claimevent-ff.terbaruu.biz Open in urlscan Pro
104.21.47.232 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://claimevent-ff.terbaruu.biz/
Submission: On October 02 via automatic, source certstream-suspicious (October 2nd 2021, 7:32:46 am UTC) — Scanned from DE

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 14 domains to perform 54 HTTP transactions. The main IP is 104.21.47.232, located in and belongs to CLOUDFLARENET, US. The main domain is claimevent-ff.terbaruu.biz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 23rd 2021. Valid for: a year.

This is the only time claimevent-ff.terbaruu.biz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
19	104.21.47.232 104.21.47.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	151.101.1.229 151.101.1.229	54113 (FASTLY) (FASTLY)
1	163.172.91.236 163.172.91.236	12876 (Online SAS) (Online SAS)
4	2.16.107.26 2.16.107.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	114.125.194.209 114.125.194.209	23693 (TELKOMSEL...) (TELKOMSEL-ASN-ID PT. Telekomunikasi Selular)
3	114.125.163.209 114.125.163.209	23693 (TELKOMSEL...) (TELKOMSEL-ASN-ID PT. Telekomunikasi Selular)
1	103.247.207.173 103.247.207.173	58521 (GARENA-SG...) (GARENA-SG Garena Online Pte Ltd)
1	188.68.52.216 188.68.52.216	197540 (NETCUP-AS...) (NETCUP-AS netcup GmbH)
1	104.109.75.95 104.109.75.95	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
1	2.16.107.121 2.16.107.121	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	23.213.161.90 23.213.161.90	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	152.228.223.13 152.228.223.13	16276 (OVH) (OVH)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
1	129.226.2.89 129.226.2.89	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
54	15

19 104.21.47.232 (None, )

ASN13335 (CLOUDFLARENET, US)

claimevent-ff.terbaruu.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.1.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.172.91.236 (France)

ASN12876 (Online SAS, FR)
PTR: 163-172-91-236.rev.poneytelecom.eu

h.top4top.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.107.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-26.deploy.static.akamaitechnologies.com

freefiremobile-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 114.125.194.209 (Makassar, Indonesia)

ASN23693 (TELKOMSEL-ASN-ID PT. Telekomunikasi Selular, ID)

scontent.fupg2-2.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 114.125.163.209 (Makassar, Indonesia)

ASN23693 (TELKOMSEL-ASN-ID PT. Telekomunikasi Selular, ID)

scontent.fupg1-1.fna.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.247.207.173 (Singapore)

ASN58521 (GARENA-SG Garena Online Pte Ltd, SG)

reward.ff.garena.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.68.52.216 (Gifhorn, Germany)

ASN197540 (NETCUP-AS netcup GmbH, DE)
PTR: i.im.ge

i.im.ge	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.75.95 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-75-95.deploy.static.akamaitechnologies.com

img.utdstc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.107.121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-121.deploy.static.akamaitechnologies.com

dl.dir.freefiremobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.213.161.90 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-90.deploy.static.akamaitechnologies.com

www.pubgmobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.228.223.13 (France)

ASN16276 (OVH, FR)
PTR: ns3190386.ip-152-228-223.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.226.2.89 (Singapore, Singapore)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

na.apps.amsoveasea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	terbaruu.biz claimevent-ff.terbaruu.biz	3 MB
11	pubgmobile.com www.pubgmobile.com	435 KB
5	jsdelivr.net cdn.jsdelivr.net	16 KB
4	fbcdn.net scontent.fupg2-2.fna.fbcdn.net scontent.fupg1-1.fna.fbcdn.net	1000 KB
4	akamaihd.net freefiremobile-a.akamaihd.net	143 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	amsoveasea.com na.apps.amsoveasea.com	176 B
1	ibb.co i.ibb.co	189 KB
1	freefiremobile.com dl.dir.freefiremobile.com	379 KB
1	utdstc.com img.utdstc.com	8 KB
1	im.ge i.im.ge	28 KB
1	garena.com reward.ff.garena.com	4 KB
1	top4top.io h.top4top.io	85 KB
54	14

	Domain	Requested by
19	claimevent-ff.terbaruu.biz	claimevent-ff.terbaruu.biz
11	www.pubgmobile.com	claimevent-ff.terbaruu.biz
5	cdn.jsdelivr.net	claimevent-ff.terbaruu.biz
4	freefiremobile-a.akamaihd.net	claimevent-ff.terbaruu.biz
3	scontent.fupg1-1.fna.fbcdn.net	claimevent-ff.terbaruu.biz
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	claimevent-ff.terbaruu.biz
1	na.apps.amsoveasea.com	claimevent-ff.terbaruu.biz
1	i.ibb.co	claimevent-ff.terbaruu.biz
1	dl.dir.freefiremobile.com	claimevent-ff.terbaruu.biz
1	img.utdstc.com	claimevent-ff.terbaruu.biz
1	i.im.ge	claimevent-ff.terbaruu.biz
1	reward.ff.garena.com	claimevent-ff.terbaruu.biz
1	scontent.fupg2-2.fna.fbcdn.net	claimevent-ff.terbaruu.biz
1	h.top4top.io	claimevent-ff.terbaruu.biz
54	15

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-23` - `2022-09-22`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
top4top.io R3	`2021-07-17` - `2021-10-15`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.fupg2-2.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2021-09-13` - `2021-12-12`	3 months	crt.sh
*.fupg1-1.fna.fbcdn.net DigiCert SHA2 High Assurance Server CA	`2021-08-27` - `2021-11-25`	3 months	crt.sh
*.ff.garena.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
i.im.ge Sectigo RSA Domain Validation Secure Server CA	`2021-09-25` - `2022-09-25`	a year	crt.sh
uptodown.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
dl.kgtw.garenanow.com DigiCert SHA2 Secure Server CA	`2021-07-07` - `2022-06-27`	a year	crt.sh
wetv.acc.qq.com DigiCert SHA2 Secure Server CA	`2021-07-29` - `2022-03-16`	8 months	crt.sh
ibb.co R3	`2021-08-06` - `2021-11-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
na.apps.amsoveasea.com TrustAsia TLS RSA CA	`2021-05-31` - `2022-05-30`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://claimevent-ff.terbaruu.biz/
Frame ID: 5740974E657F33230658706C58A84BF6
Requests: 54 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Garena Free Fire. Best survival Battle Royale on mobile!

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

54
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

15
IPs

6
Countries

5585 kB
Transfer

5676 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
claimevent-ff.terbaruu.biz/ 13 KB
4 KB 389ms
344ms Document
text/html 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimevent-ff.terbaruu.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd62619447ab750806a97242357279456626f8d34ff98a949622f986b7034883

Request headers

:method: GET
:authority: claimevent-ff.terbaruu.biz
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 02 Oct 2021 07:32:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DkBELWmWgKq5Cyn4Q4c%2Bg86P%2BnHhPOO3ulI9aQLB%2BEYNrC9AY0aFaMzb7ju%2FFePPU9NflCGTTD6mZ%2FYXOj7G1DQczl%2FYgAlU2CtfO0i1Dha%2BMHIR1HQobuRHhaf8h4fEcUbL0QTutF%2F0FQvAZA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 697c3ce4c934412b-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style.css
claimevent-ff.terbaruu.biz/assets/css/ 16 KB
4 KB 347ms
346ms Stylesheet
text/css 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52f658adb5c5bf452b9f662bd0ca940292ddc96e772ea7bf58d2da65eb2504aa

Request headers

:path: /assets/css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 Sep 2021 00:56:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DcKrxzvzkZO2%2F0sWH%2BAhfHcW5bWRbiP%2B%2BFaA7gBl3ZPC%2B3nHZMUsEGv18YEOeBEEduyFd2ZOpElHk%2FVAyZAnTfOW6%2BYdzzd5cmbNy7qQwL3cuajLtn5apkmFK29QoLd2FmwrDtSuOdko8ZGdnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 697c3ce71b6c412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 09 Oct 2021 07:32:37 GMT

GET
H2 200 facebook.css
claimevent-ff.terbaruu.biz/assets/css/ 4 KB
1 KB 347ms
346ms Stylesheet
text/css 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimevent-ff.terbaruu.biz/assets/css/facebook.css
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12ebdf1b9b4182204387dd2d129cb7dfc29134515e083ebc95ed68ca9ac5edff

Request headers

:path: /assets/css/facebook.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Sep 2021 16:39:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2F3CRUUd7wuJNzFpw4%2BM0U8D6AtV%2BE2rDOctiUvG4wE6KG7EVnXXe7NEYp2R4zbLtfMXbBkA%2BbP1zE0h4qChF6IGbr99at%2BPu6utdGsfgoduXook6vYRFCQiID29xPjQ%2FjJTUiAbWrW4HVwjDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 697c3ce71b6d412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 09 Oct 2021 07:32:37 GMT

GET
H2 200 ionic.esm.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 16 KB
5 KB 27ms
6ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js

Requested by

Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8d8dc70b923d60c7209869f6384df0792d4e7d5360342d8c078462cdbecadfdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://claimevent-ff.terbaruu.biz/
Origin: https://claimevent-ff.terbaruu.biz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 40637
x-jsd-version: 5.8.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 4844
etag: W/"41dc-ObANnG3x9AVKk1jnGFbs+aaQ2yI"
x-served-by: cache-fra19160-FRA, cache-hhn4074-HHN
x-jsd-version-type: version
date: Sat, 02 Oct 2021 07:32:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 p_2016h7ob71.gif
h.top4top.io/ 85 KB
85 KB 86ms
36ms Image
image/gif 163.172.91.236
Online SAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.top4top.io/p_2016h7ob71.gif
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 163.172.91.236 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 163-172-91-236.rev.poneytelecom.eu
Software: nginx /
Resource Hash: f2d0dae13baddb4ef853a0ea61bafaa18f9db27317019673a000df156ad86f92

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-file-id: x39388555x
date: Sat, 02 Oct 2021 07:32:37 GMT
last-modified: Fri, 09 Jul 2021 10:29:09 GMT
server: nginx
etag: "60e824f5-15386"
content-type: image/gif
cache-control: max-age=7200
content-disposition: inline; filename="ezgif.com-gif-maker.gif"
accept-ranges: bytes
content-length: 86918
expires: Sat, 02 Oct 2021 09:32:37 GMT

GET
H/1.1 200
OK logo-small-fixed_20210113.png
freefiremobile-a.akamaihd.net/common/web_event/official/ 5 KB
5 KB 53ms
6ms Image
image/png 2.16.107.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/official/logo-small-fixed_20210113.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 72c2cf177ae0a7d2b1579a9cc888dfabf750ef64d172ee0990cf35fec4ef3673

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 07:32:37 GMT
Last-Modified: Wed, 13 Jan 2021 10:02:42 GMT
Server: AkamaiNetStorage
ETag: "90b69755633d6bd5449ba2081a26b257:1610532162.792681"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5118

GET
H/1.1 200
OK googleplay3.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/ 7 KB
7 KB 55ms
9ms Image
image/png 2.16.107.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/googleplay3.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a9fd6085027e4ac8bde87a63acb7f5f03f6297a7d40a353b9e2d37b380e03e67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 07:32:37 GMT
Last-Modified: Thu, 24 May 2018 05:15:05 GMT
Server: AkamaiNetStorage
ETag: "85f18ff18dd0df9e10ae947e8163a44e:1543299094.82307"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7281

GET
H/1.1 200
OK appstore3.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/ 9 KB
10 KB 52ms
6ms Image
image/png 2.16.107.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/appstore3.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 07c60246a4ac7d8fe6078972ad94d08699ed1d5edd31d7fca05ea4c9b2d67599

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 07:32:37 GMT
Last-Modified: Thu, 24 May 2018 05:15:05 GMT
Server: AkamaiNetStorage
ETag: "46179f391c2582a95a1ba3dc308adf93:1543299092.856403"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9567

GET
H2 200 241543902_1446185982480681_7409049520154647750_n.jpg
scontent.fupg2-2.fna.fbcdn.net/v/t1.6435-9/ 158 KB
158 KB 626ms
206ms Image
image/jpeg 114.125.194.209
TELKOMSEL-ASN-ID ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fupg2-2.fna.fbcdn.net/v/t1.6435-9/241543902_1446185982480681_7409049520154647750_n.jpg?_nc_cat=109&ccb=1-5&_nc_sid=730e14&_nc_eui2=AeGyqcMcqGg2SEmgHOSAM_EbwQnfOUC6OFnBCd85QLo4WV5RWzgbOyVe77PPJbrsRZzyO2WYsxSNWkxXX4XlUf2y&_nc_ohc=cjvMchT4_DoAX_I6gp-&tn=f2E2CCjx9t-jqWmn&_nc_ht=scontent.fupg2-2.fna&oh=0b487ae5dbda39aec2f158a4fcfd26cf&oe=6160D628
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 114.125.194.209 Makassar, Indonesia, ASN23693 (TELKOMSEL-ASN-ID PT. Telekomunikasi Selular, ID),
Reverse DNS
Software: /
Resource Hash: 2843a7995a26d3cdf787ded7115a92be736830b90c57a655df699a8a73a1f1a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum: 939531170
date: Sat, 02 Oct 2021 07:32:38 GMT
last-modified: Fri, 10 Sep 2021 11:38:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1328953225
timing-allow-origin: *
content-length: 161905

GET
H2 200 241562344_1446609652438314_8802689386444928640_n.jpg
scontent.fupg1-1.fna.fbcdn.net/v/t1.6435-9/ 267 KB
267 KB 633ms
208ms Image
image/jpeg 114.125.163.209
TELKOMSEL-ASN-ID ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fupg1-1.fna.fbcdn.net/v/t1.6435-9/241562344_1446609652438314_8802689386444928640_n.jpg?_nc_cat=106&ccb=1-5&_nc_sid=730e14&_nc_eui2=AeHW3Rh_kqvcsBVyiC2nFv43INbvMJVGfv8g1u8wlUZ-_62vx4fCMQKqwiZLAG3WafOGZsBvFLR9pZ5C9EsV20cT&_nc_ohc=S1s9rK4r58AAX9qfPAX&_nc_ht=scontent.fupg1-1.fna&oh=444dc12bf0dd7809beaa16e4c609c499&oe=6162F07A
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 114.125.163.209 Makassar, Indonesia, ASN23693 (TELKOMSEL-ASN-ID PT. Telekomunikasi Selular, ID),
Reverse DNS
Software: /
Resource Hash: 6f2a04ff519c57942ebe69ed74e3e9b7c5b9103f8245767cc9589d1b14e6710e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum: 1877166329
date: Sat, 02 Oct 2021 07:32:38 GMT
last-modified: Sat, 11 Sep 2021 01:52:56 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 4000466419
accept-ranges: bytes
timing-allow-origin: *
content-length: 273307

GET
H2 200 241746545_1446054609160485_1235853491988693942_n.jpg
scontent.fupg1-1.fna.fbcdn.net/v/t1.6435-9/ 297 KB
298 KB 633ms
208ms Image
image/jpeg 114.125.163.209
TELKOMSEL-ASN-ID ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fupg1-1.fna.fbcdn.net/v/t1.6435-9/241746545_1446054609160485_1235853491988693942_n.jpg?_nc_cat=111&ccb=1-5&_nc_sid=730e14&_nc_eui2=AeGnOVdKQQ-MotD_Sc9xKtO3gAHak293BgmAAdqTb3cGCc--6If41VLY3AuJS2-dk4ERxwcmoFnKyaUJrZTq1e9z&_nc_ohc=__OU_ENxF6kAX8WoxJ3&_nc_ht=scontent.fupg1-1.fna&oh=ccc84f83a93b1521b52b2243eb917053&oe=6160BFEA
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 114.125.163.209 Makassar, Indonesia, ASN23693 (TELKOMSEL-ASN-ID PT. Telekomunikasi Selular, ID),
Reverse DNS
Software: /
Resource Hash: c6d10970015ebf3a4a03739ab4b20d1c907e1aad17e3f1b0c7571ab842dd51d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum: 619147249
date: Sat, 02 Oct 2021 07:32:38 GMT
last-modified: Fri, 10 Sep 2021 07:34:28 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 2807209225
accept-ranges: bytes
timing-allow-origin: *
content-length: 304613

GET
H2 200 241310298_1445937372505542_924987460367632454_n.jpg
scontent.fupg1-1.fna.fbcdn.net/v/t1.6435-9/ 276 KB
276 KB 633ms
208ms Image
image/jpeg 114.125.163.209
TELKOMSEL-ASN-ID ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.fupg1-1.fna.fbcdn.net/v/t1.6435-9/241310298_1445937372505542_924987460367632454_n.jpg?_nc_cat=106&ccb=1-5&_nc_sid=730e14&_nc_eui2=AeFT-HtujBe8hv_DaCc325TY8zG5ekzWnFHzMbl6TNacUQVm_LXZQpA-nkA9ZJ28jPYzjTNJRh-Y3Q3cYQy5HN06&_nc_ohc=pRR1RdX7UgQAX8KZPF4&_nc_ht=scontent.fupg1-1.fna&oh=0c9ab3a0d9f411e4304bc59758f85142&oe=61619217
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 114.125.163.209 Makassar, Indonesia, ASN23693 (TELKOMSEL-ASN-ID PT. Telekomunikasi Selular, ID),
Reverse DNS
Software: /
Resource Hash: f86c5b3db6894fd1ee2f9bb7f47ef9977987d4846842fed6566e0c24f12462d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum: 2139040563
date: Sat, 02 Oct 2021 07:32:38 GMT
last-modified: Fri, 10 Sep 2021 03:51:31 GMT
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: X-FB-CEC-Video-Limit
cache-control: max-age=1209600, no-transform
cross-origin-resource-policy: cross-origin
x-needle-checksum: 1937244687
accept-ranges: bytes
timing-allow-origin: *
content-length: 282803

GET
H2 200 c34038edcf4185b3e75a6b85f1cd3d4f.jpg
reward.ff.garena.com/images/ 3 KB
4 KB 498ms
158ms Image
image/jpeg 103.247.207.173
GARENA-SG Garena ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://reward.ff.garena.com/images/c34038edcf4185b3e75a6b85f1cd3d4f.jpg
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 103.247.207.173 , Singapore, ASN58521 (GARENA-SG Garena Online Pte Ltd, SG),
Reverse DNS
Software: openresty/1.13.6.2 /
Resource Hash: 3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:38 GMT
last-modified: Wed, 14 Apr 2021 11:19:51 GMT
server: openresty/1.13.6.2
accept-ranges: bytes
etag: "6076cfd7-dc2"
content-length: 3522
content-type: image/jpeg

GET
H2 200 1.jpg
claimevent-ff.terbaruu.biz/assets/images/evo/ 225 KB
226 KB 673ms
673ms Image
image/jpeg 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent-ff.terbaruu.biz/assets/images/evo/1.jpg
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fea1530720d9c8fb9fbb133f236244b0be257bf06ff8a5598e2f76b22c83e2e

Request headers

:path: /assets/images/evo/1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:38 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 230526
last-modified: Sun, 29 Aug 2021 16:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3qjwmS%2F275u%2BE6bzHYp%2FDRjJx33oBonS5ayvVTzsCxmMnMyb9VWChb3BjmrypdZ2jWhh4g6vhfcJ0gSmRbp2piuEfJNIjWYUma%2FkFp8Jr7iP39EWwwoD7FELIotq70DRGh4ZlX6t2VHbbBlnIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697c3ce71b73412b-PRG
expires: Sat, 09 Oct 2021 07:32:37 GMT

GET
H2 200 Tw3QNy.png
i.im.ge/2021/09/15/ 28 KB
28 KB 50ms
10ms Image
image/png 188.68.52.216
NETCUP-AS netcup ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.im.ge/2021/09/15/Tw3QNy.png

Requested by

Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

188.68.52.216 Gifhorn, Germany, ASN197540 (NETCUP-AS netcup GmbH, DE),

Reverse DNS

i.im.ge

Software

nginx /

Resource Hash

092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:37 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
strict-transport-security: max-age=31536000, max-age=31536000
expires: Sun, 02 Oct 2022 07:32:37 GMT

GET
H2 200 e61511ae88f7d52fac67cd4c4f9c739bf71572d2923e1acf512f249ae0544fd4:200
img.utdstc.com/icon/e61/511/ 8 KB
8 KB 50ms
7ms Image
image/webp 104.109.75.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.utdstc.com/icon/e61/511/e61511ae88f7d52fac67cd4c4f9c739bf71572d2923e1acf512f249ae0544fd4:200

Requested by

Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.109.75.95 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-109-75-95.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

96e22d41b561898e1e4c0ad53c1b165dc389dda5e24a4792690f154802ef53fb

Security Headers

Name	Value
X-Content-Type-Options	: nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:37 GMT
x-content-type-options: : nosniff
last-modified: Wed, 14 Apr 2021 07:24:06 GMT
server: nginx
etag: "60769896-20e6"
vary: Accept
content-type: image/webp
cache-control: private, max-age=14088
accept-ranges: bytes
content-length: 8422
expires: Sat, 02 Oct 2021 11:27:25 GMT

GET
H2 200 base64.min.js Show response
cdn.jsdelivr.net/npm/js-base64@3.7.1/ 5 KB
2 KB 20ms
6ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-base64@3.7.1/base64.min.js

Requested by

Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4fae6b0eb07e3fbf137e7338ed11f8f3649723c71da033e02d86aabadbbc09fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 199046
x-jsd-version: 3.7.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 2067
etag: W/"1403-Iw1GRY+LVjIB//oGCUa3Uouq6NQ"
x-served-by: cache-fra19135-FRA, cache-hhn4052-HHN
x-jsd-version-type: version
date: Sat, 02 Oct 2021 07:32:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
claimevent-ff.terbaruu.biz/assets/js/jquery/dist/ 88 KB
32 KB 509ms
507ms Script
application/javascript 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimevent-ff.terbaruu.biz/assets/js/jquery/dist/jquery.min.js
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a08913d5249fc458e9031b74af136bc0925114c11e39495bc41a163cd12c9ae

Request headers

:path: /assets/js/jquery/dist/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:38 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 Sep 2021 08:52:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7CSr1pzW4HSOr66tboy%2BaumM5AV6IF%2FkkHV7X%2FN93rHYIIybZIMhpBBVihxtpLlllzY6uGEFInKWnlRKSeV5NQYp2kF3muA9BBlODdajaqD0FBL2d35UqMndACx%2F2IED4SO4eBBMF94YSZE6g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 697c3ce71b71412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 09 Oct 2021 07:32:37 GMT

GET
H2 200 validFB.js Show response
claimevent-ff.terbaruu.biz/assets/js/ 2 KB
831 B 343ms
342ms Script
application/javascript 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimevent-ff.terbaruu.biz/assets/js/validFB.js
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 397f431917f3ab994e824ef96344046b55aacb540c99a96aecb4272893d46b1f

Request headers

:path: /assets/js/validFB.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:37 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 15 Sep 2021 16:16:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fDWrsSeZTtKLIdXeGLoSHWZ8mKnyMoIzXhcbxPPQ5Hbw%2F5TpnXh2mzp3mm7hXr%2F96xsSmO6gxVOB4KtE3bb%2BdjvZ1HNpsDhQS0TT%2F8yJDV7ClNhJPw4O76Q7yOex%2F7mjYFyghnZnvCsdanqeiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 697c3ce71b72412b-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 09 Oct 2021 07:32:37 GMT

GET
H2 200 p-3df3e749.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 15 KB
7 KB 7ms
6ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-3df3e749.js

Requested by

Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d806d4b5cea50722866774b615d6d3ac09675ea77bd4bee99777bf198c5b03cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: https://claimevent-ff.terbaruu.biz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 29241
x-jsd-version: 5.7.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 6840
etag: W/"3c0a-v86Fa2Xyipgfkd8GEocCLvDEi0g"
x-served-by: cache-fra19143-FRA, cache-hhn4074-HHN
x-jsd-version-type: version
date: Sat, 02 Oct 2021 07:32:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 p-02a325ba.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 60 B
188 B 7ms
7ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-02a325ba.js

Requested by

Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

59b75bef9fe04c3c3f5feb3fb7bab97f76171bd09edd924de947dc42911aa555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: https://claimevent-ff.terbaruu.biz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 27050
x-jsd-version: 5.8.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 75
etag: W/"3c-hsmysZEt3+cZyb0vNd04TMwA5Dk"
x-served-by: cache-fra19174-FRA, cache-hhn4074-HHN
x-jsd-version-type: version
date: Sat, 02 Oct 2021 07:32:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 p-125156f2.js Show response
cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ 3 KB
1 KB 7ms
7ms Script
application/javascript 151.101.1.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/p-125156f2.js

Requested by

Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4016b69be3d47527a93cbdd78a9cbd130420b7d1b79da6b825b1d09fee2375b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@ionic/core/dist/ionic/ionic.esm.js
Origin: https://claimevent-ff.terbaruu.biz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 29514
x-jsd-version: 5.7.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1393
etag: W/"b5e-AzB9342f+2DTvzUHs/ek/RUZ+1U"
x-served-by: cache-fra19121-FRA, cache-hhn4074-HHN
x-jsd-version-type: version
date: Sat, 02 Oct 2021 07:32:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 css2
fonts.googleapis.com/ 1010 B
465 B 40ms
18ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Suez+One&display=swap

Requested by

Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

4d7667b491fca3c0fff723ff66898a50cc1cd4b6724820e9bb164398f66d8b00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 07:32:37 GMT
server: ESF
date: Sat, 02 Oct 2021 07:32:37 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 07:32:37 GMT

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
1 KB 39ms
17ms Stylesheet
text/css 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Signika&display=swap

Requested by

Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

ESF /

Resource Hash

e6057b1feaf110f455526aa2c1d32ce7652f3dcc20aa439f2ea4eee2d95f7933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 02 Oct 2021 07:32:37 GMT
server: ESF
date: Sat, 02 Oct 2021 07:32:37 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Sat, 02 Oct 2021 07:32:37 GMT

GET
H/1.1 200
OK 10b25ecb36ed051b502abc8edcbc9d8ajpg
dl.dir.freefiremobile.com/common/web_event/hash/ 379 KB
379 KB 72ms
13ms Image
image/jpeg 2.16.107.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/10b25ecb36ed051b502abc8edcbc9d8ajpg
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: eab15ad26377fe136100db59a373e2b5ab7e165fd8e7fa43495d3e145d5f9360

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 07:32:38 GMT
Content-Encoding: gzip
Last-Modified: Tue, 07 Sep 2021 02:57:17 GMT
Server: AkamaiNetStorage
ETag: "a852273796a721326374b63f74ab43a4:1630983436.733833"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H/1.1 200
OK bg.jpg
freefiremobile-a.akamaihd.net/common/web_event/carnivalparadise/images/ 120 KB
120 KB 487ms
487ms Image
image/jpeg 2.16.107.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/carnivalparadise/images/bg.jpg
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2b94bf4eefa5c6b6510f6ac3bc243e3b424c84affc7f099488afa6da577bf649

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 02 Oct 2021 07:32:38 GMT
Last-Modified: Wed, 05 Aug 2020 09:58:44 GMT
Server: AkamaiNetStorage
ETag: "2d4a9dbbf100f218d1d4d64ab35e1aa1:1596621524.76198"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 122971

GET
H2 200 se2.jpg
www.pubgmobile.com/id/event/playerstory/images/ 191 KB
192 KB 1026ms
963ms Image
image/jpeg 23.213.161.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/playerstory/images/se2.jpg
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-90.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 43e39ace66536a351d217f2c5c3f3291147af92144ba3ae21c33333120a67887

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:39 GMT
last-modified: Wed, 15 Sep 2021 05:01:58 GMT
server: nginx
etag: "61417e46-2fcc1"
content-type: image/jpeg
cache-control: max-age=299
accept-ranges: bytes
content-length: 195777
expires: Sat, 02 Oct 2021 07:37:38 GMT

GET
H2 200 content_bg.png
www.pubgmobile.com/id/event/playerstory/images/ 172 KB
173 KB 984ms
922ms Image
image/png 23.213.161.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/playerstory/images/content_bg.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-90.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: aae47f7e632e10fc3409bd1478e6c5050d2bf5b4e80bceb5214b4312bb4514b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:38 GMT
last-modified: Wed, 15 Sep 2021 05:01:52 GMT
server: nginx
etag: "61417e40-2b1b8"
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
content-length: 176568
expires: Sat, 02 Oct 2021 07:37:38 GMT

GET
H2 200 video_bg.png
www.pubgmobile.com/id/event/musicContest/images/ 12 KB
12 KB 1497ms
1435ms Image
image/png 23.213.161.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/musicContest/images/video_bg.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-90.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 204dd2168e7ecf76f8b5d4b0360848a92274a2b162a6425b17b25b49ca4dd72b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:39 GMT
last-modified: Wed, 15 Sep 2021 06:42:15 GMT
server: nginx
etag: "614195c7-3123"
content-type: image/png
cache-control: max-age=277
accept-ranges: bytes
content-length: 12579
expires: Sat, 02 Oct 2021 07:37:16 GMT

GET
H2 200 s4_tab1.png
www.pubgmobile.com/id/event/royalepassm1/images/ 11 KB
11 KB 917ms
868ms Image
image/png 23.213.161.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/royalepassm1/images/s4_tab1.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-90.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9440c2d9a193ecb6a8726e1eb88cf77c1b7aad50cbd4563c2d530084c4a3ae71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:38 GMT
last-modified: Wed, 15 Sep 2021 06:42:07 GMT
server: nginx
etag: "614195bf-2b87"
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
content-length: 11143
expires: Sat, 02 Oct 2021 07:37:38 GMT

GET
H2 200 popup.png
i.ibb.co/1mkF0wz/ 189 KB
189 KB 133ms
15ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/1mkF0wz/popup.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: d596396da94bbc6d8ae432ba7b620644db006617a1e90b7db3bdcd97d7964419

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:38 GMT
last-modified: Tue, 14 Sep 2021 15:37:39 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 193041
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 btn_2.png
www.pubgmobile.com/id/event/musicContest/images/m/ 134 B
295 B 916ms
867ms Image
image/png 23.213.161.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/musicContest/images/m/btn_2.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-90.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 261a38b242a6ab3195f0560e6dfd0b8c04993eed9c4649f9ed932f546889f12a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:38 GMT
last-modified: Wed, 15 Sep 2021 06:42:00 GMT
server: nginx
etag: "614195b8-86"
content-type: image/png
cache-control: max-age=272
accept-ranges: bytes
content-length: 134
expires: Sat, 02 Oct 2021 07:37:10 GMT

GET
H2 200 vEFO2_JTCgwQ5ejvMV0O96D01E8J0tJXHKbBjM4.woff2
fonts.gstatic.com/s/signika/v12/ 31 KB
31 KB 33ms
12ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/signika/v12/vEFO2_JTCgwQ5ejvMV0O96D01E8J0tJXHKbBjM4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Signika&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

a280b4ff745eed15ce18ba390cce177f63e623264993a8072660ba03c0a992d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://claimevent-ff.terbaruu.biz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:58:51 GMT
x-content-type-options: nosniff
age: 419627
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31784
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:56:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 10:58:51 GMT

GET
H2 200 s4_tab_btn1.png
www.pubgmobile.com/id/event/annipark/images/ 11 KB
12 KB 1576ms
1527ms Image
image/png 23.213.161.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/annipark/images/s4_tab_btn1.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-90.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0db1b1cc97080761e59245be90050b88ca33a040bf02b974956b760f35a5dcf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:39 GMT
last-modified: Wed, 15 Sep 2021 06:43:44 GMT
server: nginx
etag: "61419620-2dad"
content-type: image/png
cache-control: max-age=288
accept-ranges: bytes
content-length: 11693
expires: Sat, 02 Oct 2021 07:37:27 GMT

GET
H2 200 taiJGmd_EZ6rqscQgOFOmos.woff2
fonts.gstatic.com/s/suezone/v5/ 14 KB
15 KB 27ms
7ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/suezone/v5/taiJGmd_EZ6rqscQgOFOmos.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Suez+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

22feaebb0dd2c815f75417ba59c28e487bdd546af9cd492e75df4ec50f78ddc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://claimevent-ff.terbaruu.biz
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 19:52:08 GMT
x-content-type-options: nosniff
age: 387630
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14408
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:40:26 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 19:52:08 GMT

GET
H2 200 / Show response
na.apps.amsoveasea.com/swoole/ 39 B
176 B 488ms
161ms XHR
text/html 129.226.2.89
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to

Full URL: https://na.apps.amsoveasea.com/swoole/?actid=2020&r=index/getCountry&_only_service_response_=1
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/js/jquery/dist/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.226.2.89 Singapore, Singapore, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: nginx /
Resource Hash: ad9d2cd539554f7cdf4c5e6e9e19e2b88edcd026a45a1dc327dcd6792d990996

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://claimevent-ff.terbaruu.biz/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 02 Oct 2021 07:32:38 GMT
content-encoding: gzip
server: nginx
content-length: 58
content-type: text/html

GET
H3 200 evo.php Show response
claimevent-ff.terbaruu.biz/view/ 3 KB
786 B 349ms
348ms XHR
text/html 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimevent-ff.terbaruu.biz/view/evo.php
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/js/jquery/dist/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8817ae8754a2e9a5626c52a7a03673d956a6a31fb33d270d298864d3e66dd2cc

Request headers

:path: /view/evo.php
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: text/html, */*; q=0.01
cache-control: no-cache
sec-fetch-dest: empty
:authority: claimevent-ff.terbaruu.biz
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://claimevent-ff.terbaruu.biz/
:method: GET
Accept: text/html, */*; q=0.01
Referer: https://claimevent-ff.terbaruu.biz/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGxq7z5mOcqoJe8xWexZavUpjlNobQbXNgoBzftVxhUpXmS0A7iElh%2BVwD%2FJ%2BR3RGs9X4VFudFL6VBWNh%2FgSS5Dk58yqbA%2BImG7EMLY8mmfIHmN%2FvEaox5yPOxRE3SEyEAdsXSeJHgJLYgeUOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
x-turbo-charged-by: LiteSpeed
cf-ray: 697c3cf378c1413e-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 1.jpg
claimevent-ff.terbaruu.biz/assets/images/evo/ 225 KB
226 KB 21ms
21ms Image
image/jpeg 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent-ff.terbaruu.biz/assets/images/evo/1.jpg
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/js/jquery/dist/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fea1530720d9c8fb9fbb133f236244b0be257bf06ff8a5598e2f76b22c83e2e

Request headers

:path: /assets/images/evo/1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:39 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 230526
last-modified: Sun, 29 Aug 2021 16:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpF%2B%2FF2KMcTgpuM81ZdriVRGF%2FCxG3EwVgxOA4Ujxcj973ArRsyF2y8gA6coaFfG5ELbInIAFpVEx99XvjyS1DXEKNJ0VQRaOeZOncwdPK19BhLtMYSbVAy%2Be1O2QvXRUPaMYmZY6ix7YaPsuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697c3cf5a9b6413e-PRG
expires: Sat, 09 Oct 2021 07:32:37 GMT

GET
H3 200 2.jpg
claimevent-ff.terbaruu.biz/assets/images/evo/ 247 KB
247 KB 677ms
677ms Image
image/jpeg 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent-ff.terbaruu.biz/assets/images/evo/2.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8be4c5770bf7ef1f79e7d3b2cf2fd94ed122224d6a5ae6ea601d4ee80a5838dd

Request headers

:path: /assets/images/evo/2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 252561
last-modified: Sun, 29 Aug 2021 16:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q5E3AlzlShZc4Q3E1FabYG9r4N2Ikb52giMwe99EMznQV1bChnvbJ8WCuG9E%2BygZ7okK6%2BJEvTx5RkFI%2FT%2FtuxGOdTYU%2BkluZDeCroFg7D6qs0QKyAcZesx8yevBOF2AgkIE40wFI9u%2F0YWBUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697c3cf5a9b7413e-PRG
expires: Sat, 09 Oct 2021 07:32:40 GMT

GET
H3 200 3.jpg
claimevent-ff.terbaruu.biz/assets/images/evo/ 362 KB
363 KB 834ms
833ms Image
image/jpeg 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent-ff.terbaruu.biz/assets/images/evo/3.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc1c12325d7bff4dd3052d16f93636e74e82514ef2c7dae624d758d76fbd9dd7

Request headers

:path: /assets/images/evo/3.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 371136
last-modified: Sun, 29 Aug 2021 16:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ChHTkL89h6oZOlbWuXxp020UQe3uo9KIZfLLTfFVkfnvJDBYDaxO5oL7Kd9mCX0IPj1Mj1fLqXiWOQfeZyAG2snjsYlFekU9yQPMPWQzVANKHrTiAtSBJa%2BCkgla46o4F4FD7bcxVWjsui1UwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697c3cf5a9b8413e-PRG
expires: Sat, 09 Oct 2021 07:32:40 GMT

GET
H3 200 4.jpg
claimevent-ff.terbaruu.biz/assets/images/evo/ 247 KB
248 KB 681ms
680ms Image
image/jpeg 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent-ff.terbaruu.biz/assets/images/evo/4.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7029efa4fb343a7b785b4ba5b20e26d93e6a30eeb9835c59a74d4a4cd93dfe6

Request headers

:path: /assets/images/evo/4.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 253152
last-modified: Sun, 29 Aug 2021 16:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=88z3Bc2Vfn1lAREzWXpJdO%2Fg8djZO1gAFAwfSEP0XGFzmxVCJrkioc%2BgcZ6rTx9m4BUYChpq0nOAXQS6gNz%2B3iw5rZtEpokialHJ4E8NHm%2FPyuvz%2BhUOE6VDaffUUGW6ZFdBuxXbuKU3UH%2FDDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697c3cf5a9b9413e-PRG
expires: Sat, 09 Oct 2021 07:32:40 GMT

GET
H3 200 5.jpg
claimevent-ff.terbaruu.biz/assets/images/evo/ 249 KB
249 KB 661ms
658ms Image
image/jpeg 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent-ff.terbaruu.biz/assets/images/evo/5.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03a73416f9a7e59a2c73a1f4aa67ddcf8cc2cf27cf206ccf1e9e6ca2e0567286

Request headers

:path: /assets/images/evo/5.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 254760
last-modified: Sun, 29 Aug 2021 16:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2F7q643g4jnczkR7hjV5V3s832PlUrGU%2BOJbmwqWliXJd9vFuFmUzeyhhEcyY03v5Gj%2FrPdrd0F%2FouHxIQ%2F4hRuHt1wNL5JunkMHPTMoYuA7F6f6Ms1kVqW0bPinuymf2Q0a0OO2%2B8DtUKae0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697c3cf5b9ba413e-PRG
expires: Sat, 09 Oct 2021 07:32:40 GMT

GET
H3 200 6.jpg
claimevent-ff.terbaruu.biz/assets/images/evo/ 194 KB
195 KB 672ms
670ms Image
image/jpeg 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent-ff.terbaruu.biz/assets/images/evo/6.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ada9328118f12da925f5c0e4819496f2d181b76437bbfebf100c3df326942a43

Request headers

:path: /assets/images/evo/6.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 198739
last-modified: Sun, 29 Aug 2021 16:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6S%2FCLDpW%2FoEpnnQmikuKTGLScwRU4sGKIVZvfOazLg1jltOPzc2gobuBBEPpZhhY0aawAC%2BtkTjlW9uqkL6YDiY%2BwF0eMzBjOh8fi6GoiR1h%2FTc7qoMszkFUa7sZLtnyx1BF6%2BiHt4hUYwydBw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697c3cf5b9bb413e-PRG
expires: Sat, 09 Oct 2021 07:32:40 GMT

GET
H3 200 7.jpg
claimevent-ff.terbaruu.biz/assets/images/evo/ 292 KB
293 KB 670ms
668ms Image
image/jpeg 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent-ff.terbaruu.biz/assets/images/evo/7.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c15dfcd9593af160796152586697eac8ba665d596be2470241a61af2b80b6c9

Request headers

:path: /assets/images/evo/7.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 299299
last-modified: Sun, 29 Aug 2021 16:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=drzMcA%2BVINP8sQxuG1qhb3QCPm2713e4a3432EfV9H7bwYVU6%2B1ayk7Wqn1oLZ5kaNnhZ16UkHqZ%2BuZlip763qRnBbT71WPmLCUqcahQ2SSsnt0ECetc4TWTBpSlr6JyN3Xtx3m5VhEqGHlhPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697c3cf5b9bd413e-PRG
expires: Sat, 09 Oct 2021 07:32:40 GMT

GET
H3 200 8.jpg
claimevent-ff.terbaruu.biz/assets/images/evo/ 239 KB
240 KB 671ms
668ms Image
image/jpeg 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent-ff.terbaruu.biz/assets/images/evo/8.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb788f5a6056c7887eb374b05f512a328af11924eb5345a1708c52fd09ab5ef8

Request headers

:path: /assets/images/evo/8.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 244919
last-modified: Sun, 29 Aug 2021 16:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gNIOptchpLfXhDPXnWg%2FaFGP1bT%2BWB7qPteXvkElUQR3ne9xR8tRLt%2Boac6Zg10PpjJWp2B1%2F%2Fh4xNgZmUlrqkInVUXDgpO8AiUA355KURCosYcfpsD%2BknHsQd6MmNFgxHG7dOxe5SxgL5CHuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697c3cf5b9be413e-PRG
expires: Sat, 09 Oct 2021 07:32:40 GMT

GET
H3 200 9.jpg
claimevent-ff.terbaruu.biz/assets/images/evo/ 228 KB
229 KB 660ms
658ms Image
image/jpeg 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent-ff.terbaruu.biz/assets/images/evo/9.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b78d9d9b44984c067b69e11ac4e6738deff7c47131fa6fe11bc69d07ecba6f3

Request headers

:path: /assets/images/evo/9.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 233861
last-modified: Sun, 29 Aug 2021 16:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xexjrXOuC4MENzDULOHNULYnE%2BdL6%2BM3nNfHkgPG04wAKQaqxnf%2BDarErHLdxJK7pZpKpqwXQNQhqnu%2B4lwjb75%2BO2sJTadDaremt2cPgIJF1cLvhe8MFiHCPOZ2O%2B7bClqNV0UWSFm0cKFGjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697c3cf5b9bf413e-PRG
expires: Sat, 09 Oct 2021 07:32:40 GMT

GET
H3 200 10.jpg
claimevent-ff.terbaruu.biz/assets/images/evo/ 267 KB
268 KB 676ms
674ms Image
image/jpeg 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent-ff.terbaruu.biz/assets/images/evo/10.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02d6c3536ca6c1a7e44f2372a3fa8112c2202a7a871362cf0a260b37ab6391c9

Request headers

:path: /assets/images/evo/10.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 273807
last-modified: Sun, 29 Aug 2021 16:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzR36FpqHJs41JnwlJYhUMRzD0qoSqbQJ2gKhi3Plv4CEAvDdWW9QJz%2F1P4YMHsQbawiNuRsdVGRz1DajuStzvKPutxAuWGUeQxT8nHXtqhLn%2F%2F5ebBfuAjj8V5%2FcsS9fjQ%2BC5KLDKbnpD4EJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697c3cf5b9c0413e-PRG
expires: Sat, 09 Oct 2021 07:32:40 GMT

GET
H3 200 11.jpg
claimevent-ff.terbaruu.biz/assets/images/evo/ 211 KB
211 KB 654ms
652ms Image
image/jpeg 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent-ff.terbaruu.biz/assets/images/evo/11.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 177787ee43d33ebf4efacb2a94100efb8edd92d0a275019927678578450e67a7

Request headers

:path: /assets/images/evo/11.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 215888
last-modified: Sun, 29 Aug 2021 16:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OvGLgtQEhIKm1mlbW5AO56%2BaZRIYFzCnSyhQ9bf9JisfBCfWB8B49j%2F3AYehBhKyLLf98lIohuYXT0OEpOaeurwcQ2Z2pmgoKiCJ7JxNh4edmXwSDWqGOvNUkfMXPZ2d63PVPzyMALuHQS4yPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697c3cf5b9c1413e-PRG
expires: Sat, 09 Oct 2021 07:32:40 GMT

GET
H3 200 12.jpg
claimevent-ff.terbaruu.biz/assets/images/evo/ 212 KB
212 KB 660ms
658ms Image
image/jpeg 104.21.47.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent-ff.terbaruu.biz/assets/images/evo/12.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.47.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a502c7f86faf20389bf1fef3949f0393164a5848902e4d4c13f46351b4a3c4e

Request headers

:path: /assets/images/evo/12.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimevent-ff.terbaruu.biz
referer: https://claimevent-ff.terbaruu.biz/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 216598
last-modified: Sun, 29 Aug 2021 16:32:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GGLb7vYvR85CQo7sFyoNlhCQGELZYXOAJysJ5u4wp6k1dZncdI3FPRGJXsjvBpWuC6CKwyIobpMvrbtGYmU6zvc57zSjS3vrlCInEAszKvSaa0J7klFmaBjzi%2FRE5fbCxid%2FTbaIRXJSMblwOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 697c3cf5b9c2413e-PRG
expires: Sat, 09 Oct 2021 07:32:40 GMT

GET
H2 200 kv_light1_mv.png
www.pubgmobile.com/id/event/annipark/images/ 3 KB
3 KB 255ms
253ms Image
image/png 23.213.161.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/annipark/images/kv_light1_mv.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-90.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 7e7d8ee0234dd705c1932cd769bc6d5b5c17f309e34acc877e1e37e16d7bfd3b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
last-modified: Wed, 15 Sep 2021 06:43:40 GMT
server: nginx
etag: "6141961c-cb1"
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
content-length: 3249
expires: Sat, 02 Oct 2021 07:37:40 GMT

GET
H2 200 kv_inbox_mv.png
www.pubgmobile.com/id/event/annipark/images/ 15 KB
16 KB 876ms
874ms Image
image/png 23.213.161.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/annipark/images/kv_inbox_mv.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-90.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 248cc3b5417a56a3cf272411b6b5f7f5b7c4ebd5d7509df11f1a471e149aa5ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
last-modified: Wed, 15 Sep 2021 06:43:40 GMT
server: nginx
etag: "6141961c-3d34"
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
content-length: 15668
expires: Sat, 02 Oct 2021 07:37:40 GMT

GET
H2 200 s7_btn_more.png
www.pubgmobile.com/id/event/annipark/images/ 9 KB
9 KB 876ms
875ms Image
image/png 23.213.161.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/annipark/images/s7_btn_more.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-90.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1dc7da02d9f4ba07b62dd00030e26fa5c76cac54e7626d3e4d41e3f7db0e47e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
last-modified: Wed, 15 Sep 2021 06:43:50 GMT
server: nginx
etag: "61419626-238c"
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
content-length: 9100
expires: Sat, 02 Oct 2021 07:37:40 GMT

GET
H2 200 kv_light2_mv.png
www.pubgmobile.com/id/event/annipark/images/ 3 KB
4 KB 910ms
909ms Image
image/png 23.213.161.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/annipark/images/kv_light2_mv.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-90.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a080fa0a3f1f79ad6a43792d703932dfb7d58c758d6e5bab10e05f3c8ac8b3b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:40 GMT
last-modified: Wed, 15 Sep 2021 06:43:41 GMT
server: nginx
etag: "6141961d-dcd"
content-type: image/png
cache-control: max-age=300
accept-ranges: bytes
content-length: 3533
expires: Sat, 02 Oct 2021 07:37:40 GMT

GET
H2 200 kv_light3_mv.png
www.pubgmobile.com/id/event/annipark/images/ 3 KB
3 KB 947ms
947ms Image
image/png 23.213.161.90
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pubgmobile.com/id/event/annipark/images/kv_light3_mv.png
Requested by: Host: claimevent-ff.terbaruu.biz
URL: https://claimevent-ff.terbaruu.biz/assets/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.90 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-90.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 2bb6537f9e2c181671c2d365f657f72f0324d76714831266034fe8dce9700e87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent-ff.terbaruu.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 02 Oct 2021 07:32:41 GMT
last-modified: Wed, 15 Sep 2021 06:43:41 GMT
server: nginx
etag: "6141961d-c70"
content-type: image/png
cache-control: max-age=296
accept-ranges: bytes
content-length: 3184
expires: Sat, 02 Oct 2021 07:37:37 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://claimevent-ff.terbaruu.biz/assets/js/jquery/dist/jquery.min.js Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
claimevent-ff.terbaruu.biz
dl.dir.freefiremobile.com
fonts.googleapis.com
fonts.gstatic.com
freefiremobile-a.akamaihd.net
h.top4top.io
i.ibb.co
i.im.ge
img.utdstc.com
na.apps.amsoveasea.com
reward.ff.garena.com
scontent.fupg1-1.fna.fbcdn.net
scontent.fupg2-2.fna.fbcdn.net
www.pubgmobile.com
103.247.207.173
104.109.75.95
104.21.47.232
114.125.163.209
114.125.194.209
129.226.2.89
142.250.184.227
142.250.185.234
151.101.1.229
152.228.223.13
163.172.91.236
188.68.52.216
2.16.107.121
2.16.107.26
23.213.161.90
02d6c3536ca6c1a7e44f2372a3fa8112c2202a7a871362cf0a260b37ab6391c9
03a73416f9a7e59a2c73a1f4aa67ddcf8cc2cf27cf206ccf1e9e6ca2e0567286
07c60246a4ac7d8fe6078972ad94d08699ed1d5edd31d7fca05ea4c9b2d67599
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0db1b1cc97080761e59245be90050b88ca33a040bf02b974956b760f35a5dcf1
12ebdf1b9b4182204387dd2d129cb7dfc29134515e083ebc95ed68ca9ac5edff
177787ee43d33ebf4efacb2a94100efb8edd92d0a275019927678578450e67a7
1dc7da02d9f4ba07b62dd00030e26fa5c76cac54e7626d3e4d41e3f7db0e47e4
204dd2168e7ecf76f8b5d4b0360848a92274a2b162a6425b17b25b49ca4dd72b
22feaebb0dd2c815f75417ba59c28e487bdd546af9cd492e75df4ec50f78ddc8
248cc3b5417a56a3cf272411b6b5f7f5b7c4ebd5d7509df11f1a471e149aa5ba
261a38b242a6ab3195f0560e6dfd0b8c04993eed9c4649f9ed932f546889f12a
2843a7995a26d3cdf787ded7115a92be736830b90c57a655df699a8a73a1f1a0
2b78d9d9b44984c067b69e11ac4e6738deff7c47131fa6fe11bc69d07ecba6f3
2b94bf4eefa5c6b6510f6ac3bc243e3b424c84affc7f099488afa6da577bf649
2bb6537f9e2c181671c2d365f657f72f0324d76714831266034fe8dce9700e87
397f431917f3ab994e824ef96344046b55aacb540c99a96aecb4272893d46b1f
3a502c7f86faf20389bf1fef3949f0393164a5848902e4d4c13f46351b4a3c4e
3dec40957ccb5815562b06c0bcb1cb3fc09a5f0738aa0b9ec2d1390e4e30a346
4016b69be3d47527a93cbdd78a9cbd130420b7d1b79da6b825b1d09fee2375b2
43e39ace66536a351d217f2c5c3f3291147af92144ba3ae21c33333120a67887
4d7667b491fca3c0fff723ff66898a50cc1cd4b6724820e9bb164398f66d8b00
4fae6b0eb07e3fbf137e7338ed11f8f3649723c71da033e02d86aabadbbc09fb
52f658adb5c5bf452b9f662bd0ca940292ddc96e772ea7bf58d2da65eb2504aa
59b75bef9fe04c3c3f5feb3fb7bab97f76171bd09edd924de947dc42911aa555
5fea1530720d9c8fb9fbb133f236244b0be257bf06ff8a5598e2f76b22c83e2e
6a08913d5249fc458e9031b74af136bc0925114c11e39495bc41a163cd12c9ae
6f2a04ff519c57942ebe69ed74e3e9b7c5b9103f8245767cc9589d1b14e6710e
72c2cf177ae0a7d2b1579a9cc888dfabf750ef64d172ee0990cf35fec4ef3673
7e7d8ee0234dd705c1932cd769bc6d5b5c17f309e34acc877e1e37e16d7bfd3b
8817ae8754a2e9a5626c52a7a03673d956a6a31fb33d270d298864d3e66dd2cc
8be4c5770bf7ef1f79e7d3b2cf2fd94ed122224d6a5ae6ea601d4ee80a5838dd
8d8dc70b923d60c7209869f6384df0792d4e7d5360342d8c078462cdbecadfdb
9440c2d9a193ecb6a8726e1eb88cf77c1b7aad50cbd4563c2d530084c4a3ae71
96e22d41b561898e1e4c0ad53c1b165dc389dda5e24a4792690f154802ef53fb
9c15dfcd9593af160796152586697eac8ba665d596be2470241a61af2b80b6c9
a080fa0a3f1f79ad6a43792d703932dfb7d58c758d6e5bab10e05f3c8ac8b3b7
a280b4ff745eed15ce18ba390cce177f63e623264993a8072660ba03c0a992d8
a9fd6085027e4ac8bde87a63acb7f5f03f6297a7d40a353b9e2d37b380e03e67
aae47f7e632e10fc3409bd1478e6c5050d2bf5b4e80bceb5214b4312bb4514b5
ad9d2cd539554f7cdf4c5e6e9e19e2b88edcd026a45a1dc327dcd6792d990996
ada9328118f12da925f5c0e4819496f2d181b76437bbfebf100c3df326942a43
c6d10970015ebf3a4a03739ab4b20d1c907e1aad17e3f1b0c7571ab842dd51d7
cc1c12325d7bff4dd3052d16f93636e74e82514ef2c7dae624d758d76fbd9dd7
cd62619447ab750806a97242357279456626f8d34ff98a949622f986b7034883
d596396da94bbc6d8ae432ba7b620644db006617a1e90b7db3bdcd97d7964419
d7029efa4fb343a7b785b4ba5b20e26d93e6a30eeb9835c59a74d4a4cd93dfe6
d806d4b5cea50722866774b615d6d3ac09675ea77bd4bee99777bf198c5b03cc
e6057b1feaf110f455526aa2c1d32ce7652f3dcc20aa439f2ea4eee2d95f7933
eab15ad26377fe136100db59a373e2b5ab7e165fd8e7fa43495d3e145d5f9360
eb788f5a6056c7887eb374b05f512a328af11924eb5345a1708c52fd09ab5ef8
f2d0dae13baddb4ef853a0ea61bafaa18f9db27317019673a000df156ad86f92
f86c5b3db6894fd1ee2f9bb7f47ef9977987d4846842fed6566e0c24f12462d4

claimevent-ff.terbaruu.biz Open in urlscan Pro 104.21.47.232 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

0 %IPv6

14 Domains

15 Subdomains

15 IPs

6 Countries

5585 kBTransfer

5676 kBSize

0 Cookies

0 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

claimevent-ff.terbaruu.biz Open in urlscan Pro
104.21.47.232 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

0 %
IPv6

14
Domains

15
Subdomains

15
IPs

6
Countries

5585 kB
Transfer

5676 kB
Size

0
Cookies

54 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!