.min.js

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
congrats-claimforyou.osite0162.gq/ 28 KB
6 KB 123ms
67ms Document
text/html 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa36d81a116f8f04ed37456792892a87976817b1fc9989163be7e6eb40d34be1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 22 Dec 2021 13:51:46 GMT
content-type: text/html
last-modified: Wed, 06 Oct 2021 17:57:26 GMT
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHgEUJyXHcy4GUerf3ujVEBmRSw9ury8cUvy5mpoLNC8pSVt%2FV7yWjDevg8BMOzkjMq2zHu21k5RxaUWZthUmDpzqIb4IB99JJ65byNZ18a%2BB1qJxTAG%2FhcBgquatNwvVV5Bq5HeBmbfiOt7h1A7cyWGchnAXstTQFMz6hRiMQ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6c19d3ac6fc259d7-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
congrats-claimforyou.osite0162.gq/assets/css/ 20 KB
4 KB 130ms
130ms Stylesheet
text/css 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://congrats-claimforyou.osite0162.gq/assets/css/style.css
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0cbc58d1b7225487cab98d36e839a7e112c9bf43ab9117265cb7233454ef797

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 06 Oct 2021 17:56:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KEsBCDIa8sgQGJQQSkc6fCMhhoRylKSeBn3L09RPEJvygxcEougufWOhKI%2BOfgStPWUPUc4m546F2jBCSNdGcmzv8oajcLnH9OTL%2FFEZJjeGpQ27DHlFiro2lfyJXjewM4v8fOajCJvWBj%2B1aj82HG167GZoF8tL3jhfIPh6LZM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c19d3ad092359d7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 facebook.css
congrats-claimforyou.osite0162.gq/assets/css/ 4 KB
1 KB 65ms
64ms Stylesheet
text/css 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://congrats-claimforyou.osite0162.gq/assets/css/facebook.css
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12ebdf1b9b4182204387dd2d129cb7dfc29134515e083ebc95ed68ca9ac5edff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:46 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 Sep 2021 00:39:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jETAufDgy0fi9a%2FdfjKnhwKWsLnTfxAzmxTDpxVHPUp6G1%2FtoVgmLETkzSEnEh4iFP6GRb1kVuJB8%2FkdIqd0rP%2BbEJR2yu9nnbEX%2FNtYF9OE1%2B4KJEVVJzlr0Mq6979hhlzUVBC9TY%2BQM5ZMeaoSUs1VQ2DONK%2BUvt0pd305q54%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6c19d3ad092859d7-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@7.3.4/
Redirect Chain

https://unpkg.com/swiper@7/swiper-bundle.min.css
https://unpkg.com/swiper@7.3.4/swiper-bundle.min.css

15 KB
5 KB

26ms
25ms

Stylesheet
text/css

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.4/swiper-bundle.min.css

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c48538092ab4391cc63b0cc53479c3a5b6c53739f8e34afa460366698eaeb2f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:46 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17192
fly-request-id: 01FQGP6CD421H5YY3N15JVH7H4
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3ccb-9sPhOTT64A/HLm1tI0cqU5PrBT4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c19d3ad6c203745-MXP

Redirect headers

date: Wed, 22 Dec 2021 13:51:46 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FQH6GBPT3Q9CBH6GD5YF76HG
server: cloudflare
age: 88
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@7.3.4/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c19d3ad4bc23745-MXP
access-control-allow-origin: *

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@7.3.4/
Redirect Chain

https://unpkg.com/swiper@7/swiper-bundle.min.js
https://unpkg.com/swiper@7.3.4/swiper-bundle.min.js

133 KB
38 KB

33ms
33ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.4/swiper-bundle.min.js

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e09420d5af2e516fbe936bc70293cdbf5f697fd3933477dc0bbbb62f768edd5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:46 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 17263
fly-request-id: 01FQGP46H4P8C2S9Q2V3D1MMR6
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"2120f-VDV+BdlHpfNA0ChvH/5g5NFmEjg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6c19d3ad6c223745-MXP

Redirect headers

date: Wed, 22 Dec 2021 13:51:46 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FQH6FZJ0129VRKDE22HQ3ZDR
server: cloudflare
age: 101
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@7.3.4/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c19d3ad4bc63745-MXP
access-control-allow-origin: *

GET
H2 200 ionic.esm.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 18 KB
6 KB 74ms
30ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e45e9312d2456a25dd567844bf844be27a0f3e7f3e61f34ea05a6f86c353ce36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://congrats-claimforyou.osite0162.gq/
Origin: https://congrats-claimforyou.osite0162.gq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 330
x-jsd-version: 6.0.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19158-FRA, cache-mxp6964-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"49bf-lbBgXuiq82dL0pCfHuSzEs7E+hQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6c19d3ad4c53e8eb-MXP

GET
H2 200 p_2016h7ob71.gif
h.top4top.io/ 85 KB
85 KB 97ms
28ms Image
image/gif 51.15.189.129
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.top4top.io/p_2016h7ob71.gif
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.15.189.129 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-189-129.rev.poneytelecom.eu
Software: nginx /
Resource Hash: f2d0dae13baddb4ef853a0ea61bafaa18f9db27317019673a000df156ad86f92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-file-id: x39388555x
date: Wed, 22 Dec 2021 13:51:46 GMT
last-modified: Fri, 09 Jul 2021 10:29:09 GMT
server: nginx
etag: "60e824f5-15386"
content-type: image/gif
cache-control: max-age=7200
content-disposition: inline; filename="ezgif.com-gif-maker.gif"
accept-ranges: bytes
content-length: 86918
expires: Wed, 22 Dec 2021 15:51:46 GMT

GET
H2 403 YBYLX_jfslchd-1024x576.jpg
beritabooyah.id/wp-content/uploads/2021/09/ 9 B
82 B 611ms
170ms Image
text/plain 103.247.207.171
GARENA-SG Garena ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beritabooyah.id/wp-content/uploads/2021/09/YBYLX_jfslchd-1024x576.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.207.171 , Singapore, ASN58521 (GARENA-SG Garena Online Pte Ltd, SG),
Reverse DNS
Software: /
Resource Hash: 78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
content-length: 9
content-type: text/plain; charset=utf-8

GET
H2 200 ff-x-venom.jpg
dailyspin.id/wp-content/uploads/2021/09/ 124 KB
124 KB 355ms
32ms Image
image/webp 2606:4700:3032::6815:3b69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dailyspin.id/wp-content/uploads/2021/09/ff-x-venom.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:3b69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c805f582ab4e85673fa666226c4725e0af3eac6c4a3c62b1a3519bbbfc9ef5a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 369
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 126526
last-modified: Mon, 20 Sep 2021 05:45:43 GMT
server: cloudflare
etag: "61482007-1ee3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ww5Eh%2FUlkccoNxquYg9s8zjppOukN1D%2FAN9kGa86pmW%2FWzi0FqBDXord261ZPhwt2nlkFJzvDLn0wNTEW3RO8C69AJRdfYIjMgZuQSc98FWAL6%2FcrfB8qJ04zArGRi7kxlU7e0n31CAn9To%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6c19d3b03d8c3761-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Free-Fire-x-Venom-4.jpg
www.jakartastudio.com/wp-content/uploads/2021/09/ 68 KB
69 KB 722ms
683ms Image
image/jpeg 2606:4700:3035::ac43:96ca
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jakartastudio.com/wp-content/uploads/2021/09/Free-Fire-x-Venom-4.jpg

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:96ca , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62c31232936b20f7c92c6d5885f4724d4f55ad5aca2b733338c57ecc0e112371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 69718
last-modified: Mon, 20 Sep 2021 02:17:57 GMT
server: cloudflare
etag: "6147ef55-11056"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J29zFeo2%2FT0GZ3QUIdX1%2FWVSKLHZejP8wOIZmJ90b760jZxDk8rI%2BVLvR%2BM4eWYD4NEPUHbd4x0ei1R%2F%2BXlWZaKV12i65O9VwF31OYubW6v7iU%2BJF7tKvzvKw7zGKmt1WCyyO2%2FouI8jOuZUWt6zSzjxFZk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 6c19d3ae6ad405e9-FRA
expires: Fri, 21 Jan 2022 13:51:47 GMT

GET
H2 200 G7CEWQB4QVEWZPEEKHL6QF565A.jpg
larepublica.pe/resizer/7iMhWABIkmW8JvfaQNaMyanHkco=/480x282/top/smart/cloudfront-us-east-1.images.arcpublishing.com/gruporepublica/ 36 KB
37 KB 61ms
22ms Image
image/jpeg 2a02:26f0:ef::5c7b:c284
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://larepublica.pe/resizer/7iMhWABIkmW8JvfaQNaMyanHkco=/480x282/top/smart/cloudfront-us-east-1.images.arcpublishing.com/gruporepublica/G7CEWQB4QVEWZPEEKHL6QF565A.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:ef::5c7b:c284 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Image Manager /
Resource Hash: d97ed7442447dc0683bd1b69b89daf10ac2082e2378bf659cd744cbc564fb063

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:46 GMT
last-modified: Mon, 20 Sep 2021 14:24:42 GMT
server: Akamai Image Manager
etag: "9d8b256d281eec90bb18f43b0f48bb1f4070bb76"
content-type: image/jpeg
cache-control: private, no-transform, max-age=23502667
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 36921
expires: Tue, 20 Sep 2022 14:22:53 GMT

GET
H2 200 ff-x-venom.jpg
sesuaiaplikasi.com/wp-content/uploads/2021/09/ 193 KB
193 KB 759ms
246ms Image
image/jpeg 139.180.142.201
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sesuaiaplikasi.com/wp-content/uploads/2021/09/ff-x-venom.jpg

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

139.180.142.201 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

139.180.142.201.vultr.com

Software

nginx /

Resource Hash

87cf806d0c4bc82287800541af959255b3def226fd5c6615e270cc88d123d9a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 19 Sep 2021 16:06:48 GMT
server: nginx
etag: W/"61476018-30288"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-xss-protection: 1; mode=block
expires: Thu, 22 Dec 2022 13:51:47 GMT

GET
H/1.1 200
OK logo-small-fixed_20210113.png
freefiremobile-a.akamaihd.net/common/web_event/official/ 5 KB
5 KB 76ms
28ms Image
image/png 92.123.225.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/official/logo-small-fixed_20210113.png
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 92.123.225.40 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a92-123-225-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 72c2cf177ae0a7d2b1579a9cc888dfabf750ef64d172ee0990cf35fec4ef3673

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 13:51:46 GMT
Last-Modified: Wed, 13 Jan 2021 10:02:42 GMT
Server: AkamaiNetStorage
ETag: "90b69755633d6bd5449ba2081a26b257:1610532162.792681"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5118

GET
H2 200 c51cda89a29626ea7b655bd7f703218c.png
i.pinimg.com/originals/c5/1c/da/ 45 KB
46 KB 339ms
135ms Image
image/png 2a02:26f0:6c00:2a0::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/c5/1c/da/c51cda89a29626ea7b655bd7f703218c.png
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a0::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: f641c86e2fd4977207f044d47f7cde15eeb5df61ed7eb3ae168df3fdaca2aa5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.85ba1002.1640181107.10d46a52
etag: "6b611aaa213c98b768a38bb04b256cc7"
vary: Origin
content-type: image/png
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 46514

GET
H/1.1 200
OK 587-5878760_venom-image-venom-4k-blu-ray.png
www.pngkit.com/png/full/ 512 KB
511 KB 484ms
230ms Image
image/png 208.110.80.75
WII

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pngkit.com/png/full/587-5878760_venom-image-venom-4k-blu-ray.png
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.110.80.75 , United States, ASN32097 (WII, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: c85b496779a816eef31abfe9a38c9b875469378e65fa08d15427daf1ecddca11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 13:51:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Jan 2019 00:53:53 GMT
Server: nginx/1.14.0
ETag: W/"5c47bb21-7ff08"
Vary: Accept-Encoding
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive

GET
H3 200 1.jpg
congrats-claimforyou.osite0162.gq/assets/spin/ 13 KB
13 KB 6916ms
6910ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/spin/1.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8297b2ce066292b9a17facb6a3570b5c320e24b014e688a5b8feb888e2526bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:53 GMT
cf-cache-status: MISS
last-modified: Wed, 08 Sep 2021 13:55:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L17DFrTYKASK2ivx8u60WyZF5qOQNi5G%2FsMMMbLE2K5ELDdR9aHVbEgvtNnIpDVwepUMN0JbtGoXDeqBGETekO4eowQEh08hpCpB6yr29BrQ7nqADc2iBxZWagXRJiDK4JpoVfxkvv4Y2NpaGvTyEyL9UcLccZrkFZiD7WQLogI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39d63761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12898

GET
H3 200 2.jpg
congrats-claimforyou.osite0162.gq/assets/spin/ 16 KB
16 KB 1974ms
1968ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/spin/2.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e8b158375c6c72e18d3b0ce8948668b6ffd5fb78afea87e376a13700b5af2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:48 GMT
cf-cache-status: MISS
last-modified: Wed, 08 Sep 2021 13:57:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thSGfu2Xd9BpN6NQXu%2BHttnbH32VqadOXZ6L3rc7c35zQhy%2FCO8xglSqmY6tvHLrZ702EiEyYkGz1ttmDRs3M9BiXqh6znirpaGiRFLREKyH2Qw9p%2B6z5%2BlcDEl7Ow%2BPJYpFp0Xt0Bs8x4ZeCyDTELcN4ANgyEXuW%2Bvq7NOoZl8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39da3761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15976

GET
H3 200 3.jpg
congrats-claimforyou.osite0162.gq/assets/spin/ 16 KB
17 KB 3000ms
2994ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/spin/3.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7bf5dc14d5477e097b81345a3bbae64b5e718d7dcef9e3f567197bd5eba8d6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:49 GMT
cf-cache-status: MISS
last-modified: Wed, 08 Sep 2021 14:00:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0yfxwKRBaYiCHqziwIe7bQNsF7LmacTT%2BKLHLHCxo2lW6u3rKAqQXmGF8aAoFqxIZUN4JzKLd%2FbQdxkB6LXo0iItVxkdB%2Ff%2FOmb8z1m%2BDlk0Lz81bvtoByAwZolN5WetjJF%2BD%2FYG8LU9iOc2FZMEodI0tyPSUMQXiRWqe0Qpi0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39de3761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16379

GET
H3 200 4.jpg
congrats-claimforyou.osite0162.gq/assets/spin/ 52 KB
53 KB 95ms
88ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/spin/4.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88f2b3ad9a9c7361edf94eb80bba6a6081aba191746c92040727abc31e5fc1aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:46 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jqyk6NgYiiGlhT%2F%2FAiS2wAJo3nm2WOMlDtmQUxgn7Zh8qya3JN6xLbni5aI3KhTw26ExcLARuj%2F%2BuF25SgDbvl3VITyGDKW4HWoRDtYG3YNkpxvoI3YeKNp7WkXOpsHT9kCjodfXQ6iOD9dEtHah6z2zaoKBNwvy53W96jrgg5U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39e03761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 53179

GET
H3 200 5.jpg
congrats-claimforyou.osite0162.gq/assets/spin/ 333 KB
334 KB 742ms
735ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/spin/5.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fde121390bd9222fef9d613ac6ba91455b0bcda8e819f2bf4d3845e2fbcb8ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BunDmYzpwFhRRgiaXzhq75L%2Bt%2FjcsiZEIB1kqjmHCINJMBbmFi0kO8Le81nfWdOz0bg5XtsIgqT1FlpSzs5dY99uycTTSrNkNdN%2BxRFPfK5z8gZVLFBQuHW7bhtOdCD19qReavF%2BrPBX3F0ra1Ex3Glqqz%2BdIGLg%2FH7MAIpywrY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39e23761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 341458

GET
H3 200 6.jpg
congrats-claimforyou.osite0162.gq/assets/spin/ 382 KB
383 KB 952ms
946ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/spin/6.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f047fdd4bf3ea2e7994115f284fb06c93a7c1c0333993db02cef24004527f51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C36OnresxoAxfG%2FyD%2Bv8NSTLSfZnfL%2B2En2Foftsj8PPLY46R2MP%2Fe5mjIh1YzZcx%2Bcgfq4mQyqCRVAaGwqNYpgzn%2FS6azzoWyhEHgOWa9O1F8X1iPR4FiSbXZnVgncJ9Tkq9VP6i%2FNNkM7sOhJ08wmfsWhsfbJ%2FiTUuIMGsSZk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39e53761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 391298

GET
H3 200 7.jpg
congrats-claimforyou.osite0162.gq/assets/spin/ 31 KB
31 KB 1127ms
1121ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/spin/7.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f87027c85ded514a31617e40db1eb0eb44881060802e9fbcf3fad3454f0e517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:48 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZOlUvdd%2F5seA4xaKvXrmlOwi0pg36zVjwGw1U7dNc4qpGFBbHFveN9JZmqDhi5%2FfGEmOygUuZ78%2FSp9uR%2Fs2M3S86u88v8jnuknYsXKfZomXElsaoT2%2FGL%2FGXk%2BO23dhqwX5%2BelqKQ5ibjtsfqAnvcHKXKut5qNoMjVduUAk4Wg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39e63761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 31480

GET
H3 200 8.jpg
congrats-claimforyou.osite0162.gq/assets/spin/ 19 KB
20 KB 1067ms
1061ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/spin/8.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ee9d88cc24fbd863ca154a0d75b88bb3c413663803fac2d280adf6f98fe5ebd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=76wFRR6a3SwJmbcA8WhyFbLH98wu%2FE6ndUZRLQXzSOh4wp2CscMNyGwxvlLbifR9lEmpIzMe5NZkRcivO2xrgOqoWeqjKgfAk5qRRyI9T%2BjQ%2FQa15Xpz%2FAqp8N3UqOniMpuu2d%2FzldtGZfCw2JePRY%2FCU8lm9ebTOo4%2BZ9PcPso%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39e73761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19566

GET
H3 200 1.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 388 KB
389 KB 7047ms
7041ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/1.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57e3cbfe13772249b9df6792d4f0fbf968e7d805ab1e1f1f5d95afa0a197807f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:53 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DKFRWBHpktFM3%2B9aCm2Egvgsl7ZL8U3Zt0hGRk9VATh%2FUEEhnxLj%2B%2FRIKqSb3LT4SbShOD8NC39D5XwisIvRl8EsdcEt8O63xeZ%2FAAYtHEhUSWna1sKNtZLca6GfXTEm1MomXYXb00TYtDTDwQg4NNOarebtb1TlD%2FnAUxvgqgs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39e83761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 397646

GET
H3 200 2.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 48 KB
48 KB 6857ms
6851ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/2.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1713a10e9eda3a010054e07979f957f79409b853679f9a30051fd144bfcdf03a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:53 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tci8P1HekWhOrHYCd7fuPb9VKdzRf8a7JHZ15vG4tLe1xI5TZDcNBwLcT3rJCkCGp%2BKVrTu7cmk%2FFtWENmPDnYDvWA8LEJMX0Zo2Tt8ynD8nHs9ryZGbKf%2Fg1k5Ht%2BTO%2BjXlH6n0fjaoJNjdXDCI8HdCLlFTehpvLb3NizvbdBc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39ea3761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 48829

GET
H3 200 3.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 1 MB
1 MB 566ms
560ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/3.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7d63a99172b1de40f77339f52d944b70de41d781b4391976865888ed80f7d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q4RA8G4CRei7XrSiPh0tXfMTJkP4XRXW%2FDPphMFTfVqCQG8voC2OQJt5q30ASNzmblNXaKg8OmjMFdJ1rCdrpNjQ4SksBBBY9nO8TO5JprJ%2FZfr4hfOdOhaSw8NWIEEo%2F62tpGGJsm8VemVS6xh3Ahkyb85KakeLeidFmnMfh20%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39ec3761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1082906

GET
H3 200 4.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 46 KB
47 KB 4481ms
4475ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/4.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516ec8f5074cc7e52bfc102e42923b36d36729496cc69aa6a84a1ecbd4bc44fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:51 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6H9jyVtEOH9Gxa%2BgLbbWDGm7YNfCBeuVYIxA%2Bh9exbSOlZSAlcrmyGDqhbIQx6e9WM%2FjhS1aWhjuKP82w1%2Fg4vsPw4rkcdkRT%2FilqN9O6eIuWEl2CAL8Tvz0GnpzNh%2FIHB%2By94ZlS%2BW6BdG34iQXEQXZfvNjAOar42gxT%2BBgnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39ed3761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47405

GET
H3 200 5.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 7 KB
8 KB 6739ms
6732ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/5.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccedebc3d5fd56d5b6b408ef8351a577d4c9334d422d005ab557c9e6f9ac0b06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:53 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FvlxmvCf%2FYBbbi5IbLmDiTM1pzzS8Qe44kgS2vxyNdOHx3pGPSck8dOo8gNdzEu2HWe4xvrpHhrTApzQcqvlcbqMfBD7wG8RdBsfe3YuDGQ7pZyiKJVBAhlqJd3UfZUIxk4n8rBJAUjGYhW5K7NYvSXvZlQRvetZPIkMLFY3kjY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39ef3761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7416

GET
H3 200 6.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 25 KB
26 KB 11544ms
11537ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/6.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b8542123bfc06f37312a1756361916d7e3f7a1af974877a63da2b2ff8dd03ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:58 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4j5wgpsTT0AJ98HOoJwV9bduQnSy4fZX4ekwN96rPVnhqvu5u%2Bf4eaG70zMGCp6BcfFAbdq8U27JzDP1Ld9SdUYwvP7E44Rwx016FtGb3sTiO98Wlkvj2HtRMaX6qs%2Fuf5vm%2B3Ut1IA7D2coYxoD6HtRuMMj3AsKXbZwijxN3OM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39f03761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25821

GET
H3 200 7.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 5 KB
6 KB 8525ms
8519ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/7.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 145c1c61215abfb0e9d565fcc12caf0589a20a6fbf7be74170d1af19c2a53681

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:55 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p1oX8xDV%2B6JJZD2BEu1KHTlhfSrA%2F6OO7SlyUekrsGyBzoOD%2FMTFoWvB%2F9wvmsdpwBj47o12LsdpzteyZp1iKm0Jl0nju72nOiIOZ9MayH4eeC297ioZCM%2BmMW2bXClciZFkbZq2iGq319wOh44Q0SUqsn1be6tcl0Ne5sKB0NI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39f13761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5161

GET
H3 200 8.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 81 KB
82 KB 7519ms
7513ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/8.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:54 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N9HAo0xRikjngTimPeDQj2Ty0Vj4qeQ5tsz5l%2F%2B4YNaT4ILVOVgBS6ejDwClaLa%2BT3sNUGrsTQLmbEEy96vPLGvCyGLr2z0IU0CvjRKzgTYRDLs%2Fg%2F1zG7iqnxebad2H82PmJMhp7XsebLH0g6Xaba%2FsxpKRuT2d8hGwcDdw6DQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39f63761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 83104

GET
H3 200 9.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 7 KB
7 KB 9840ms
9834ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/9.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe648eab2bbfecd429d31533b10d395de19bff2a836956b53c059fecedf0e5c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:56 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ialBfDMhsoqeVokQcfCtzYj9EgyA6dwnhboIJwFjfzv9aAeGyyzM6Hu7PQ1Le8e4Rmr6CysTJPw%2Bi0oUj4Re4yjwCYo7wWIHdFuK96R2bJbG2s0pQ%2FfhWBmY4FOPziNzHIjyxzIWEpNT0b7pwY1FdBuS5r1KB2LRaaYsGN%2FSHq0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39f93761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6671

GET
H3 200 10.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 4 KB
4 KB 7143ms
7136ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/10.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f004400e90acbad4465fa3b0280f11b18cb25308d8d92f824d4c02139cf8bfa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:54 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iY%2BEljwj6G1k%2FxoEaW6DvtB9RpjzZwg7smAvr0Wge%2BmDU12bawZ8NpsTYo2DGXUPCA5ya8pYjUF%2Ft52gEgL8U2rdw6OgZ8BTlQpuOgU4tvYexG0bWDjw9l9hRw6dDksz%2BJOiG1m7asOamt6UL7BkrkXGarcRmy18SkH8hE1QsAw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39fb3761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3587

GET
H3 200 11.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 6 KB
6 KB 11761ms
11755ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/11.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 192fcd93eb5b01ec33ac9bb4d466a6885ddc0369e26b468b2dd3fb7f224aa35a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:58 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwonfOG6dHVIOPrLnXZrU9%2Fz1qcANECBQmpFwHsthgb3CyrAeJ8isXOHeJKAfcIhYh%2By%2FPypEXV8uBsLdjevolpFbb0v9NVftOv%2FhLiyyW1idVLkU0eV7xaEzHil2E9tia%2Bbtp2no0zKcadCo6LfeY6nJe9EjheV60KNuqay9vI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae39ff3761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5892

GET
H3 200 12.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 27 KB
27 KB 75ms
68ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/12.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f950e3e6d56b9b72f50f9f1abbf81c319e16b7c217682bcc08c11e292f240f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:46 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2B2HFyCvmXLcqTEudE2DxOT7ESumMMyfhK41lLSL0adt7RDUUh3wiijVyT4FVBVzf%2BPYCAk50qWc1g0pLa7Ar2KO4PEnrbfzMT8BWurYyl5hr5QuZ3%2FmwmmhvJXECu5fvHd28FFjw1deELTAJNBEc4nNtO9extGPK5ZhrkJS8b8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae3a023761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27260

GET
H3 200 13.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 35 KB
36 KB 11854ms
11848ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/13.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9100597fee03f51a89cc52200450ba5005598470fb6e35b18b4648e77cfed9b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:58 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oBhXp2THEOZzy2jIqTTOYhUg2hNWLtIiPnBlXflf9ZptaQYwsVBTU2xWS%2FaKZJPlaYP%2FnJGsS96c%2FMjM%2BjVsGsy6lq57s%2FaCCyZmWOSAeel4m4B4mx5UxvqzXEnqaPeEWKSELYGKhGvjhuaKoJRjr%2B47g8KM0yUD%2BSJFtPSzh8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae3a033761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 35892

GET
H3 200 14.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 137 KB
138 KB 10531ms
10524ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/14.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84bb80d3890b364a5951bae254591d4c6dea85bc7fba6f94634f627cee1ae0af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:57 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lqdr%2BYMMpo2Yt470yU4v%2BID%2BewpbSGXp6EpTZ9YUmBx9qgXfW4Sr5sPigXhN2pJz4t%2BWnP8wjWR2mfIL29jTOVTYVJP7GsWeKq3C7bAkOl7DzmfIYyNE7ej0b54kHEXNIaUWFgbX1IjM7%2BYQAv2zMPgDmsx8%2FFT5ajFizqBW3C0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae3a043761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 140666

GET
H3 200 15.jpg
congrats-claimforyou.osite0162.gq/assets/claim/ 39 KB
40 KB 9488ms
9483ms Image
image/jpeg 2606:4700:3034::6815:30b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://congrats-claimforyou.osite0162.gq/assets/claim/15.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:30b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c9331be840bf76650ae102dd7a66ef467eaf0b1dce575ceaeb71d6b1518c9ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:56 GMT
cf-cache-status: MISS
last-modified: Sun, 12 Sep 2021 17:04:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PkHH41vZ0umYCaHphM6ptnb7BUohfz3zgz3a04GpO3pe6h8pUCAFKTOMH2Gi%2FSgLGPcNaTQwl4kokkDrzXDVd72rc99GyTIbHxFUFJSSGUMMWATwYF0f%2BtkE1qtCJBYPx2e3SS7HaheKWXHEJHrUqJfnRCt%2BU3vDQIpJ7MWfSIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6c19d3ae3a053761-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 40260

GET
H2 200 2.jpg
i.ibb.co/MncBXzv/ 101 KB
101 KB 270ms
90ms Image
image/jpeg 104.194.11.156
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/MncBXzv/2.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.194.11.156 , United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: b72c8043029f9aa979b35a669e0b4cbbbcc7c6594179037b682f7a9a68b64816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
last-modified: Fri, 24 Sep 2021 01:14:25 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 103170
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c34038edcf4185b3e75a6b85f1cd3d4f.jpg
reward.ff.garena.com/images/ 0
0 606ms
191ms Image
text/html 164.52.101.14
CDSC-AS1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reward.ff.garena.com/images/c34038edcf4185b3e75a6b85f1cd3d4f.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 164.52.101.14 , Singapore, ASN63199 (CDSC-AS1, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 Tw3QNy.png
i.im.ge/2021/09/15/ 28 KB
28 KB 161ms
18ms Image
image/png 188.68.52.216
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.im.ge/2021/09/15/Tw3QNy.png

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.52.216 Sassenburg, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

i.im.ge

Software

nginx /

Resource Hash

092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
strict-transport-security: max-age=31536000, max-age=31536000
expires: Thu, 22 Dec 2022 13:51:47 GMT

GET
H2 200 e61511ae88f7d52fac67cd4c4f9c739bf71572d2923e1acf512f249ae0544fd4:200
img.utdstc.com/icon/e61/511/ 14 KB
14 KB 216ms
9ms Image
image/webp 104.90.137.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/e61/511/e61511ae88f7d52fac67cd4c4f9c739bf71572d2923e1acf512f249ae0544fd4:200

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.137.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-137-209.deploy.static.akamaitechnologies.com

Software

nginx/1.14.2 /

Resource Hash

cd51bf0a5665e55258f20d1dc1fae0b2d953d0e057c3ce9285b04df70a547d4b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
Strict-Transport-Security	max-age=16000000; includeSubDomains; preload;
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=16000000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Dec 2021 07:05:51 GMT
server: nginx/1.14.2
etag: "61af07cf-3896"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: private, max-age=4164
date: Wed, 22 Dec 2021 13:51:47 GMT
content-security-policy: default-src 'self'
accept-ranges: bytes
vary: Accept
content-length: 14486
x-xss-protection: 1; mode=block
expires: Wed, 22 Dec 2021 15:01:11 GMT

GET
H3 200 jquery.min.js Show response
cdn.jsdelivr.net/gh/cdn-jquery/jquery/3.6.0/ 88 KB
32 KB 54ms
31ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/cdn-jquery/jquery/3.6.0/jquery.min.js

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89e814aedf95621a8939cea472f36d79fa7b210aec994c21047eb1a399fdfb53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 370
x-jsd-version: master
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19124-FRA, cache-mxp6970-MXP
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"16081-jiQY51AAC0ZBA2N8OXmqe1r23us"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6c19d3adda1b59ad-MXP

GET
H3 200 ngSaltBae.js Show response
cdn.jsdelivr.net/npm/ng-encrypt@1.0.0/ 2 KB
1 KB 27ms
26ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/ng-encrypt@1.0.0/ngSaltBae.js

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7f5024b78e40d2d079c82f0aebbbb0cbb714022a47539c6862b4b4e4cbddedc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 370
x-jsd-version: 1.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19132-FRA, cache-mxp6923-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"83e-YpPB8HgR3sfq19NQba0+y56bVzU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6c19d3adda1d59ad-MXP

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
664 B 49ms
19ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Montserrat:wght@700&display=swap

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0b993a4dc075ee0d0878728ffe8d32722024d6795bacfd1895a76035e92543c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 13:51:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Dec 2021 13:51:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Dec 2021 13:51:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1010 B
916 B 48ms
18ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Suez+One&display=swap

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d7667b491fca3c0fff723ff66898a50cc1cd4b6724820e9bb164398f66d8b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 13:47:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Dec 2021 13:51:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Dec 2021 13:51:46 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
497 B 49ms
20ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Signika&display=swap

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e425810aa03ceaaaea7d861c43cbb5eb6d20be179f70ea95fd0631759cc57d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 13:51:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 22 Dec 2021 13:51:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Dec 2021 13:51:46 GMT

GET
H2 200 venom-artwork-4k-8k-wallpaper-preview.jpg
p4.wallpaperbetter.com/wallpaper/194/846/328/ 105 KB
106 KB 80ms
26ms Image
image/jpeg 2606:4700:3030::ac43:9fc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p4.wallpaperbetter.com/wallpaper/194/846/328/venom-artwork-4k-8k-wallpaper-preview.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:9fc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d9520519f425459a17b43c7ad7c0df36cc594376631190e4142b98a3291e433

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 348994
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 107453
last-modified: Sun, 06 Jan 2019 20:03:40 GMT
server: cloudflare
etag: "5c325f1c-1a3bd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UPNtoGbEOfbA9vkUOjZ1dl9phrWuMOvsRk9%2F%2BwLKbYJYGzJLLGg%2BkD%2BLfG7GbsmMjFc%2Fv4LgpbMVE234HFksJtbRBwxkXFZEgdaAnx5SyVWdVTR5m%2FaWkLvLUe3r%2BSN8TfKTdjDx5vhNIokM1bGO6QHAoQN1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31104000
accept-ranges: bytes
cf-ray: 6c19d3aefa613749-MXP
expires: Tue, 13 Dec 2022 12:55:13 GMT

GET
H2 200 Venom-Artwork-4K-Ultra-HD-Mobile-Wallpaper-950x1689.jpg
www.mordeo.org/files/uploads/2018/10/ 293 KB
294 KB 102ms
33ms Image
image/jpeg 2606:4700:3032::6815:5a31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mordeo.org/files/uploads/2018/10/Venom-Artwork-4K-Ultra-HD-Mobile-Wallpaper-950x1689.jpg
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:5a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e120245c0e52241660a81a8dce1d2269fdb96cb605cf6118fbb4f0c267f3b0ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 370
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 300068
last-modified: Sat, 27 Jun 2020 10:58:41 GMT
server: cloudflare
etag: "5ef72661-49424"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7fwoUPJR7OmLGWSXrHFdyCcMH1QqOcMhN7PTHH8vPDE5pqajBujVXxeNQW6iLBq05jx7u5XMv5SMLK4LM30offYy6kYFTQO3E04bzqGdPmtmN7WIjWxfxkn0%2FTf3qrMk9CROExm804lplpsHg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6c19d3af1e653754-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK head_bg.png
dl.dir.freefiremobile.com/common/web_event/mocoparty/images/ 84 KB
84 KB 92ms
15ms Image
image/png 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/mocoparty/images/head_bg.png
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c10785219fa0c2f6fc2b403dbb5f722c890c2d29ab79f8299d2b23e5e354a114

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 13:51:47 GMT
Last-Modified: Thu, 02 Sep 2021 07:17:02 GMT
Server: AkamaiNetStorage
ETag: "a32212bcf83c5c887c32bea018dc101f:1630567022.112978"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 85760

GET
H/1.1 200
OK for_grand.png
dl.dir.freefiremobile.com/common/web_event/mocoparty/images/ 654 B
1003 B 89ms
12ms Image
image/png 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/mocoparty/images/for_grand.png
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e9ac0a265b75da8f4ba7d2bc783b76005e32c78f70fb9289120471e5e346f813

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 13:51:47 GMT
Last-Modified: Thu, 02 Sep 2021 07:16:52 GMT
Server: AkamaiNetStorage
ETag: "10a8e98571719498013dc2dd0502414f:1630567012.086091"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 654

GET
H2 200 2fd79ea4b67f795eaed61878ac4a1db8.png
i.pinimg.com/originals/2f/d7/9e/ 707 KB
709 KB 290ms
157ms Image
image/png 2a02:26f0:6c00:2a0::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/2f/d7/9e/2fd79ea4b67f795eaed61878ac4a1db8.png
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2a0::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3681b6f7cc0b49e438d06807362508313b3bcb983f94d5707ee07fc99b5231ca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn: akamai
akamai-grn: 0.85ba1002.1640181107.10d46a4e
etag: "4a45f0f478efe50eccb60b0f68dc9fb1"
vary: Origin
content-type: image/png
cache-control: immutable, max-age=31536000
accept-ranges: bytes
content-length: 724223

GET
H/1.1 200
OK spin.png
dl.dir.freefiremobile.com/common/web_event/mocoparty/images/ 9 KB
9 KB 97ms
20ms Image
image/png 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/mocoparty/images/spin.png
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: deb6b511ce080ea06a49b0e20dea72737d6ee35fc69e0a295e768cd6bf4f51c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 13:51:47 GMT
Last-Modified: Thu, 02 Sep 2021 07:16:57 GMT
Server: AkamaiNetStorage
ETag: "616cd6e82d8ddc0fcd3b7c938ed61423:1630567017.381007"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8965

GET
H/1.1 200
OK dialog_bg.png
dl.dir.freefiremobile.com/common/web_event/mocoparty/images/ 3 KB
3 KB 96ms
19ms Image
image/png 2.16.107.74
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/mocoparty/images/dialog_bg.png
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.74 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-74.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8ad5485c2cc22251c70ac0dcdee116e87b518848b718f096d4ac63dfaea4ec6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Wed, 22 Dec 2021 13:51:47 GMT
Last-Modified: Thu, 02 Sep 2021 07:17:00 GMT
Server: AkamaiNetStorage
ETag: "f8e6f93d0d924d6b75137b78fff9246c:1630567020.984952"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2929

GET
H2 200 btn_2.png
www.pubgmobile.com/id/event/musicContest/images/m/ 134 B
295 B 1395ms
912ms Image
image/png 2a02:26f0:6c00::210:ba29
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/musicContest/images/m/btn_2.png
Requested by: Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba29 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 261a38b242a6ab3195f0560e6dfd0b8c04993eed9c4649f9ed932f546889f12a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://congrats-claimforyou.osite0162.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:48 GMT
last-modified: Wed, 15 Sep 2021 06:42:00 GMT
server: nginx
etag: "614195b8-86"
content-type: image/png
cache-control: max-age=295
accept-ranges: bytes
content-length: 134
expires: Wed, 22 Dec 2021 13:56:43 GMT

GET
H2 200 vEFO2_JTCgwQ5ejvMV0O96D01E8J0tJXHKbBjM4.woff2
fonts.gstatic.com/s/signika/v15/ 21 KB
21 KB 56ms
29ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/signika/v15/vEFO2_JTCgwQ5ejvMV0O96D01E8J0tJXHKbBjM4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Signika&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

483ef0b632179e4ae87ae7c557f129b8b655be7ac2a7e3be5e3826650bd70b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://congrats-claimforyou.osite0162.gq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 23:14:21 GMT
x-content-type-options: nosniff
age: 52645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21616
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:00:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 23:14:21 GMT

GET
H2 200 JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v2/ 13 KB
13 KB 39ms
22ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bebasneue/v2/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Bebas+Neue&family=Montserrat:wght@700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dab7290ebc90b7ed3068b2921bf51e026225ad48e7b398b12321d036d340a458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://congrats-claimforyou.osite0162.gq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 11:07:28 GMT
x-content-type-options: nosniff
age: 9858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13092
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:05:42 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 11:07:28 GMT

GET
H2 200 taiJGmd_EZ6rqscQgOFOmos.woff2
fonts.gstatic.com/s/suezone/v5/ 14 KB
14 KB 39ms
23ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/suezone/v5/taiJGmd_EZ6rqscQgOFOmos.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Suez+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22feaebb0dd2c815f75417ba59c28e487bdd546af9cd492e75df4ec50f78ddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://congrats-claimforyou.osite0162.gq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 15 Dec 2021 20:29:29 GMT
x-content-type-options: nosniff
age: 580937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:40:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 15 Dec 2022 20:29:29 GMT

GET
H3 200 p-70d27bbc.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 15 KB
7 KB 67ms
42ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-70d27bbc.js

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5593b3ed73b0f5627d9535e665faa82acd98bb29c5dffe1f25a9ee0802759fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: https://congrats-claimforyou.osite0162.gq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18383
x-jsd-version: 6.0.0
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19123-FRA, cache-mxp6958-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"3bfa-BycfJV6RDxNi6N96adnAPCQ7L8w"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6c19d3aedcbe374c-MXP

GET
H3 200 p-abe0bfcc.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 121 B
615 B 64ms
41ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-abe0bfcc.js

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965a592054daada2e49c493a45da625004e23f239e4ca81cef059e3542d2991e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: https://congrats-claimforyou.osite0162.gq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18663
x-jsd-version: 6.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19133-FRA, cache-mxp6941-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"79-c7nA4d3rYuw+qyauiuuFYfo2qF0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6c19d3aedcc2374c-MXP

GET
H3 200 p-6cc127f3.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 3 KB
2 KB 63ms
40ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-6cc127f3.js

Requested by

Host: congrats-claimforyou.osite0162.gq
URL: https://congrats-claimforyou.osite0162.gq/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930d272a9523b58f3a895806c64b26b4d6c4677b9b186e1f6ddffff44b101097

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: https://congrats-claimforyou.osite0162.gq
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 13:51:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 18383
x-jsd-version: 6.0.0
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19169-FRA, cache-mxp6930-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"c58-bCTqdJaVvxMqFYOPSN1byTl9rqk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6c19d3aedcc3374c-MXP

GET
H2 200 / Show response
na.apps.amsoveasea.com/swoole/ 37 B
179 B 772ms
256ms XHR
text/html 129.226.2.89
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://na.apps.amsoveasea.com/swoole/?actid=2020&r=index/getCountry&_only_service_response_=1
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/cdn-jquery/jquery/3.6.0/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.2.89 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx/1.20.1 /
Resource Hash: fa19636b99f88c741c5b91508bcf15956d1c656089a5a869bc3f8573455a8c3b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://congrats-claimforyou.osite0162.gq/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Dec 2021 13:51:47 GMT
content-encoding: gzip
server: nginx/1.20.1
content-length: 56
content-type: text/html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			larepublica.pe/	1970-01-25 20:31:23	Name: akaas_AS_gruporepublica_gruporepublica_prod Value: 2147483647~rv=77~id=15a595d277853bf397ba16fb9474d331

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://cdn.jsdelivr.net/gh/cdn-jquery/jquery/3.6.0/jquery.min.js Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
network	error	URL: https://beritabooyah.id/wp-content/uploads/2021/09/YBYLX_jfslchd-1024x576.jpg Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beritabooyah.id
cdn.jsdelivr.net
congrats-claimforyou.osite0162.gq
dailyspin.id
dl.dir.freefiremobile.com
fonts.googleapis.com
fonts.gstatic.com
freefiremobile-a.akamaihd.net
h.top4top.io
i.ibb.co
i.im.ge
i.pinimg.com
img.utdstc.com
larepublica.pe
na.apps.amsoveasea.com
p4.wallpaperbetter.com
reward.ff.garena.com
sesuaiaplikasi.com
unpkg.com
www.jakartastudio.com
www.mordeo.org
www.pngkit.com
www.pubgmobile.com
103.247.207.171
104.194.11.156
104.90.137.209
129.226.2.89
139.180.142.201
164.52.101.14
188.68.52.216
2.16.107.74
208.110.80.75
2606:4700:3030::ac43:9fc8
2606:4700:3032::6815:3b69
2606:4700:3032::6815:5a31
2606:4700:3034::6815:30b0
2606:4700:3035::ac43:96ca
2606:4700::6810:5814
2606:4700::6810:7eaf
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a02:26f0:6c00:2a0::1931
2a02:26f0:6c00::210:ba29
2a02:26f0:ef::5c7b:c284
51.15.189.129
92.123.225.40
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0b993a4dc075ee0d0878728ffe8d32722024d6795bacfd1895a76035e92543c9
12ebdf1b9b4182204387dd2d129cb7dfc29134515e083ebc95ed68ca9ac5edff
145c1c61215abfb0e9d565fcc12caf0589a20a6fbf7be74170d1af19c2a53681
1713a10e9eda3a010054e07979f957f79409b853679f9a30051fd144bfcdf03a
192fcd93eb5b01ec33ac9bb4d466a6885ddc0369e26b468b2dd3fb7f224aa35a
1c805f582ab4e85673fa666226c4725e0af3eac6c4a3c62b1a3519bbbfc9ef5a
22feaebb0dd2c815f75417ba59c28e487bdd546af9cd492e75df4ec50f78ddc8
261a38b242a6ab3195f0560e6dfd0b8c04993eed9c4649f9ed932f546889f12a
2e425810aa03ceaaaea7d861c43cbb5eb6d20be179f70ea95fd0631759cc57d9
33e8b158375c6c72e18d3b0ce8948668b6ffd5fb78afea87e376a13700b5af2a
3681b6f7cc0b49e438d06807362508313b3bcb983f94d5707ee07fc99b5231ca
3fde121390bd9222fef9d613ac6ba91455b0bcda8e819f2bf4d3845e2fbcb8ce
483ef0b632179e4ae87ae7c557f129b8b655be7ac2a7e3be5e3826650bd70b5f
4c9331be840bf76650ae102dd7a66ef467eaf0b1dce575ceaeb71d6b1518c9ef
4d7667b491fca3c0fff723ff66898a50cc1cd4b6724820e9bb164398f66d8b00
516ec8f5074cc7e52bfc102e42923b36d36729496cc69aa6a84a1ecbd4bc44fd
5593b3ed73b0f5627d9535e665faa82acd98bb29c5dffe1f25a9ee0802759fce
5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620
57e3cbfe13772249b9df6792d4f0fbf968e7d805ab1e1f1f5d95afa0a197807f
5f047fdd4bf3ea2e7994115f284fb06c93a7c1c0333993db02cef24004527f51
62c31232936b20f7c92c6d5885f4724d4f55ad5aca2b733338c57ecc0e112371
6f87027c85ded514a31617e40db1eb0eb44881060802e9fbcf3fad3454f0e517
72c2cf177ae0a7d2b1579a9cc888dfabf750ef64d172ee0990cf35fec4ef3673
78342a0905a72ce44da083dcb5d23b8ea0c16992ba2a82eece97e033d76ba3d3
7b8542123bfc06f37312a1756361916d7e3f7a1af974877a63da2b2ff8dd03ab
84bb80d3890b364a5951bae254591d4c6dea85bc7fba6f94634f627cee1ae0af
87cf806d0c4bc82287800541af959255b3def226fd5c6615e270cc88d123d9a9
88f2b3ad9a9c7361edf94eb80bba6a6081aba191746c92040727abc31e5fc1aa
89e814aedf95621a8939cea472f36d79fa7b210aec994c21047eb1a399fdfb53
8ad5485c2cc22251c70ac0dcdee116e87b518848b718f096d4ac63dfaea4ec6e
8d9520519f425459a17b43c7ad7c0df36cc594376631190e4142b98a3291e433
8ee9d88cc24fbd863ca154a0d75b88bb3c413663803fac2d280adf6f98fe5ebd
9100597fee03f51a89cc52200450ba5005598470fb6e35b18b4648e77cfed9b3
930d272a9523b58f3a895806c64b26b4d6c4677b9b186e1f6ddffff44b101097
965a592054daada2e49c493a45da625004e23f239e4ca81cef059e3542d2991e
9f004400e90acbad4465fa3b0280f11b18cb25308d8d92f824d4c02139cf8bfa
9f950e3e6d56b9b72f50f9f1abbf81c319e16b7c217682bcc08c11e292f240f8
aa36d81a116f8f04ed37456792892a87976817b1fc9989163be7e6eb40d34be1
b72c8043029f9aa979b35a669e0b4cbbbcc7c6594179037b682f7a9a68b64816
c0cbc58d1b7225487cab98d36e839a7e112c9bf43ab9117265cb7233454ef797
c10785219fa0c2f6fc2b403dbb5f722c890c2d29ab79f8299d2b23e5e354a114
c48538092ab4391cc63b0cc53479c3a5b6c53739f8e34afa460366698eaeb2f6
c7f5024b78e40d2d079c82f0aebbbb0cbb714022a47539c6862b4b4e4cbddedc
c85b496779a816eef31abfe9a38c9b875469378e65fa08d15427daf1ecddca11
ccedebc3d5fd56d5b6b408ef8351a577d4c9334d422d005ab557c9e6f9ac0b06
cd51bf0a5665e55258f20d1dc1fae0b2d953d0e057c3ce9285b04df70a547d4b
d97ed7442447dc0683bd1b69b89daf10ac2082e2378bf659cd744cbc564fb063
dab7290ebc90b7ed3068b2921bf51e026225ad48e7b398b12321d036d340a458
deb6b511ce080ea06a49b0e20dea72737d6ee35fc69e0a295e768cd6bf4f51c1
e09420d5af2e516fbe936bc70293cdbf5f697fd3933477dc0bbbb62f768edd5d
e120245c0e52241660a81a8dce1d2269fdb96cb605cf6118fbb4f0c267f3b0ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45e9312d2456a25dd567844bf844be27a0f3e7f3e61f34ea05a6f86c353ce36
e9ac0a265b75da8f4ba7d2bc783b76005e32c78f70fb9289120471e5e346f813
f2d0dae13baddb4ef853a0ea61bafaa18f9db27317019673a000df156ad86f92
f641c86e2fd4977207f044d47f7cde15eeb5df61ed7eb3ae168df3fdaca2aa5d
f7bf5dc14d5477e097b81345a3bbae64b5e718d7dcef9e3f567197bd5eba8d6e
f7d63a99172b1de40f77339f52d944b70de41d781b4391976865888ed80f7d96
f8297b2ce066292b9a17facb6a3570b5c320e24b014e688a5b8feb888e2526bc
fa19636b99f88c741c5b91508bcf15956d1c656089a5a869bc3f8573455a8c3b
fe648eab2bbfecd429d31533b10d395de19bff2a836956b53c059fecedf0e5c3

congrats-claimforyou.osite0162.gq Open in urlscan Pro 2606:4700:3034::6815:30b0 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

62 Requests

97 %HTTPS

52 %IPv6

23 Domains

23 Subdomains

23 IPs

4 Countries

5362 kBTransfer

5565 kBSize

1 Cookies

0 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

congrats-claimforyou.osite0162.gq Open in urlscan Pro
2606:4700:3034::6815:30b0 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

97 %
HTTPS

52 %
IPv6

23
Domains

23
Subdomains

23
IPs

4
Countries

5362 kB
Transfer

5565 kB
Size

1
Cookies

62 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!