mlbb-claimskin001.dnsking.ch Open in urlscan Pro
209.126.1.27 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://mlbb-claimskin001.dnsking.ch/
Submission: On May 24 via automatic, source certstream-suspicious (May 24th 2021, 9:29:39 am UTC)

Summary HTTP 60 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 12 domains to perform 60 HTTP transactions. The main IP is 209.126.1.27, located in St Louis, United States and belongs to CONTABO, US. The main domain is mlbb-claimskin001.dnsking.ch.
TLS certificate: Issued by R3 on May 24th 2021. Valid for: 3 months.

This is the only time mlbb-claimskin001.dnsking.ch was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
9	209.126.1.27 209.126.1.27	40021 (CONTABO) (CONTABO)
7	2.17.120.145 2.17.120.145	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
24	95.216.110.3 95.216.110.3	24940 (HETZNER-AS) (HETZNER-AS)
5	146.59.152.166 146.59.152.166	16276 (OVH) (OVH)
1	173.249.50.240 173.249.50.240	51167 (CONTABO) (CONTABO)
1	2a02:26f0:6c0... 2a02:26f0:6c00:283::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
60	15

9 209.126.1.27 (St Louis, United States)

ASN40021 (CONTABO, US)
PTR: vmi584832.contaboserver.net

mlbb-claimskin001.dnsking.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.17.120.145 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

play.mobilelegends.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)

static.mobilelegends.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 95.216.110.3 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)

s3.gifyu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 146.59.152.166 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.249.50.240 (Nuremberg, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi524508.contaboserver.net

jefanya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:283::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2.bp.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	gifyu.com s3.gifyu.com	3 MB
12	mobilelegends.com play.mobilelegends.com static.mobilelegends.com	160 KB
9	dnsking.ch mlbb-claimskin001.dnsking.ch	73 KB
5	ibb.co i.ibb.co	1014 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	31 KB
2	google.com apis.google.com	104 KB
1	blogspot.com 2.bp.blogspot.com	27 KB
1	pinimg.com i.pinimg.com	28 KB
1	jefanya.com jefanya.com	28 KB
1	google-analytics.com www.google-analytics.com	19 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	7 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
60	12

	Domain	Requested by
24	s3.gifyu.com	mlbb-claimskin001.dnsking.ch
9	mlbb-claimskin001.dnsking.ch	mlbb-claimskin001.dnsking.ch
7	play.mobilelegends.com	mlbb-claimskin001.dnsking.ch
5	i.ibb.co	mlbb-claimskin001.dnsking.ch
5	static.mobilelegends.com	mlbb-claimskin001.dnsking.ch
2	apis.google.com	mlbb-claimskin001.dnsking.ch
1	fonts.googleapis.com	mlbb-claimskin001.dnsking.ch
1	ajax.googleapis.com	mlbb-claimskin001.dnsking.ch
1	2.bp.blogspot.com	mlbb-claimskin001.dnsking.ch
1	i.pinimg.com	mlbb-claimskin001.dnsking.ch
1	jefanya.com	mlbb-claimskin001.dnsking.ch
1	www.google-analytics.com	mlbb-claimskin001.dnsking.ch
1	stackpath.bootstrapcdn.com	mlbb-claimskin001.dnsking.ch
1	cdnjs.cloudflare.com	mlbb-claimskin001.dnsking.ch
60	14

This site contains no links.

Subject Issuer	Validity	Valid
mlbb-claimskin001.dnsking.ch R3	`2021-05-24` - `2021-08-22`	3 months	crt.sh
lore.mobilelegends.com R3	`2021-05-05` - `2021-08-03`	3 months	crt.sh
*.mobilelegends.com GeoTrust CN RSA CA G1	`2019-07-05` - `2021-07-04`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.apis.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
s3.gifyu.com R3	`2021-04-19` - `2021-07-18`	3 months	crt.sh
ibb.co R3	`2021-04-04` - `2021-07-03`	3 months	crt.sh
webdisk.jefanya.com R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
*.pinterest.com DigiCert SHA2 High Assurance Server CA	`2020-07-16` - `2021-08-04`	a year	crt.sh
misc-sni.blogspot.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://mlbb-claimskin001.dnsking.ch/
Frame ID: 54F8D73BEEA84E65FB09AAB71D7226B1
Requests: 64 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Page Statistics

60
Requests

100 %
HTTPS

57 %
IPv6

12
Domains

14
Subdomains

15
IPs

4
Countries

4663 kB
Transfer

5203 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
mlbb-claimskin001.dnsking.ch/ 51 KB
12 KB 599ms
282ms Document
text/html 209.126.1.27
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.126.1.27 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi584832.contaboserver.net
Software: LiteSpeed /
Resource Hash: d62011f1c138c771f1f6e9e8a551d6dc2b131aa17f50a1988813d704d07194cf

Request headers

:method: GET
:authority: mlbb-claimskin001.dnsking.ch
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

set-cookie: PHPSESSID=5f5e1180990ad693da3e9f65737c6a77; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
content-length: 12224
content-encoding: br
vary: Accept-Encoding
date: Mon, 24 May 2021 09:29:22 GMT
server: LiteSpeed
alt-svc: h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 app.8ca58148.css
play.mobilelegends.com/events/togethercards/css/ 78 KB
26 KB 475ms
73ms Stylesheet
text/css 2.17.120.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://play.mobilelegends.com/events/togethercards/css/app.8ca58148.css

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.120.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

3a7d0a39071c041e875ef0cacb828e8349510a783b9c744ae5186c04ac076696

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
etag: W/"6074000f-1378a"
x-parent-response-time: 514,23.54.206.18, 13,2.17.120.141
akamai-mon-iucid-del: 957847
content-length: 25665
last-modified: Mon, 12 Apr 2021 08:08:47 GMT
server: nginx/1.19.0
date: Mon, 24 May 2021 09:29:23 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2114
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 24 May 2021 10:04:37 GMT

GET
H/1.1 200
OK reset.min.css
static.mobilelegends.com/resource/ 773 B
1 KB 553ms
50ms Stylesheet
text/css 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mobilelegends.com/resource/reset.min.css
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: openresty /
Resource Hash: 82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 09:29:23 GMT
Last-Modified: Fri, 24 Apr 2020 03:50:15 GMT
Server: openresty
Age: 1
ETag: "5ea261f7-305"
X-Ws-Request-Id: 60ab71f3_PSdgflkfFRA1je9_814-62487
Content-Type: text/css
Cache-Control: max-age=7776000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 773
X-Via: 1.1 PSelsmskMOW3vl102:6 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:0 (Cdn Cache Server V2.0)
Expires: Sat, 29 May 2021 04:40:08 GMT

GET
H/1.1 200
OK swiper.min.css
static.mobilelegends.com/resource/ 19 KB
3 KB 554ms
50ms Stylesheet
text/css 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mobilelegends.com/resource/swiper.min.css
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: openresty /
Resource Hash: f0f86d1c4ee6bba3384fca410d809c2c1a1c057b46d7bfe445ecfd5abb7479cf

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 09:29:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Jan 2021 10:23:58 GMT
Server: openresty
Age: 1
ETag: W/"6013e23e-4a3c"
X-Ws-Request-Id: 60ab71f3_PSdgflkfFRA1je9_1011-27841
Content-Type: text/css
Cache-Control: max-age=7776000
Transfer-Encoding: chunked
Connection: keep-alive
X-Via: 1.1 PSygldLON2ii12:4 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1gi91:6 (Cdn Cache Server V2.0)
Expires: Fri, 02 Jul 2021 11:55:10 GMT

GET
H/1.1 200
OK layer.css
static.mobilelegends.com/resource/layer/need/ 5 KB
2 KB 558ms
51ms Stylesheet
text/css 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mobilelegends.com/resource/layer/need/layer.css?2.0
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: openresty /
Resource Hash: eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 09:29:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Jan 2021 10:23:57 GMT
Server: openresty
Age: 1
ETag: W/"6013e23d-148c"
X-Ws-Request-Id: 60ab71f3_PSdgflkfFRA1eq9_27220-45627
Content-Type: text/css
Cache-Control: max-age=7776000
Transfer-Encoding: chunked
Connection: keep-alive
X-Via: 1.1 PSelsmskMOW3vl102:1 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:5 (Cdn Cache Server V2.0)
Expires: Thu, 12 Aug 2021 03:46:37 GMT

GET
H2 200 ryu.css
mlbb-claimskin001.dnsking.ch/static/css/ 112 KB
38 KB 585ms
283ms Stylesheet
text/css 209.126.1.27
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://mlbb-claimskin001.dnsking.ch/static/css/ryu.css
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.126.1.27 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi584832.contaboserver.net
Software: LiteSpeed /
Resource Hash: fed6d7754eb8d4882b74ff55ca20fbff38fa09e5d02a855ae8a4b0f3ea620eca

Request headers

:path: /static/css/ryu.css
pragma: no-cache
cookie: PHPSESSID=5f5e1180990ad693da3e9f65737c6a77
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mlbb-claimskin001.dnsking.ch
referer: https://mlbb-claimskin001.dnsking.ch/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
content-encoding: br
last-modified: Sat, 10 Apr 2021 18:46:48 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 38766
expires: Mon, 31 May 2021 09:29:23 GMT

GET
H2 404 imryu.css
mlbb-claimskin001.dnsking.ch/static/css/ 0
0 605ms
302ms Stylesheet
text/html 209.126.1.27
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://mlbb-claimskin001.dnsking.ch/static/css/imryu.css
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.126.1.27 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi584832.contaboserver.net
Software: LiteSpeed /
Resource Hash

Request headers

:path: /static/css/imryu.css
pragma: no-cache
cookie: PHPSESSID=5f5e1180990ad693da3e9f65737c6a77
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mlbb-claimskin001.dnsking.ch
referer: https://mlbb-claimskin001.dnsking.ch/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 09:29:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 404 animate.css
mlbb-claimskin001.dnsking.ch/static/css/ 0
0 605ms
303ms Stylesheet
text/html 209.126.1.27
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://mlbb-claimskin001.dnsking.ch/static/css/animate.css
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.126.1.27 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi584832.contaboserver.net
Software: LiteSpeed /
Resource Hash

Request headers

:path: /static/css/animate.css
pragma: no-cache
cookie: PHPSESSID=5f5e1180990ad693da3e9f65737c6a77
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mlbb-claimskin001.dnsking.ch
referer: https://mlbb-claimskin001.dnsking.ch/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 09:29:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 facebook.css
mlbb-claimskin001.dnsking.ch/static/css/ 3 KB
740 B 605ms
303ms Stylesheet
text/css 209.126.1.27
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://mlbb-claimskin001.dnsking.ch/static/css/facebook.css
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.126.1.27 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi584832.contaboserver.net
Software: LiteSpeed /
Resource Hash: 087764b9784e72f3f1c765013db0b2c03a94cdb04682e89518df4ab71b38a356

Request headers

:path: /static/css/facebook.css
pragma: no-cache
cookie: PHPSESSID=5f5e1180990ad693da3e9f65737c6a77
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mlbb-claimskin001.dnsking.ch
referer: https://mlbb-claimskin001.dnsking.ch/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 03:08:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 684
expires: Mon, 31 May 2021 09:29:23 GMT

GET
H2 200 twitter.css
mlbb-claimskin001.dnsking.ch/static/css/ 2 KB
536 B 605ms
303ms Stylesheet
text/css 209.126.1.27
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://mlbb-claimskin001.dnsking.ch/static/css/twitter.css
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.126.1.27 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi584832.contaboserver.net
Software: LiteSpeed /
Resource Hash: 224c8d9be2339139817630c550b92e803d43fe15516bbe3a9939b6107d48e204

Request headers

:path: /static/css/twitter.css
pragma: no-cache
cookie: PHPSESSID=5f5e1180990ad693da3e9f65737c6a77
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mlbb-claimskin001.dnsking.ch
referer: https://mlbb-claimskin001.dnsking.ch/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
content-encoding: br
last-modified: Tue, 23 Mar 2021 03:16:44 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 480
expires: Mon, 31 May 2021 09:29:23 GMT

GET
H2 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 69 KB
6 KB 14ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://mlbb-claimskin001.dnsking.ch
Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5401525
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5845
cf-request-id: 0a3f4e34fe000063d7e2127000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yLyGt1485TfJCZsdc1o8sWHmec64vZkbu3AjovJqRrqqxi58umU9OPqZmOWIf%2Bc7%2FcKIrsfcEXo4inyZiApcxk2ky5fAOlGV8gkis0YVGtRoF8ffEqsYcdVfpCa%2Bfxo14w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 65457fce6d3563d7-FRA
expires: Sat, 14 May 2022 09:29:22 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 17ms
16ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617, 617
age: 5402009
cdn-cachedat: 2021-03-11 11:57:51
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a3f4e34fe00004a56732e1000000001
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 6fc1a75116c932681ed09108db37b84c
cf-ray: 65457fce68cc4a56-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ 62 B
207 B 16ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_1

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 18 May 2021 02:41:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 18:53:53 GMT
server: sffe
age: 542856
vary: Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62
x-xss-protection: 0
expires: Wed, 18 May 2022 02:41:47 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/ 303 KB
104 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.MWM3Xj_RD9s.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCOUmnuCcTtedasW7L1tq37fs4eoIg/cb=gapi.loaded_0

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dfc56c75b1a9c8b7aad325b056581c994fc0761ae8f149bb9fbb7b4e3a98238

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 19 May 2021 01:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Apr 2021 18:53:53 GMT
server: sffe
age: 461730
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106455
x-xss-protection: 0
expires: Thu, 19 May 2022 01:13:53 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 14ms
5ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 7167
date: Mon, 24 May 2021 07:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 24 May 2021 09:29:56 GMT

GET
H/1.1 200
OK fingerprint2.min.js Show response
static.mobilelegends.com/resource/report/public/ 29 KB
11 KB 560ms
55ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mobilelegends.com/resource/report/public/fingerprint2.min.js
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: openresty /
Resource Hash: 4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 09:29:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Jan 2021 10:23:50 GMT
Server: openresty
Age: 1
ETag: W/"6013e236-72e4"
X-Ws-Request-Id: 60ab71f3_PSdgflkfFRA1eq9_27431-36859
Content-Type: application/javascript
Cache-Control: max-age=7776000
Transfer-Encoding: chunked
Connection: keep-alive
X-Via: 1.1 PSelsmskMOW3oa101:11 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1je97:5 (Cdn Cache Server V2.0)
Expires: Thu, 12 Aug 2021 03:46:38 GMT

GET
H/1.1 200
OK pako.min.js Show response
static.mobilelegends.com/resource/report/public/ 45 KB
14 KB 562ms
57ms Script
application/javascript 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.mobilelegends.com/resource/report/public/pako.min.js
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: openresty /
Resource Hash: 988778d9429a189cabe5ac0e22ff0ecb9c025973ddbe9cd516b9e9c83c79ad0f

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 09:29:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Apr 2020 03:50:08 GMT
Server: openresty
Age: 1
ETag: W/"5ea261f0-b3a3"
X-Ws-Request-Id: 60ab71f3_PSdgflkfFRA1dm9_21675-32535
Content-Type: application/javascript
Cache-Control: max-age=7776000
Transfer-Encoding: chunked
Connection: keep-alive
X-Via: 1.1 PSelsmskMOW3vl102:2 (Cdn Cache Server V2.0), 1.1 PSdgflkfFRA1bc95:3 (Cdn Cache Server V2.0)
Expires: Wed, 26 May 2021 06:53:21 GMT

GET
H2 200 chunk-701efd7e.ef5a3e5c.css
mlbb-claimskin001.dnsking.ch/static/css/ 52 KB
16 KB 717ms
416ms Stylesheet
text/css 209.126.1.27
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://mlbb-claimskin001.dnsking.ch/static/css/chunk-701efd7e.ef5a3e5c.css
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.126.1.27 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi584832.contaboserver.net
Software: LiteSpeed /
Resource Hash: a02ce3a915081efdbfd4172565eb15349fdb854db48eadd317419d8cab407e93

Request headers

:path: /static/css/chunk-701efd7e.ef5a3e5c.css
pragma: no-cache
cookie: PHPSESSID=5f5e1180990ad693da3e9f65737c6a77
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: mlbb-claimskin001.dnsking.ch
referer: https://mlbb-claimskin001.dnsking.ch/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
content-encoding: br
last-modified: Thu, 08 Apr 2021 22:40:08 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15882
expires: Mon, 31 May 2021 09:29:23 GMT

GET
H2 200 yz.jpg
s3.gifyu.com/images/ 59 KB
59 KB 123ms
38ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/yz.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d06ff3114c6b9d3a6040a222392719b3d34ebe46163c26fe036a77a1f3409b4f

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Fri, 07 May 2021 17:38:52 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60957b2c-ed1c"
content-length: 60700
content-type: image/jpeg

GET
H2 200 angela3c69bf7ea9973741.jpg
s3.gifyu.com/images/ 118 KB
118 KB 196ms
110ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/angela3c69bf7ea9973741.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 10847e292ecfd2f4707789af33122f9f88f609a61fd8276f98badde90fcd70f3

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:34:44 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b414-1d62a"
content-length: 120362
content-type: image/jpeg

GET
H2 200 gs_compress8.jpg
s3.gifyu.com/images/ 94 KB
94 KB 212ms
126ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/gs_compress8.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8992269b1a87d2881654b8417323f076ceaf43cee98cf1ab03dd628a74c3d27d

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:35:48 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b454-17663"
content-length: 95843
content-type: image/jpeg

GET
H2 200 wanwan5ea09ef73eb6257a.jpg
s3.gifyu.com/images/ 124 KB
125 KB 211ms
126ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/wanwan5ea09ef73eb6257a.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 17bb0536d20aa52d86e7457b6a0a4b89bdaae52e40a2a24cd6f73682e7223c9e

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:36:47 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b48f-1f122"
content-length: 127266
content-type: image/jpeg

GET
H2 200 valirde62e860ba7e965e.jpg
s3.gifyu.com/images/ 135 KB
135 KB 211ms
127ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/valirde62e860ba7e965e.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c9abd6825ae0a52084b1eb1d94412918c808a17bc8bb5d5d441c7cdf822ddec2

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:39:21 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b529-21ba9"
content-length: 138153
content-type: image/jpeg

GET
H2 200 jaw43a653594c95bdd2.jpg
s3.gifyu.com/images/ 129 KB
129 KB 211ms
126ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/jaw43a653594c95bdd2.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 54d5d79de56c7cc49459b9c155bd8f7207b2ed536e881184fe26864bac74c0df

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:40:11 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b55b-20375"
content-length: 131957
content-type: image/jpeg

GET
H2 200 yss96ae433645f25eba.jpg
s3.gifyu.com/images/ 115 KB
115 KB 125ms
124ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/yss96ae433645f25eba.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c9672b2fadd43c2851110299eae23652227e23dfdce8694ab82a439165a0385b

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:40:55 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b587-1cbe5"
content-length: 117733
content-type: image/jpeg

GET
H2 200 pharsaecf6a40f61cce923.jpg
s3.gifyu.com/images/ 125 KB
125 KB 125ms
124ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/pharsaecf6a40f61cce923.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7727a848579b6ef7b63ecb9383c6e0b06606b13583c8594495d1865dca17e79f

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:41:33 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b5ad-1f28e"
content-length: 127630
content-type: image/jpeg

GET
H2 200 granger2d06fa22655ddb1e.jpg
s3.gifyu.com/images/ 120 KB
120 KB 160ms
159ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/granger2d06fa22655ddb1e.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 981762f4de8cd9ea0e66d89f8ec0ae60afb7d81bf51617dfbdef157820fd2a1c

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:42:12 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b5d4-1df51"
content-length: 122705
content-type: image/jpeg

GET
H2 200 kufra9e5ed0f2869bcf8c.jpg
s3.gifyu.com/images/ 127 KB
127 KB 160ms
160ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/kufra9e5ed0f2869bcf8c.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3dae8cee5b0dc24dddbf76685cb0e9f0f2bc7c54c05c150afb41e92ea8dd3ad0

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:42:56 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b600-1fb9c"
content-length: 129948
content-type: image/jpeg

GET
H2 200 badangbcf1b07eb7f16f7b.jpg
s3.gifyu.com/images/ 134 KB
134 KB 160ms
160ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/badangbcf1b07eb7f16f7b.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1c5dcd7b117c9bcd75f442737a054f8d13d2defcfe1887836acad1ae8f565706

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:43:36 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b628-218c0"
content-length: 137408
content-type: image/jpeg

GET
H2 200 vvale29a777552772503a.jpg
s3.gifyu.com/images/ 131 KB
131 KB 161ms
160ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/vvale29a777552772503a.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: b2253a1d730ff7c4f6d2a65d46b7874b6f8587904015afe99ef16b4c8cd6381d

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:44:15 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b64f-20c84"
content-length: 134276
content-type: image/jpeg

GET
H2 200 vchou618c46144a294af2.jpg
s3.gifyu.com/images/ 159 KB
159 KB 161ms
160ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/vchou618c46144a294af2.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f4043a0f152d1935c0837fbe9b7b4131a09c868f33eac41bb5ddf42db170801a

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:44:53 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b675-27c1e"
content-length: 162846
content-type: image/jpeg

GET
H2 200 vlancefed534322712709d.jpg
s3.gifyu.com/images/ 162 KB
162 KB 161ms
160ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/vlancefed534322712709d.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5e75d04c211f52e3dd1d31d2ed59e6f6924e38c988072c283fa149d6fc265f40

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:45:34 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b69e-28782"
content-length: 165762
content-type: image/jpeg

GET
H2 200 vbrunobcbd4fcebf5de97f.jpg
s3.gifyu.com/images/ 148 KB
148 KB 161ms
160ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/vbrunobcbd4fcebf5de97f.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 163de2d752c3f72f6815c5a471988d8fb87b921ee40d0ccc16645aae3b5f812c

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:46:19 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b6cb-250aa"
content-length: 151722
content-type: image/jpeg

GET
H2 200 gs.jpg
i.ibb.co/NYg6s2k/ 77 KB
78 KB 198ms
58ms Image
image/jpeg 146.59.152.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/NYg6s2k/gs.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: f7584f390e101764d6ed5bb087e4ad9f6f6eb099dbdd44962701f492402b778e

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sun, 25 Apr 2021 00:15:19 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 79161
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chou.jpg
i.ibb.co/3vGCWmx/ 74 KB
74 KB 186ms
58ms Image
image/jpeg 146.59.152.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/3vGCWmx/chou.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: fee4800dff601658c3a684002fb30621247a3a1e42e54edbdce5ed2887b89270

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sun, 25 Apr 2021 00:15:52 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 75658
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rora.jpg
i.ibb.co/rs8d2pG/ 80 KB
80 KB 185ms
58ms Image
image/jpeg 146.59.152.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/rs8d2pG/rora.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 7351ee2bd227623f90883ef9b36fe533680268c66a81fe01a5ea9be4597fc1f1

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sun, 25 Apr 2021 00:14:45 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 81459
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 guin.jpg
i.ibb.co/m9Xrh0X/ 406 KB
407 KB 174ms
58ms Image
image/jpeg 146.59.152.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/m9Xrh0X/guin.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: c2801be9f02a04339d16bdfbc0e2a7ce81c3fdb67b76b9f37af3f2ece28bde8d

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sun, 25 Apr 2021 00:14:12 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 416024
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dyroth.jpg
i.ibb.co/br33FyS/ 375 KB
375 KB 219ms
218ms Image
image/jpeg 146.59.152.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/br33FyS/dyroth.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 82b49c5ec1a774bfa3c4d7d4323948982a31e37f400b05646d385f5d7f680848

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sun, 25 Apr 2021 00:13:38 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 383488
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 selena-stun.jpg
s3.gifyu.com/images/ 144 KB
144 KB 114ms
113ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/selena-stun.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 87a2b7d4e221fd73ce2ef33bcfdab574ce8458f8dadaf28b732140cbcb7456a5

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:48:40 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b758-23fea"
content-length: 147434
content-type: image/jpeg

GET
H2 200 brody-stun.jpg
s3.gifyu.com/images/ 125 KB
125 KB 114ms
113ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/brody-stun.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4e8b523b9c8d7f4780bee8a728408bbdae5c5a1c1f61f64c55109d5999d15706

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:47:59 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b72f-1f46c"
content-length: 128108
content-type: image/jpeg

GET
H2 200 chou-stun.jpg
s3.gifyu.com/images/ 151 KB
151 KB 114ms
113ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/chou-stun.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f309ceae92301ed287ed61400de92f0f87458b06cac6c0975a2e4341cb785bd4

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:47:05 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b6f9-25b9a"
content-length: 154522
content-type: image/jpeg

GET
H2 200 paquitofb09b4462c958b95.jpg
s3.gifyu.com/images/ 156 KB
157 KB 114ms
113ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/paquitofb09b4462c958b95.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 2bcc150f2d02d297c20279d16253b4cb2e5d8d8c4007ae77f24027bd5b414291

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:50:05 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b7ad-2717c"
content-length: 160124
content-type: image/jpeg

GET
H2 200 m275c528edecda2cff.jpg
s3.gifyu.com/images/ 136 KB
137 KB 114ms
113ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/m275c528edecda2cff.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: d41653a17c0c8e774be0b3681d9044fa0ee7e8dbeadd40467d323b54f7b778a7

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:51:10 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b7ee-221e8"
content-length: 139752
content-type: image/jpeg

GET
H2 200 m162f894fd23b4cba8.jpg
s3.gifyu.com/images/ 153 KB
154 KB 114ms
113ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/m162f894fd23b4cba8.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 8929806f00eec1bc3523c11df8ae11bdae7198aebcfd48d528db43bf5ba774b8

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:52:21 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b835-2657b"
content-length: 157051
content-type: image/jpeg

GET
H2 200 rogernew.jpg
s3.gifyu.com/images/ 107 KB
108 KB 114ms
113ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/rogernew.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 5fe01969e5fd2d866f0e836b0dc86f90c9866b5373d5e63b385f4ec3d2548000

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:49:25 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b785-1ad49"
content-length: 109897
content-type: image/jpeg

GET
H2 200 haya68b3d0281bf170a5.jpg
s3.gifyu.com/images/ 151 KB
151 KB 114ms
114ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/haya68b3d0281bf170a5.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 7cc0d06c8130c671d93d5544a1abcacb4f5163d5a5fd6d5da056bdd32dc06cc4

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:53:09 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b865-25b7f"
content-length: 154495
content-type: image/jpeg

GET
H2 200 lancematador.jpg
s3.gifyu.com/images/ 156 KB
156 KB 115ms
114ms Image
image/jpeg 95.216.110.3
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.gifyu.com/images/lancematador.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.216.110.3 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 32e8f15eb7b4beae04063e0750a64484d8761e98966ab3a9d6e6c3993ec1e29a

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Sat, 22 May 2021 07:53:48 GMT
server: nginx/1.18.0 (Ubuntu)
accept-ranges: bytes
etag: "60a8b88c-26f0f"
content-length: 159503
content-type: image/jpeg

GET
H/1.1 200
OK facebook_text.png
jefanya.com/data/ZXCLAIM-VV14/login/ 28 KB
28 KB 190ms
59ms Image
image/png 173.249.50.240
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jefanya.com/data/ZXCLAIM-VV14/login/facebook_text.png
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 173.249.50.240 Nuremberg, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi524508.contaboserver.net
Software: Apache /
Resource Hash: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 09:29:23 GMT
Last-Modified: Mon, 22 Mar 2021 13:00:36 GMT
Server: Apache
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 28789

GET
H2 200 5f3fe88ff2c07d4ebd0a85f64b272e05.jpg
i.pinimg.com/originals/5f/3f/e8/ 28 KB
28 KB 139ms
123ms Image
image/jpeg 2a02:26f0:6c00:283::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/5f/3f/e8/5f3fe88ff2c07d4ebd0a85f64b272e05.jpg
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:283::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 6015be6edadd8c2d0e36d1d91b3235986f11e9f42379a3faffe4737b80b37413

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cache-control: immutable, max-age=31536000
x-cdn: akamai
accept-ranges: bytes
etag: "9099099d9d7683a1f7df4c453a3b5250"
content-length: 28766
vary: Origin
content-type: image/jpeg

GET
H2 200 moonton.png
2.bp.blogspot.com/-4hQwrsUFwwg/WkyFCMEk9zI/AAAAAAAABh8/fRVdNMJQ7iwkRzmprNXUEpEzaQwHs5WDgCPcBGAYYCw/s200/ 27 KB
27 KB 32ms
7ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2.bp.blogspot.com/-4hQwrsUFwwg/WkyFCMEk9zI/AAAAAAAABh8/fRVdNMJQ7iwkRzmprNXUEpEzaQwHs5WDgCPcBGAYYCw/s200/moonton.png

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

cebbaab0d376ac8bd15f81245a367b038a4518bc4b55d9ae852668b4fd344a51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 09:26:53 GMT
x-content-type-options: nosniff
age: 150
content-disposition: inline;filename="moonton.png"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27166
x-xss-protection: 0
server: fife
etag: "v61f"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 12 May 2021 20:28:22 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
30 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 21 May 2021 13:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 244063
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 21 May 2022 13:41:40 GMT

GET
H2 200 chunk-4f306b3c.ef5a3e5c.css
play.mobilelegends.com/events/togethercards/css/ 0
17 KB 77ms
74ms Other
text/css 2.17.120.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://play.mobilelegends.com/events/togethercards/css/chunk-4f306b3c.ef5a3e5c.css

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.120.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
etag: W/"6074000f-aa09"
x-parent-response-time: 494,23.53.41.29, 14,2.17.120.141
akamai-mon-iucid-del: 957847
content-length: 17003
last-modified: Mon, 12 Apr 2021 08:08:47 GMT
server: nginx/1.19.0
date: Mon, 24 May 2021 09:29:23 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=217
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 24 May 2021 09:33:00 GMT

GET
H2 200 chunk-627ff851.ef5a3e5c.css
play.mobilelegends.com/events/togethercards/css/ 0
17 KB 79ms
76ms Other
text/css 2.17.120.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://play.mobilelegends.com/events/togethercards/css/chunk-627ff851.ef5a3e5c.css

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.120.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
etag: W/"6074000f-aa09"
x-parent-response-time: 13,2.17.120.141
akamai-mon-iucid-del: 957847
content-length: 17003
last-modified: Mon, 12 Apr 2021 08:08:47 GMT
server: nginx/1.19.0
date: Mon, 24 May 2021 09:29:23 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=177
x-origin-response-time: 673,23.55.160.71
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 24 May 2021 09:32:20 GMT

GET
H2 200 chunk-701efd7e.ef5a3e5c.css
play.mobilelegends.com/events/togethercards/css/ 0
17 KB 128ms
126ms Other
text/css 2.17.120.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://play.mobilelegends.com/events/togethercards/css/chunk-701efd7e.ef5a3e5c.css

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.120.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
etag: W/"6074000f-aa09"
x-parent-response-time: 832,23.53.40.63, 59,2.17.120.141
akamai-mon-iucid-del: 957847
content-length: 17003
last-modified: Mon, 12 Apr 2021 08:08:47 GMT
server: nginx/1.19.0
date: Mon, 24 May 2021 09:29:23 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=158
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 24 May 2021 09:32:01 GMT

GET
H2 200 chunk-87192620.ef5a3e5c.css
play.mobilelegends.com/events/togethercards/css/ 0
17 KB 85ms
83ms Other
text/css 2.17.120.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://play.mobilelegends.com/events/togethercards/css/chunk-87192620.ef5a3e5c.css

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.120.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
etag: W/"6074000f-aa09"
x-parent-response-time: 1173,23.48.22.63, 9,2.17.120.141
akamai-mon-iucid-del: 957847
content-length: 17003
last-modified: Mon, 12 Apr 2021 08:08:47 GMT
server: nginx/1.19.0
date: Mon, 24 May 2021 09:29:23 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=142
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 24 May 2021 09:31:45 GMT

GET
H2 200 chunk-b76437a6.ef5a3e5c.css
play.mobilelegends.com/events/togethercards/css/ 0
17 KB 110ms
108ms Other
text/css 2.17.120.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://play.mobilelegends.com/events/togethercards/css/chunk-b76437a6.ef5a3e5c.css

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.120.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
etag: W/"6074000f-aa09"
x-parent-response-time: 740,184.25.51.87, 18,2.17.120.141
akamai-mon-iucid-del: 957847
content-length: 17003
last-modified: Mon, 12 Apr 2021 08:08:47 GMT
server: nginx/1.19.0
date: Mon, 24 May 2021 09:29:23 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=196
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 24 May 2021 09:32:39 GMT

GET
H2 200 chunk-f88ce5a4.ef5a3e5c.css
play.mobilelegends.com/events/togethercards/css/ 0
17 KB 105ms
103ms Other
text/css 2.17.120.145
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://play.mobilelegends.com/events/togethercards/css/chunk-f88ce5a4.ef5a3e5c.css

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.120.145 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.19.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
etag: W/"6074000f-aa09"
x-parent-response-time: 604,23.55.109.9, 15,2.17.120.141
akamai-mon-iucid-del: 957847
content-length: 17003
last-modified: Mon, 12 Apr 2021 08:08:47 GMT
server: nginx/1.19.0
date: Mon, 24 May 2021 09:29:23 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=123
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: Mon, 24 May 2021 09:31:26 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
537 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Teko&display=swap

Requested by

Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/static/css/ryu.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

572b033ea8f1072b9cbbd17462095c08c070b3e898ec8952d3fc2228577e7dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mlbb-claimskin001.dnsking.ch/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 24 May 2021 09:29:23 GMT
server: ESF
date: Mon, 24 May 2021 09:29:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 May 2021 09:29:23 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a414b19b12f9dfddd8c7cff0ddce99cf7adf1a23de1ecf2a898ea58a95e0f0a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 691 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d5c067cf74204a5adc9f65bfd6771a60c1221bd1a450471d74373854b83a1fa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e1c403e3c5491aed265c29f832249cfed1012533706c207b1dad762b5c4d546

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1832ef72f35e6f9117a0b4862714a1c084156a6806f549f062178fb21e3747a3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 404 vertical.png
mlbb-claimskin001.dnsking.ch/static/css/ 1 KB
1 KB 158ms
157ms Image
text/html 209.126.1.27
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mlbb-claimskin001.dnsking.ch/static/css/vertical.png
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/static/css/ryu.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 209.126.1.27 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi584832.contaboserver.net
Software: LiteSpeed /
Resource Hash: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Request headers

:path: /static/css/vertical.png
pragma: no-cache
cookie: PHPSESSID=5f5e1180990ad693da3e9f65737c6a77
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: mlbb-claimskin001.dnsking.ch
referer: https://mlbb-claimskin001.dnsking.ch/static/css/ryu.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://mlbb-claimskin001.dnsking.ch/static/css/ryu.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 09:29:23 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H3-29 206 clicks.mp3
mlbb-claimskin001.dnsking.ch/static/ 4 KB
4 KB 158ms
157ms Media
audio/mpeg 209.126.1.27
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://mlbb-claimskin001.dnsking.ch/static/clicks.mp3
Requested by: Host: mlbb-claimskin001.dnsking.ch
URL: https://mlbb-claimskin001.dnsking.ch/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 209.126.1.27 St Louis, United States, ASN40021 (CONTABO, US),
Reverse DNS: vmi584832.contaboserver.net
Software: LiteSpeed /
Resource Hash: 7510e1443a74343942ced29dd7d8d7a8009346002a08b82aeda0ef65c43de649

Request headers

sec-fetch-mode: no-cors
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
sec-fetch-dest: audio
cookie: PHPSESSID=5f5e1180990ad693da3e9f65737c6a77
:path: /static/clicks.mp3
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: mlbb-claimskin001.dnsking.ch
referer: https://mlbb-claimskin001.dnsking.ch/
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://mlbb-claimskin001.dnsking.ch/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-4363/4364
date: Mon, 24 May 2021 09:29:23 GMT
last-modified: Tue, 23 Mar 2021 03:24:54 GMT
server: LiteSpeed
Content-Length: 4364
content-type: audio/mpeg

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mlbb-claimskin001.dnsking.ch/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5f5e1180990ad693da3e9f65737c6a77

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2.bp.blogspot.com
ajax.googleapis.com
apis.google.com
cdnjs.cloudflare.com
fonts.googleapis.com
i.ibb.co
i.pinimg.com
jefanya.com
mlbb-claimskin001.dnsking.ch
play.mobilelegends.com
s3.gifyu.com
stackpath.bootstrapcdn.com
static.mobilelegends.com
www.google-analytics.com
146.59.152.166
163.171.128.148
173.249.50.240
2.17.120.145
209.126.1.27
2606:4700::6810:135e
2606:4700::6812:bcf
2a00:1450:4001:801::200a
2a00:1450:4001:802::2001
2a00:1450:4001:811::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:831::200e
2a02:26f0:6c00:283::1931
95.216.110.3
087764b9784e72f3f1c765013db0b2c03a94cdb04682e89518df4ab71b38a356
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0d5c067cf74204a5adc9f65bfd6771a60c1221bd1a450471d74373854b83a1fa
10847e292ecfd2f4707789af33122f9f88f609a61fd8276f98badde90fcd70f3
163de2d752c3f72f6815c5a471988d8fb87b921ee40d0ccc16645aae3b5f812c
17bb0536d20aa52d86e7457b6a0a4b89bdaae52e40a2a24cd6f73682e7223c9e
1832ef72f35e6f9117a0b4862714a1c084156a6806f549f062178fb21e3747a3
1c5dcd7b117c9bcd75f442737a054f8d13d2defcfe1887836acad1ae8f565706
1dfc56c75b1a9c8b7aad325b056581c994fc0761ae8f149bb9fbb7b4e3a98238
224c8d9be2339139817630c550b92e803d43fe15516bbe3a9939b6107d48e204
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
2bcc150f2d02d297c20279d16253b4cb2e5d8d8c4007ae77f24027bd5b414291
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e1c403e3c5491aed265c29f832249cfed1012533706c207b1dad762b5c4d546
32e8f15eb7b4beae04063e0750a64484d8761e98966ab3a9d6e6c3993ec1e29a
3a7d0a39071c041e875ef0cacb828e8349510a783b9c744ae5186c04ac076696
3dae8cee5b0dc24dddbf76685cb0e9f0f2bc7c54c05c150afb41e92ea8dd3ad0
4bf52e1f92ce9ea93f33025943d00dbfe5e73ff1c8ddc1507aee8ac82d34dc0f
4e8b523b9c8d7f4780bee8a728408bbdae5c5a1c1f61f64c55109d5999d15706
54d5d79de56c7cc49459b9c155bd8f7207b2ed536e881184fe26864bac74c0df
572b033ea8f1072b9cbbd17462095c08c070b3e898ec8952d3fc2228577e7dc4
5a414b19b12f9dfddd8c7cff0ddce99cf7adf1a23de1ecf2a898ea58a95e0f0a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5e75d04c211f52e3dd1d31d2ed59e6f6924e38c988072c283fa149d6fc265f40
5fe01969e5fd2d866f0e836b0dc86f90c9866b5373d5e63b385f4ec3d2548000
6015be6edadd8c2d0e36d1d91b3235986f11e9f42379a3faffe4737b80b37413
7351ee2bd227623f90883ef9b36fe533680268c66a81fe01a5ea9be4597fc1f1
7510e1443a74343942ced29dd7d8d7a8009346002a08b82aeda0ef65c43de649
7727a848579b6ef7b63ecb9383c6e0b06606b13583c8594495d1865dca17e79f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7cc0d06c8130c671d93d5544a1abcacb4f5163d5a5fd6d5da056bdd32dc06cc4
82b49c5ec1a774bfa3c4d7d4323948982a31e37f400b05646d385f5d7f680848
82f1278f66b192a223e306d884f8db595ef3b6d829cc1544807b9bf40019403e
87a2b7d4e221fd73ce2ef33bcfdab574ce8458f8dadaf28b732140cbcb7456a5
8929806f00eec1bc3523c11df8ae11bdae7198aebcfd48d528db43bf5ba774b8
8992269b1a87d2881654b8417323f076ceaf43cee98cf1ab03dd628a74c3d27d
981762f4de8cd9ea0e66d89f8ec0ae60afb7d81bf51617dfbdef157820fd2a1c
988778d9429a189cabe5ac0e22ff0ecb9c025973ddbe9cd516b9e9c83c79ad0f
a02ce3a915081efdbfd4172565eb15349fdb854db48eadd317419d8cab407e93
b2253a1d730ff7c4f6d2a65d46b7874b6f8587904015afe99ef16b4c8cd6381d
c2801be9f02a04339d16bdfbc0e2a7ce81c3fdb67b76b9f37af3f2ece28bde8d
c9672b2fadd43c2851110299eae23652227e23dfdce8694ab82a439165a0385b
c9abd6825ae0a52084b1eb1d94412918c808a17bc8bb5d5d441c7cdf822ddec2
cebbaab0d376ac8bd15f81245a367b038a4518bc4b55d9ae852668b4fd344a51
d06ff3114c6b9d3a6040a222392719b3d34ebe46163c26fe036a77a1f3409b4f
d41653a17c0c8e774be0b3681d9044fa0ee7e8dbeadd40467d323b54f7b778a7
d62011f1c138c771f1f6e9e8a551d6dc2b131aa17f50a1988813d704d07194cf
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eecc7effcae5f246e6212c30c525cee9e11cadedc7d32aa6def213f1a90d98f6
f0f86d1c4ee6bba3384fca410d809c2c1a1c057b46d7bfe445ecfd5abb7479cf
f309ceae92301ed287ed61400de92f0f87458b06cac6c0975a2e4341cb785bd4
f4043a0f152d1935c0837fbe9b7b4131a09c868f33eac41bb5ddf42db170801a
f7584f390e101764d6ed5bb087e4ad9f6f6eb099dbdd44962701f492402b778e
fed6d7754eb8d4882b74ff55ca20fbff38fa09e5d02a855ae8a4b0f3ea620eca
fee4800dff601658c3a684002fb30621247a3a1e42e54edbdce5ed2887b89270
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

mlbb-claimskin001.dnsking.ch Open in urlscan Pro 209.126.1.27 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

60 Requests

100 %HTTPS

57 %IPv6

12 Domains

14 Subdomains

15 IPs

4 Countries

4663 kBTransfer

5203 kBSize

1 Cookies

0 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

mlbb-claimskin001.dnsking.ch Open in urlscan Pro
209.126.1.27 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

100 %
HTTPS

57 %
IPv6

12
Domains

14
Subdomains

15
IPs

4
Countries

4663 kB
Transfer

5203 kB
Size

1
Cookies

60 HTTP transactions
4 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!