www.claimitemskinff.ygto.com Open in urlscan Pro
144.126.135.60 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.claimitemskinff.ygto.com/
Submission: On September 27 via automatic, source certstream-suspicious (September 27th 2021, 4:46:57 am UTC) — Scanned from DE

Summary HTTP 75 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 9 domains to perform 75 HTTP transactions. The main IP is 144.126.135.60, located in St Louis, United States and belongs to CONTABO, US. The main domain is www.claimitemskinff.ygto.com.
TLS certificate: Issued by R3 on September 27th 2021. Valid for: 3 months.

This is the only time www.claimitemskinff.ygto.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
49	144.126.135.60 144.126.135.60	40021 (CONTABO) (CONTABO)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	135.181.63.70 135.181.63.70	24940 (HETZNER-AS) (HETZNER-AS)
7	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba08	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	51.158.146.105 51.158.146.105	12876 (Online SAS) (Online SAS)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
2	195.154.113.34 195.154.113.34	12876 (Online SAS) (Online SAS)
2	163.172.80.128 163.172.80.128	12876 (Online SAS) (Online SAS)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	51.15.189.129 51.15.189.129	12876 (Online SAS) (Online SAS)
1	51.159.59.232 51.159.59.232	12876 (Online SAS) (Online SAS)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	163.172.219.20 163.172.219.20	12876 (Online SAS) (Online SAS)
75	15

49 144.126.135.60 (St Louis, United States)

ASN40021 (CONTABO, US)
PTR: vmi625172.contaboserver.net

www.claimitemskinff.ygto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.181.63.70 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: cdn15.top4top.io

j.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00::210:ba08 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.pubgmobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.158.146.105 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-146-105.rev.poneytelecom.eu

d.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.154.113.34 (Ivry-sur-Seine, France)

ASN12876 (Online SAS, FR)
PTR: 195-154-113-34.rev.poneytelecom.eu

e.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.172.80.128 (France)

ASN12876 (Online SAS, FR)
PTR: rev-163-172-80-128.embersyndicate.com

b.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.15.189.129 (France)

ASN12876 (Online SAS, FR)
PTR: 51-15-189-129.rev.poneytelecom.eu

l.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.159.59.232 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-159-59-232.rev.poneytelecom.eu

k.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 163.172.219.20 (Amsterdam, Netherlands)

ASN12876 (Online SAS, FR)
PTR: 163-172-219-20.rev.poneytelecom.eu

a.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	ygto.com www.claimitemskinff.ygto.com	10 MB
10	top4top.io j.top4top.io d.top4top.io e.top4top.io b.top4top.io l.top4top.io k.top4top.io a.top4top.io	3 MB
7	pubgmobile.com www.pubgmobile.com	7 KB
4	googleapis.com ajax.googleapis.com fonts.googleapis.com	144 KB
1	gstatic.com fonts.gstatic.com	14 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	7 KB
0	jquery.com Failed code.jquery.com Failed
0	ibb.co Failed i.ibb.co Failed
75	9

	Domain	Requested by
49	www.claimitemskinff.ygto.com	www.claimitemskinff.ygto.com
7	www.pubgmobile.com	www.claimitemskinff.ygto.com
3	ajax.googleapis.com	www.claimitemskinff.ygto.com
2	a.top4top.io	www.claimitemskinff.ygto.com
2	b.top4top.io	www.claimitemskinff.ygto.com
2	e.top4top.io	www.claimitemskinff.ygto.com
1	fonts.gstatic.com	fonts.googleapis.com
1	k.top4top.io	www.claimitemskinff.ygto.com
1	l.top4top.io	www.claimitemskinff.ygto.com
1	fonts.googleapis.com	www.claimitemskinff.ygto.com
1	d.top4top.io	www.claimitemskinff.ygto.com
1	j.top4top.io	www.claimitemskinff.ygto.com
1	cdnjs.cloudflare.com	www.claimitemskinff.ygto.com
1	stackpath.bootstrapcdn.com	www.claimitemskinff.ygto.com
0	code.jquery.com Failed	www.claimitemskinff.ygto.com
0	i.ibb.co Failed	www.claimitemskinff.ygto.com
75	16

This site contains no links.

Subject Issuer	Validity	Valid
www.claimitemskinff.ygto.com R3	`2021-09-27` - `2021-12-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
top4top.io R3	`2021-07-17` - `2021-10-15`	3 months	crt.sh
wetv.acc.qq.com DigiCert SHA2 Secure Server CA	`2021-07-29` - `2022-03-16`	8 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.claimitemskinff.ygto.com/
Frame ID: 347FD76B476F5962A9E8D035005F37C8
Requests: 75 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PUBG MOBILE 1.5: Ignition

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

75
Requests

97 %
HTTPS

43 %
IPv6

9
Domains

16
Subdomains

15
IPs

5
Countries

12635 kB
Transfer

12928 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

75 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.claimitemskinff.ygto.com/ 23 KB
4 KB 404ms
126ms Document
text/html 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: c65105cdbe0a0acbe78890736c65638c75341a757bc9cf917222068c4407281b

Request headers

:method: GET
:authority: www.claimitemskinff.ygto.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-length: 3608
content-encoding: br
vary: Accept-Encoding
date: Mon, 27 Sep 2021 04:46:49 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 style.css
www.claimitemskinff.ygto.com/css/ 11 KB
2 KB 128ms
126ms Stylesheet
text/css 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimitemskinff.ygto.com/css/style.css
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 6ef89f0ff43cea4dd2de91e6ab06d2211d3df4193239a9e00ed51807643245f5

Request headers

:path: /css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2326
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 animate.css
www.claimitemskinff.ygto.com/css/ 76 KB
4 KB 128ms
128ms Stylesheet
text/css 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimitemskinff.ygto.com/css/animate.css
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab

Request headers

:path: /css/animate.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4458
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 facebook.css
www.claimitemskinff.ygto.com/css/login/ 3 KB
716 B 129ms
128ms Stylesheet
text/css 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimitemskinff.ygto.com/css/login/facebook.css
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870

Request headers

:path: /css/login/facebook.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 683
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 twitter.css
www.claimitemskinff.ygto.com/css/login/ 2 KB
632 B 129ms
129ms Stylesheet
text/css 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimitemskinff.ygto.com/css/login/twitter.css
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: d1f6890b3735c30420d80f740e7dddf964dbccb27cc29faf5b28f661d4049351

Request headers

:path: /css/login/twitter.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 598
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 56ms
18ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 16271456
cdn-cachedat: 2021-03-11 11:57:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6fc1a75116c932681ed09108db37b84c
cf-ray: 6952172709a46910-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 69 KB
6 KB 31ms
14ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1587646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5845
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgkXvfhh%2BNOjEyUqOx7%2FIApTJ3oKjuRLL998qPlDG%2FkxL7M0tPpToNFmKQgKBS7iT%2BhuFNuYgoahAmdkqdEiTCHW2KpBTEdEnZa%2BzV8QCHg2GuSg39eamusjR8E56coysSkiRsFXB5c7XhTyAAJxUrqR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69521726e8335c02-FRA
expires: Sat, 17 Sep 2022 04:46:49 GMT

GET
H2 200 p_2021x6ez92.png
j.top4top.io/ 62 KB
62 KB 367ms
46ms Image
image/png 135.181.63.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://j.top4top.io/p_2021x6ez92.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 135.181.63.70 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cdn15.top4top.io
Software: nginx /
Resource Hash: 342cc6fb3a28b52d8a292de4b417d91b4e6049e585ce3ec30db1d95316a2b68f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-file-id: x39491901x
date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Wed, 14 Jul 2021 12:08:41 GMT
server: nginx
etag: "60eed3c9-f665"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="icon.png"
accept-ranges: bytes
content-length: 63077
expires: Mon, 27 Sep 2021 06:46:49 GMT

GET
H2 200 pay.png
www.pubgmobile.com/en/images/ 1 KB
1 KB 131ms
27ms Image
image/png 2a02:26f0:6c00::210:ba08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/en/images/pay.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 12ecca619edd7636523e6b67f2953ed82326d5b49bcc565bd14e36aedb933325

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Fri, 05 Mar 2021 06:44:57 GMT
server: nginx
etag: "6041d369-527"
content-type: image/png
cache-control: max-age=58
accept-ranges: bytes
content-length: 1319
expires: Mon, 27 Sep 2021 04:47:47 GMT

GET
H2 200 down_arrow.png
www.pubgmobile.com/en/images/ 1 KB
1 KB 153ms
50ms Image
image/png 2a02:26f0:6c00::210:ba08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/en/images/down_arrow.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3d623991fdcdfbf60987204431177416c83ec1ca5bcbe3c0e44fd486a0f48598

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Fri, 05 Mar 2021 06:44:56 GMT
server: nginx
etag: "6041d368-411"
content-type: image/png
cache-control: max-age=298
accept-ranges: bytes
content-length: 1041
expires: Mon, 27 Sep 2021 04:51:47 GMT

GET
H2 200 p_2021izi1o0.png
d.top4top.io/ 21 KB
21 KB 206ms
90ms Image
image/png 51.158.146.105
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.top4top.io/p_2021izi1o0.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.158.146.105 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-158-146-105.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 8994759450d4def3d04debdfef63a496321b2749b7b45767fb9839f3bb185397

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-file-id: x39493911x
date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Wed, 14 Jul 2021 14:25:05 GMT
server: nginx
etag: "60eef3c1-53fb"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="images__1_-removebg-preview%20(1).png"
accept-ranges: bytes
content-length: 21499
expires: Mon, 27 Sep 2021 06:46:49 GMT

GET
H2 200 link_1.png
www.pubgmobile.com/common/images/ 412 B
572 B 151ms
48ms Image
image/png 2a02:26f0:6c00::210:ba08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/common/images/link_1.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 99ed54c6d4dbabf849b1b844a548a0ee3f8a8d0bf2c4424d57ee5d8c761f843a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 18 Mar 2021 13:02:42 GMT
server: nginx
etag: "60534f72-19c"
content-type: image/png
cache-control: max-age=40
accept-ranges: bytes
content-length: 412
expires: Mon, 27 Sep 2021 04:47:29 GMT

GET
H2 200 link_2.png
www.pubgmobile.com/common/images/ 827 B
989 B 142ms
39ms Image
image/png 2a02:26f0:6c00::210:ba08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/common/images/link_2.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e20d0a77af62d8461cc5f464d9463d7eb417452e32ce216cff928b0658a53a52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 18 Mar 2021 13:02:42 GMT
server: nginx
etag: "60534f72-33b"
content-type: image/png
cache-control: max-age=67
accept-ranges: bytes
content-length: 827
expires: Mon, 27 Sep 2021 04:47:56 GMT

GET
H2 200 link_3.png
www.pubgmobile.com/common/images/ 638 B
799 B 139ms
36ms Image
image/png 2a02:26f0:6c00::210:ba08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/common/images/link_3.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 65bcb1d2699f8726c0fe67bd01eb5cc8cd682a8eb8b67aeda82739a41f1f5a8d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 18 Mar 2021 13:02:42 GMT
server: nginx
etag: "60534f72-27e"
content-type: image/png
cache-control: max-age=293
accept-ranges: bytes
content-length: 638
expires: Mon, 27 Sep 2021 04:51:42 GMT

GET
H2 200 link_4.png
www.pubgmobile.com/common/images/ 768 B
929 B 147ms
73ms Image
image/png 2a02:26f0:6c00::210:ba08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/common/images/link_4.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a61ba6147dc708bcecfb1a2adfdd5ceb9550e06992c5ffb42c3e30d36823e95c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 18 Mar 2021 13:02:42 GMT
server: nginx
etag: "60534f72-300"
content-type: image/png
cache-control: max-age=31
accept-ranges: bytes
content-length: 768
expires: Mon, 27 Sep 2021 04:47:20 GMT

GET
H2 200 link_5.png
www.pubgmobile.com/common/images/ 643 B
805 B 29ms
24ms Image
image/png 2a02:26f0:6c00::210:ba08
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/common/images/link_5.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba08 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: ece6fc3bf5e763a1031f5900eea1e88bd8a27bf8a2a9bddf4402301f450f21e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 18 Mar 2021 13:02:42 GMT
server: nginx
etag: "60534f72-283"
content-type: image/png
cache-control: max-age=71
accept-ranges: bytes
content-length: 643
expires: Mon, 27 Sep 2021 04:48:00 GMT

GET
H2 200 airdrop.png
www.claimitemskinff.ygto.com/img/ 43 KB
43 KB 129ms
120ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/airdrop.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 51e0d574fc035ad278c5d8b27d7b876f95f23cda2477acf9b5bbb9a2485d4524

Request headers

:path: /img/airdrop.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 44374
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 38ms
14ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 17:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sun, 25 Sep 2022 17:56:39 GMT

GET
H2 200 1.png
www.claimitemskinff.ygto.com/img/rewad/ 37 KB
37 KB 344ms
334ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/1.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 4cf017952c689bce9b0fc7fccb74a3ed6048cadf6ec480a533e25e46f37dbedb

Request headers

:path: /img/rewad/1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 37590
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 2.png
www.claimitemskinff.ygto.com/img/rewad/ 31 KB
31 KB 349ms
340ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/2.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 6f87027c85ded514a31617e40db1eb0eb44881060802e9fbcf3fad3454f0e517

Request headers

:path: /img/rewad/2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31480
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 3.png
www.claimitemskinff.ygto.com/img/rewad/ 388 KB
389 KB 459ms
450ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/3.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 57e3cbfe13772249b9df6792d4f0fbf968e7d805ab1e1f1f5d95afa0a197807f

Request headers

:path: /img/rewad/3.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 397646
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 4.png
www.claimitemskinff.ygto.com/img/rewad/ 31 KB
31 KB 459ms
451ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/4.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 6079598ca6146c5463794913e4ead6bfd284c86f0c4b3f9298a87e999f2833cf

Request headers

:path: /img/rewad/4.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 31361
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 5.png
www.claimitemskinff.ygto.com/img/rewad/ 33 KB
33 KB 464ms
455ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/5.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 4c8c501f2643af6e7cf81a765e7b7cdb8a76dcea523fb875bd17faa355aada23

Request headers

:path: /img/rewad/5.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 33878
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 6.png
www.claimitemskinff.ygto.com/img/rewad/ 97 KB
97 KB 464ms
456ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/6.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 99a3150456387c6ad5bb4d979ffd6a0a24ab544aee08b82c5a6d7fd1451a6163

Request headers

:path: /img/rewad/6.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 99283
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 7.png
www.claimitemskinff.ygto.com/img/rewad/ 24 KB
24 KB 569ms
561ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/7.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: b1a212ba42e56d054647c28e79c04f745569523cd3082ebdd30898271507e2fe

Request headers

:path: /img/rewad/7.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 24340
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 8.png
www.claimitemskinff.ygto.com/img/rewad/ 19 KB
19 KB 569ms
561ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/8.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8ee9d88cc24fbd863ca154a0d75b88bb3c413663803fac2d280adf6f98fe5ebd

Request headers

:path: /img/rewad/8.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19566
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 9.png
www.claimitemskinff.ygto.com/img/rewad/ 101 KB
101 KB 570ms
562ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/9.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: eaca701bab3fe53f1f9b9f4c8978ad0e229ea811a583a6eb1f751bd02e3873cf

Request headers

:path: /img/rewad/9.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 103005
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 10.png
www.claimitemskinff.ygto.com/img/rewad/ 993 KB
994 KB 570ms
563ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/10.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: f9f3bbf080943688fa04ecdc4c90f9111b02941951a10122482ccf4c121c484c

Request headers

:path: /img/rewad/10.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1017075
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 11.png
www.claimitemskinff.ygto.com/img/rewad/ 444 KB
444 KB 570ms
563ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/11.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 02e5f073074aff88ae0e8d595d5afb669fc5e806f53c5bdbd2ac00497d25b26d

Request headers

:path: /img/rewad/11.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 454152
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 12.png
www.claimitemskinff.ygto.com/img/rewad/ 536 KB
536 KB 570ms
563ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/12.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 3fc094410e09d84e232b2b128ab2d8ce2965ba36c4b036d4a1e7d1f713503f8d

Request headers

:path: /img/rewad/12.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 548926
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 13.png
www.claimitemskinff.ygto.com/img/rewad/ 618 KB
619 KB 570ms
563ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/13.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 63a46f2ee9f2f8a1ebed7d59673bd980d2e97a547ecac260d36b0398ff1803e1

Request headers

:path: /img/rewad/13.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 633340
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 14.png
www.claimitemskinff.ygto.com/img/rewad/ 21 KB
21 KB 570ms
563ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/14.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 17aebe875202f1400777dd04a6ae7ee39493341ad4ccbbd3490aed21a862f156

Request headers

:path: /img/rewad/14.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21688
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 15.png
www.claimitemskinff.ygto.com/img/rewad/ 333 KB
334 KB 570ms
563ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/15.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 3fde121390bd9222fef9d613ac6ba91455b0bcda8e819f2bf4d3845e2fbcb8ce

Request headers

:path: /img/rewad/15.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 341458
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 16.png
www.claimitemskinff.ygto.com/img/rewad/ 21 KB
21 KB 570ms
564ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/16.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: ca7f09f32842f2fac80efb39c2f45023aeb4d0d4ef1d3fe6c1c7c0ff145d3715

Request headers

:path: /img/rewad/16.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21462
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 17.png
www.claimitemskinff.ygto.com/img/rewad/ 382 KB
382 KB 570ms
564ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/17.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 5f047fdd4bf3ea2e7994115f284fb06c93a7c1c0333993db02cef24004527f51

Request headers

:path: /img/rewad/17.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 391298
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 18.png
www.claimitemskinff.ygto.com/img/rewad/ 52 KB
52 KB 570ms
564ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewad/18.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 2e3bf52f33a6258303aeb310aaa4121db4ba002353d3d8d3bbbf1127a3ad2925

Request headers

:path: /img/rewad/18.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 53011
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 1.png
www.claimitemskinff.ygto.com/img/rewards/ 326 KB
327 KB 458ms
452ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/1.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: d30d4509e519a4d3ab34b357ba7798a6ec8d3a6bac31f8d662defea550642afe

Request headers

:path: /img/rewards/1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 334151
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 2.png
www.claimitemskinff.ygto.com/img/rewards/ 328 KB
328 KB 458ms
452ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/2.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 0b1c3f28c9ff8da500535191c7df7d9ea0c0185cbb1aea23365edc5ca5b696a0

Request headers

:path: /img/rewards/2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 335381
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 3.png
www.claimitemskinff.ygto.com/img/rewards/ 330 KB
330 KB 458ms
452ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/3.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 4fa55fc4175958f3ced2b4ac559fad6f7ab93bca138ad2d83fb80a9dfaad13e1

Request headers

:path: /img/rewards/3.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 337773
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 4.png
www.claimitemskinff.ygto.com/img/rewards/ 327 KB
327 KB 458ms
453ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/4.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: b10d0cf171b92aba189df4b65b1cbbdec5235117ea262485bf947334f61303cc

Request headers

:path: /img/rewards/4.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 334844
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 5.png
www.claimitemskinff.ygto.com/img/rewards/ 324 KB
324 KB 458ms
453ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/5.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 93caaeffb1acdc63325c312ef6db39c96d740bf781bcdee61b8735674b49c2db

Request headers

:path: /img/rewards/5.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 331449
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 6.png
www.claimitemskinff.ygto.com/img/rewards/ 328 KB
328 KB 458ms
453ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/6.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: ee2dc3adaefefe8b744681e47286f045d847e5f1af873720ccc0346ffa1f576b

Request headers

:path: /img/rewards/6.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 335800
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 7.png
www.claimitemskinff.ygto.com/img/rewards/ 328 KB
329 KB 457ms
452ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/7.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8c19f0f10104a8220a018d99f33e4142e29824e9da6a8df1bb14743bdaa3cb6b

Request headers

:path: /img/rewards/7.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 336208
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 8.png
www.claimitemskinff.ygto.com/img/rewards/ 329 KB
329 KB 458ms
453ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/8.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 7e30bbf23287f42a093128847e1feebf24d960e8553658bdfe4edea624f8fa8f

Request headers

:path: /img/rewards/8.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 336781
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 9.png
www.claimitemskinff.ygto.com/img/rewards/ 328 KB
328 KB 456ms
451ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/9.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: e0c48ea18f907afcdddefaa33a0ffb4695615a948be96f37fad0f9db1928ed27

Request headers

:path: /img/rewards/9.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 336042
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 10.png
www.claimitemskinff.ygto.com/img/rewards/ 327 KB
328 KB 456ms
451ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/10.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 621fb8e47dba0d9a1985dbd59e014443b5b2e3914e6c0d54906ee1b859828dac

Request headers

:path: /img/rewards/10.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 335313
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 11.png
www.claimitemskinff.ygto.com/img/rewards/ 45 KB
45 KB 457ms
453ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/11.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 7fe3669004075e54d014ed35a9aa83bad333abb37b7c90f2ab52ef6b26db314b

Request headers

:path: /img/rewards/11.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 45654
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 12.png
www.claimitemskinff.ygto.com/img/rewards/ 330 KB
330 KB 456ms
452ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/12.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 2ee30cd09af98729b7a04994d26de67683dd49a1a50bc5bbbc5020eccebb3276

Request headers

:path: /img/rewards/12.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 337478
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 13.png
www.claimitemskinff.ygto.com/img/rewards/ 329 KB
329 KB 569ms
565ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/13.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8feefb18fae7016e1032dffa36b4e19b58f09984620563fca4bb0091fcfeaea3

Request headers

:path: /img/rewards/13.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 336566
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 14.png
www.claimitemskinff.ygto.com/img/rewards/ 330 KB
330 KB 569ms
565ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/14.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: e5740d41726e875bbf0e3cca2771c66189c8ce2837064000b45f2e492f83f293

Request headers

:path: /img/rewards/14.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 337764
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 15.png
www.claimitemskinff.ygto.com/img/rewards/ 330 KB
330 KB 569ms
565ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/15.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 06c6444b9c8bca00e742b4598f3a7f9b0e05f82b59ff5f2cc2b6afb3061a175f

Request headers

:path: /img/rewards/15.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 337887
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 16.png
www.claimitemskinff.ygto.com/img/rewards/ 332 KB
332 KB 569ms
566ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/16.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8fc8eb139e2b6baa5ab0323d73956a56d66d591eed3028c72478f16fa13e9a08

Request headers

:path: /img/rewards/16.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 339824
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 17.png
www.claimitemskinff.ygto.com/img/rewards/ 330 KB
331 KB 569ms
566ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/17.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 8f3c2cc4de315ab3fc8b9e281fc7ce23fe338e0f322cad54ead5316b31187c56

Request headers

:path: /img/rewards/17.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 338334
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 18.png
www.claimitemskinff.ygto.com/img/rewards/ 330 KB
330 KB 569ms
566ms Image
image/png 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.claimitemskinff.ygto.com/img/rewards/18.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: e88b6e1f5af3070e20528729d182cdfe32d0899f39cd0b1d3189ac7c2979847e

Request headers

:path: /img/rewards/18.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 337709
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET facebook-text.png
i.ibb.co/QNdsmDc/ 0
0

GET
H2 200 p_2021sfieg1.png
e.top4top.io/ 62 KB
62 KB 194ms
123ms Image
image/png 195.154.113.34
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.top4top.io/p_2021sfieg1.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.113.34 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-113-34.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 342cc6fb3a28b52d8a292de4b417d91b4e6049e585ce3ec30db1d95316a2b68f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-file-id: x39494176x
date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Wed, 14 Jul 2021 14:47:49 GMT
server: nginx
etag: "60eef915-f665"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="icon.png"
accept-ranges: bytes
content-length: 63077
expires: Mon, 27 Sep 2021 06:46:49 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
30 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 23 Sep 2021 13:30:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314168
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Fri, 23 Sep 2022 13:30:41 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
82 KB 42ms
18ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 21 Sep 2021 09:30:21 GMT
x-content-type-options: nosniff
age: 501388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84320
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 21 Sep 2022 09:30:21 GMT

GET
H2 200 tab.js Show response
www.claimitemskinff.ygto.com/js/ 668 B
277 B 129ms
118ms Script
application/javascript 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimitemskinff.ygto.com/js/tab.js
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: da4ade7b06f41a94ee82ab77f6726a66d09f3f08699a9ccbac68c8b5dedd3096

Request headers

:path: /js/tab.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 226
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 popup.js Show response
www.claimitemskinff.ygto.com/js/ 2 KB
533 B 129ms
119ms Script
application/javascript 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimitemskinff.ygto.com/js/popup.js
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: e56da9daff12c65e754f8606e35edc689fb767f4c878d9851f6325c1a7f6417b

Request headers

:path: /js/popup.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
content-encoding: br
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 482
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 200 click.js Show response
www.claimitemskinff.ygto.com/js/ 155 B
187 B 130ms
119ms Script
application/javascript 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimitemskinff.ygto.com/js/click.js
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 0f5b2c59b495689622c8b389bd027af525913753d3574fd80a51b00108758228

Request headers

:path: /js/click.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 155
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H2 206 m_20211qvjo4.mp4
b.top4top.io/ 2 MB
2 MB 179ms
112ms Media
video/mp4 163.172.80.128
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://b.top4top.io/m_20211qvjo4.mp4
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.80.128 , France, ASN12876 (Online SAS, FR),
Reverse DNS: rev-163-172-80-128.embersyndicate.com
Software: nginx /
Resource Hash: 53eb4349b87c33196dcc2cbd6b9fc8fcc8a8673648a65f26c291f9bea433b0d7

Request headers

Referer: https://www.claimitemskinff.ygto.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

x-file-id: x39493945x
date: Mon, 27 Sep 2021 04:46:48 GMT
last-modified: Wed, 14 Jul 2021 14:28:32 GMT
server: nginx
etag: "60eef490-24959f"
content-type: video/mp4
Content-Range: bytes 0-2397598/2397599
cache-control: max-age=7200
content-disposition: inline; filename="218198249_806237093597984_8325219450030067974_n.mp4"
Content-Length: 2397599
expires: Mon, 27 Sep 2021 06:46:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 40ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

Requested by

Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

303e5fe1c9accaf33939757fbb303331640d1cea9a98149114e7c49efc7a4285

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 04:46:49 GMT
server: ESF
date: Mon, 27 Sep 2021 04:46:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 27 Sep 2021 04:46:49 GMT

GET
H2 200 p_2021uzulj5.jpeg
b.top4top.io/ 31 KB
31 KB 126ms
112ms Image
image/jpeg 163.172.80.128
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.top4top.io/p_2021uzulj5.jpeg
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.80.128 , France, ASN12876 (Online SAS, FR),
Reverse DNS: rev-163-172-80-128.embersyndicate.com
Software: nginx /
Resource Hash: debe88e3880154762dfe0e364585d298c70b3913eeb2c18f576aaea181ec7226

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-file-id: x39493741x
date: Mon, 27 Sep 2021 04:46:48 GMT
last-modified: Wed, 14 Jul 2021 14:12:50 GMT
server: nginx
etag: "60eef0e2-7bf7"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="images%20(17).jpeg"
accept-ranges: bytes
content-length: 31735
expires: Mon, 27 Sep 2021 06:46:48 GMT

GET
H2 200 p_2021wob2z4.jpeg
l.top4top.io/ 42 KB
42 KB 193ms
119ms Image
image/jpeg 51.15.189.129
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.top4top.io/p_2021wob2z4.jpeg
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.15.189.129 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-15-189-129.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 14feccda37d4d38144d85a8510cbef7d88202942d757533182839f9f21d0e27b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-file-id: x39493871x
date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Wed, 14 Jul 2021 14:23:00 GMT
server: nginx
etag: "60eef344-a702"
content-type: image/jpeg
cache-control: max-age=7200
content-disposition: inline; filename="images%20(18).jpeg"
accept-ranges: bytes
content-length: 42754
expires: Mon, 27 Sep 2021 06:46:49 GMT

GET
H2 200 p_2021okdw80.png
k.top4top.io/ 6 KB
6 KB 198ms
111ms Image
image/png 51.159.59.232
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://k.top4top.io/p_2021okdw80.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.159.59.232 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS: 51-159-59-232.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 30e6b87a92d67bf8ebd63060593e92c6a3cf0c757646ddad5e04c87251f7a12c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-file-id: x39493678x
date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Wed, 14 Jul 2021 14:07:42 GMT
server: nginx
etag: "60eeefae-181f"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="popup_btn.png"
accept-ranges: bytes
content-length: 6175
expires: Mon, 27 Sep 2021 06:46:49 GMT

GET
H2 200 p_20214yawk6.png
e.top4top.io/ 5 KB
5 KB 94ms
94ms Image
image/png 195.154.113.34
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e.top4top.io/p_20214yawk6.png
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/css/style.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.113.34 Ivry-sur-Seine, France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-113-34.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 9f38e0cab64610b53112019bcf89c913adbb36cf4aa475a3093f5f9946e7be4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.claimitemskinff.ygto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-file-id: x39493576x
date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Wed, 14 Jul 2021 14:01:12 GMT
server: nginx
etag: "60eeee28-135d"
content-type: image/png
cache-control: max-age=7200
content-disposition: inline; filename="btn_item.png"
accept-ranges: bytes
content-length: 4957
expires: Mon, 27 Sep 2021 06:46:49 GMT

GET
H2 200 LYjNdG7kmE0gfaN9pQ.woff2
fonts.gstatic.com/s/teko/v10/ 13 KB
14 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/teko/v10/LYjNdG7kmE0gfaN9pQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500,700|Teko:300,400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51b6a852f98c7140040a19aeed7333059105f04271c132beef28e0f28b86ae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.claimitemskinff.ygto.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 22 Sep 2021 13:33:17 GMT
x-content-type-options: nosniff
age: 400412
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13324
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:26:11 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Sep 2022 13:33:17 GMT

GET
H3-Q050 200 pubg.woff2
www.claimitemskinff.ygto.com/fonts/ 8 KB
8 KB 117ms
117ms Font
font/woff2 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimitemskinff.ygto.com/fonts/pubg.woff2
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/css/style.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: cb43ac49eedab33f20aaf47304230a47a4f0da8e26e76dde2710f37a5aed0978

Request headers

:path: /fonts/pubg.woff2
pragma: no-cache
origin: https://www.claimitemskinff.ygto.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.claimitemskinff.ygto.com/css/style.css
Origin: https://www.claimitemskinff.ygto.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Thu, 15 Jul 2021 04:15:58 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8156
expires: Mon, 04 Oct 2021 04:46:49 GMT

GET
H3-Q050 404 login.mp3
www.claimitemskinff.ygto.com/media/ 1 KB
1 KB 117ms
116ms Media
text/html 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimitemskinff.ygto.com/media/login.mp3
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d

Request headers

:path: /media/login.mp3
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: audio
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://www.claimitemskinff.ygto.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 04:46:49 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
content-type: text/html

GET
H3-Q050 404 tutup.mp3
www.claimitemskinff.ygto.com/media/ 1 KB
1 KB 117ms
116ms Media
text/html 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimitemskinff.ygto.com/media/tutup.mp3
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash: 79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d

Request headers

:path: /media/tutup.mp3
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: audio
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://www.claimitemskinff.ygto.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 04:46:49 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
content-type: text/html

GET
H3-Q050 404 button.mp3
www.claimitemskinff.ygto.com/media/ 36 B
0 117ms
116ms Media
text/html 144.126.135.60
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.claimitemskinff.ygto.com/media/button.mp3
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 144.126.135.60 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi625172.contaboserver.net
Software: LiteSpeed /
Resource Hash

Request headers

:path: /media/button.mp3
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: audio
:authority: www.claimitemskinff.ygto.com
referer: https://www.claimitemskinff.ygto.com/
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://www.claimitemskinff.ygto.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

pragma: no-cache
date: Mon, 27 Sep 2021 04:46:49 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1237
content-type: text/html

GET jquery-1.10.2.min.js
code.jquery.com/ 0
0

GET
H2 206 m_2021xp7wc5.mp3
a.top4top.io/ 0
0 80ms
22ms Media
audio/mpeg 163.172.219.20
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.top4top.io/m_2021xp7wc5.mp3
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.219.20 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-219-20.rev.poneytelecom.eu
Software: nginx /
Resource Hash

Request headers

Referer: https://www.claimitemskinff.ygto.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

x-file-id: x39494112x
date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Wed, 14 Jul 2021 14:43:04 GMT
server: nginx
etag: "60eef7f8-47ce"
content-type: audio/mpeg
Content-Range: bytes 0-18381/18382
cache-control: max-age=7200
content-disposition: inline; filename="daichi.mp3"
Content-Length: 18382
expires: Mon, 27 Sep 2021 06:46:49 GMT

GET
H2 206 m_2021xp7wc5.mp3
a.top4top.io/ 18 KB
18 KB 80ms
22ms Media
audio/mpeg 163.172.219.20
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.top4top.io/m_2021xp7wc5.mp3
Requested by: Host: www.claimitemskinff.ygto.com
URL: https://www.claimitemskinff.ygto.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.219.20 Amsterdam, Netherlands, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-219-20.rev.poneytelecom.eu
Software: nginx /
Resource Hash: 1ac0787254aa7a1e125885fdc5aba866dc7c3f406e596a7f17b399f10a7d3999

Request headers

Referer: https://www.claimitemskinff.ygto.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

x-file-id: x39494112x
date: Mon, 27 Sep 2021 04:46:49 GMT
last-modified: Wed, 14 Jul 2021 14:43:04 GMT
server: nginx
etag: "60eef7f8-47ce"
content-type: audio/mpeg
Content-Range: bytes 0-18381/18382
cache-control: max-age=7200
content-disposition: inline; filename="daichi.mp3"
Content-Length: 18382
expires: Mon, 27 Sep 2021 06:46:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: i.ibb.co
URL: https://i.ibb.co/QNdsmDc/facebook-text.png

Domain: code.jquery.com
URL: http://code.jquery.com/jquery-1.10.2.min.js

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.claimitemskinff.ygto.com/ Message: Mixed Content: The page at 'https://www.claimitemskinff.ygto.com/' was loaded over HTTPS, but requested an insecure script 'http://code.jquery.com/jquery-1.10.2.min.js'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://i.ibb.co/QNdsmDc/facebook-text.png Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://www.claimitemskinff.ygto.com/media/login.mp3 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.claimitemskinff.ygto.com/media/tutup.mp3 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.claimitemskinff.ygto.com/media/button.mp3 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.top4top.io
ajax.googleapis.com
b.top4top.io
cdnjs.cloudflare.com
code.jquery.com
d.top4top.io
e.top4top.io
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
j.top4top.io
k.top4top.io
l.top4top.io
stackpath.bootstrapcdn.com
www.claimitemskinff.ygto.com
www.pubgmobile.com
code.jquery.com
i.ibb.co
135.181.63.70
144.126.135.60
163.172.219.20
163.172.80.128
195.154.113.34
2606:4700::6810:135e
2606:4700::6812:bcf
2a00:1450:4001:800::2003
2a00:1450:4001:811::200a
2a00:1450:4001:812::200a
2a02:26f0:6c00::210:ba08
51.15.189.129
51.158.146.105
51.159.59.232
02e5f073074aff88ae0e8d595d5afb669fc5e806f53c5bdbd2ac00497d25b26d
06c6444b9c8bca00e742b4598f3a7f9b0e05f82b59ff5f2cc2b6afb3061a175f
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0b1c3f28c9ff8da500535191c7df7d9ea0c0185cbb1aea23365edc5ca5b696a0
0f5b2c59b495689622c8b389bd027af525913753d3574fd80a51b00108758228
12ecca619edd7636523e6b67f2953ed82326d5b49bcc565bd14e36aedb933325
14feccda37d4d38144d85a8510cbef7d88202942d757533182839f9f21d0e27b
17aebe875202f1400777dd04a6ae7ee39493341ad4ccbbd3490aed21a862f156
1ac0787254aa7a1e125885fdc5aba866dc7c3f406e596a7f17b399f10a7d3999
2e3bf52f33a6258303aeb310aaa4121db4ba002353d3d8d3bbbf1127a3ad2925
2ee30cd09af98729b7a04994d26de67683dd49a1a50bc5bbbc5020eccebb3276
303e5fe1c9accaf33939757fbb303331640d1cea9a98149114e7c49efc7a4285
30e6b87a92d67bf8ebd63060593e92c6a3cf0c757646ddad5e04c87251f7a12c
342cc6fb3a28b52d8a292de4b417d91b4e6049e585ce3ec30db1d95316a2b68f
3d623991fdcdfbf60987204431177416c83ec1ca5bcbe3c0e44fd486a0f48598
3fc094410e09d84e232b2b128ab2d8ce2965ba36c4b036d4a1e7d1f713503f8d
3fde121390bd9222fef9d613ac6ba91455b0bcda8e819f2bf4d3845e2fbcb8ce
4c8c501f2643af6e7cf81a765e7b7cdb8a76dcea523fb875bd17faa355aada23
4cf017952c689bce9b0fc7fccb74a3ed6048cadf6ec480a533e25e46f37dbedb
4fa55fc4175958f3ced2b4ac559fad6f7ab93bca138ad2d83fb80a9dfaad13e1
51b6a852f98c7140040a19aeed7333059105f04271c132beef28e0f28b86ae48
51e0d574fc035ad278c5d8b27d7b876f95f23cda2477acf9b5bbb9a2485d4524
53eb4349b87c33196dcc2cbd6b9fc8fcc8a8673648a65f26c291f9bea433b0d7
57e3cbfe13772249b9df6792d4f0fbf968e7d805ab1e1f1f5d95afa0a197807f
5f047fdd4bf3ea2e7994115f284fb06c93a7c1c0333993db02cef24004527f51
6079598ca6146c5463794913e4ead6bfd284c86f0c4b3f9298a87e999f2833cf
621fb8e47dba0d9a1985dbd59e014443b5b2e3914e6c0d54906ee1b859828dac
63a46f2ee9f2f8a1ebed7d59673bd980d2e97a547ecac260d36b0398ff1803e1
65bcb1d2699f8726c0fe67bd01eb5cc8cd682a8eb8b67aeda82739a41f1f5a8d
6ef89f0ff43cea4dd2de91e6ab06d2211d3df4193239a9e00ed51807643245f5
6f87027c85ded514a31617e40db1eb0eb44881060802e9fbcf3fad3454f0e517
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79ce4e2bbf25c4a4d91458d191d6ef268b4592169ae6586ba52242f412670b5d
7e30bbf23287f42a093128847e1feebf24d960e8553658bdfe4edea624f8fa8f
7fe3669004075e54d014ed35a9aa83bad333abb37b7c90f2ab52ef6b26db314b
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8994759450d4def3d04debdfef63a496321b2749b7b45767fb9839f3bb185397
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
8c19f0f10104a8220a018d99f33e4142e29824e9da6a8df1bb14743bdaa3cb6b
8ee9d88cc24fbd863ca154a0d75b88bb3c413663803fac2d280adf6f98fe5ebd
8f3c2cc4de315ab3fc8b9e281fc7ce23fe338e0f322cad54ead5316b31187c56
8fc8eb139e2b6baa5ab0323d73956a56d66d591eed3028c72478f16fa13e9a08
8feefb18fae7016e1032dffa36b4e19b58f09984620563fca4bb0091fcfeaea3
93caaeffb1acdc63325c312ef6db39c96d740bf781bcdee61b8735674b49c2db
99a3150456387c6ad5bb4d979ffd6a0a24ab544aee08b82c5a6d7fd1451a6163
99ed54c6d4dbabf849b1b844a548a0ee3f8a8d0bf2c4424d57ee5d8c761f843a
9f38e0cab64610b53112019bcf89c913adbb36cf4aa475a3093f5f9946e7be4f
a20af21afb394e0efb04bb292e5faaf2684003d2d94d71122b8f98c69fb68870
a61ba6147dc708bcecfb1a2adfdd5ceb9550e06992c5ffb42c3e30d36823e95c
b10d0cf171b92aba189df4b65b1cbbdec5235117ea262485bf947334f61303cc
b1a212ba42e56d054647c28e79c04f745569523cd3082ebdd30898271507e2fe
c65105cdbe0a0acbe78890736c65638c75341a757bc9cf917222068c4407281b
ca7f09f32842f2fac80efb39c2f45023aeb4d0d4ef1d3fe6c1c7c0ff145d3715
cb43ac49eedab33f20aaf47304230a47a4f0da8e26e76dde2710f37a5aed0978
d1f6890b3735c30420d80f740e7dddf964dbccb27cc29faf5b28f661d4049351
d30d4509e519a4d3ab34b357ba7798a6ec8d3a6bac31f8d662defea550642afe
da4ade7b06f41a94ee82ab77f6726a66d09f3f08699a9ccbac68c8b5dedd3096
debe88e3880154762dfe0e364585d298c70b3913eeb2c18f576aaea181ec7226
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e0c48ea18f907afcdddefaa33a0ffb4695615a948be96f37fad0f9db1928ed27
e20d0a77af62d8461cc5f464d9463d7eb417452e32ce216cff928b0658a53a52
e56da9daff12c65e754f8606e35edc689fb767f4c878d9851f6325c1a7f6417b
e5740d41726e875bbf0e3cca2771c66189c8ce2837064000b45f2e492f83f293
e88b6e1f5af3070e20528729d182cdfe32d0899f39cd0b1d3189ac7c2979847e
e89c81987c5cbc157097eaa6657d6a594abf030cc89bb63f0d2154d8383e9fab
eaca701bab3fe53f1f9b9f4c8978ad0e229ea811a583a6eb1f751bd02e3873cf
ece6fc3bf5e763a1031f5900eea1e88bd8a27bf8a2a9bddf4402301f450f21e4
ee2dc3adaefefe8b744681e47286f045d847e5f1af873720ccc0346ffa1f576b
f9f3bbf080943688fa04ecdc4c90f9111b02941951a10122482ccf4c121c484c

www.claimitemskinff.ygto.com Open in urlscan Pro 144.126.135.60 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

75 Requests

97 %HTTPS

43 %IPv6

9 Domains

16 Subdomains

15 IPs

5 Countries

12635 kBTransfer

12928 kBSize

0 Cookies

0 Outgoing links

Redirected requests

75 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.claimitemskinff.ygto.com Open in urlscan Pro
144.126.135.60 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

75
Requests

97 %
HTTPS

43 %
IPv6

9
Domains

16
Subdomains

15
IPs

5
Countries

12635 kB
Transfer

12928 kB
Size

0
Cookies

75 HTTP transactions
0 data transactions