claim-skin-mlbb-2022.duckdns.org Open in urlscan Pro
20.212.23.96 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://claim-skin-mlbb-2022.duckdns.org/
Submission Tags: fd s0 duckdns Search All
Submission: On February 14 via api (February 14th 2022, 3:43:34 pm UTC) from US — Scanned from DE

Summary HTTP 94 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 13 domains to perform 94 HTTP transactions. The main IP is 20.212.23.96, located in Singapore, Singapore and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is claim-skin-mlbb-2022.duckdns.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on February 14th 2022. Valid for: 3 months.

This is the only time claim-skin-mlbb-2022.duckdns.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
17	20.212.23.96 20.212.23.96	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	141.94.200.42 141.94.200.42	16276 (OVH) (OVH)
4	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	92.123.101.91 92.123.101.91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
94	15

17 20.212.23.96 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

claim-skin-mlbb-2022.duckdns.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

rawcdn.githack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 141.94.200.42 (France)

ASN16276 (OVH, FR)
PTR: ns31469640.ip-141-94-200.eu

i.postimg.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.101.91 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a92-123-101-91.deploy.static.akamaitechnologies.com

play.mobilelegends.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	postimg.cc i.postimg.cc — Cisco Umbrella Rank: 21805	2 MB
17	duckdns.org claim-skin-mlbb-2022.duckdns.org	784 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	736 KB
9	githack.com rawcdn.githack.com — Cisco Umbrella Rank: 52786	65 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 401	120 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 static.doubleclick.net — Cisco Umbrella Rank: 309	1 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	33 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 546	93 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 250	165 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	17 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
1	mobilelegends.com play.mobilelegends.com — Cisco Umbrella Rank: 110933	4 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2202	7 KB
94	13

	Domain	Requested by
40	i.postimg.cc	claim-skin-mlbb-2022.duckdns.org
17	claim-skin-mlbb-2022.duckdns.org	claim-skin-mlbb-2022.duckdns.org
9	www.youtube.com	claim-skin-mlbb-2022.duckdns.org www.youtube.com
9	rawcdn.githack.com	claim-skin-mlbb-2022.duckdns.org
4	cdn.jsdelivr.net	claim-skin-mlbb-2022.duckdns.org
3	code.jquery.com	claim-skin-mlbb-2022.duckdns.org
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	ajax.googleapis.com	claim-skin-mlbb-2022.duckdns.org
2	cdnjs.cloudflare.com	claim-skin-mlbb-2022.duckdns.org
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	play.mobilelegends.com	claim-skin-mlbb-2022.duckdns.org
1	stackpath.bootstrapcdn.com	claim-skin-mlbb-2022.duckdns.org
94	15

This site contains no links.

Subject Issuer	Validity	Valid
claim-skin-mlbb-2022.duckdns.org cPanel, Inc. Certification Authority	`2022-02-14` - `2022-05-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
postimg.cc R3	`2022-02-05` - `2022-05-06`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.mobilelegends.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-11-17` - `2022-12-18`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://claim-skin-mlbb-2022.duckdns.org/
Frame ID: EFCB527219C0347796EF75190A9E3B1D
Requests: 79 HTTP requests in this frame

Frame: https://www.youtube.com/embed/GWeAitK4VFo
Frame ID: 2D6D3ECB4B25E02B19898F16F92A4180
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mobile Legends: Bang Bang

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

94
Requests

99 %
HTTPS

80 %
IPv6

13
Domains

15
Subdomains

15
IPs

6
Countries

3708 kB
Transfer

6176 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

94 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
claim-skin-mlbb-2022.duckdns.org/ 43 KB
6 KB 610ms
189ms Document
text/html 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: aadbc10a6ed701b4f0a119d5096bf3982305cd24fea0893a5fe785f475f8d09a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Mon, 14 Feb 2022 15:43:29 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 35ms
16ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1027168
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10472
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hpsKCJY0TTTtanL3o862kwn7hPkc%2Bu%2BbwehKd3iXNVIJl1uNfXRWmk%2BCIuA5ACOET5YRiDN39cLPfE49cYm9jv7eMAOoHN6YuR1mz2txq3mGGgj9vX%2FYmJRVJQDkDdbtscrPRXUbFtMEI1ueb3chK%2Bwz"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6dd7699199ae90ec-FRA
expires: Sat, 04 Feb 2023 15:43:29 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 44ms
26ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
age: 1757336
cdn-cachedat: 11/15/2021 21:49:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 2729ae8f2fc6c761bdc17d91cc795f58
cf-ray: 6dd769919bc05c1a-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 69 KB
6 KB 36ms
17ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1022610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5845
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eStnZLmGQiheROZCi%2BL32dqab7wj1AAXfVP3de%2BNxcWvEuaKR3HI%2FCbN5xEPkdPDWFQKeVgcG%2FwU1%2FHrcrcaipSF45r0oFWO1Hir18gp9A4%2FdY0keUoXrMNulXMVcSWZV%2Bo9Au2uMOUgTxIymr%2B6%2B3FY"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6dd7699199b190ec-FRA
expires: Sat, 04 Feb 2023 15:43:29 GMT

GET
H2 200 alex-facebook.css
rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/ 5 KB
1 KB 53ms
19ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/alex-facebook.css

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff81f8984cdebd9f5039cd4c058d7d67bba4b92666dc0605f47c44b6a761df2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 2c1630d1e467c93b045a161e3ab872c834337616
date: Mon, 14 Feb 2022 15:43:29 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1520704
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-hel1410028-HEL
x-robots-tag: none
server: cloudflare
x-github-request-id: 877C:906F:CCA2DA:DAF8B1:61F33FBC
x-timer: S1643331516.201427,VS0,VE201
etag: W/"0a8f3f8981d9c9102640cd89134620b5b03a473db8c3d339e31ddde5838eb64c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LDmDpy3Dkm398Cl7N40szOZAgRiObjotDwiMkrckUVQcG3aO7NPBvTLl8Knd5Qc0%2F%2F24RF3NU0KyN5ONA1oN1%2B9npEvHmAd12JYJVZB88Zya3d5FuTGyH98Pts%2FXZ33oVCFMHvExMo4I4W75rWCUZqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
cf-ray: 6dd76991b8079067-FRA
x-cache-hits: 0

GET
H2 200 alex-vikontakte.css
rawcdn.githack.com/AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/ 3 KB
1 KB 63ms
29ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/all.asset/3ddd40ca064d997b6655739e7a0e8a65acc106e8/alex-vikontakte.css

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb1b7e421f8af1b72a3643a50b3f85222c8ca35b4fa70dca2524090252c2e8d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 1d4cefde6d1e852e0a57497727d5ce5a784e6d5e
date: Mon, 14 Feb 2022 15:43:29 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 876304
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-bma1627-BMA
x-robots-tag: none
server: cloudflare
x-github-request-id: 3AC2:AED8:5665C6:600A54:61FC6BD1
x-timer: S1643974748.871196,VS0,VE172
etag: W/"33998733f6a9eb8b3c332b13955bd762a11ec93754237a496b5a9c93b1186a86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CkZP%2BTlwmYANc8%2B9De%2F0ebgSd03vnR7T1iLHZIvJ6IHxDCdUwMl3PLxgyeJVKBd0c%2BHn7UAwWR8vJ7X%2FP%2Bc95QCPm0NVgSq2%2B2rrro40NsQ3pEOjh8y578p%2BrtGc%2FLvMewjavD3oOpX1Wbf%2FgdPPpqI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
cf-ray: 6dd76991b80d9067-FRA
x-cache-hits: 0

GET
H2 200 alex-google.css
rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/ 3 KB
2 KB 48ms
15ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4abb644266a5139ed69498a2f9522afe373c41787fda172dad55ce1afb18a8df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 7069e885f4f3b7ec20bf8f3436a36ec1927ac78f
date: Mon, 14 Feb 2022 15:43:29 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1064877
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-hel1410024-HEL
x-robots-tag: none
server: cloudflare
x-github-request-id: A0E0:FA61:268EA0:28861B:61F9BE40
x-timer: S1643757120.111910,VS0,VE171
etag: W/"7652d432e77389d2064f55511cc6b91d5be6c83a7c4a508c20c6cd28cb795570"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ynjAZjzPuLi3wqx3RmfSs%2BlHEuhB710TVq9lZec7qMt281zq%2FHOpb5i9g%2BC18QSgOwri0A49tJCoXS7eCG0bLR8DNLwR10Hhi6q9s64i%2Fu%2FZcTEZNo%2BUOQ16n81tlstxJySR4LlBkMj%2B%2FE%2FPpt6eQ1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
cf-ray: 6dd76991b80f9067-FRA
x-cache-hits: 0

GET
H2 200 alex-moonton.css
rawcdn.githack.com/AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/ 3 KB
2 KB 59ms
25ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/all.asset/3fce8843edde49a48905ae1ed9cf237534e547dd/alex-moonton.css

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0598957e2883474ad8123280a254286dc1f356e10614ac0936a03bcf12296022

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 9eae4a03bce679ab5b1b084e7728060d22b30801
date: Mon, 14 Feb 2022 15:43:29 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 22374
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-bma1655-BMA
x-robots-tag: none
server: cloudflare
x-github-request-id: DD2A:3A4A:12D891C:13A50F9:6209F337
x-timer: S1644825162.164685,VS0,VE154
etag: W/"df62c345015dd15b0da73d379ec88e3e896cadddc0c4d97d9b8cd19b4d2d065b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bd07b8FIvS%2F2yjbjAfelJOxKBmeQSvqOxwMdXL1MXjcNvq%2FiT%2B7qDKbjxXY085%2FGBLldFu%2Fo84AKPGVXii4IYjW4z1V5uB1iTSp0HN0PHwo6cgSC39wlRZLrSPV9u%2F59Q%2BEDs1IMVhg8ALY%2BAwrZNkM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
cf-ray: 6dd76991b8119067-FRA
x-cache-hits: 0

GET
H2 200 MLBB-rotate.css
rawcdn.githack.com/AlexHostX/all.asset/06e649cdc3c3d152f9c275ded79391eeff6eb049/ 420 B
658 B 76ms
43ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/all.asset/06e649cdc3c3d152f9c275ded79391eeff6eb049/MLBB-rotate.css

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f53f261d75e6716ddcdf5053a6f2dbde1d5c42c85ee9c059385da6ceafe01b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 6ec02ef602e0e2545a6cf004ff09999d7214926d
date: Mon, 14 Feb 2022 15:43:29 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1064877
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-hel1410023-HEL
x-robots-tag: none
server: cloudflare
x-github-request-id: 75EC:742F:1107DC:143D9A:61FA3788
x-timer: S1643788168.147651,VS0,VE167
etag: W/"bdaed8a0f9442ea9f7b6554772a6922deab2fa7b04145e61174c5735785d988a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZBaZ51sUapVdUE1NtU7oh4AyvsY3A477P7YDn0izm%2BHbV%2BYQ8HQTFp44AeQHhpsJgSZ%2BFklGd6E%2BXvpJuHSu%2BfCsJL%2BfO1ebSZuR7N5303%2Bsy%2F96sABQ%2Fge3mNcjVQ2iLKRUafz5BtKm3KnIQ1PFbOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
cf-ray: 6dd76991b8129067-FRA
x-cache-hits: 0

GET
H2 200 style-AlexHost.css
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/ 14 KB
3 KB 163ms
162ms Stylesheet
text/css 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/style-AlexHost.css
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ce7e6ea2ac6ab92888d5255f15778aae99d4202c060f4757bae18cab31442f9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
content-encoding: br
last-modified: Wed, 22 Dec 2021 20:12:18 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2499
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H2 200 mlbb.webp
rawcdn.githack.com/AlexHostX/logAlex/e0b6e1c2dea4cb77af37b29067e401242514e538/ 57 KB
57 KB 31ms
30ms Image
image/webp 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rawcdn.githack.com/AlexHostX/logAlex/e0b6e1c2dea4cb77af37b29067e401242514e538/mlbb.webp

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed1ff91e92026bb52767ac47d5fa0d41576ad45deca8dd5d5888398d81e67a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: c2d3ba9591457fb579848f01ffefbd070ab9da53
date: Mon, 14 Feb 2022 15:43:29 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 115850
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57868
x-served-by: cache-bma1657-BMA
x-robots-tag: none
server: cloudflare
x-github-request-id: 8130:38C5:1349917:140BF9D:6208810A
x-timer: S1644731027.433427,VS0,VE177
etag: W/"2ff33ad5ac2ab4c45ff111081316f4ea35841d541f85568db185a1f8df2e2683"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rp%2FXAzEd4uSM%2FzLD8sfeWKDIbXEFvBn0yaNEVRL5eLYm5sZRE6gPzsgDJ1bB9mv1aSk1qcnX42w5rpP%2FB6W9sZHU1xqlqL1W7BOttqeom%2F%2B1RgWBKftXEGNB3bB%2Fqe4qn8SG5Tv7hQXTScZSPJ%2FGK9c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
cf-ray: 6dd76991b8189067-FRA
x-cache-hits: 0

GET
H2 200 Alucard-Sw.jpg
i.postimg.cc/G2W3WJbf/ 42 KB
42 KB 78ms
19ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/G2W3WJbf/Alucard-Sw.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 1217a01079f29b18950aa137460d633bc2a58c2db6047ec9858b49d94222cc97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 02:20:35 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 42575
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Argus-Sw.jpg
i.postimg.cc/DfGwqDg3/ 77 KB
78 KB 78ms
19ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/DfGwqDg3/Argus-Sw.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: f772f4fd1c6dbe6026d964b8eb2203fbf11eb6609f0dc193637caa05c1b03bd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 02:20:35 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 79342
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Cyc-Sw.jpg
i.postimg.cc/L6B4W1wy/ 84 KB
84 KB 78ms
19ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/L6B4W1wy/Cyc-Sw.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: eececada02d6a32f80694f8063fd95d7e84908bcf6bebad62f243892554f54c3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 02:20:35 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 85681
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 skin-82.jpg
i.postimg.cc/Bb2Z4L6n/ 61 KB
61 KB 78ms
19ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/Bb2Z4L6n/skin-82.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 6aeaca8db44d0afd6295e6def6f8dd6fa5a96fe9b7fa89d15fa340aaf2c70f27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 02:20:35 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 62145
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 404 m3-aldous.jpg
i.postimg.cc/PrW2RX51/ 3 KB
3 KB 205ms
177ms Image
image/png 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/PrW2RX51/m3-aldous.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
server: nginx
content-length: 2712
content-type: image/png

GET
H2 404 m3prime.jpg
i.postimg.cc/YqKdRGMp/ 3 KB
3 KB 191ms
176ms Image
image/png 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/YqKdRGMp/m3prime.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
server: nginx
content-length: 2712
content-type: image/png

GET
H2 404 selena-abyys.jpg
i.postimg.cc/zDRdTSmt/ 3 KB
3 KB 184ms
181ms Image
image/png 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/zDRdTSmt/selena-abyys.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
server: nginx
content-length: 2712
content-type: image/png

GET
H2 404 collector-nana.jpg
i.postimg.cc/0jmcxxdR/ 3 KB
3 KB 184ms
180ms Image
image/png 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/0jmcxxdR/collector-nana.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
server: nginx
content-length: 2712
content-type: image/png

GET
H2 404 star-kagura.jpg
i.postimg.cc/RF2XjqtL/ 3 KB
3 KB 188ms
185ms Image
image/png 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/RF2XjqtL/star-kagura.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
server: nginx
content-length: 2712
content-type: image/png

GET
H2 404 star-brody.jpg
i.postimg.cc/MpY3v6kz/ 3 KB
3 KB 195ms
192ms Image
image/png 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/MpY3v6kz/star-brody.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
server: nginx
content-length: 2712
content-type: image/png

GET
H2 404 special-granger.jpg
i.postimg.cc/x1QFfk4s/ 3 KB
3 KB 187ms
184ms Image
image/png 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/x1QFfk4s/special-granger.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
server: nginx
content-length: 2712
content-type: image/png

GET
H2 404 cpecial-belerick.jpg
i.postimg.cc/vmHqnJMf/ 3 KB
3 KB 203ms
200ms Image
image/png 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/vmHqnJMf/cpecial-belerick.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
server: nginx
content-length: 2712
content-type: image/png

GET
H2 404 christimas-rafaela.jpg
i.postimg.cc/mDPmX7Pr/ 3 KB
3 KB 189ms
186ms Image
image/png 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/mDPmX7Pr/christimas-rafaela.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
server: nginx
content-length: 2712
content-type: image/png

GET
H2 404 christimas-miya.jpg
i.postimg.cc/VNG7WKLT/ 3 KB
3 KB 196ms
193ms Image
image/png 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/VNG7WKLT/christimas-miya.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
server: nginx
content-length: 2712
content-type: image/png

GET
H2 200 IMG-20211222-071743.jpg
i.postimg.cc/KY3CT7DJ/ 105 KB
106 KB 65ms
62ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/KY3CT7DJ/IMG-20211222-071743.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 685be3f7a6d52527f9ef2a82be346fd4395b733123828def6c3b2db4d8a768d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:19:00 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 107876
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG-20211222-071757.jpg
i.postimg.cc/PxG9QL6h/ 102 KB
103 KB 65ms
63ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/PxG9QL6h/IMG-20211222-071757.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: bf49d2e7f3bf927935e9378a9ad5b4c8fbe4deffd80d984a47c01d987e93a7e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:19:00 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 104862
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG-20211222-071815.jpg
i.postimg.cc/1tpTC9TF/ 103 KB
103 KB 66ms
63ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/1tpTC9TF/IMG-20211222-071815.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: f0f1abd18297cbef96a5a6abd9e1fa4ef2c8e088d3baf6bf377aec9b54a17d2f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:19:00 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 105183
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Remini20210918130840000.jpg
i.postimg.cc/Twr4D608/ 103 KB
104 KB 66ms
63ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/Twr4D608/Remini20210918130840000.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 04157bf15817642c21ca7f9f37fa1fb4d0d2f63b3eea2f591e28caed0b53f7f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Fri, 15 Oct 2021 07:02:40 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 105789
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 IMG-20211222-071835.jpg
i.postimg.cc/2yrtgsRK/ 117 KB
117 KB 66ms
63ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/2yrtgsRK/IMG-20211222-071835.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 773a5cdfe15828a7301bc2be07cbf90dfffdbb73ab12035e1f5794e264537e02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:19:00 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 119715
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gg.jpg
i.postimg.cc/8z6bBZxJ/ 39 KB
39 KB 66ms
63ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/8z6bBZxJ/gg.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 35ca82135e6856528a731694eceae705d032cafdd247ae08241e1d6973ff991e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:24:40 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 39828
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 800.jpg
i.postimg.cc/gk5DZCtb/ 29 KB
29 KB 66ms
63ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/gk5DZCtb/800.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: b97cbcadda732707159690f416127b49ee39c24c2cdf56a596e30171394de948

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:24:40 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29686
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1new.jpg
i.postimg.cc/vTKW5nzt/ 81 KB
82 KB 66ms
64ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/vTKW5nzt/1new.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 03f93970ab1710a1abca976673b7195c7601fe2e253132ed8d45b97dc94fd626

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:24:40 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 83305
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.jpg
i.postimg.cc/9Xgt33hw/ 44 KB
44 KB 66ms
64ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/9Xgt33hw/1.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 2cfd20283db0ac324480eb5cca3b58fc91be2f855d939d47ef09c9a633b14a4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:24:40 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 44651
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 900.jpg
i.postimg.cc/mkkYcjQr/ 25 KB
25 KB 66ms
64ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/mkkYcjQr/900.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: ea7ce0b353030a6f57554c9b0724ed41427230cd9b241a40a5b1d89d0646ba7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:24:40 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 25517
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 600.jpg
i.postimg.cc/4Nr6dznJ/ 31 KB
31 KB 67ms
64ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/4Nr6dznJ/600.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: adbb8033cca1168adba26c3c658c7916c00fda3d1301b47dfcbac11a9e4b482e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:24:40 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 31448
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 500.jpg
i.postimg.cc/43vbjmfX/ 59 KB
59 KB 67ms
64ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/43vbjmfX/500.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 5642a8068f1676afcc70c38d91bc7ae77538694f8c93c497a2548020733a6af2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:24:40 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 60209
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 400.jpg
i.postimg.cc/Zqzxfrhf/ 31 KB
31 KB 67ms
64ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/Zqzxfrhf/400.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: fcd1fe0799a8e17b9f07f089c1541b9ec516ad961ca5cb043e66511b9c90f26d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:24:40 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 31390
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4.jpg
i.postimg.cc/c4K70Dx9/ 31 KB
32 KB 67ms
64ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/c4K70Dx9/4.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 8c713e3f2eec756fe2be399b64a26fee2ce9699c09907ab84e011d760e187f9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:24:40 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32183
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 200.jpg
i.postimg.cc/9MJPFKwS/ 67 KB
67 KB 67ms
65ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/9MJPFKwS/200.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 5fe017d4910541cce5ce86609c8a43928e49ba1d9baa89cdfdb3580f1a987c74

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:24:40 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 68698
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 100.jpg
i.postimg.cc/MKX5X6DY/ 55 KB
55 KB 67ms
65ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/MKX5X6DY/100.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: c91350e4aebcaea1841069c1c4f9dfa9a8e069887699700ab28bc7ad5c5b1023

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:24:40 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 55901
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.png
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/reward/ 21 KB
21 KB 325ms
322ms Image
image/png 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/reward/1.png
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 6cc957923e182d1aba6cb0e4ae083807587a03ab5fbaed1a433f413ed14590ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 24 Nov 2021 00:31:04 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21027
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H2 200 2.png
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/reward/ 28 KB
28 KB 325ms
322ms Image
image/png 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/reward/2.png
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 1abd8dd258ca9673a42348f7dc38754ef78ffd98d17a8d63a2193264f2aac0b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 24 Nov 2021 00:31:06 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28360
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H2 200 3.png
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/reward/ 30 KB
30 KB 475ms
472ms Image
image/png 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/reward/3.png
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: f944d14d2910fd9dba210d044427730fb1707ae76fbbfe2d30ea0deff1af0c30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 24 Nov 2021 00:31:06 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30599
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H2 200 4.png
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/reward/ 26 KB
26 KB 475ms
473ms Image
image/png 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/reward/4.png
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9df7216abd7a24ad038e740c599bdf2f0e77b58f95170652d3be19c25108650c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 24 Nov 2021 00:31:06 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26581
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H2 200 5.png
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/reward/ 18 KB
18 KB 475ms
473ms Image
image/png 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/reward/5.png
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 600e08fb2e42b8fe6ced5b0637cd4bd8fc501ec25750efeed5a9bd574568f98c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 24 Nov 2021 00:31:06 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18580
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H2 200 6.png
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/reward/ 26 KB
26 KB 475ms
473ms Image
image/png 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/reward/6.png
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7ef1aa373364958600f4be89b017355c5cc425ddf74cb2a4c3603770e98a9226

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 24 Nov 2021 00:31:06 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26703
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H2 200 b1.jpg
i.postimg.cc/J0w3SMbN/ 15 KB
15 KB 67ms
65ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/J0w3SMbN/b1.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: a1598e027f2049064365d7d93fe9ee93dfaf71be6d7b58c6e694c7ff060aeb51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Tue, 21 Dec 2021 23:24:18 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 15191
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b2.jpg
i.postimg.cc/prZ9kHkX/ 14 KB
14 KB 67ms
65ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/prZ9kHkX/b2.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 5c1fd1ea08a8e23ef1b440f57248152b8548179fb1c3c64f45ba8d4b737346ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Tue, 21 Dec 2021 23:26:31 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 14447
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b3.jpg
i.postimg.cc/8PZJ6TjZ/ 13 KB
13 KB 68ms
65ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/8PZJ6TjZ/b3.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 91b8688c6b6b3f1fb03092cbb19165565f0fee8346d9b0f672182967b178b7c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Tue, 21 Dec 2021 23:26:31 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 13090
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b4.jpg
i.postimg.cc/Pfz8dWhs/ 13 KB
13 KB 68ms
65ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/Pfz8dWhs/b4.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 2b854587778d5ce1d42ed233dd11650558b6d915a8b01bbdfb7919291818cf58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Tue, 21 Dec 2021 23:26:31 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 13450
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b5.jpg
i.postimg.cc/2S3qdgWr/ 9 KB
10 KB 68ms
65ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/2S3qdgWr/b5.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: dc869b202aad4fd35ce231786159bbcb979582c6bc1afb7126cbbf885f6172d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Tue, 21 Dec 2021 23:26:31 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 9684
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b6.jpg
i.postimg.cc/pXW5rmX9/ 12 KB
12 KB 68ms
66ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/pXW5rmX9/b6.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 0835287ed5fa79c1aa8734d82c4f8d385190600192c354480040993b3b213ec0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Tue, 21 Dec 2021 23:26:31 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 11888
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 500.jpg
i.postimg.cc/5tpp66Zn/ 62 KB
62 KB 68ms
66ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/5tpp66Zn/500.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 32cf399c29db81a1e0362fbd3a925ab217fee31de6a092c2396807a2ade9a6cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:37:41 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 63592
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1000.jpg
i.postimg.cc/vBBh9GyM/ 62 KB
63 KB 68ms
66ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/vBBh9GyM/1000.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 6e8a2198ba7e7e8c1e71c908445c2274bdbd48d414fbb0a7fc044df49c3ab0cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:37:41 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 63898
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1500.jpg
i.postimg.cc/76WVnjPz/ 68 KB
68 KB 68ms
66ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/76WVnjPz/1500.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: a3f8bf6e347121460e5aabb4779bfb7f0f7e32166c414a1458e20ec6bc8761ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:37:41 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 69616
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2500.jpg
i.postimg.cc/23p7PvZ8/ 79 KB
80 KB 68ms
66ms Image
image/jpeg 141.94.200.42
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.postimg.cc/23p7PvZ8/2500.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.94.200.42 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31469640.ip-141-94-200.eu
Software: nginx /
Resource Hash: 8dff9b35c156d6e7f4cdbf0c3499d5a41dd673360cd3ebb92d34b44b0ee6d9ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 00:37:41 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 81165
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 5000.jpg
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/claim/dm/ 80 KB
80 KB 475ms
473ms Image
image/jpeg 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/claim/dm/5000.jpg
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e83fbcfc8112158d8a8afd66acebbbad99d942217ecad0c0975c2f4e4db7a216

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 20:16:00 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 81805
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H2 200 close-alex.png
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/ 5 KB
5 KB 475ms
474ms Image
image/png 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/close-alex.png
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 33f1315f74f137777097448ff5010d1f549275f6c867390aa46aacc867203280

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 18:16:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4835
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H2 200 facebook_text.png
cdn.jsdelivr.net/gh/AlexHostX/logAlex@main/ 28 KB
29 KB 42ms
23ms Image
image/png 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/AlexHostX/logAlex@main/facebook_text.png

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4967
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28789
x-served-by: cache-fra19155-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"7075-ic4uy2YKkLjm7RszVEPXdnxZ8oo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6dd769921c9491f3-FRA

GET
H2 200 mlbb-m3.webp
cdn.jsdelivr.net/gh/AlexHostX/logAlex@main/ 56 KB
56 KB 41ms
28ms Image
image/webp 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/AlexHostX/logAlex@main/mlbb-m3.webp

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

176d6c064bf4a9392bf4c7a748ce4ab47332492857f9193b703a87ac01ea5a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16551
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56848
x-served-by: cache-fra19173-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"de10-CMEcZEyXDzrRNw0gDUNNI7lE1jU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6dd769922c9991f3-FRA

GET
H2 200 vk-alex.png
cdn.jsdelivr.net/gh/AlexHostX/logAlex@main/ 7 KB
7 KB 74ms
73ms Image
image/png 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/AlexHostX/logAlex@main/vk-alex.png

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f966e2015a9eecf1d075127e6dd0b84ffd19276d25d4331cd4184f34d0892d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7478
x-served-by: cache-fra19148-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"1d36-JZ7v9xl/arIPJ0RfUV5q35vMopE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6dd769923cc091f3-FRA

GET
H2 200 google.png
cdn.jsdelivr.net/gh/AlexHostX/logAlex@main/ 28 KB
28 KB 21ms
21ms Image
image/png 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/gh/AlexHostX/logAlex@main/google.png

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd0e13be815f218adc61ec7b7a04777c8ad03fe34ac1f402f51a7baba71a87d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 16551
x-jsd-version: main
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28751
x-served-by: cache-fra19179-FRA
timing-allow-origin: *
x-jsd-version-type: branch
server: cloudflare
etag: W/"704f-H+KF8igrENgHlNcxZbvPvO1MjU4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
cf-ray: 6dd769923cc291f3-FRA

GET
H2 200 jquery-1.10.2.min.js Show response
code.jquery.com/ 91 KB
32 KB 54ms
19ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.2.min.js
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-16bb3"
vary: Accept-Encoding
x-hw: 1644853409.dop226.am5.t,1644853409.cds287.am5.hn,1644853409.cds012.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32788

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
83 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 15:50:38 GMT
x-content-type-options: nosniff
age: 604371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84245
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 07 Feb 2023 15:50:38 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
82 KB 210ms
122ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 22:52:27 GMT
x-content-type-options: nosniff
age: 147062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84320
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Feb 2023 22:52:27 GMT

GET
H2 200 jquery-3.5.1.min.js Show response
code.jquery.com/ 87 KB
30 KB 69ms
34ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.1.min.js
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d84"
vary: Accept-Encoding
x-hw: 1644853409.dop226.am5.t,1644853409.cds287.am5.hn,1644853409.cds203.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30879

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 76ms
41ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1644853409.dop226.am5.t,1644853409.cds287.am5.hn,1644853409.cds007.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 js-AlexHost.js Show response
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/js/ 9 KB
2 KB 169ms
162ms Script
application/javascript 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/js/js-AlexHost.js
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3a9aba094996d4c1410dad1026138420ccfe66d8f69e29dc3b17abb72475f034

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
content-encoding: br
last-modified: Wed, 24 Nov 2021 04:09:52 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1902
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H2 200 input-exception.js Show response
rawcdn.githack.com/AlexHostX/protect/aaa1462a19b8d8b6cbd68101a5ac89f4955b49de/ 9 KB
1 KB 45ms
16ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/protect/aaa1462a19b8d8b6cbd68101a5ac89f4955b49de/input-exception.js

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96df2f4735650bfe911e983781783284646ff7cc8109e0dfeb6de8056f1a7654

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: 60038f6ebc68c6ce8db0c06eecdadc6d25fe1c66
date: Mon, 14 Feb 2022 15:43:29 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1488894
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-hel1410022-HEL
x-robots-tag: none
server: cloudflare
x-github-request-id: 3928:2CFD:183269:260ABA:61F3B28E
x-timer: S1643364483.672735,VS0,VE172
etag: W/"7efc1fe69d2bae7cf5f7f6503e53cd6825675b937514a5660fadff678c23ad05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oF18rGFs%2FlFWg%2BvBWz0gedhmkd5B%2FWIjTXpxbmDBsryryW4GasBdPPi0BeRH9NCMdBksheWnmnSnrTC9IIukUVbcK5jqijW%2FfzX371kb6XhrVvC883gA2DTO79aUxzBAgZeZg%2BZ2eh4tjKGn5os2kI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: HIT
cache-control: max-age=315360000, public, immutable
cf-ray: 6dd76991b8139067-FRA
x-cache-hits: 0

GET
H2 200 watermark.css
rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/ 105 B
528 B 16ms
15ms Stylesheet
text/css 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/watermark.css

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03845ae6fc5097c5f107ffc206c3fe329a962d045b23151188b6dab3ef4fbcc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-fastly-request-id: eed5116a429e9e53845ea4b481c6b12949f0ba44
date: Mon, 14 Feb 2022 15:43:29 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 877090
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-bma1671-BMA
x-robots-tag: none
server: cloudflare
x-github-request-id: C45C:FA62:140C125:14BFCC2:61FC6C87
x-timer: S1643975750.718728,VS0,VE153
etag: W/"8cbc601be6a6a4a8de11e874a08f4635bb2103954e29be8f44a2287251cf89b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVO7AcHn4vOadAi3FbhKqTdi1633yZ5ldWM3XACx7oZntw82TMLCsvSMXCVKNE3kB8yG%2BFPboVScknQgGHJ%2F0sKuxHyIrX5baEzVnug4EjVEzrue%2BNnkjUxW5Ue4TLq%2BBfVcFAQZtuu2FalKf0I63Lk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: HIT
cache-control: max-age=315360000, public, immutable
cf-ray: 6dd76991b8179067-FRA
x-cache-hits: 0

GET
H2 200 GWeAitK4VFo Show response
www.youtube.com/embed/ Frame 2D6D 60 KB
26 KB 187ms
101ms Document
text/html 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/GWeAitK4VFo

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0143b2cf13e52dd8c23219451cff2c90480d5cc887973d92c1e87f4344d7e56f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 14 Feb 2022 15:43:29 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 206 Mobile%20Legends%20Bang%20Bang%20-%20Main%20Theme%20(Live%20Orchestra).mp3
rawcdn.githack.com/AlexHostX/all.asset/001b222ae2a78373bc3a26702125100aedcccfaf/ 64 KB
0 22ms
21ms Media
audio/mpeg 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/all.asset/001b222ae2a78373bc3a26702125100aedcccfaf/Mobile%20Legends%20Bang%20Bang%20-%20Main%20Theme%20(Live%20Orchestra).mp3

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://claim-skin-mlbb-2022.duckdns.org/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Range: bytes=0-

Response headers

x-fastly-request-id: 7270d38c1b759979f7bc9a0e46039377d67e40f4
date: Mon, 14 Feb 2022 15:43:29 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 900093
source-age: 0
x-cache: MISS
Content-Range: bytes 0-3032601/3032602
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 3032602
x-served-by: cache-bma1620-BMA
x-robots-tag: none
server: cloudflare
x-github-request-id: EA5A:DBD7:157D0EB:1640A2D:61FCAE0C
x-timer: S1643949581.979397,VS0,VE223
etag: W/"020b5925279929292790f9d551a471fd217e73add106f9d561305e5b74c7060e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fPVin4TRCSykhIJaOcKy0GXUfQzW7W5ZyIqRycOcSRlwOfqqIhFOCZMTlifNzGzTyKn5Ne22%2BNnqZLFcv2uc2sK7C8HALzKBAI%2BIRhMxYjWpr0bSHgSG9aEi2D%2FbMrBS5hDlVEsSLc7OYvx%2FMlQa0Pw%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
cf-ray: 6dd7699239749067-FRA
x-cache-hits: 0

GET
H2 200 vertical.png
play.mobilelegends.com/events/collectenergon/images/ 3 KB
4 KB 237ms
15ms Image
image/png 92.123.101.91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play.mobilelegends.com/events/collectenergon/images/vertical.png

Requested by

Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.101.91 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a92-123-101-91.deploy.static.akamaitechnologies.com

Software

nginx/1.19.0 /

Resource Hash

6416d89bad2dadc007addf506963185c897cc632848226a383a429a4ecbd72ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
etag: W/"612621ff-d91"
x-parent-response-time: 136,92.123.101.109
akamai-mon-iucid-del: 957847
content-length: 3221
last-modified: Wed, 25 Aug 2021 10:57:03 GMT
server: nginx/1.19.0
date: Mon, 14 Feb 2022 15:43:29 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2625
x-origin-response-time: 520,23.10.249.158
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 14 Feb 2022 16:27:14 GMT

GET
H3 200 menu.png
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/ 6 KB
6 KB 335ms
181ms Image
image/png 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/menu.png
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/style-AlexHost.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ec5665f3a7ec1d4abf950add3017d5f74b5a66186d800c95a52adf880ad1ab85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/style-AlexHost.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 18:16:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5989
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H3 200 kiri-aktif-alex.png
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/ 6 KB
6 KB 677ms
523ms Image
image/png 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/kiri-aktif-alex.png
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/style-AlexHost.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a54611759e64efbab61126a804c6683e4826bfede21b49788443698836464134

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/style-AlexHost.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 18:29:42 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6105
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H3 200 card-Box-Bg-f3fcd521.png
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/ 141 KB
142 KB 338ms
185ms Image
image/png 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/card-Box-Bg-f3fcd521.png
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/style-AlexHost.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 60aece518219c02683bc7e9a0f4da932ada5ea919dbdca37883034c885a8e99a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/style-AlexHost.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 18:16:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 144789
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H3 200 card-Bg-333369c7.png
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/ 25 KB
25 KB 314ms
161ms Image
image/png 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/card-Bg-333369c7.png
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/style-AlexHost.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5e1938381eca82f54a9d27dc359dc3dde9af50a253ae04a8789746faa8b21f14

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/style-AlexHost.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 18:16:08 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 25106
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H3 200 btn-active-alex.png
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/ 7 KB
7 KB 802ms
649ms Image
image/png 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/btn-active-alex.png
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/style-AlexHost.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 1f11655cf5d78a3120eb58331be2766d008efdc623097c349eeb014b8e8bcc6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/style-AlexHost.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 18:16:10 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7225
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H3 200 trueid-alex.png
claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/ 354 KB
355 KB 683ms
530ms Image
image/png 20.212.23.96
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/img/trueid-alex.png
Requested by: Host: claim-skin-mlbb-2022.duckdns.org
URL: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/style-AlexHost.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 20.212.23.96 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 555cd223d44b14d2bbc36adcc6f2c0011437d10b02a630dfaf3cb2a2f63bbcaa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claim-skin-mlbb-2022.duckdns.org/alexFrontEnd/css/style-AlexHost.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:29 GMT
last-modified: Wed, 22 Dec 2021 19:20:46 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 362703
expires: Mon, 21 Feb 2022 15:43:29 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/96dcbc8c/ Frame 2D6D 342 KB
47 KB 89ms
42ms Stylesheet
text/css 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWeAitK4VFo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b77abfeaea1a4ad2f58b86aa6b30e3c8b3bdc13c2732e89ad4c4ea5af427309

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWeAitK4VFo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 12:39:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47770
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 14 Feb 2023 12:39:13 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/ Frame 2D6D 282 KB
85 KB 130ms
83ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWeAitK4VFo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e8237174d7df397d5743d7809d2135cc46113bf5e01616719f8626e539683a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWeAitK4VFo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 20:27:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86941
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Feb 2023 20:27:53 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/ Frame 2D6D 2 MB
537 KB 146ms
99ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWeAitK4VFo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

727ee83ad0a259323db01b52f54200bf003c7dc6fccf76964c0c3231ef456291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWeAitK4VFo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 16:48:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 428084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 549860
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Feb 2023 16:48:45 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/96dcbc8c/fetch-polyfill.vflset/ Frame 2D6D 10 KB
3 KB 85ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWeAitK4VFo

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWeAitK4VFo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 13 Feb 2022 00:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 139905
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3338
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 13 Feb 2023 00:51:44 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 2D6D 15 KB
16 KB 125ms
38ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWeAitK4VFo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 08 Feb 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 513408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 08 Feb 2023 17:06:41 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 2D6D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

94ms
46ms

XHR
application/json

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/GWeAitK4VFo

Protocol

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

45d24967811dd232916402106f3010fa30d74b070c5c140d05e25faa318dbda3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 14 Feb 2022 15:43:30 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 2D6D 29 B
588 B 121ms
39ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:29:18 GMT
x-content-type-options: nosniff
age: 852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 14 Feb 2022 15:44:18 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/ Frame 2D6D 97 KB
30 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ade2911c5af02c864d611c989426975832af5ce9a6ee9f5255181ab13ffb251a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWeAitK4VFo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 16:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 428084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30817
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Feb 2023 16:48:46 GMT

GET
H2 200 AK-wjM5fFWkW--b9hYESLM5nC4w5_J8gYPCaluQQslU.js Show response
www.google.com/js/th/ Frame 2D6D 35 KB
14 KB 123ms
39ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/AK-wjM5fFWkW--b9hYESLM5nC4w5_J8gYPCaluQQslU.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00afb08cce5f156916fbe6fd8581122cce670b8c39fc9f2060f09a96e410b255

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 00:36:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 313608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13514
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 13:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 Feb 2023 00:36:42 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/ Frame 2D6D 26 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e15d1f3aa3eb16096ff635b9ae2dd2c4a7347e0f334769d104cd6df581d20798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWeAitK4VFo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 16:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 428084
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7710
x-xss-protection: 0
last-modified: Wed, 09 Feb 2022 01:19:32 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 09 Feb 2023 16:48:46 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 2D6D 4 KB
3 KB 147ms
63ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Feb 2022 15:43:30 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 2D6D 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?lHu5KA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/GWeAitK4VFo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/GWeAitK4VFo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 15:43:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/98/ Frame 2D6D 52 KB
15 KB 86ms
39ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/98/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 10:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19463
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15480
x-xss-protection: 0
last-modified: Mon, 29 Nov 2021 16:03:53 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Tue, 15 Feb 2022 10:19:07 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 2D6D 28 B
54 B 52ms
51ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/96dcbc8c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/GWeAitK4VFo
X-YouTube-Client-Version: 1.20220208.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtOeXQ4dlZ1UWpobyih8amQBg%3D%3D
X-YouTube-Ad-Signals: dt=1644853410029&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Mon, 14 Feb 2022 15:43:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Mon, 14 Feb 2022 15:43:32 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: zD8FYt9thjU
			.youtube.com/	1970-01-20 05:13:25	Name: VISITOR_INFO1_LIVE Value: Nyt8vVuQjho

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://i.postimg.cc/YqKdRGMp/m3prime.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.postimg.cc/PrW2RX51/m3-aldous.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.postimg.cc/0jmcxxdR/collector-nana.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.postimg.cc/zDRdTSmt/selena-abyys.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.postimg.cc/x1QFfk4s/special-granger.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.postimg.cc/RF2XjqtL/star-kagura.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.postimg.cc/mDPmX7Pr/christimas-rafaela.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.postimg.cc/MpY3v6kz/star-brody.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.postimg.cc/VNG7WKLT/christimas-miya.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://i.postimg.cc/vmHqnJMf/cpecial-belerick.jpg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
claim-skin-mlbb-2022.duckdns.org
code.jquery.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.postimg.cc
play.mobilelegends.com
rawcdn.githack.com
stackpath.bootstrapcdn.com
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
141.94.200.42
20.212.23.96
2001:4de0:ac18::1:a:1b
2606:4700::6810:125e
2606:4700::6810:5814
2606:4700::6812:bcf
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::2006
2a00:1450:4001:828::2003
2a00:1450:4001:831::2003
2a06:98c1:3121::7
92.123.101.91
00afb08cce5f156916fbe6fd8581122cce670b8c39fc9f2060f09a96e410b255
0143b2cf13e52dd8c23219451cff2c90480d5cc887973d92c1e87f4344d7e56f
03845ae6fc5097c5f107ffc206c3fe329a962d045b23151188b6dab3ef4fbcc5
03f93970ab1710a1abca976673b7195c7601fe2e253132ed8d45b97dc94fd626
04157bf15817642c21ca7f9f37fa1fb4d0d2f63b3eea2f591e28caed0b53f7f3
0598957e2883474ad8123280a254286dc1f356e10614ac0936a03bcf12296022
0835287ed5fa79c1aa8734d82c4f8d385190600192c354480040993b3b213ec0
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0e8237174d7df397d5743d7809d2135cc46113bf5e01616719f8626e539683a0
1217a01079f29b18950aa137460d633bc2a58c2db6047ec9858b49d94222cc97
176d6c064bf4a9392bf4c7a748ce4ab47332492857f9193b703a87ac01ea5a20
1abd8dd258ca9673a42348f7dc38754ef78ffd98d17a8d63a2193264f2aac0b7
1f11655cf5d78a3120eb58331be2766d008efdc623097c349eeb014b8e8bcc6d
245700ec8ef4a9acfb6088689f5b4867269393b8222cb1c75ea791621751ff87
2b854587778d5ce1d42ed233dd11650558b6d915a8b01bbdfb7919291818cf58
2cfd20283db0ac324480eb5cca3b58fc91be2f855d939d47ef09c9a633b14a4e
32cf399c29db81a1e0362fbd3a925ab217fee31de6a092c2396807a2ade9a6cb
33f1315f74f137777097448ff5010d1f549275f6c867390aa46aacc867203280
35ca82135e6856528a731694eceae705d032cafdd247ae08241e1d6973ff991e
3a9aba094996d4c1410dad1026138420ccfe66d8f69e29dc3b17abb72475f034
3b3043a59925da95728c8d505da11bc06e2c7a502486e1c84fcc9445dee2ab96
3b77abfeaea1a4ad2f58b86aa6b30e3c8b3bdc13c2732e89ad4c4ea5af427309
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
45d24967811dd232916402106f3010fa30d74b070c5c140d05e25faa318dbda3
4815c786c3094f5df8eaa5b8c1eb6dec8bd54c20b7959a091da806ded521d420
4abb644266a5139ed69498a2f9522afe373c41787fda172dad55ce1afb18a8df
555cd223d44b14d2bbc36adcc6f2c0011437d10b02a630dfaf3cb2a2f63bbcaa
5642a8068f1676afcc70c38d91bc7ae77538694f8c93c497a2548020733a6af2
5c1fd1ea08a8e23ef1b440f57248152b8548179fb1c3c64f45ba8d4b737346ab
5e1938381eca82f54a9d27dc359dc3dde9af50a253ae04a8789746faa8b21f14
5fe017d4910541cce5ce86609c8a43928e49ba1d9baa89cdfdb3580f1a987c74
600e08fb2e42b8fe6ced5b0637cd4bd8fc501ec25750efeed5a9bd574568f98c
60aece518219c02683bc7e9a0f4da932ada5ea919dbdca37883034c885a8e99a
6416d89bad2dadc007addf506963185c897cc632848226a383a429a4ecbd72ec
685be3f7a6d52527f9ef2a82be346fd4395b733123828def6c3b2db4d8a768d2
6aeaca8db44d0afd6295e6def6f8dd6fa5a96fe9b7fa89d15fa340aaf2c70f27
6cc957923e182d1aba6cb0e4ae083807587a03ab5fbaed1a433f413ed14590ee
6e8a2198ba7e7e8c1e71c908445c2274bdbd48d414fbb0a7fc044df49c3ab0cd
727ee83ad0a259323db01b52f54200bf003c7dc6fccf76964c0c3231ef456291
773a5cdfe15828a7301bc2be07cbf90dfffdbb73ab12035e1f5794e264537e02
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ef1aa373364958600f4be89b017355c5cc425ddf74cb2a4c3603770e98a9226
7f966e2015a9eecf1d075127e6dd0b84ffd19276d25d4331cd4184f34d0892d8
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8c713e3f2eec756fe2be399b64a26fee2ce9699c09907ab84e011d760e187f9b
8dff9b35c156d6e7f4cdbf0c3499d5a41dd673360cd3ebb92d34b44b0ee6d9ad
91b8688c6b6b3f1fb03092cbb19165565f0fee8346d9b0f672182967b178b7c5
96df2f4735650bfe911e983781783284646ff7cc8109e0dfeb6de8056f1a7654
9df7216abd7a24ad038e740c599bdf2f0e77b58f95170652d3be19c25108650c
a1598e027f2049064365d7d93fe9ee93dfaf71be6d7b58c6e694c7ff060aeb51
a3f8bf6e347121460e5aabb4779bfb7f0f7e32166c414a1458e20ec6bc8761ac
a54611759e64efbab61126a804c6683e4826bfede21b49788443698836464134
aadbc10a6ed701b4f0a119d5096bf3982305cd24fea0893a5fe785f475f8d09a
adbb8033cca1168adba26c3c658c7916c00fda3d1301b47dfcbac11a9e4b482e
ade2911c5af02c864d611c989426975832af5ce9a6ee9f5255181ab13ffb251a
b97cbcadda732707159690f416127b49ee39c24c2cdf56a596e30171394de948
bf49d2e7f3bf927935e9378a9ad5b4c8fbe4deffd80d984a47c01d987e93a7e4
c91350e4aebcaea1841069c1c4f9dfa9a8e069887699700ab28bc7ad5c5b1023
cb1b7e421f8af1b72a3643a50b3f85222c8ca35b4fa70dca2524090252c2e8d4
ce7e6ea2ac6ab92888d5255f15778aae99d4202c060f4757bae18cab31442f9e
cff81f8984cdebd9f5039cd4c058d7d67bba4b92666dc0605f47c44b6a761df2
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dc869b202aad4fd35ce231786159bbcb979582c6bc1afb7126cbbf885f6172d1
dd0e13be815f218adc61ec7b7a04777c8ad03fe34ac1f402f51a7baba71a87d4
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e15d1f3aa3eb16096ff635b9ae2dd2c4a7347e0f334769d104cd6df581d20798
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed1ff91e92026bb52767ac47d5fa0d41576ad45deca8dd5d5888398d81e67a
e83fbcfc8112158d8a8afd66acebbbad99d942217ecad0c0975c2f4e4db7a216
ea7ce0b353030a6f57554c9b0724ed41427230cd9b241a40a5b1d89d0646ba7c
ec5665f3a7ec1d4abf950add3017d5f74b5a66186d800c95a52adf880ad1ab85
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eececada02d6a32f80694f8063fd95d7e84908bcf6bebad62f243892554f54c3
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0f1abd18297cbef96a5a6abd9e1fa4ef2c8e088d3baf6bf377aec9b54a17d2f
f53f261d75e6716ddcdf5053a6f2dbde1d5c42c85ee9c059385da6ceafe01b7c
f772f4fd1c6dbe6026d964b8eb2203fbf11eb6609f0dc193637caa05c1b03bd6
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f944d14d2910fd9dba210d044427730fb1707ae76fbbfe2d30ea0deff1af0c30
fcd1fe0799a8e17b9f07f089c1541b9ec516ad961ca5cb043e66511b9c90f26d
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

claim-skin-mlbb-2022.duckdns.org Open in urlscan Pro 20.212.23.96 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

94 Requests

99 %HTTPS

80 %IPv6

13 Domains

15 Subdomains

15 IPs

6 Countries

3708 kBTransfer

6176 kBSize

2 Cookies

0 Outgoing links

Redirected requests

94 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

claim-skin-mlbb-2022.duckdns.org Open in urlscan Pro
20.212.23.96 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

94
Requests

99 %
HTTPS

80 %
IPv6

13
Domains

15
Subdomains

15
IPs

6
Countries

3708 kB
Transfer

6176 kB
Size

2
Cookies

94 HTTP transactions
0 data transactions