urlscan.io logo urlscan.io
SecurityTrails logo

redeemfreefire.eventclaim.xyz Open in urlscan Pro
2a06:98c1:3120::7  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://redeemfreefire.eventclaim.xyz/
Submission: On May 01 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 8 domains to perform 23 HTTP transactions. The main IP is 2a06:98c1:3120::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is redeemfreefire.eventclaim.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 29th 2022. Valid for: a year.
This is the only time redeemfreefire.eventclaim.xyz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

IP Address AS Autonomous System
11 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
3 6 107.160.74.131 40676 (AS40676)
1 2a00:1450:400... 15169 (GOOGLE)
23 9
11    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
redeemfreefire.eventclaim.xyz
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
2    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
rawcdn.githack.com
6    107.160.74.131 (United States)

ASN40676 (AS40676, US)
PTR: unassigned.psychz.net
files.catbox.moe
de.catbox.moe
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
Apex Domain
Subdomains		 Transfer
11 eventclaim.xyz
redeemfreefire.eventclaim.xyz
211 KB
6 catbox.moe
files.catbox.moe — Cisco Umbrella Rank: 179262
de.catbox.moe
136 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
23 KB
2 githack.com
rawcdn.githack.com — Cisco Umbrella Rank: 67234
3 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 278
30 KB
1 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2220
7 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 55
38 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
23 8
Domain Requested by
11 redeemfreefire.eventclaim.xyz redeemfreefire.eventclaim.xyz
3 de.catbox.moe redeemfreefire.eventclaim.xyz
3 files.catbox.moe 3 redirects
3 cdnjs.cloudflare.com redeemfreefire.eventclaim.xyz
2 rawcdn.githack.com redeemfreefire.eventclaim.xyz
1 ajax.googleapis.com redeemfreefire.eventclaim.xyz
1 stackpath.bootstrapcdn.com redeemfreefire.eventclaim.xyz
1 www.googletagmanager.com redeemfreefire.eventclaim.xyz
1 www.google-analytics.com redeemfreefire.eventclaim.xyz
23 9

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-29 -
2023-04-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://redeemfreefire.eventclaim.xyz/
Frame ID: 16BAF7712E178161A49B0E2D3971EE14
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Fire

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

87 %
HTTPS

88 %
IPv6

8
Domains

9
Subdomains

9
IPs

2
Countries

468 kB
Transfer

813 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://files.catbox.moe/shq1bp.png HTTP 301
  • https://de.catbox.moe/shq1bp.png
Request Chain 17
  • https://files.catbox.moe/ljahcc.jpeg HTTP 301
  • https://de.catbox.moe/ljahcc.jpeg
Request Chain 18
  • https://files.catbox.moe/7jey62.png HTTP 301
  • https://de.catbox.moe/7jey62.png

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
redeemfreefire.eventclaim.xyz/ 		17 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db4ec073d903b592836cac6f4055ade25f7663251c2565489996c17a9e4a12d5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
70453c42ef809267-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 01 May 2022 02:54:56 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OtJKcGzr6gcwlVNBX1rGyir6cZ6MCKSLfHJVYlVph6lKGDHI4soAvV8mJ4TodCfLIybfr0brpxvAfzeZbrS7CM72100ohwWAaAi2pnzgpjh9Mb%2FT0glp3DEWLurhmCHKyGMSpgvieP1cSk2n07EcPUaYWlleqzXCC9sT8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4807
date
Sun, 01 May 2022 01:34:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 01 May 2022 03:34:50 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-180844756-1
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f40dbfc44c7ed7b05cedade41152655ea82a8e87a75f4cb8a1cf9d67ba94b835
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38808
x-xss-protection
0
last-modified
Sun, 01 May 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 01 May 2022 02:54:57 GMT
style-AlexHost.css
redeemfreefire.eventclaim.xyz/alexFrontEnd/css/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://redeemfreefire.eventclaim.xyz/alexFrontEnd/css/style-AlexHost.css
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d7d9e2fa6d6434a0faff6a6cd12a8544fd6a13030f6c830696e07431aa9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:57 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 08 Nov 2021 14:35:41 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61NZKC7e%2BL635j0hN4LlqsHSdnfHUEzLgLLBPWI9DSs3eNfZTODxMBrtqtHJdCy1Pn08NferbmE2utAB08gz9X8AzBeD%2BAwGarBwbR27X%2BHyDZQpLz03aL0KT%2BoVf6ZOBFQ%2F6kNINx0SHkuMLmw4Ec%2FZDM8AUJI3vRnCQg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by
LiteSpeed
cf-ray
70453c467a799267-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 08 May 2022 02:54:57 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
660761
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEq3FxZbWTfPnv%2BWXoaLn%2BPQ5hijuFSs84tfpzq7YnFMyd1zLIIoyBn0Fza2mHAxsExjHtBYIVkkCjghE1areMS8at5AgudNOkOgst%2BOMSAomeq0qO0e2ry%2FoU1bNtLMQ9PcXc8riG9QiXLxmAPanchv"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70453c469823996e-FRA
expires
Fri, 21 Apr 2023 02:54:57 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 		58 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2101341
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10472
timing-allow-origin
*
last-modified
Wed, 13 Jan 2021 22:29:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fff7431-e7d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VqXG35vc4AMMzu%2FFVcWCQW1z7MZDPWi8dvhI853SrLTdOtnw8iA3C%2F%2Fq82zGpVZK%2BtUc88PA0Kls%2BvCwH%2F2tGXSJ6Vz8aX59fGhuHaOylj4T4FbbbspKs3V%2Fnl8ubCWOLgjUnLhOkIOftmIZuioc2QRt"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70453c469826996e-FRA
expires
Fri, 21 Apr 2023 02:54:57 GMT
font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
723
age
5319367
cdn-cachedat
11/15/2021 21:49:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
2729ae8f2fc6c761bdc17d91cc795f58
cf-ray
70453c46bbb89b80-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 		69 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:57 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2259770
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5845
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:12:09 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ed9-1149f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K1trBUoXdVsjzNDpbpaU4tyJFihJwXN%2BzWNICFz8Cf7x1hd4L3HjJti12GTlYD2wXUppl22p4BbxQtZEoxJj6GnPPocp8Hy%2BjbURH7CpgJe55S%2FfvYiXfoFbVOVAE8es%2F7qE8JuTtxCBdmhVQKy4Lgqf"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
70453c469827996e-FRA
expires
Fri, 21 Apr 2023 02:54:57 GMT
alex-facebook.css
rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/alex-facebook.css
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cff81f8984cdebd9f5039cd4c058d7d67bba4b92666dc0605f47c44b6a761df2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fastly-request-id
0f679fd790b6e4a63f1b2d3444a267d4c630685c
date
Sun, 01 May 2022 02:54:57 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6235408
source-age
0
x-cache
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-bma1669-BMA
x-robots-tag
none
server
cloudflare
x-github-request-id
832E:903D:7B4DA:BC658:620D6C7C
x-timer
S1645046909.966790,VS0,VE227
etag
W/"0a8f3f8981d9c9102640cd89134620b5b03a473db8c3d339e31ddde5838eb64c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Authorization,Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvkK%2FpNPsVtgN28h2TXI%2Bn6XqDc2DQGVS0h5S12%2F2PvG4W6rlrsQ2lT%2BwlodRkRPu%2FeHHw9RYfn%2Fcg21V%2FXj%2BOOO1RTT1KmU9hF%2F6bfu%2FHUDRNcDPHWnsyocxn1trSpzf3pXMjN8b6GFgQVxxznJYCU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-githack-cache-status
STALE
cache-control
max-age=315360000, public, immutable
cf-ray
70453c46be169112-FRA
x-cache-hits
0
alex-google.css
rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rawcdn.githack.com/AlexHostX/all.asset/1591ba04a57c11f4b18d2ebb39e03e4a81715c83/alex-google.css
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4abb644266a5139ed69498a2f9522afe373c41787fda172dad55ce1afb18a8df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-fastly-request-id
e86b7b782b54571b4d218afe01602d23e6b9b012
date
Sun, 01 May 2022 02:54:57 GMT
via
1.1 varnish
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5260268
source-age
0
x-cache
MISS
expires
Thu, 31 Dec 2037 23:55:55 GMT
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-bma1651-BMA
x-robots-tag
none
server
cloudflare
x-github-request-id
4F52:9040:79FB47:7F15A1:620D62BA
x-timer
S1645044411.672519,VS0,VE176
etag
W/"7652d432e77389d2064f55511cc6b91d5be6c83a7c4a508c20c6cd28cb795570"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Authorization,Accept-Encoding,Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tK57JOm%2Bsb6vPhKW3xMLX7hvQd8v7dulSKKw3%2FkCzh2KR6nHzF0IFfGp1r2AbpcXM8nPF2AcFItvLlQ5sQqx2W9FbYoubPbpnKJdGcPGWysbrGUrqiCxtyzbttI4p67pu%2F5UHhNHDsaUS5e%2BQ2THgK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-githack-cache-status
STALE
cache-control
max-age=315360000, public, immutable
cf-ray
70453c46be199112-FRA
x-cache-hits
0
fbcircle-Alex.png
redeemfreefire.eventclaim.xyz/alexFrontEnd/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redeemfreefire.eventclaim.xyz/alexFrontEnd/img/fbcircle-Alex.png
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:57 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9175
last-modified
Mon, 08 Nov 2021 14:23:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lu5mfDR%2BlNsNeJ9EelKpcum%2BQm8BANYjo97Ex1PSanQkRYdYvouGiBNFhZZ90Is2MRhIOd74aQe%2Ft0DqOlihEGG9VBPLKcJnCfU96Ye%2F3r8HCnicgXn9bd0jWg7GNSKgTsnyKUad9ygkTcHW9KV4KbDRNFC0dQ83pNN7UA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70453c467a7e9267-FRA
expires
Sun, 08 May 2022 02:54:57 GMT
vkcircle-Alex.png
redeemfreefire.eventclaim.xyz/alexFrontEnd/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redeemfreefire.eventclaim.xyz/alexFrontEnd/img/vkcircle-Alex.png
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ffae0974acd7014b8e30ff2510ff2c8809103dca22a9e9d252cfd525cc7eff9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:57 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9846
last-modified
Mon, 08 Nov 2021 15:24:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ctqidkSxrJsaZUqalI2zsNXFGwk%2BtJ6b2ERz7DNy6zOBTMfmCzEIfqpwwgh%2B91by%2Fn7FASeC2I5q%2B2YEek5gD41SHcIjU3G3s3e63QmdgELlqI2h6b63epMI1FqYIMeEvIo5WrC87ROREGKrkhxtnmhxPgqHhSMFOYW4Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70453c467a809267-FRA
expires
Sun, 08 May 2022 02:54:57 GMT
gpcircle-Alex.png
redeemfreefire.eventclaim.xyz/alexFrontEnd/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redeemfreefire.eventclaim.xyz/alexFrontEnd/img/gpcircle-Alex.png
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edefde11d13eb274cafd860dd219755352257187b374f313c810cb6a20f0a477

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:57 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6351
last-modified
Mon, 08 Nov 2021 14:23:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrAH2tj1LQbr5wGv4KHmVfcd2y9l6AEOZogyMQ3rboHjJlK6IftxaqSrJ89tyo%2F1IzG6nB7qgAlk77%2F8lHHTCLNnfLGuqRua%2Bdurwc0dr0WMCXTJlP6YPvD6WYmbEZPJYCnFmoeVdTgj%2F8bnz3GdDEpLlPJjjHgSw%2BzMow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70453c467a819267-FRA
expires
Sun, 08 May 2022 02:54:57 GMT
hwcircle-Alex.png
redeemfreefire.eventclaim.xyz/alexFrontEnd/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redeemfreefire.eventclaim.xyz/alexFrontEnd/img/hwcircle-Alex.png
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38e377481a3abf35890dbc9abd19fd4657ab4ea449d24299073da019da5b4281

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:57 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3010
last-modified
Mon, 08 Nov 2021 15:24:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2F3dkVzZ3nm4yvteQcV8q1dTTJs1sCxE1aaEh8Yg2RygGfmw9rX7Kfw2f1IFo%2BbZ1GWbVTUHUR51ky3LY1J1%2BWXAa%2BxTobKIm3SotUEpfiFGTCm6AH0ioiGUIW%2FhFgIWngZ1JBG4lrl04%2FL%2F1liOeSDcqyfVTDu25h%2Ff8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70453c467a829267-FRA
expires
Sun, 08 May 2022 02:54:57 GMT
applcircle-Alex.png
redeemfreefire.eventclaim.xyz/alexFrontEnd/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redeemfreefire.eventclaim.xyz/alexFrontEnd/img/applcircle-Alex.png
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:57 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9069
last-modified
Mon, 08 Nov 2021 15:24:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snF3SvMZqwB2IGV62uZJJkdH%2BkOIAWUN5o%2BnzHp46AgNDGC3%2B39T3j7syEhuy2DQ%2B5PSUbRD5R7YEiiOkSkuCZHR%2FUvMyIIxORRfhk6RXlPPT8CzTOMw0blPqhFV%2Fzy1v0kxmsqeCXKnWYp7K3AzTncYutCrNaKyleeFXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70453c467a839267-FRA
expires
Sun, 08 May 2022 02:54:57 GMT
twcircle-Alex.png
redeemfreefire.eventclaim.xyz/alexFrontEnd/img/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redeemfreefire.eventclaim.xyz/alexFrontEnd/img/twcircle-Alex.png
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
392c6ef45dc72dc2d72c2a2d16ff5fcd5943766e78e14f1f6bb008c59cf80877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:57 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9812
last-modified
Mon, 08 Nov 2021 15:24:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fVpfzqICKcSk1vk204yGouUtkgy3vIZo%2FBBbLLEcYX0xakWHUCbPnZrth%2BvjVHwoDQgGSqf1hrZ4ARrC2kCSX1w3u%2FfhNtrBs4sha5olrn4U%2Bs6P041ZxDcpkmxiNwfsWY%2BvcXzPFyxyHRoRQE%2BOrE%2F%2BWQpjei5Be44xFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70453c467a859267-FRA
expires
Sun, 08 May 2022 02:54:57 GMT
garena-Alex.jpg
redeemfreefire.eventclaim.xyz/alexFrontEnd/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redeemfreefire.eventclaim.xyz/alexFrontEnd/img/garena-Alex.jpg
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:57 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3522
last-modified
Mon, 08 Nov 2021 14:23:49 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7a%2BbiKY9J8NaC7Uoty7se%2FC9agZu5eIUdH91rC4Z%2BtmfckuDFAhofNmIp5IVBGNK6Xj4thK6GcE8kBKVL7JvbzIinmaKh0drqxdUs88ywgY24C10FqKbBV5FcB4rCU2zNniIHdGq0mzlQw6zPb1Wa5tSQfoDBXam9CMug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70453c467a869267-FRA
expires
Sun, 08 May 2022 02:54:57 GMT
shq1bp.png
de.catbox.moe/
Redirect Chain
  • https://files.catbox.moe/shq1bp.png
  • https://de.catbox.moe/shq1bp.png
28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.catbox.moe/shq1bp.png
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Server
107.160.74.131 , United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx/1.21.3 /
Resource Hash
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://de.catbox.moe; style-src https://de.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://de.catbox.moe; style-src https://de.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options
nosniff
last-modified
Sun, 20 Mar 2022 14:13:03 GMT
server
nginx/1.21.3
date
Sun, 01 May 2022 02:54:57 GMT
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
28789
etag
"6237366f-7075"

Redirect headers

date
Sun, 01 May 2022 02:54:57 GMT
x-content-type-options
nosniff
server
nginx/1.21.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
location
https://de.catbox.moe/shq1bp.png
content-length
169
x-xss-protection
1; mode=block
ljahcc.jpeg
de.catbox.moe/
Redirect Chain
  • https://files.catbox.moe/ljahcc.jpeg
  • https://de.catbox.moe/ljahcc.jpeg
75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.catbox.moe/ljahcc.jpeg
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Server
107.160.74.131 , United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx/1.21.3 /
Resource Hash
0bac0a0607bb21d1dcd7b06e9fd117a160b3a463499a3de09855c0f3b5db8023
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://de.catbox.moe; style-src https://de.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://de.catbox.moe; style-src https://de.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options
nosniff
last-modified
Sun, 20 Mar 2022 16:04:10 GMT
server
nginx/1.21.3
date
Sun, 01 May 2022 02:54:57 GMT
access-control-allow-methods
GET, HEAD
content-type
image/jpeg
access-control-allow-origin
*
accept-ranges
bytes
content-length
76538
etag
"6237507a-12afa"

Redirect headers

date
Sun, 01 May 2022 02:54:57 GMT
x-content-type-options
nosniff
server
nginx/1.21.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
location
https://de.catbox.moe/ljahcc.jpeg
content-length
169
x-xss-protection
1; mode=block
7jey62.png
de.catbox.moe/
Redirect Chain
  • https://files.catbox.moe/7jey62.png
  • https://de.catbox.moe/7jey62.png
32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de.catbox.moe/7jey62.png
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Server
107.160.74.131 , United States, ASN40676 (AS40676, US),
Reverse DNS
unassigned.psychz.net
Software
nginx/1.21.3 /
Resource Hash
fdd37318b46d0c24c6bd0fe572ef01518160e311ca8fc05231a851345f1e0907
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://de.catbox.moe; style-src https://de.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://de.catbox.moe; style-src https://de.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options
nosniff
last-modified
Sun, 20 Mar 2022 16:08:09 GMT
server
nginx/1.21.3
date
Sun, 01 May 2022 02:54:57 GMT
access-control-allow-methods
GET, HEAD
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
content-length
32348
etag
"62375169-7e5c"

Redirect headers

date
Sun, 01 May 2022 02:54:57 GMT
x-content-type-options
nosniff
server
nginx/1.21.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/html
location
https://de.catbox.moe/7jey62.png
content-length
169
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 06:31:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
246235
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29671
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 06:31:02 GMT
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
bgAlex-d.jpg
redeemfreefire.eventclaim.xyz/alexFrontEnd/img/ 		134 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redeemfreefire.eventclaim.xyz/alexFrontEnd/img/bgAlex-d.jpg
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/alexFrontEnd/css/style-AlexHost.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/alexFrontEnd/css/style-AlexHost.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
136773
last-modified
Mon, 08 Nov 2021 14:31:21 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biw%2Fya7fsmBxzjR5eS1XtceXnHkCup6w6S2qukQS9i3S5Z%2FXoa%2B02UQIfrZXyJjkXkJa8oH34x6OicDiShFPEonlxLHlwgpjQru4XRcuBdPvjcoEW0j37Ighiyh9i8s%2B5JsUnmM17dDAG8aGtM7rt%2BISXIxjzWhIp6DGMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70453c49ed139bef-FRA
expires
Sun, 08 May 2022 02:54:57 GMT
truncated
/ 		144 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
fftext-Alex.png
redeemfreefire.eventclaim.xyz/alexFrontEnd/img/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://redeemfreefire.eventclaim.xyz/alexFrontEnd/img/fftext-Alex.png
Requested by
Host: redeemfreefire.eventclaim.xyz
URL: https://redeemfreefire.eventclaim.xyz/alexFrontEnd/css/style-AlexHost.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bb88bccc5bd610423b63fba5ca6f98516d3d8fc631d6b1b977ac669104264be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://redeemfreefire.eventclaim.xyz/alexFrontEnd/css/style-AlexHost.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 01 May 2022 02:54:58 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14297
last-modified
Mon, 08 Nov 2021 14:23:50 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mjJLo1aS%2Fd2xmZELiNTLOtYHmaEaD%2BY7ayveTZP%2BUm%2F85yCKESoXc8cQb1IVzWphskp4yuDgK%2F9H%2FGvQmFu4rz6%2FR5p9lfWyc%2FPYd%2B2lTaHbkbeL%2BsK%2BplhViDM9pu0Ny6%2Bnxq%2FLmG83h20TlR9mJPTOQpMLRMW4zmCtxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
70453c49ed169bef-FRA
expires
Sun, 08 May 2022 02:54:57 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| google_tag_data function| ga object| gaplugins object| google_tag_manager object| dataLayer function| $ function| jQuery function| openfbAlex function| closefbAlex function| opengpAlex function| closegpAlex function| AlexHostingNetFB function| AlexHostingNetGP

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
de.catbox.moe
files.catbox.moe
rawcdn.githack.com
redeemfreefire.eventclaim.xyz
stackpath.bootstrapcdn.com
www.google-analytics.com
www.googletagmanager.com
107.160.74.131
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:808::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2008
2a06:98c1:3120::7
2a06:98c1:3121::7
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0bac0a0607bb21d1dcd7b06e9fd117a160b3a463499a3de09855c0f3b5db8023
38e377481a3abf35890dbc9abd19fd4657ab4ea449d24299073da019da5b4281
392c6ef45dc72dc2d72c2a2d16ff5fcd5943766e78e14f1f6bb008c59cf80877
3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346
42fcead125ad8660c031f3b763fd048fd06b4a70a7a48cf17bc03073fb255fae
4abb644266a5139ed69498a2f9522afe373c41787fda172dad55ce1afb18a8df
4bb88bccc5bd610423b63fba5ca6f98516d3d8fc631d6b1b977ac669104264be
756734c7de9dd01ffd9c75ccdfc48f08d51d774f75c6c453d9468812c5282861
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8ffae0974acd7014b8e30ff2510ff2c8809103dca22a9e9d252cfd525cc7eff9
94f92c2fa2a770888470701e4e9c0063d11bd846b52739d8b12a06b2dabd3be2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac768dee11c223ac3fba06a7212fd0163c171e7986735b5cd04f9081504126b3
ba96000a92f9d03cce2c34ab48fb9f1e67976be7b4233c1bd607a87e6e9af82d
c4d7d9e2fa6d6434a0faff6a6cd12a8544fd6a13030f6c830696e07431aa9df4
cff81f8984cdebd9f5039cd4c058d7d67bba4b92666dc0605f47c44b6a761df2
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
db4ec073d903b592836cac6f4055ade25f7663251c2565489996c17a9e4a12d5
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
edefde11d13eb274cafd860dd219755352257187b374f313c810cb6a20f0a477
f40dbfc44c7ed7b05cedade41152655ea82a8e87a75f4cb8a1cf9d67ba94b835
fdd37318b46d0c24c6bd0fe572ef01518160e311ca8fc05231a851345f1e0907