claimevent.gtwa.cf Open in urlscan Pro
2606:4700:3034::ac43:b505 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://claimevent.gtwa.cf/
Submission: On November 26 via automatic, source certstream-suspicious (November 26th 2021, 1:58:06 pm UTC) — Scanned from DE

Summary HTTP 83 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 83 HTTP transactions. The main IP is 2606:4700:3034::ac43:b505, located in United States and belongs to CLOUDFLARENET, US. The main domain is claimevent.gtwa.cf.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 26th 2021. Valid for: a year.

This is the only time claimevent.gtwa.cf was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
44	2606:4700:303... 2606:4700:3034::ac43:b505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	192.229.133.221 192.229.133.221	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3038::6815:eae6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2.16.107.26 2.16.107.26	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2.16.107.121 2.16.107.121	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
12	152.228.223.13 152.228.223.13	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
83	11

44 2606:4700:3034::ac43:b505 (United States)

ASN13335 (CLOUDFLARENET, US)

claimevent.gtwa.cf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.133.221 (United States)

ASN15133 (EDGECAST, US)

www.w3schools.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3038::6815:eae6 (United States)

ASN13335 (CLOUDFLARENET, US)

rawcdn.githack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.16.107.26 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-26.deploy.static.akamaitechnologies.com

freefiremobile-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.107.121 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-107-121.deploy.static.akamaitechnologies.com

dl.dir.freefiremobile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 152.228.223.13 (France)

ASN16276 (OVH, FR)
PTR: ns3190386.ip-152-228-223.eu

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	gtwa.cf claimevent.gtwa.cf	5 MB
12	ibb.co i.ibb.co	3 MB
9	akamaihd.net freefiremobile-a.akamaihd.net	475 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	121 KB
4	githack.com rawcdn.githack.com	61 KB
3	freefiremobile.com dl.dir.freefiremobile.com	1 MB
3	cloudflare.com cdnjs.cloudflare.com	23 KB
1	gstatic.com fonts.gstatic.com	21 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com	7 KB
1	w3schools.com www.w3schools.com	5 KB
83	10

	Domain	Requested by
44	claimevent.gtwa.cf	claimevent.gtwa.cf
12	i.ibb.co	claimevent.gtwa.cf
9	freefiremobile-a.akamaihd.net	claimevent.gtwa.cf
4	ajax.googleapis.com	claimevent.gtwa.cf
4	rawcdn.githack.com	claimevent.gtwa.cf
3	dl.dir.freefiremobile.com	claimevent.gtwa.cf
3	cdnjs.cloudflare.com	claimevent.gtwa.cf
1	fonts.gstatic.com	fonts.googleapis.com
1	stackpath.bootstrapcdn.com	claimevent.gtwa.cf
1	fonts.googleapis.com	claimevent.gtwa.cf
1	www.w3schools.com	claimevent.gtwa.cf
83	11

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-11-26` - `2022-11-25`	a year	crt.sh
*.w3schools.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-27` - `2022-05-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
dl.kgtw.garenanow.com DigiCert SHA2 Secure Server CA	`2021-07-07` - `2022-06-27`	a year	crt.sh
ibb.co R3	`2021-10-06` - `2022-01-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://claimevent.gtwa.cf/
Frame ID: 42F9F668E2360E1D49E4A36621D0866D
Requests: 83 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Garena Free Fire. Best survival Battle Royale on mobile!

Page Statistics

83
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

10664 kB
Transfer

11085 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
claimevent.gtwa.cf/ 38 KB
5 KB 398ms
233ms Document
text/html 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66745d3a3840524541561864fccc2b27158f4e3dff8c190e4c3366e5dc3f1ce1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 26 Nov 2021 13:58:00 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oo8bJE7Q2dr%2FPQgElbmAH%2FrtZT%2FCIpKqB5FsGFkjtlYPi2WTbW%2B%2FpqGOu5Y9%2BCJ5fpd5osNzwYrgY%2Bu21alnFB0hHrhJ6Wm4zA6QQAOF2epjcnnPe9TJpjPrB5%2FGTJT2u73slcT3Mayq4VeqBx8BsaY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b43a10dfc747804-VIE
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 w3.css
www.w3schools.com/w3css/4/ 23 KB
5 KB 50ms
7ms Stylesheet
text/css 192.229.133.221
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.w3schools.com/w3css/4/w3.css

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.133.221 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6796) / ASP.NET

Resource Hash

c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com;
X-Content-Security-Policy	frame-ancestors 'self' https://mycourses.w3schools.com;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-encoding: gzip
etag: "0798842fbe1d71:0"
last-modified: Thu, 25 Nov 2021 12:52:10 GMT
server: ECS (frb/6796)
age: 444
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
cache-control: public,max-age=14400,public
date: Fri, 26 Nov 2021 13:58:00 GMT
accept-ranges: bytes
content-length: 5258
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
929 B 41ms
17ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Barlow:wght@500&display=swap

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2056937c6ec7a210cbd8a72cb8e97acbaad99455a8ce48e9b16d7c42d62cbdc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 26 Nov 2021 13:58:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 26 Nov 2021 13:58:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 26 Nov 2021 13:58:00 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 71ms
28ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5076272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B9Y8usqFiCI0TRnZgCAOUnmzF2MuEmTfD0i5QUPBwOQ4aK5zfL1u2TPnfqtNDUci4YR3%2BqsxIZ7NzPBtG9wF2O5KwEv8Iz2jnq93WpcTx2frL1706OldEU2TU3W1nc3N%2F5FgzWFxio0FLB5eiWPswGwj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b43a10fce113761-MXP
expires: Wed, 16 Nov 2022 13:58:00 GMT

GET
H2 200 alex-facebook.css
rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/ 5 KB
2 KB 102ms
32ms Stylesheet
text/css 2606:4700:3038::6815:eae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/all.asset/c9f3ddecc56e688f8660a2d31a5beea4909fa5b9/alex-facebook.css

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cff81f8984cdebd9f5039cd4c058d7d67bba4b92666dc0605f47c44b6a761df2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id: 3e913c6997479148d632d995b1f540c0da18c767
date: Fri, 26 Nov 2021 13:58:00 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 334021
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-bma1623-BMA
x-robots-tag: none
server: cloudflare
x-github-request-id: 30D2:9E86:96737C:A3880F:619AAAEF
x-timer: S1637526256.763886,VS0,VE179
etag: W/"0a8f3f8981d9c9102640cd89134620b5b03a473db8c3d339e31ddde5838eb64c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U72b5olUlE7fo2t%2FjxxrHO%2FWPfV4U58NqUTgzzdIS461YfEDb8iU64BYQf9%2FlpR8Hjt0gkP2BBCjGa%2Fyccx%2Fh%2B7%2FGIFQ6HdoqUKP4MRGC4YqDfeQLwrfrUisfdNaqMniaPuc0FWBKVfhn%2FIOm59mtrA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: HIT
cache-control: max-age=315360000, public, immutable
cf-ray: 6b43a10ffa8978ac-VIE
x-cache-hits: 0

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 83ms
41ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 761105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10472
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q9LFgduwexcgx9EOo16S7Zjsp9kN7%2FBewejUpyhBgyRzXJDGtx6LiaAHejYXIeJxQ0O6pmUAyvRB7AIWwWQXcs%2FujjwjAH7k4%2FzC9lcGfVckQ5R%2FbWyP62Ob7TEz8n%2FnFEmuLveacluMqQOakU0CBzqm"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b43a10fce163761-MXP
expires: Wed, 16 Nov 2022 13:58:00 GMT

GET
H2 200 font-awesome.min.css
stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 82ms
40ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 9026280
cdn-cachedat: 2021-07-24 08:09:23
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 4bf37714d98792a250965beae07efa0d
cf-ray: 6b43a10fc832e907-MXP
cdn-requestcountrycode: IT
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 material-design-iconic-font.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/ 69 KB
6 KB 73ms
31ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/material-design-iconic-font/2.2.0/css/material-design-iconic-font.min.css

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 327027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5845
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed9-1149f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfvTjJ106pD3sZoYUbQ4zkG3EzG4rLWM8f5vqf48HBoBf6qaaa%2FUdC1VYyIjz0mZVYQP5kD1tikCg4%2FeYIVjxm2BhBgvBWfJ5F%2BDa3xqrJAEHlbC2AUl2z%2BSbuf%2BdPs8%2F0Sg9hrvtMfi1W%2BgSudhA5zU"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6b43a10fce1a3761-MXP
expires: Wed, 16 Nov 2022 13:58:00 GMT

GET
H2 200 style-AlexHost.css
claimevent.gtwa.cf/alexFrontEnd/css/ 13 KB
3 KB 233ms
232ms Stylesheet
text/css 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/css/style-AlexHost.css
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0960b82273abe1a1555f0814c246303b35c8ce6a5534a2fd09d1d33675a93126

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 26 Nov 2021 16:53:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkhFAMflavuskZfnEqI0Xu1vOumUqH4KLnS9C11xJVSOtj8NjHDyPgWVItimPN9sNoGeuL9UhiVZAApfcsuL3Ucz9GObdGofx%2B0tcfxtk2r5bf7OzitBx5mRE2%2FnE6Jaiz6ePnv%2BfbDbV0UicAyM%2BrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6b43a10f8ffb7804-VIE
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H/1.1 200
OK app_icon.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/ 22 KB
22 KB 84ms
13ms Image
image/png 2.16.107.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/app_icon.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b27a41813f7963b39fe1755ad31a133c30066d5a8fcabf9710b44556109aba17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 13:58:00 GMT
Last-Modified: Mon, 10 Aug 2020 10:06:25 GMT
Server: AkamaiNetStorage
ETag: "db8d665e878853bc4b041870b3661072:1597053985.699702"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22559

GET
H/1.1 200
OK logo_small.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/ 22 KB
23 KB 83ms
11ms Image
image/png 2.16.107.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/logo_small.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: adcab86657a7a2669c7d7434397486372c7b0b9b50e34c379166bf957e4e7da8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 13:58:00 GMT
Last-Modified: Wed, 14 Apr 2021 03:04:20 GMT
Server: AkamaiNetStorage
ETag: "57eaed1e025698432da8dfe2c49d9798:1618380359.988444"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22987

GET
H/1.1 200
OK appstore2.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/ 11 KB
12 KB 82ms
9ms Image
image/png 2.16.107.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/appstore2.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 72c76d5534a6e0df94fec3302fac7e96054d1e1665430ee6dc74e70261926613

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 13:58:00 GMT
Last-Modified: Thu, 24 May 2018 05:15:05 GMT
Server: AkamaiNetStorage
ETag: "9cb027f9dad9bb8c8fe4d56819eddcd7:1543299092.441611"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11498

GET
H/1.1 200
OK googlePlay2.png
freefiremobile-a.akamaihd.net/ffwebsite/images/download/ 8 KB
9 KB 83ms
9ms Image
image/png 2.16.107.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/ffwebsite/images/download/googlePlay2.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: b4e430ab7b2405f6bc883baf550a035edc912aa51f0ac061e5faa78b873fff12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 13:58:00 GMT
Last-Modified: Thu, 24 May 2018 05:15:05 GMT
Server: AkamaiNetStorage
ETag: "8831569bce8ed34e68b8ada692b683dd:1543299093.7111"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8502

GET
H/1.1 200
OK a0a4ae30805722476d7af24e8266c18ajpg
dl.dir.freefiremobile.com/common/web_event/hash/ 391 KB
389 KB 68ms
18ms Image
image/jpeg 2.16.107.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/a0a4ae30805722476d7af24e8266c18ajpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6754b08e6e658246f0d71f02c406517d88c1a0e1455b2d3bdc06db2f3d54739e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 13:58:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 04:06:24 GMT
Server: AkamaiNetStorage
ETag: "aebc670bd7bf24b2c94e3bd7443daf93:1630037184.448383"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H/1.1 200
OK c175292e0a856831eeeeb727bd33c324jpg
dl.dir.freefiremobile.com/common/web_event/hash/ 382 KB
380 KB 54ms
15ms Image
image/jpeg 2.16.107.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/c175292e0a856831eeeeb727bd33c324jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5c91a3f8654051a93899960e8cc6053250bc90f8e4a9567c309d963dcd72c818

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 13:58:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 04:06:24 GMT
Server: AkamaiNetStorage
ETag: "c777d5d6b49fa89f90f42e7a8e8c5b01:1630037183.894355"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H/1.1 200
OK 242c176892fae8907c4502dc6f745837jpg
dl.dir.freefiremobile.com/common/web_event/hash/ 427 KB
425 KB 52ms
16ms Image
image/jpeg 2.16.107.121
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dl.dir.freefiremobile.com/common/web_event/hash/242c176892fae8907c4502dc6f745837jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.107.121 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-121.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e1736ebdbb540fc361581e9254a04234e6f663af89db30ea15fe783d8f50827d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 13:58:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 27 Aug 2021 04:06:24 GMT
Server: AkamaiNetStorage
ETag: "412f7a9187960146917b47861b2b4b84:1630037184.447298"
Vary: Accept-Encoding
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes

GET
H2 200 20211104-231935.png
i.ibb.co/7JpsS32/ 112 KB
112 KB 150ms
18ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/7JpsS32/20211104-231935.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: f1c97d66f10dabb630892e9286fb3881349530e66651f55e078c8f425993aa8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
last-modified: Thu, 04 Nov 2021 16:19:59 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 114318
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.jpg
claimevent.gtwa.cf/alexFrontEnd/img/senjata/ 77 KB
77 KB 463ms
456ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/senjata/1.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 355c5fb2f6587040eb783d3348ff54ca3ee3939c0bdee1d508a7275cfd9c2ab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78490
last-modified: Fri, 26 Nov 2021 17:29:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=70ZjAmPHeHfT2nf3WdoBShgQ%2FpobNlzgRNdhRMzeXi9f428%2BM4X%2Bfe3eaNNpK%2F0ky3BeC7mS8u%2FteWGnlbX6lwIzglCnXIi3ywxkCZ4nGHmN%2BprhVlm%2FP4s1aPatVVIunTqCTobNV9F8UMc4ShhGTTI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8597804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 2.jpg
claimevent.gtwa.cf/alexFrontEnd/img/senjata/ 47 KB
48 KB 474ms
466ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/senjata/2.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e32e347f1375a0869711eb1589ecc0420c2e44ccaa19acaf2b625086a63e560

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 48611
last-modified: Fri, 26 Nov 2021 17:29:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dTGyRo1N9TCROeGekRSkOy%2Fi2GyxO7lsOBWiUKL2kILf6UR9yp5sjDHw2KK71AWr8gqv5zJ0DaSBrgMUPEeTH%2FbwB2377C8IBcp%2B0YC3CiwoJPoEfSaVRV1m50VfnagNS5CGkbzraUV7p0N617i1jdw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa85f7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 3.jpg
claimevent.gtwa.cf/alexFrontEnd/img/senjata/ 76 KB
76 KB 484ms
477ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/senjata/3.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a932647f3f142202bc341dd50cb0c949fb4cca3f2dc39b6cc3aa749902946893

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77540
last-modified: Fri, 26 Nov 2021 17:29:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=myAdx6vzDqaL%2BE5ZUKZRvRM%2B6A0k0l814rXlX5kKmEcMqdoznzZ144bQ3bTyIycvsr1S7X%2B5yPPiDqQHNa9%2BV13B9eepMnqTnbJqQGw2NhOX3UNACekw0TaW%2BH9sHUW9EzdkQlSKEIl7tg1qHzR8gTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8617804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 4.jpg
claimevent.gtwa.cf/alexFrontEnd/img/senjata/ 71 KB
71 KB 427ms
420ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/senjata/4.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2876317ed4d3b97531299a3282da4ef8119cc0a6e653560adb827430fc59991e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 72574
last-modified: Fri, 26 Nov 2021 17:29:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Po%2BsuVMJFDZMKbvE42KdRWExaPKeCBIEJa2mg%2FcvKOXIFNtuepB4qjv61VWZCI%2BS6wY4G0s2dMa8jB0a3KmiROYs6X%2F60nMUYzgBw0b0u%2BbIZ0MWP1iwmasmGrxiO53%2FO%2BzJB%2B0%2BhYP%2F9%2F9%2BipMpoKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8647804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 5.jpg
claimevent.gtwa.cf/alexFrontEnd/img/senjata/ 81 KB
82 KB 456ms
449ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/senjata/5.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 83104
last-modified: Fri, 26 Nov 2021 17:29:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5WCcDlbxhYU8Ge4FWO%2FxvcqvfSzdlK2oBy85wDgIJj0OcUEISOGUJay2ynY08BvWpIt4i78xHQRbcg3XOKG2ZXTl4sKNT0UD3BR6DmvLE1dJaODsAln%2Fud3V9kD6T3hw4g3U%2BTm6aVJYVhVs8m2wHXo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8687804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 6.jpg
claimevent.gtwa.cf/alexFrontEnd/img/senjata/ 82 KB
82 KB 471ms
465ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/senjata/6.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e42ff7e13eeea40c241c5406255e8efd322128dba76cfffbfa71263b41b1b8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 83638
last-modified: Fri, 26 Nov 2021 17:29:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UogBIN5G1bC3YlO1aOZWg2yHJvgjICPiKUXznqADCDg9%2Bo1hRrGfPGrBgNjRzfy7VCqMreoguECVQLh1%2B9ZkS3bBM5oAf37ON0UhT7BqN99lcSORoQY7CZ%2FV8YztnjMUro3nWJOo8Lb7TMZMJaLDXkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8697804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 7.jpg
claimevent.gtwa.cf/alexFrontEnd/img/senjata/ 43 KB
43 KB 445ms
439ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/senjata/7.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb529b14d072c791be4cb6c352e3fe0efae788e759034ebfd547c71a3f0d9bfe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43744
last-modified: Fri, 26 Nov 2021 17:30:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gK0sccitNxQVuu3OyG5ppgPIIx2wvHYTHoq9eqdpH4OeLB8KKS36yTtCe6i%2BuPYjv%2BuK9F7pqO001g12lYgbpUaD5GBOHAul61StdBLfJ8Yqjvnw%2F3ehHJKK%2FvKsfgt5RxU85K17FA4gaKFbOhC70T8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa86b7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 8.jpg
claimevent.gtwa.cf/alexFrontEnd/img/senjata/ 25 KB
26 KB 339ms
333ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/senjata/8.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b8542123bfc06f37312a1756361916d7e3f7a1af974877a63da2b2ff8dd03ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25821
last-modified: Fri, 26 Nov 2021 17:30:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=spSYj8rY4Cxoqcrys193wsK1bg5Yy6Hez4Xft%2F7hHmEabDbzkxSbw8wm%2FUSpisZ0SWIqxF%2B4s9hHRnI5b%2BUoWOjay6fxVPjf7L3IAQfP4bVnPPyMAmYm55TaaZ%2Bod2jdguCffVjpNlzK6gEI2J%2Fmpaw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa86c7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 9.jpg
claimevent.gtwa.cf/alexFrontEnd/img/senjata/ 116 KB
117 KB 452ms
446ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/senjata/9.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a124f7c8781af398764ba316b3fa7bad44e83520f78a90521b0cbb3012a783b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 118900
last-modified: Fri, 26 Nov 2021 17:30:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxhzk8zXJSuLCKYmXl1TDO7CssZTbUyCptttJLFe2Mwv69lEkakcETHxXv46JDRX2JDTTs5ddhUc7O0HuAEytiuNb%2FLMYI8fZ0UMiq2eVTmx%2BMoVtg4vCTtRzqrFlwk5xrWJqKYg%2F8oJQp%2BymhBLfIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa86e7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 10.jpg
claimevent.gtwa.cf/alexFrontEnd/img/senjata/ 81 KB
82 KB 455ms
449ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/senjata/10.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 83104
last-modified: Fri, 26 Nov 2021 17:30:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ES3AgrPb1OZIyVsqpFkaJWT5Ofs9blaj4B9JYyzowlUTeZy6h290g2xBntEwoo6cFEJ3OJnsz4np77O1W75ZDhJNU23yXxBb1iupve23JmE9ZAZG33ZTtNvhlzx0ywLR7yoBMpulHVLSKqafuaivSAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa86f7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 11.jpg
claimevent.gtwa.cf/alexFrontEnd/img/senjata/ 46 KB
47 KB 485ms
479ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/senjata/11.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 516ec8f5074cc7e52bfc102e42923b36d36729496cc69aa6a84a1ecbd4bc44fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47405
last-modified: Fri, 26 Nov 2021 17:30:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6JC1ryXIyiSsIdsJ90qq7oL5TBvgVfyFPGQrkfW2%2FmnOamz3DaN9%2FjkBsnMUWEGI6aVb%2Bs7jB6RrQYXLe6wk4ECmf4EuIXWHrb%2FooBZi%2BODurzneq6FuOu%2FwW8%2FwNeCTMaR2r0%2BLjgUht3w7pGsvlc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8817804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 12.jpg
claimevent.gtwa.cf/alexFrontEnd/img/senjata/ 46 KB
47 KB 440ms
434ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/senjata/12.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 480e24cce7e7d225ffb50dc58b21a81bc99006e0894f0ef52a01203774495050

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 47259
last-modified: Fri, 26 Nov 2021 17:30:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2FAbU13ph79PJMAUkc9GNhS6REhGtN3mswV4366dmM6nUzabqWX8S94lf7jbHZqLV236%2FwCjygmRLP0NrZogZ6qWqeu4YfeYoLexHjirz6NjmzYAvUKuoXLWeycdoFs3ZDMylsz7Hk%2BEGVxwF2HzHqQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8837804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 1.jpg
claimevent.gtwa.cf/alexFrontEnd/img/old/ 285 KB
286 KB 472ms
466ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/old/1.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b24f35c69c93dc3aec5ea3f18a80353eaad32beb234c4e3001c1bcfdf9bd15b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 291695
last-modified: Fri, 26 Nov 2021 17:32:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BJlp5AwaBUu5go3lVOb0xLu15fnvNALLXpF2SpjoLK9K0Qb4O6zo7e0NWtyIvt2H8XfjbLMUuWR%2B%2B3nwItIGZdqCIahRqyGKsa1YzMjIQLvjFB6wQ7gI6XIU%2FQXJ4WI7uspwrPCQuCtN6xPZrSj2Ss%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8847804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 2.jpg
claimevent.gtwa.cf/alexFrontEnd/img/old/ 213 KB
213 KB 482ms
477ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/old/2.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f0680ec52ff2a8cd1c63512c78b9a7af0d369717e59578277e1f0b93fae39e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 217663
last-modified: Fri, 26 Nov 2021 17:31:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYxiQLnZpdWEPZtEwYKjsqdYnKnJWkKC3Ic2WfRKyD7Uzs7m1ZxGeZBkIt7Xv%2F1aBgZ4%2FVa5UCfL20owem2U0TGRNrwM2hA11L4KAOFpWTzcTT2t81mfcE1%2FuqkykvbPOd9a3svXMIvHVbMxKoLHlYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8857804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 3.jpg
claimevent.gtwa.cf/alexFrontEnd/img/old/ 301 KB
302 KB 472ms
467ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/old/3.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 149553642818662d9d70de74ce34dea2921f978ab484f8c05bb1e9ea2dc74037

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 308594
last-modified: Fri, 26 Nov 2021 17:31:08 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WlU%2B%2BHumXp4ZUPUhAbf%2FXyDm2QtRug3NEvlNWSiztQtZyUXlvfk0%2BYHGJ21LZiIWP3R%2F5K1BZhMTv11gUSpdL3vUmWnUKxBR1A2yowkM4bMsNQNzmIsQfalj8Ji80TfMnQf2jk%2BI9HaybaZTVmcgU0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8877804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 4.jpg
claimevent.gtwa.cf/alexFrontEnd/img/old/ 381 KB
382 KB 471ms
466ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/old/4.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ac7308fff173c8e87facb34137065e7f62625194bbbb30f23529c843c446f8b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 390294
last-modified: Fri, 26 Nov 2021 17:31:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lUQ%2BD3Fb5TS3OBe6SqZ96WeVXmqhmQYCydO9QV6cH8%2B05jC4RElbWkFvVAtPTfBcKVnK6abgntq%2B1yaZJbSI00IUIwv5kXXKOit%2BJ%2F7mJ3bnTGMtvbYnDouVJqlD7X1EPEw%2BLREl6JldjpmxzbuNjyc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8887804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 5.jpg
claimevent.gtwa.cf/alexFrontEnd/img/old/ 388 KB
389 KB 486ms
480ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/old/5.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b0ecc1e9e4e158eabdd10f7baad68d9b5e589b988a36e6f69ee1d317a63134

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 397739
last-modified: Fri, 26 Nov 2021 17:31:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9uJhhGbE7g%2BVk52jUFgoOjRFBElXExAZk43%2BF47OkDI5bp1mcDbPvcW%2FPHYt8zBCI4XZv9gzmQi8R3TbGs2YzSkyjV%2FBNhLOZ79lg4dLbe4KO13R8sg0ct41pjOAD019cESW3KRRGxs5S4bhlCn81pY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8897804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 6.jpg
claimevent.gtwa.cf/alexFrontEnd/img/old/ 379 KB
380 KB 500ms
495ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/old/6.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24b5ad3721e8789fd8017b45a2eecfe4fb958f1f88f6bdd9f877df22a052d6f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 388518
last-modified: Fri, 26 Nov 2021 17:31:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96CaXXv3o%2FQEOLP2UfezJfYb11GoYwVbzYZuHi0MXqDOc3arEXU%2FgKzUfFPUHoBODrq5kKtSnC%2BvUDTnyruik3uCZoIqZPM128T5RC8rTzfXa515WtJIY3jHzioGRddaJwQYMQ7H4i8fLxoo3UHiTRU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa88a7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 7.jpg
claimevent.gtwa.cf/alexFrontEnd/img/old/ 357 KB
358 KB 501ms
496ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/old/7.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8d80ea9ce6e3c0adf31dd0f7ff58ace0aa86414fc78672f17d2e64856358d30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 365670
last-modified: Fri, 26 Nov 2021 17:31:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISPkZZmPwsoQzByMQ80iWH0%2Bu4qWBwMxiHT9iFUsnl22%2F0RKZ5mWkL5Y1A1qC3i5%2Bp%2Fxe762vCQLdcYfQM0bgNreUljUMcqPHWtgsHLuEf1gcwrxFQZxgk6JXgxH1Mn0IAHMxw7KHBgTuBdekDNxXdI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa88b7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 8.jpg
claimevent.gtwa.cf/alexFrontEnd/img/old/ 162 KB
163 KB 473ms
468ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/old/8.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1208995d359654233b5fd7e9719f4fa563ac44e3491010ff7a2bd7b9e85db9b0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 166206
last-modified: Fri, 26 Nov 2021 17:31:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PxG03mdvKPILbrit83zLdBOFvIfNZJF%2BkS%2BqEkS6Jr9hUJsAo7OF3xd3iV0JjZg2NigqK7LEAwZJa7Cu8JWvqQc43xnzYm8Vkz6O1GpSsS7bHXizIKdOQ6eJgbcAvcjaSKcEsRRTfoR2WeqLIs%2FXjzU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa88c7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 9.jpg
claimevent.gtwa.cf/alexFrontEnd/img/old/ 172 KB
172 KB 487ms
482ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/old/9.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c85bd2a679945f3944ec48013d6bf25cd163289c708be4e2542c7dafc5c6e02c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 175890
last-modified: Fri, 26 Nov 2021 17:31:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UOPCyI3GadKCRUA4DU5g9j%2BT%2Bnc%2Fjpe3IW%2FFAyFRBP9tHGwqTjhVJMbH8Xv0L%2FMJh1FSwrPiHWwGaj8JrE0Q2PNkyOZJ5%2BBnKMkcPWu8N91tA05arVj%2FdU5dbnmLtiXIfi7EXC7EyhhnW5e455gWxc0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa88d7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 10.jpg
claimevent.gtwa.cf/alexFrontEnd/img/old/ 86 KB
87 KB 448ms
443ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/old/10.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b996491d60df30c38f771cc080badce851dac36b592d560aedc89f3401fd3d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 88239
last-modified: Fri, 26 Nov 2021 17:31:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSYakyxkeSvoHyEWeHm2ZvyA5Yc5b2Hs1FHji3oUe1Gxihj4PY5y93cB%2FM4Xa%2BxZ0ZEusVLqBNc18pJl%2BrSquE3jHrGwmJdrWpzIE7NQs7Ao6HEeUJ2XSmxxk9iinNOknxPXmdZ7JezQ4Q6MBNgAfNM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa88f7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 11.jpg
claimevent.gtwa.cf/alexFrontEnd/img/old/ 101 KB
101 KB 474ms
469ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/old/11.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b72c8043029f9aa979b35a669e0b4cbbbcc7c6594179037b682f7a9a68b64816

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 103170
last-modified: Fri, 26 Nov 2021 17:31:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yxwsM4hK%2BrgTbSB8EK%2BlinQptSPODKIsvK6iYyaDu7Iud2SsI%2FBrfcRhQaAJUXHKH19B6jYTtlJTPPXYesP5%2FGAA7HWMhE9bAvl4tAEHFlTFe7LQTvLQpMYjov9T4LwlTbD5AAJWnqQ0XnLoSFSBwJg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8907804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 12.jpg
claimevent.gtwa.cf/alexFrontEnd/img/old/ 44 KB
45 KB 472ms
467ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/old/12.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95972543dc99b403517cfe1d576e314b347228997fe3487ea6df560c2992f38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45522
last-modified: Fri, 26 Nov 2021 17:32:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FAss0lj96lr6LV8dx%2Fin6CXFqQ1TFHiDFxDBjHeUqyCkWbute7fUgYj%2F%2BSwSo6zsYnhYSfNG4VcHVkqvptczpWBUpkyEB17ECQW9SpiniRgWJ86XNu%2FcQhfilrCY1FwZwpShiYd0xtgONUDs%2BfxMoVU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8917804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 9999D.png
i.ibb.co/gDq5s65/ 32 KB
32 KB 119ms
19ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/gDq5s65/9999D.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 0ce1d9f5e4ea5a1aa4680e596e349d1ef50e1eb88c41a03676ed8b3409a2f538

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
last-modified: Thu, 04 Nov 2021 22:24:44 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32887
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20211105-053313.jpg
i.ibb.co/19XmkWS/ 473 KB
473 KB 118ms
19ms Image
image/jpeg 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/19XmkWS/20211105-053313.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 32e0cfaa2b27f4047a852368e66447b0138fc8dda5a5a5bf31bf553f750a9008

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
last-modified: Thu, 04 Nov 2021 22:34:46 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 484068
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20211105-053249.jpg
i.ibb.co/SPXv0hc/ 473 KB
474 KB 116ms
19ms Image
image/jpeg 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/SPXv0hc/20211105-053249.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: b14878e3a6a21ef18f96d1a5024cf9808ef2c842682ddd0eba20c699552255fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
last-modified: Thu, 04 Nov 2021 22:34:45 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 484393
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20211105-053037.jpg
i.ibb.co/sP3WGhG/ 355 KB
355 KB 116ms
19ms Image
image/jpeg 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/sP3WGhG/20211105-053037.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: bcfbf39d2ea7a8d7ca17b047e6de0874c87e0be923a96b11ec295599cf37efc9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
last-modified: Thu, 04 Nov 2021 22:34:42 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 363024
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20211105-053112.jpg
i.ibb.co/zH4gqdr/ 357 KB
358 KB 106ms
19ms Image
image/jpeg 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zH4gqdr/20211105-053112.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: de3b5f98bf14028344112e571bb87310c9a18dd3c841d0c1bfea61560a750531

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
last-modified: Thu, 04 Nov 2021 22:34:42 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 365723
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20211105-053128.jpg
i.ibb.co/5ssZqrJ/ 356 KB
357 KB 59ms
58ms Image
image/jpeg 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/5ssZqrJ/20211105-053128.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 14379f6c0eec76ae0552cae0639b6e9899d857590724ed8c0146623a823a9326

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
last-modified: Thu, 04 Nov 2021 22:34:45 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 364821
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20211105-053358.jpg
i.ibb.co/zhj8SkP/ 443 KB
444 KB 59ms
58ms Image
image/jpeg 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/zhj8SkP/20211105-053358.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: f472c121eb1b002013a705ecbf182c5149799317655c44f1355dee0327644e30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
last-modified: Thu, 04 Nov 2021 22:34:47 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 453958
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20211105-053420.jpg
i.ibb.co/bQ5KXpx/ 441 KB
442 KB 59ms
59ms Image
image/jpeg 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/bQ5KXpx/20211105-053420.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: df686da5148ea07c222a21eca7f81ababf1af2527db5bdaa7c82b4d1b9a0f999

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
last-modified: Thu, 04 Nov 2021 22:34:48 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 451632
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1.jpg
claimevent.gtwa.cf/alexFrontEnd/img/incubator/ 213 KB
214 KB 471ms
467ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/incubator/1.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 432360a0d8577899a613c18a11150cb52fa83c4863e8495d8a5cb03fa431f9f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 218095
last-modified: Fri, 26 Nov 2021 17:32:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xzu%2FUCA2%2FSF8ykeuAPJCJ5XZWk%2FFKVTrKY0kbv6TOTWlAkE%2BiA8LaNNLOD5kKHLNoVb5%2Flcc%2Bq5tnEZ34wKI9QcQ7CBhBnXwFaRoMqVDdx6LZqa%2Bn2TgZuzwfgAcGC%2B6xKN9BcPE5L2W9YsOgqqEThE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8937804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 2.jpg
claimevent.gtwa.cf/alexFrontEnd/img/incubator/ 206 KB
207 KB 471ms
467ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/incubator/2.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 066a66ba427c860db53612941e0890e55c16cce0c6da02f8064bfa0e9f982c5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 211453
last-modified: Fri, 26 Nov 2021 17:32:58 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmjHSGPe3%2FQV0X2wpiz3XYkbQjzYPdcUB10Et0RAwow8oprWGFJTIaunMFAFrAhKdtxfZ6OEODvCATi7UG40fN0%2FN7y10OAGQuOg1j%2BRHtmBfHpEi1ovEdi0c%2BjUDVmeZH%2FJ0C6qj9ZJlnIivpKUS1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8947804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 3.jpg
claimevent.gtwa.cf/alexFrontEnd/img/incubator/ 199 KB
200 KB 478ms
474ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/incubator/3.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54766ddbc10eea8e43833d069e501a1d37f536c10fda70ac214b54ec0b36f9ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 204070
last-modified: Fri, 26 Nov 2021 17:33:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TjN74MmngKS5fR4Z2bkfOY1i0KxAoAFRwfC9iOhAgPUxmdrw9hnk7BTGvJlAjA4a7wVM7hpCzvNOe79SmC6YH1wCTWwktEYZGBx%2FmX83bvoCN%2F%2F54T6lf5xfjEoilQlEnnq%2F%2BRLZwcFjIe0J7X1TqM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8957804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 4.jpg
claimevent.gtwa.cf/alexFrontEnd/img/incubator/ 224 KB
224 KB 485ms
481ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/incubator/4.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f9aa3f338c963184e538c4e95e870151884195009ae9b22c9d5efa75bdc1470

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 229064
last-modified: Fri, 26 Nov 2021 17:33:10 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KCPq0EGqt9KMU2J9KoBSJwNFQZ3Mzf6xELaV79fL3w8jfX5zcL0%2Ftz6wN9AJu1jFA7sH8HFQiSU5Qxc5Zsrf1n6m%2B%2BqI4cshJK4BW9hXvllGbgow4AwhsQJVimmDTiNkGHQH0J%2FrWgLIrxJYzgTmROM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fa8967804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 5.jpg
claimevent.gtwa.cf/alexFrontEnd/img/incubator/ 199 KB
199 KB 473ms
469ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/incubator/5.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6365b5bbe4cffa59b8515a838927b10e76d5857cd63db08bf427f64c7f84af70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 203356
last-modified: Fri, 26 Nov 2021 17:33:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xuDk9oOXvG5URmV9Vhc8IwJquDdpE7nX8m3F06ndGOp7G1eA5%2Bmn1LGLYUMzJl0kzun4KGrvzmrcF12h7D5Ev1HO27g%2F23vQ4n%2Fd3WjVjmvltq4uP%2BU%2B5bt7AJEprBStKuEKXA48Y2%2Bdagr%2BV%2FPq89E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fb8997804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 6.jpg
claimevent.gtwa.cf/alexFrontEnd/img/incubator/ 199 KB
200 KB 453ms
450ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/incubator/6.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb002d4c53011b4be44acb1ddca73df659494e1658c3a13c8967b142ca1c94ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 203959
last-modified: Fri, 26 Nov 2021 17:33:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tjo6iBybEPE86yINPxs7W1alsBgqJdaqta9qOA4uSXUFsNCVq89X0NlLSPfeo94MKnRkH5znKumBuFAL2Cz4RezuwUplDvEkF7lAP2tyNrIIld2LRAzLTxHeKTu4qoQZf%2BT4eDUAWEaosFQKo5X8Woc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fb89c7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 7.jpg
claimevent.gtwa.cf/alexFrontEnd/img/incubator/ 49 KB
50 KB 483ms
479ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/incubator/7.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2359cf927a5bbda709fbb0531148d81bcc4a873e6fd18f6ce706d4b00f5cae1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 50672
last-modified: Fri, 26 Nov 2021 17:33:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3kuq1LEGXTDXQOX0oYzhND2p2QXVH3024aY%2ByqVWpgMWb0JCZWAUzoVj6pZYkZRdrbKCnKdRthnHvd0yIhSdt%2FPsp6CwT9WqHLOPgE2ciw7w3OZeg3jJIEnh%2FbPg8uBZYOzURGNiNvLDzEP8IThWuVA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fb8a07804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 8.jpg
claimevent.gtwa.cf/alexFrontEnd/img/incubator/ 48 KB
48 KB 478ms
475ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/incubator/8.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aab4a64538ebbcdd333ca42c9e93805fe34163e92144a54d7ca495c713ff188a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 48698
last-modified: Fri, 26 Nov 2021 17:33:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bpUNqhMHdCoJD8ELtJQmv7Igq5sxl%2Bt%2BShC29rUCUwaHTrzmu9nQQLfM1yldVDgdehcLDA2GjJLO%2FbBsM8o3Omf43ouOKIkCUySVpJQD1BE96e4Lk57yTafpyC0V8i%2BxuzPG0ASyNun7qNMjDZriOOo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fb8a47804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 9.jpg
claimevent.gtwa.cf/alexFrontEnd/img/incubator/ 50 KB
50 KB 499ms
495ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/incubator/9.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42903fcad713b0014a7e5be06a3766e3bd9628e7a953fc5a5322cefdc4a6e58e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 51127
last-modified: Fri, 26 Nov 2021 17:33:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mKnukDaswY7PIYsZhegLyJJfnhD%2BHQCF%2FPKol2Bso76Ky8rUMmNndP7QD1A5QBOr5OnJHvINVpKr4KHdFUVb8VL9J7P9EcRE%2BEuddSkiR8rzPGYfTGzHOiEDdv3iIrh5J6EbDPD72zgsFn0UYBiUyHE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fb8a57804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 10.jpg
claimevent.gtwa.cf/alexFrontEnd/img/incubator/ 45 KB
46 KB 464ms
461ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/incubator/10.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae20bf11b911ca15a9a2dea24506d4c41f88f10d5889b32a05b2285f9e92c0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 46304
last-modified: Fri, 26 Nov 2021 17:33:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=suFxx8cLO9RGIyMAmlYBDEgtqtypPsK4xA6m9EqrPPNImwUZteooXMnv7UklSFGH28M%2BeDGggjdaC%2B0pLgLJpCHzytFS%2FIk3wW0oKTTmNu0bDO2fZ3IV9vKVX%2B6T3runlWTY6Ml%2FDMPjEFRzLg0b7g0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fb8a77804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 11.jpg
claimevent.gtwa.cf/alexFrontEnd/img/incubator/ 49 KB
49 KB 453ms
449ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/incubator/11.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46db22ef287aa6aec91f1b7c2d907d604fc50121980e93fff4894766a0c56497

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 49868
last-modified: Fri, 26 Nov 2021 17:34:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYKm8B6oCiuOaQVO9QcplFCBDccZCmPN%2FBUU5FhIlasF3GSaYUb%2FhgBBzGfXJxLquVkGhc1PravSkuVo%2FYL2U0%2B1hcLLoYzL93Fh5ZsgI7vOJZWJJDz23Fn0YT36y6Huarnqbg6xtoJozODbRBTrCzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fb8a97804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 12.jpg
claimevent.gtwa.cf/alexFrontEnd/img/incubator/ 48 KB
48 KB 467ms
464ms Image
image/jpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/incubator/12.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0232ea5c04d1461e8b723fe5bba7304eaedd1ffb882057bb742b699c80aab0e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 49084
last-modified: Fri, 26 Nov 2021 17:34:04 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hNR5%2B7QyF9h2Vt7K%2FB%2Bsdrq%2Bom2%2F%2BZd%2Bc88q%2BuHob0KNd0551CFMerqo8OGLlaPI0GyZOiSOxAoqRfBz4Uuh0QZxrmyVhKAsmHY6%2FiUYLTKDjowAmi8BuS90K9Mi1Z4VkOd9xYmLChBFPYCIbYK0kQM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fb8ab7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 pistol.png
claimevent.gtwa.cf/alexFrontEnd/img/menu/ 19 KB
19 KB 252ms
249ms Image
image/png 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/menu/pistol.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7865b49c794f89a6fa6d73c204f7e67389d0ccd1e6b0cbddee5e5fc6af2d92a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19467
last-modified: Fri, 26 Nov 2021 17:34:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kK3t%2BZuTQ2nxUtSu8AehBQbbRYr1JSR3JJCl8pugUxDfcr0zpc5nJX3x566YTij3SrojW4Ceiw%2Fnka3djjv1ixlrVUZMgXWUL8mj4DXjt2ZoO53PD6AhXjBwYcb2VJz7%2Fa7SOSaAWMEOVZFdEIjlWKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fb8ad7804-VIE
expires: Fri, 03 Dec 2021 13:58:00 GMT

GET
H2 200 tshirt.png
claimevent.gtwa.cf/alexFrontEnd/img/menu/ 15 KB
16 KB 342ms
339ms Image
image/png 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/menu/tshirt.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67a361a76aae93a4fc922a537d4cbeed6f481a8cb262fe90bee35f9ac1b6f2aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15703
last-modified: Fri, 26 Nov 2021 17:34:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2ButGJM%2F6oSYxFdyOMq0NqLSbBwg8%2F8s0Tt1BO7z0qBoojMyRr0EzplQZXxNb%2FZtV5Is4UVGM52WLgXZucnqbDWOhQW7uLezX2MYF1COpoTKIFlZxFpf2RX%2FYpX64%2FCa06DEked%2FuMsLpJAWDc0njM0I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fb8ae7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 diamond.png
claimevent.gtwa.cf/alexFrontEnd/img/menu/ 19 KB
19 KB 353ms
350ms Image
image/png 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/menu/diamond.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d8b3d02d78e01055fe1216bf6650569307b54fd6656ce2905585fca73a60b19

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19489
last-modified: Fri, 26 Nov 2021 17:34:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JzFPfnx8gpQMF%2Bymfquqj7zkCWSV6tTZCsSwlstUvACEACR09uVoNhIdmYikZDhqu3lwdHEHewLOBxhc4pg8w7hNcx1wi6H9SQY2fgO%2FwPp2F%2BW16oJhqQXxRgIHl%2F0VkYFoyjzJqpL2vSwXNzSkRNU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fb8af7804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 jacket.png
claimevent.gtwa.cf/alexFrontEnd/img/menu/ 36 KB
36 KB 376ms
374ms Image
image/png 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/img/menu/jacket.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d395a80fb01a3f07d6cfb88b71836cc44893d0d890e15a1dc0699c00bee74db8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 37009
last-modified: Fri, 26 Nov 2021 17:34:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gJmeCI6HEnt53s4y1qH9T7WekqI9GiqysEPDzFtzrHK0tXAcNSKoaDndZM%2B42ubLOId4Mnelgdx8%2Fa5sZptq6tRTJzRftCXxAs1PacEcViy79C%2Fmnx9YcANx9JDs12nfN6GBgboCAtE3QWwWP%2BQCzUM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6b43a10fb8b37804-VIE
expires: Fri, 03 Dec 2021 13:58:01 GMT

GET
H2 200 1.jpg
i.ibb.co/dW02vDC/ 77 KB
77 KB 59ms
59ms Image
image/jpeg 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/dW02vDC/1.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 355c5fb2f6587040eb783d3348ff54ca3ee3939c0bdee1d508a7275cfd9c2ab4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
last-modified: Thu, 04 Nov 2021 16:42:13 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 78490
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 facebook-text.png
i.ibb.co/wWvFFK6/ 28 KB
28 KB 59ms
59ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/wWvFFK6/facebook-text.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
last-modified: Thu, 24 Jun 2021 19:26:23 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 28789
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 ff-max-icon.webp
rawcdn.githack.com/AlexHostX/logAlex/0f0c201d90f17bebfbd3aa573259bc01dacd2b64/ 56 KB
57 KB 80ms
40ms Image
image/webp 2606:4700:3038::6815:eae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rawcdn.githack.com/AlexHostX/logAlex/0f0c201d90f17bebfbd3aa573259bc01dacd2b64/ff-max-icon.webp

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3038::6815:eae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6edffde81a8496c3bf5561470d93d1854edf720679a86763b50e30bf2e66afb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id: 60fe6df3048b908d40a4752ec63272f4de9070b6
date: Fri, 26 Nov 2021 13:58:01 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 260865
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 57752
x-served-by: cache-bma1646-BMA
x-robots-tag: none
server: cloudflare
x-github-request-id: 90C4:8374:C09AD4:D11311:619BB8FB
x-timer: S1637595388.641154,VS0,VE186
etag: W/"43d056bd396a1ddb090fb30c6ac9a9aec828619ddac0adee67d93d4667125dfd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YXW3PZVC9k4ofd90Ri43o%2BvYxxx8A74P5vUQ091Iw2fiR4yx2rWceFIf7CzVloMVnoDHFxw9DUGnevpuQDTnviw6ZhwcNVOlOOcnGRedsyDhzv99KpmmQ5Ku26gnro3H%2B22lCoYZRkj2ki8eOsQv6zI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
cf-ray: 6b43a1107ce0fc9d-VIE
x-cache-hits: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 36ms
8ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 08:14:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 193439
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Nov 2022 08:14:01 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
30 KB 44ms
16ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 15:43:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 598480
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Nov 2022 15:43:20 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 82 KB
29 KB 47ms
19ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:41:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29671
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Nov 2022 21:41:31 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.3/ 82 KB
29 KB 50ms
23ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2452
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29707
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Sat, 26 Nov 2022 13:17:08 GMT

GET
H2 200 input-exception.js Show response
rawcdn.githack.com/AlexHostX/protect/aaa1462a19b8d8b6cbd68101a5ac89f4955b49de/ 9 KB
1 KB 97ms
33ms Script
application/javascript 2606:4700:3038::6815:eae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/protect/aaa1462a19b8d8b6cbd68101a5ac89f4955b49de/input-exception.js

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96df2f4735650bfe911e983781783284646ff7cc8109e0dfeb6de8056f1a7654

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id: ee68aca5bfbb978ab490f21b1040162996852972
date: Fri, 26 Nov 2021 13:58:00 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 604184
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-bma1658-BMA
x-robots-tag: none
server: cloudflare
x-github-request-id: 0A8C:3598:1E8D944:1FD486B:618FF7CB
x-timer: S1636825036.673137,VS0,VE216
etag: W/"7efc1fe69d2bae7cf5f7f6503e53cd6825675b937514a5660fadff678c23ad05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OJXeTp1rQOFH%2Be80ZwXyW4r5Hogy8zb9MRbU01ELAhEApcLLxKttmKPHA62gTDt%2FgkCdY6Lmp7JXj92ZKUbS0n8QaDUZvh7R5cudLo1V6eGd6wPtK2V1q00jalNLfAj5awB9l7iroCbjAiyuTF03W1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
cf-ray: 6b43a10ffa8d78ac-VIE
x-cache-hits: 0

GET
H2 200 watermark.css
rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/ 105 B
517 B 99ms
35ms Stylesheet
text/css 2606:4700:3038::6815:eae6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rawcdn.githack.com/AlexHostX/protect/a64076479559076b6e31356a0fb6188d291204ce/watermark.css

Requested by

Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3038::6815:eae6 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03845ae6fc5097c5f107ffc206c3fe329a962d045b23151188b6dab3ef4fbcc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-fastly-request-id: 2f15eaf0085dfb5836f1ec01fb35064618f1bf90
date: Fri, 26 Nov 2021 13:58:00 GMT
via: 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 604184
source-age: 0
x-cache: MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-bma1624-BMA
x-robots-tag: none
server: cloudflare
x-github-request-id: 5326:15E6:289DCEC:2A72973:6195486E
x-timer: S1637173358.377950,VS0,VE204
etag: W/"8cbc601be6a6a4a8de11e874a08f4635bb2103954e29be8f44a2287251cf89b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Authorization,Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VNFq9Gy9o9GM3QfJRTap1eu2PE6EDqJkMqjuMNGXE4Ytxpm0i3BhzxxhGQo82jJezNYsUuk489ZCU6rfe3BTm1Jn%2BdABrz98ArxDhe0q6JqUdnHPynjbCd0mJuM5Ml43nwoJaFZrZaSHzAQhZXK281k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-githack-cache-status: STALE
cache-control: max-age=315360000, public, immutable
cf-ray: 6b43a10ffa8e78ac-VIE
x-cache-hits: 0

GET
H/1.1 200
OK bg_news.jpg
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/ 99 KB
99 KB 26ms
25ms Image
image/jpeg 2.16.107.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/bg_news.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/alexFrontEnd/css/style-AlexHost.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7dad3b583982c93797143d047f54994aadc9695f715eb7f994cca09a45f9f7e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 13:58:01 GMT
Last-Modified: Tue, 20 Apr 2021 09:09:14 GMT
Server: AkamaiNetStorage
ETag: "51f58699119c3da820f1a6bc9db41120:1618909775.364818"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101131

GET
H/1.1 200
OK swiper_light.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/v4/ 12 KB
12 KB 13ms
13ms Image
image/png 2.16.107.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/v4/swiper_light.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/alexFrontEnd/css/style-AlexHost.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 3efb19f7cb50d2fde0a12e2b0e8388c9d8ab0ac6140a61ec159b18eafc450ac1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 13:58:01 GMT
Last-Modified: Tue, 27 Apr 2021 07:44:11 GMT
Server: AkamaiNetStorage
ETag: "99aeeb8b0ec5008215a0423635beeb83:1619509505.86762"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12406

GET
H/1.1 200
OK brushed_metal.jpg
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/ 253 KB
253 KB 22ms
21ms Image
image/jpeg 2.16.107.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/brushed_metal.jpg
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/alexFrontEnd/css/style-AlexHost.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2ebd8a8e1938ff33366a70f72ac90bcd80e04024e220fa2bd570a21c952acaae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 13:58:01 GMT
Last-Modified: Fri, 23 Apr 2021 02:46:09 GMT
Server: AkamaiNetStorage
ETag: "7d3f40127316b51c3ed7eff0399bff8c:1619146646.85788"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 258656

GET
H/1.1 200
OK redirect_2.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/ 36 KB
37 KB 14ms
14ms Image
image/png 2.16.107.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/redirect_2.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/alexFrontEnd/css/style-AlexHost.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 093dbebff97a7ea70010510acdf553680b04cbb5656cc406ba3ed7a5d5e533ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 13:58:01 GMT
Last-Modified: Thu, 22 Apr 2021 09:14:25 GMT
Server: AkamaiNetStorage
ETag: "bc9c01607e9e947578087db60c920b39:1619082894.434653"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37239

GET
H/1.1 200
OK redirect_1.png
freefiremobile-a.akamaihd.net/common/web_event/maxoffical/ 9 KB
9 KB 33ms
21ms Image
image/png 2.16.107.26
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://freefiremobile-a.akamaihd.net/common/web_event/maxoffical/redirect_1.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/alexFrontEnd/css/style-AlexHost.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.107.26 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-107-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c33ea1ee19cdd2943b0cc8f82f873fdab0b0562b42b6ffa65ce92147eb119511

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 26 Nov 2021 13:58:01 GMT
Last-Modified: Thu, 22 Apr 2021 09:14:26 GMT
Server: AkamaiNetStorage
ETag: "d05c87edc117884594dfaf1bba2076d9:1619082894.211372"
Content-Type: image/png
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8903

GET
H2 200 20211105-012906.png
i.ibb.co/hYTXtNs/ 278 KB
279 KB 66ms
66ms Image
image/png 152.228.223.13
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/hYTXtNs/20211105-012906.png
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/alexFrontEnd/css/style-AlexHost.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 152.228.223.13 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3190386.ip-152-228-223.eu
Software: nginx /
Resource Hash: 7ee3e894b011e6438812bb6d085a2d92cd55049b7c39f73a0c67d3164f237437

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://claimevent.gtwa.cf/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
last-modified: Thu, 04 Nov 2021 18:29:24 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 285178
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7cHqv4kjgoGqM7E3_-gs51os.woff2
fonts.gstatic.com/s/barlow/v5/ 20 KB
21 KB 50ms
16ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v5/7cHqv4kjgoGqM7E3_-gs51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Barlow:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://claimevent.gtwa.cf
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 17:21:59 GMT
x-content-type-options: nosniff
age: 246962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20348
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:07:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 17:21:59 GMT

GET
H3 206 FF_SFX_WebEvent_UI_Confirm.mp3
claimevent.gtwa.cf/alexFrontEnd/audio/ 11 KB
12 KB 276ms
274ms Media
audio/mpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/audio/FF_SFX_WebEvent_UI_Confirm.mp3
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2f2f972609ca6152a6785ca6fc16d40327e1a3262b63fc47769894850aab00b

Request headers

Referer: https://claimevent.gtwa.cf/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Nov 2021 16:54:20 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IuHexS7QyiXD4JIgsDjfTKeQ6F7amHmR5KJ0tdkYBLLFltjkjviDrp%2FCv3kJuYZbhukr9E4s2jIb2cdf0t6J6bVkDMKM0sOzFevjBND5g0R5Ikyfh04MXaMzHfO4Vzook7v6dseboL%2FzUDPi%2B19f%2BXw%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-11611/11612
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6b43a1117f376853-BUD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 11612

GET
H3 206 FF_SFX_WebEvent_UI_Close.mp3
claimevent.gtwa.cf/alexFrontEnd/audio/ 5 KB
6 KB 257ms
256ms Media
audio/mpeg 2606:4700:3034::ac43:b505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimevent.gtwa.cf/alexFrontEnd/audio/FF_SFX_WebEvent_UI_Close.mp3
Requested by: Host: claimevent.gtwa.cf
URL: https://claimevent.gtwa.cf/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::ac43:b505 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 172b85391102075085495185ab437fbc480a57c4f747f7982d37e7d1de8c6ddc

Request headers

Referer: https://claimevent.gtwa.cf/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 26 Nov 2021 13:58:01 GMT
cf-cache-status: MISS
last-modified: Fri, 26 Nov 2021 16:54:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o8QnF8HN0SAPdG4jLRWbxpu6eGoFFOibhYkpM3pbRTiU67jrb3gij6C6D1MUr3%2FH571PfyvRL05nGOdjNdTbQErDfEEPBhy0KYoHj6O0ctS%2BMoNoo2RdyX7aThYLxjCU7vgjmhdm%2Bo57LaR83EtFlnE%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg
Content-Range: bytes 0-5347/5348
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6b43a1117f3b6853-BUD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length: 5348

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
claimevent.gtwa.cf
dl.dir.freefiremobile.com
fonts.googleapis.com
fonts.gstatic.com
freefiremobile-a.akamaihd.net
i.ibb.co
rawcdn.githack.com
stackpath.bootstrapcdn.com
www.w3schools.com
152.228.223.13
192.229.133.221
2.16.107.121
2.16.107.26
2606:4700:3034::ac43:b505
2606:4700:3038::6815:eae6
2606:4700::6810:125e
2606:4700::6812:bcf
2a00:1450:4001:810::200a
2a00:1450:4001:82b::2003
2a00:1450:4001:831::200a
0232ea5c04d1461e8b723fe5bba7304eaedd1ffb882057bb742b699c80aab0e7
03845ae6fc5097c5f107ffc206c3fe329a962d045b23151188b6dab3ef4fbcc5
066a66ba427c860db53612941e0890e55c16cce0c6da02f8064bfa0e9f982c5e
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
093dbebff97a7ea70010510acdf553680b04cbb5656cc406ba3ed7a5d5e533ba
0960b82273abe1a1555f0814c246303b35c8ce6a5534a2fd09d1d33675a93126
0b24f35c69c93dc3aec5ea3f18a80353eaad32beb234c4e3001c1bcfdf9bd15b
0ce1d9f5e4ea5a1aa4680e596e349d1ef50e1eb88c41a03676ed8b3409a2f538
0e32e347f1375a0869711eb1589ecc0420c2e44ccaa19acaf2b625086a63e560
1208995d359654233b5fd7e9719f4fa563ac44e3491010ff7a2bd7b9e85db9b0
14379f6c0eec76ae0552cae0639b6e9899d857590724ed8c0146623a823a9326
149553642818662d9d70de74ce34dea2921f978ab484f8c05bb1e9ea2dc74037
172b85391102075085495185ab437fbc480a57c4f747f7982d37e7d1de8c6ddc
1ac7308fff173c8e87facb34137065e7f62625194bbbb30f23529c843c446f8b
2056937c6ec7a210cbd8a72cb8e97acbaad99455a8ce48e9b16d7c42d62cbdc4
24b5ad3721e8789fd8017b45a2eecfe4fb958f1f88f6bdd9f877df22a052d6f1
2876317ed4d3b97531299a3282da4ef8119cc0a6e653560adb827430fc59991e
2d8b3d02d78e01055fe1216bf6650569307b54fd6656ce2905585fca73a60b19
2ebd8a8e1938ff33366a70f72ac90bcd80e04024e220fa2bd570a21c952acaae
2f0680ec52ff2a8cd1c63512c78b9a7af0d369717e59578277e1f0b93fae39e4
32e0cfaa2b27f4047a852368e66447b0138fc8dda5a5a5bf31bf553f750a9008
355c5fb2f6587040eb783d3348ff54ca3ee3939c0bdee1d508a7275cfd9c2ab4
39ae20bf11b911ca15a9a2dea24506d4c41f88f10d5889b32a05b2285f9e92c0
3a124f7c8781af398764ba316b3fa7bad44e83520f78a90521b0cbb3012a783b
3efb19f7cb50d2fde0a12e2b0e8388c9d8ab0ac6140a61ec159b18eafc450ac1
42903fcad713b0014a7e5be06a3766e3bd9628e7a953fc5a5322cefdc4a6e58e
432360a0d8577899a613c18a11150cb52fa83c4863e8495d8a5cb03fa431f9f6
46db22ef287aa6aec91f1b7c2d907d604fc50121980e93fff4894766a0c56497
480e24cce7e7d225ffb50dc58b21a81bc99006e0894f0ef52a01203774495050
516ec8f5074cc7e52bfc102e42923b36d36729496cc69aa6a84a1ecbd4bc44fd
54766ddbc10eea8e43833d069e501a1d37f536c10fda70ac214b54ec0b36f9ac
5711c16803d5ad559dfd341cf8366d2863d2e150cb54dd9c64a9a9a642967620
59b0ecc1e9e4e158eabdd10f7baad68d9b5e589b988a36e6f69ee1d317a63134
5c91a3f8654051a93899960e8cc6053250bc90f8e4a9567c309d963dcd72c818
6365b5bbe4cffa59b8515a838927b10e76d5857cd63db08bf427f64c7f84af70
66745d3a3840524541561864fccc2b27158f4e3dff8c190e4c3366e5dc3f1ce1
6754b08e6e658246f0d71f02c406517d88c1a0e1455b2d3bdc06db2f3d54739e
67a361a76aae93a4fc922a537d4cbeed6f481a8cb262fe90bee35f9ac1b6f2aa
6edffde81a8496c3bf5561470d93d1854edf720679a86763b50e30bf2e66afb1
72c76d5534a6e0df94fec3302fac7e96054d1e1665430ee6dc74e70261926613
7865b49c794f89a6fa6d73c204f7e67389d0ccd1e6b0cbddee5e5fc6af2d92a4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b8542123bfc06f37312a1756361916d7e3f7a1af974877a63da2b2ff8dd03ab
7dad3b583982c93797143d047f54994aadc9695f715eb7f994cca09a45f9f7e1
7ee3e894b011e6438812bb6d085a2d92cd55049b7c39f73a0c67d3164f237437
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8af93bd675e1cfd9ecc850e862819fdac6e3ad1f5d761f970e409c7d9c63bdc3
96df2f4735650bfe911e983781783284646ff7cc8109e0dfeb6de8056f1a7654
9e42ff7e13eeea40c241c5406255e8efd322128dba76cfffbfa71263b41b1b8a
9f9aa3f338c963184e538c4e95e870151884195009ae9b22c9d5efa75bdc1470
a932647f3f142202bc341dd50cb0c949fb4cca3f2dc39b6cc3aa749902946893
aab4a64538ebbcdd333ca42c9e93805fe34163e92144a54d7ca495c713ff188a
adcab86657a7a2669c7d7434397486372c7b0b9b50e34c379166bf957e4e7da8
b14878e3a6a21ef18f96d1a5024cf9808ef2c842682ddd0eba20c699552255fa
b2359cf927a5bbda709fbb0531148d81bcc4a873e6fd18f6ce706d4b00f5cae1
b27a41813f7963b39fe1755ad31a133c30066d5a8fcabf9710b44556109aba17
b2f2f972609ca6152a6785ca6fc16d40327e1a3262b63fc47769894850aab00b
b4e430ab7b2405f6bc883baf550a035edc912aa51f0ac061e5faa78b873fff12
b72c8043029f9aa979b35a669e0b4cbbbcc7c6594179037b682f7a9a68b64816
b996491d60df30c38f771cc080badce851dac36b592d560aedc89f3401fd3d6b
bcfbf39d2ea7a8d7ca17b047e6de0874c87e0be923a96b11ec295599cf37efc9
bf6c1e2f8c250b7efeb5d250181599880b1c17efc3c94466aa5d847454bf14ef
c33ea1ee19cdd2943b0cc8f82f873fdab0b0562b42b6ffa65ce92147eb119511
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
c85bd2a679945f3944ec48013d6bf25cd163289c708be4e2542c7dafc5c6e02c
c95972543dc99b403517cfe1d576e314b347228997fe3487ea6df560c2992f38
cb529b14d072c791be4cb6c352e3fe0efae788e759034ebfd547c71a3f0d9bfe
cff81f8984cdebd9f5039cd4c058d7d67bba4b92666dc0605f47c44b6a761df2
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d395a80fb01a3f07d6cfb88b71836cc44893d0d890e15a1dc0699c00bee74db8
de3b5f98bf14028344112e571bb87310c9a18dd3c841d0c1bfea61560a750531
dec3e9f0190a504ed0c8f4a5e957c107206ba106cac4a1bbb6cbac6369a16d56
df686da5148ea07c222a21eca7f81ababf1af2527db5bdaa7c82b4d1b9a0f999
e1736ebdbb540fc361581e9254a04234e6f663af89db30ea15fe783d8f50827d
f1c97d66f10dabb630892e9286fb3881349530e66651f55e078c8f425993aa8a
f472c121eb1b002013a705ecbf182c5149799317655c44f1355dee0327644e30
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8d80ea9ce6e3c0adf31dd0f7ff58ace0aa86414fc78672f17d2e64856358d30
fb002d4c53011b4be44acb1ddca73df659494e1658c3a13c8967b142ca1c94ba
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

claimevent.gtwa.cf Open in urlscan Pro 2606:4700:3034::ac43:b505 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

83 Requests

100 %HTTPS

64 %IPv6

10 Domains

11 Subdomains

11 IPs

3 Countries

10664 kBTransfer

11085 kBSize

0 Cookies

0 Outgoing links

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

claimevent.gtwa.cf Open in urlscan Pro
2606:4700:3034::ac43:b505 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

100 %
HTTPS

64 %
IPv6

10
Domains

11
Subdomains

11
IPs

3
Countries

10664 kB
Transfer

11085 kB
Size

0
Cookies

83 HTTP transactions
0 data transactions