claim.forgot.one Open in urlscan Pro
92.223.124.62  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response claim.forgot.one/	434 KB 308 KB	1016ms 908ms	Document text/html	92.223.124.62 GCORE
General Check archive.org Show headers Download Go to Full URL https://claim.forgot.one/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 061870e18e3d08c974be7badfa5de822e8177a94785e67a11c5da6980112dbf8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers cache MISS content-encoding gzip content-type text/html date Tue, 09 Apr 2024 22:09:49 GMT etag W/"66153c42-6c9c9" last-modified Tue, 09 Apr 2024 13:01:54 GMT server nginx strict-transport-security max-age=31536000 traceparent 00-8224badeedf76298a8b10e5a66cdca68-5c5c98d22052ec88-01 vary Accept-Encoding x-id fr5-hw-edge-canary-gc28 x-id-fe fr5-hw-edge-gc15
GET H2	200	reset.css claim.forgot.one/css/	3 KB 1 KB	610ms 609ms	Stylesheet text/css	92.223.124.62 GCORE
General Check archive.org Show headers Download Go to Full URL https://claim.forgot.one/css/reset.css Requested by Host: claim.forgot.one URL: https://claim.forgot.one/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash a436dd0d0bc7e0168697afffcdaf700da663ed482b9d78c955fc704b57c555d1 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://claim.forgot.one/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc27 date Tue, 09 Apr 2024 22:09:50 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 09 Apr 2024 13:01:32 GMT server nginx traceparent 00-db95b3cf849ba8542c307b5b043b8f8b-4a21f3dd0572e429-01 etag W/"66153c2c-b11" vary Accept-Encoding content-type text/css x-id-fe fr5-hw-edge-gc15 cache MISS
GET H2	200	index.css claim.forgot.one/css/	15 KB 2 KB	647ms 646ms	Stylesheet text/css	92.223.124.62 GCORE
General Check archive.org Show headers Download Go to Full URL https://claim.forgot.one/css/index.css Requested by Host: claim.forgot.one URL: https://claim.forgot.one/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 850835534472e144346c9246e7a247db46cfd8f92e07780f87d87268cbd52bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://claim.forgot.one/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc61 date Tue, 09 Apr 2024 22:09:50 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 09 Apr 2024 13:01:32 GMT server nginx traceparent 00-869b0421fa03938b69c42935466b5a15-26f50c7df306178a-01 etag W/"66153c2c-3d6a" vary Accept-Encoding content-type text/css x-id-fe fr5-hw-edge-gc15 cache MISS
GET H2	200	contracts.js Show response claim.forgot.one/js/	78 KB 10 KB	631ms 630ms	Script application/javascript	92.223.124.62 GCORE
General Check archive.org Show headers Download Go to Full URL https://claim.forgot.one/js/contracts.js Requested by Host: claim.forgot.one URL: https://claim.forgot.one/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 4384220df3a591f81e347fc770ffc8654649526f024b0df38e0e9548b8f88271 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://claim.forgot.one/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc38 date Tue, 09 Apr 2024 22:09:51 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 09 Apr 2024 13:01:32 GMT server nginx traceparent 00-03ff2ec14fb8e9f556c9ba6bcb6689b8-119b06f6d78bcf8e-01 etag W/"66153c2c-138ce" vary Accept-Encoding content-type application/javascript x-id-fe fr5-hw-edge-gc15 cache MISS
GET H2	200	main.js Show response claim.forgot.one/js/	969 KB 353 KB	882ms 882ms	Script application/javascript	92.223.124.62 GCORE
General Check archive.org Show headers Download Go to Full URL https://claim.forgot.one/js/main.js Requested by Host: claim.forgot.one URL: https://claim.forgot.one/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 123312382453411bff7cbff2b7ead979e67c2686b58b2f71ecefd48e7731a05b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://claim.forgot.one/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc33 date Tue, 09 Apr 2024 22:09:51 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 09 Apr 2024 13:01:32 GMT server nginx traceparent 00-8734f47b8efc246477c0880a3ad75bf2-5d2bb8e9798a145e-01 etag W/"66153c2c-f2599" vary Accept-Encoding content-type application/javascript x-id-fe fr5-hw-edge-gc15 cache MISS
GET H2	200	entry.js Show response claim.forgot.one/js/	307 KB 136 KB	1021ms 1021ms	Script application/javascript	92.223.124.62 GCORE
General Check archive.org Show headers Download Go to Full URL https://claim.forgot.one/js/entry.js Requested by Host: claim.forgot.one URL: https://claim.forgot.one/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 75cea0be1f1e09cc042a8310ac36041ae85238e434089df85c8a5e591243f3f4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://claim.forgot.one/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc33 date Tue, 09 Apr 2024 22:09:51 GMT strict-transport-security max-age=31536000 content-encoding gzip last-modified Tue, 09 Apr 2024 13:01:32 GMT server nginx traceparent 00-cd801548fab6edd0690ee730fac6bfcf-a9ce39aaa6a14bf2-01 etag W/"66153c2c-4cc14" vary Accept-Encoding content-type application/javascript x-id-fe fr5-hw-edge-gc15 cache MISS
GET DATA	200 OK	truncated /	323 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 720271af1c4f00a307816459fab02b54e824c8181acddfa5cbdbf2ee865f63ca Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H2	200	favicon.ico claim.forgot.one/	30 KB 30 KB	843ms 843ms	Image image/x-icon	92.223.124.62 GCORE
General Check archive.org Show headers Download Go to Show image Full URL https://claim.forgot.one/favicon.ico Requested by Host: claim.forgot.one URL: https://claim.forgot.one/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash aa008308d6ca8c7d978a801725e88fd750db781f7ac4049ea96a9ef1ceae20b0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://claim.forgot.one/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc31 date Tue, 09 Apr 2024 22:09:51 GMT strict-transport-security max-age=31536000 last-modified Tue, 09 Apr 2024 13:01:32 GMT server nginx traceparent 00-a513a8acdc50daa4600fcd5878b55cbe-45b8514a1ce44655-01 etag "66153c2c-771f" content-type image/x-icon x-id-fe fr5-hw-edge-gc15 cache MISS accept-ranges bytes content-length 30495
GET H2	200	favicon.ico claim.forgot.one/	30 KB 30 KB	441ms 441ms	Other image/x-icon	92.223.124.62 GCORE
General Check archive.org Show headers Download Go to Full URL https://claim.forgot.one/favicon.ico Protocol H2 Security TLS 1.3, , AES_256_GCM Server 92.223.124.62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash aa008308d6ca8c7d978a801725e88fd750db781f7ac4049ea96a9ef1ceae20b0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://claim.forgot.one/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-id fr5-hw-edge-gc31 date Tue, 09 Apr 2024 22:09:52 GMT strict-transport-security max-age=31536000 last-modified Tue, 09 Apr 2024 13:01:32 GMT server nginx traceparent 00-65f6e69814b56ba8eb6612b6f5b099f1-5112618d321e46fb-01 etag "66153c2c-771f" content-type image/x-icon x-id-fe fr5-hw-edge-gc15 cache MISS accept-ranges bytes content-length 30495
POST H2	200	authenticate Show response zhu-ni-hao-yun.sh/api/	4 KB 3 KB	238ms 237ms	XHR application/json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zhu-ni-hao-yun.sh/api/authenticate Requested by Host: claim.forgot.one URL: https://claim.forgot.one/js/main.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 11008232c20773ff6295c54da297c5d3ce96056de1d6f07cec4f69f765a5b13c Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Content-Type application/json Accept application/json, text/plain, */* Referer https://claim.forgot.one/ sec-ch-ua-platform "Win32" Response headers date Tue, 09 Apr 2024 22:09:52 GMT ratelimit-reset 60 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by Express ratelimit-limit 15 alt-svc h3=":443"; ma=86400 ratelimit-policy 15;w=60 server cloudflare etag W/"fbe-8N4YVdIcDFw+XaB4OmTo0sD2cEc" access-control-max-age 86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSZqu%2Bwfvn7CtuMTQWqhTiAa%2FjVx%2BiYqOZW73dEFpSKKZnaZFwluhhJTfiPFd4Ay5mFhMjNYVWvkIygTISIaFwRmlm%2FzFQ5fmzkh2UXxicd7Yp8NZtEK5YikVWRLNMnCA9Pn84roXRLYgipRrj5AtQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin https://claim.forgot.one access-control-allow-credentials true cf-ray 871dd2f0287402a6-CDG access-control-allow-headers jwt, session, content-type ratelimit-remaining 14
OPTIONS H2	200	authenticate zhu-ni-hao-yun.sh/api/	0 0	517ms 397ms	Preflight text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://zhu-ni-hao-yun.sh/api/authenticate Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://claim.forgot.one Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers jwt, session, content-type access-control-allow-origin https://claim.forgot.one access-control-max-age 86400 allow POST alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 871dd2edae7502a6-CDG content-encoding br content-type text/html; charset=utf-8 date Tue, 09 Apr 2024 22:09:52 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DkRHE7VudYC531S7xysRjRqJBRI1iScVVwdV6AH97D353CILwKFPCa6HiGY04aBMGBuBPLIe9wILd8Rupk7r%2BYVR7vQBaAwXAoG0eOmzdw5xs7Wx57fCYIUJBVQrTbSBCuDzgfL1r77N4GR3EpShiQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare x-powered-by Express

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| UNIQUE_IDENTITY object| popups string| FUNCTION_NAME object| webpackChunkpink function| e object| a function| t object| n object| r number| c object| o function| s object| u object| f function| d undefined| b function| h function| p function| v number| g string| k string| w string| y string| m string| C object| x string| E string| P string| M object| I string| A function| N function| B object| U object| R object| T function| S function| D function| J function| G object| connector

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

claim.forgot.one
zhu-ni-hao-yun.sh
2a06:98c1:3120::3
92.223.124.62
061870e18e3d08c974be7badfa5de822e8177a94785e67a11c5da6980112dbf8
11008232c20773ff6295c54da297c5d3ce96056de1d6f07cec4f69f765a5b13c
123312382453411bff7cbff2b7ead979e67c2686b58b2f71ecefd48e7731a05b
4384220df3a591f81e347fc770ffc8654649526f024b0df38e0e9548b8f88271
720271af1c4f00a307816459fab02b54e824c8181acddfa5cbdbf2ee865f63ca
75cea0be1f1e09cc042a8310ac36041ae85238e434089df85c8a5e591243f3f4
850835534472e144346c9246e7a247db46cfd8f92e07780f87d87268cbd52bb3
a436dd0d0bc7e0168697afffcdaf700da663ed482b9d78c955fc704b57c555d1
aa008308d6ca8c7d978a801725e88fd750db781f7ac4049ea96a9ef1ceae20b0