urlscan.io logo urlscan.io
SecurityTrails logo

xclaim.club Open in urlscan Pro
2a06:98c1:3121::7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://nearnymphs.xclaim.club/
Effective URL: https://xclaim.club/redirect/NEARNymphs
Submission: On March 22 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 19 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is xclaim.club.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 6th 2022. Valid for: a year.
This is the only time xclaim.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 8 2a02:6b8::1:119 208722 (YNDX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
19 7
10    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
nearnymphs.xclaim.club
xclaim.club
ka-f.fontawesome.com
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)
xclaim.club
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 28691
3 KB
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1590
ka-f.fontawesome.com — Cisco Umbrella Rank: 2959
183 KB
6 xclaim.club
nearnymphs.xclaim.club
xclaim.club
1 MB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2926
71 KB
1 gstatic.com
fonts.gstatic.com
31 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
109 KB
19 7
Domain Requested by
6 mc.yandex.com 2 redirects mc.yandex.ru
xclaim.club
5 ka-f.fontawesome.com kit.fontawesome.com
xclaim.club
5 xclaim.club xclaim.club
2 mc.yandex.ru 1 redirects xclaim.club
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com xclaim.club
1 cdn.jsdelivr.net xclaim.club
1 kit.fontawesome.com xclaim.club
1 nearnymphs.xclaim.club 1 redirects
19 9

This site contains links to these domains. Also see Links.

Domain
tyomar.me
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-06 -
2023-01-05		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://xclaim.club/redirect/NEARNymphs
Frame ID: 914B07651E328B954F26271995504B7D
Requests: 17 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 4C517BD7BED953246DEF02797ECD218B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

xClaim.Club

Page URL History Show full URLs

  1. https://nearnymphs.xclaim.club/ HTTP 301
    https://xclaim.club/redirect/NEARNymphs Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

19
Requests

89 %
HTTPS

100 %
IPv6

7
Domains

9
Subdomains

7
IPs

3
Countries

1825 kB
Transfer

2602 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://nearnymphs.xclaim.club/ HTTP 301
    https://xclaim.club/redirect/NEARNymphs Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9585.Bzc3iIlDzXTBaAtA1NMoeOs2bvD7LKPntdXxzumVRQCgwN6UtfQ6Ia-3KSoRS3dP.xhXIe_vurl4eUrSco0dbORGiwNg%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9585.SA-bWduTao5v4vdLRYPrgIKR4DJPfuU28wHDq8n05mdP02Vm_iuKeUBjqos4GvNJNrwQ3RIbn-mAu1cUFg3nxg%2C%2C.vf33AxOFYsDe4aXruE2gbISu-Hk%2C
Request Chain 17
  • https://mc.yandex.com/watch/87896175?wmode=7&page-url=https%3A%2F%2Fxclaim.club%2Fredirect%2FNEARNymphs&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3tn4l177a5d38xgxq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1626868888633%3Ahid%3A692636751%3Az%3A0%3Ai%3A20220322081000%3Aet%3A1647936601%3Ac%3A1%3Arn%3A737239931%3Arqn%3A1%3Au%3A164793660112067973%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647936600076%3Ads%3A0%2C0%2C165%2C0%2C212%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Aafr%3A379h473e_1f-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Ast%3A1647936601%3At%3AxClaim.Club&t=gdpr(14)aw(1)cs(kcabe)efid(1)afr(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/87896175/1?wmode=7&page-url=https%3A%2F%2Fxclaim.club%2Fredirect%2FNEARNymphs&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3tn4l177a5d38xgxq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1626868888633%3Ahid%3A692636751%3Az%3A0%3Ai%3A20220322081000%3Aet%3A1647936601%3Ac%3A1%3Arn%3A737239931%3Arqn%3A1%3Au%3A164793660112067973%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647936600076%3Ads%3A0%2C0%2C165%2C0%2C212%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Aafr%3A379h473e_1f-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Ast%3A1647936601%3At%3AxClaim.Club&t=gdpr%2814%29aw%281%29cs%28kcabe%29efid%281%29afr%281%29ti%282%29

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request NEARNymphs
xclaim.club/redirect/
Redirect Chain
  • https://nearnymphs.xclaim.club/
  • https://xclaim.club/redirect/NEARNymphs
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xclaim.club/redirect/NEARNymphs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dacbac4a8dc3b442663ca5c3bd11fe225b6fd9afde3eaa3900ebfd72f3afeefb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
content-type
text/html; charset=utf-8
last-modified
Sun, 20 Mar 2022 06:19:44 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FHjarB%2BPwRZE5Rv6BMi5NIgjA6O7azaTUycMazSapESPPIfmo5x3SBrVnhh2g83UE9ZJyp74mVIjiDVnGrt0OrX5a0v%2BjfliWKAgG0fAdUb8IDWuNGvEhTHfBxE2VH53EM5yUCUnAmDc8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6efd72cc1c3e696f-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Tue, 22 Mar 2022 08:10:00 GMT
content-type
text/html
location
https://xclaim.club/redirect/NEARNymphs
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpYVXXky8iCUnVBDn4aoJQI%2Bxp%2F47yDgXQhbBfBB%2FgPpQ%2FDdx1vHeDS2Zhnge83%2Bc1p6UjLXk35y9iPC3LhzrYMYEkRH83yNAgJxuF64FQpCT3UcStUgGh%2B27y5M8e%2Bd%2BooUzMzsdj8L1ABcGLBMbXamj8ZV"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6efd72cafa96696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
b69dd2bcf6.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/b69dd2bcf6.js
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/NEARNymphs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20a54fb249fe894e07ec9c0487d78629433e1ecb8694d5c1563f790309620a95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://xclaim.club/
Origin
https://xclaim.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
6efd72cd6e519a35-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
Ft4j4wyGQbdACfA2p-MB
app.a1e3b38e.css
xclaim.club/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xclaim.club/css/app.a1e3b38e.css
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/NEARNymphs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b4024304fcdc0f23e872a4104fec5d118fac979d4171fa01a2c4b6dda609b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/redirect/NEARNymphs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 20 Mar 2022 06:19:44 GMT
server
cloudflare
etag
W/"6236c780-f7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTuQ1tuhuCvxwZD1iLJYuVKsbrSjcoB%2BQAaNOwtGm4UftVyfgHWrXxZvdFcodofwMqEYD9rDNwF6xNbVImGKaqQgWDe9Lqbl4fbbHKFPIqRx85Wy7Hs9J9Rgpyu3yiAq8pPfv5lwsX1e8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6efd72cd4dfb696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.2d5b8630.js
xclaim.club/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xclaim.club/js/app.2d5b8630.js
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/NEARNymphs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5181784a048c870ef7d6f3f225555342568411735de939e9dfeac5bb263faf2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/redirect/NEARNymphs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 20 Mar 2022 06:19:44 GMT
server
cloudflare
etag
W/"6236c780-8d2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZS5%2BKTwbk%2FTwGETJTCGg6B1zf%2B2i3teoPTCfailyTxvEfEY0OYPCrvLG4tgucGyqCGHVfCA%2Fwd7NRZGjQD1ALaBuxexWqdgXHiyfDzv%2BNf00eHKkCgT15u5nSlQ0XKInbYhUBp86MmL9wg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6efd72cd4dfd696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chunk-vendors.e9ab7e88.js
xclaim.club/js/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xclaim.club/js/chunk-vendors.e9ab7e88.js
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/NEARNymphs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86eacb25db79021385e07ec7e405d3320e5e8271d318f03817c6862b33047a09

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/redirect/NEARNymphs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 20 Mar 2022 06:19:44 GMT
server
cloudflare
etag
W/"6236c780-30947"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAzWbt425HrYNSbnwbpyt8fNGBIYWAYMd0hScVyyRyiiOK0CxUes6DN6ghRXOwJOpAIdoTiQKr6ZNNe8zugfyZvD5gsMR5GZk8OhhmtHwrZd7uEfeaZdiblzlmuqX2waQkMYD9oCNlfRUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6efd72cd4dfe696f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
near-api-js.js
cdn.jsdelivr.net/gh/nearprotocol/near-api-js/dist/ 		492 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/nearprotocol/near-api-js/dist/near-api-js.js
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/NEARNymphs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81c8a143f097630bc2d6accc37ee1f6217bebe20c7aa62bf55f99e510a73c626
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
x-jsd-version
0.36.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19126-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"7b1ad-8jn2YDeH8nD8gHk29RlLo7VHxkY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6efd72cd7b079b63-FRA
tag.js
mc.yandex.ru/metrika/ 		206 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/NEARNymphs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
89bf7a6607c80c11abb666ef73884939013e46fe4c8273af261e1bd023ac6109
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
content-encoding
br
last-modified
Mon, 21 Mar 2022 15:52:42 GMT
etag
"6238751a-1193b"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
71995
expires
Tue, 22 Mar 2022 09:10:01 GMT
free.min.css
ka-f.fontawesome.com/releases/v6.1.0/css/ 		99 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.0/css/free.min.css?token=b69dd2bcf6
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b69dd2bcf6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c2d6fd9c605aeb3f07dacf566abf2d7fb40bf870e91a5dc9c098bbeaa56707

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
via
1.1 2667cbb82aabb944a65b99430aa06d1a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
107945
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 15 Mar 2022 17:14:43 GMT
server
cloudflare
etag
W/"93bb3a47c2dee8cbca60cb4edad8a81e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1FDeGFUM0YJJzsdGxpukJgRAyLYfBYQkhw1MBUhZyShhvqRgR7aPa8PRd1%2B8P37FNW4bMo4yQAv1IUW%2BtHRAoqKYMG1IZ56bXdSRzckxzEmP0NApwuSr46iou1vWw3kcaP8Li4Tu9Oy4U1p3EimpLwfYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
DUS51-P2
cf-ray
6efd72cdee11915e-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
KoD33uApE2ovvfDjRHis_CRX96coHRMaMqqfc2H82o5fQpQfa90aZg==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.1.0/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.0/css/free-v4-shims.min.css?token=b69dd2bcf6
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b69dd2bcf6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c242f38e650eba397bbcc33272b8ac308b4297639d8a93b9ac81f9bff626b29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
via
1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
107945
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 15 Mar 2022 17:14:43 GMT
server
cloudflare
etag
W/"a57b152f54f4cda14d1373a1d6c1314b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FAmw2nf8PisTVFU%2FKzAbSa4RaAbwE58Kpo%2BiXiYElDGmtNmUgF4Ob43DSa7pLKRdiLbnL2alid7aVNmQ3dqJXRMCBPNM8KUp4qTwQa8L%2FMyXpL5UWlveIq%2FTb6cMWgzjFHciQzfBE7lQtY9dp%2FI9W0UDpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
DUS51-P2
cf-ray
6efd72cdee17915e-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
CC5rBasIha1StVL1bi_2bvjd4kIMoaBXI-y4NwD8f30hCbLuWGK3eA==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.1.0/css/ 		823 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.0/css/free-v5-font-face.min.css?token=b69dd2bcf6
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b69dd2bcf6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f970d35978173ad12de0fda4c65a966a2b00e636d1c09e59d7587fa618658001

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
via
1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
107945
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 15 Mar 2022 17:14:43 GMT
server
cloudflare
etag
W/"a1e75ac19d742f281207dd13f85c72b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MKM1gBCuq%2By1oBXuMjznRyzFs9cRDPfSX6eL7iIHHLmc9YVlfUPOobOv75VvbXalzqK9HJD4BMEcqIgBJkxGK8QPzobP1nbU0TZVXVzR264%2FPgcn6J8lNjEb3s14UR55FxsKjHnMdHwTtMf7O2nITKZIzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
DUS51-P2
cf-ray
6efd72cdee19915e-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
CN77dL05xcAFAfldnhe7gCJ9o4lChEKmwmnHJgrZhN3vnCifWBdHSw==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.1.0/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.0/css/free-v4-font-face.min.css?token=b69dd2bcf6
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b69dd2bcf6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d2cc196e1ad41b14be754ab6ffb00e32d11e78832c5dee55ba066ab606831e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
via
1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
107945
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 15 Mar 2022 17:14:43 GMT
server
cloudflare
etag
W/"29e786b38242761d22ca354a799e6af1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Jwozs74PSv4tNMn3%2BFW71a42NC4IoNm4TjKEIwZwIjOlobBm2ESDuChmkdsssq34Q44cVK6av66Ch%2BgQNIgPRPbauCGBxUVy0S%2BTQjviSg7oejKLYBTY6Q3wt0UuHmc%2BB%2BPCgLUYJLmQBmaj1vLL4TS6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
x-amz-cf-pop
DUS51-P2
cf-ray
6efd72cdee1c915e-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
6m-bnjOg32w0p58sZwihAlzANMpAUvDDWdCpmH1FKSSqNC_mqX_xLw==
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Requested by
Host: xclaim.club
URL: https://xclaim.club/css/app.a1e3b38e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e55d07bfd9aa8919c00ba173b1cf6fbc0fc35851b107001f3f3f6ed6418c9a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 07:32:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 22 Mar 2022 08:10:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Mar 2022 08:10:01 GMT
metrika_match.html
mc.yandex.com/metrika/ Frame 4C51 		2 KB
716 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
e324f04bc076180ddb51d604021fb6f7b2b5b4f38e04f8933cac10440cef68ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/

Response headers

content-length
661
date
Tue, 22 Mar 2022 08:10:01 GMT
access-control-allow-origin
*
etag
"6238751a-295"
expires
Tue, 22 Mar 2022 09:10:01 GMT
last-modified
Mon, 21 Mar 2022 15:52:42 GMT
cache-control
max-age=3600
content-encoding
br
content-type
text/html
strict-transport-security
max-age=31536000
1
xclaim.club/api/v1/image/x/NEARNymphs/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xclaim.club/api/v1/image/x/NEARNymphs/1
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/NEARNymphs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91303dc77bd96a696071fd5c7ecf93e518c7f222362b37d8b169055f2bb975f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/redirect/NEARNymphs
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJgk%2BgZcpqGcEQeVE%2BtTf%2FVj0z8cBhuNYkL1uqxbuip7B5pxuUZPKCtX02jtcn1Vm%2FUTQfGy6gV2eS0XC4bLaAZTIQcqmnr9oWkdK1CLplT01D1CEADoNEUSb4%2Fz3g2YKVTQA0CXownkKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cf-ray
6efd72cfbcf99b67-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xclaim.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 11:55:47 GMT
x-content-type-options
nosniff
age
591254
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 11:55:47 GMT
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.1.0/webfonts/ 		150 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.0/webfonts/free-fa-solid-900.woff2
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/NEARNymphs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f92d4d6919a5964e8770f1e6bbe274c7203a5113b3ca1b7e2b3827e2ab01a31

Request headers

Referer
https://xclaim.club/
Origin
https://xclaim.club
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
via
1.1 e4aaaf9d55a242f83ddc793442b0ebe2.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
DUS51-P2
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
153664
last-modified
Tue, 15 Mar 2022 17:22:55 GMT
server
cloudflare
etag
"4580b0e2f7531c3df2d8ccb7ea5ddedc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjAtJu8K3uA8l6d1MssxoC%2F%2F%2BArIZzg7hoTdkMvl4eNQv6bN9EfBNI3%2BXox%2FZ%2BkGIJzOVgKErHWmuTTy0XIr9Q4MulOLvjlV7yciOIr%2FwJzwy4M%2BgXdtMRlZEk2KRRh5T66LIaZ%2B%2FlmYK%2FRSu%2BPxOWigRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6efd72cfc89f9054-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
MRHOo_WFs35APCmdJ15fVZ3CR_i0QnlDZV4bOLR0RbImmiCkdXp08w==
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/NEARNymphs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
last-modified
Mon, 21 Mar 2022 15:52:42 GMT
etag
"6238751a-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 09:10:01 GMT
sync_cookie_image_decide
mc.yandex.com/ Frame 4C51
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9585.Bzc3iIlDzXTBaAtA1NMoeOs2bvD7LKPntdXxzumVRQCgwN6UtfQ6Ia-3KSoRS3dP.xhXIe_vurl4eUrSco0dbORGiwNg%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9585.SA-bWduTao5v4vdLRYPrgIKR4DJPfuU28wHDq8n05mdP02Vm_iuKeUBjqos4GvNJNrwQ3RIbn-mAu1cUFg3nxg%2C%2C.vf33AxOFYsDe4aXruE2gbISu-Hk%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9585.SA-bWduTao5v4vdLRYPrgIKR4DJPfuU28wHDq8n05mdP02Vm_iuKeUBjqos4GvNJNrwQ3RIbn-mAu1cUFg3nxg%2C%2C.vf33AxOFYsDe4aXruE2gbISu-Hk%2C
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/NEARNymphs
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://mc.yandex.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:10:01 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9585.SA-bWduTao5v4vdLRYPrgIKR4DJPfuU28wHDq8n05mdP02Vm_iuKeUBjqos4GvNJNrwQ3RIbn-mAu1cUFg3nxg%2C%2C.vf33AxOFYsDe4aXruE2gbISu-Hk%2C
date
Tue, 22 Mar 2022 08:10:01 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1
mc.yandex.com/watch/87896175/
Redirect Chain
  • https://mc.yandex.com/watch/87896175?wmode=7&page-url=https%3A%2F%2Fxclaim.club%2Fredirect%2FNEARNymphs&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3tn4l177a5d38xgxq%3Afu%3A0%3Aen%3Autf-...
  • https://mc.yandex.com/watch/87896175/1?wmode=7&page-url=https%3A%2F%2Fxclaim.club%2Fredirect%2FNEARNymphs&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3tn4l177a5d38xgxq%3Afu%3A0%3Aen%3Aut...
338 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/87896175/1?wmode=7&page-url=https%3A%2F%2Fxclaim.club%2Fredirect%2FNEARNymphs&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3tn4l177a5d38xgxq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1626868888633%3Ahid%3A692636751%3Az%3A0%3Ai%3A20220322081000%3Aet%3A1647936601%3Ac%3A1%3Arn%3A737239931%3Arqn%3A1%3Au%3A164793660112067973%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647936600076%3Ads%3A0%2C0%2C165%2C0%2C212%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Aafr%3A379h473e_1f-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Ast%3A1647936601%3At%3AxClaim.Club&t=gdpr%2814%29aw%281%29cs%28kcabe%29efid%281%29afr%281%29ti%282%29
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/NEARNymphs
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8e6e1dc2464ce3d3ad6fd3fa1d73fb8b2cc9a6ba6e530ef52139dca22a766da6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 08:10:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 22-Mar-2022 08:10:01 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xclaim.club
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Tue, 22-Mar-2022 08:10:01 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 08:10:01 GMT
last-modified
Tue, 22-Mar-2022 08:10:01 GMT
location
/watch/87896175/1?wmode=7&page-url=https%3A%2F%2Fxclaim.club%2Fredirect%2FNEARNymphs&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3tn4l177a5d38xgxq%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1626868888633%3Ahid%3A692636751%3Az%3A0%3Ai%3A20220322081000%3Aet%3A1647936601%3Ac%3A1%3Arn%3A737239931%3Arqn%3A1%3Au%3A164793660112067973%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647936600076%3Ads%3A0%2C0%2C165%2C0%2C212%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Aafr%3A379h473e_1f-3760000000-57a6d374_3j8h47f4_58ef2hie_30ah20h1-1600x1200x0-unknown-3%3Ast%3A1647936601%3At%3AxClaim.Club&t=gdpr%2814%29aw%281%29cs%28kcabe%29efid%281%29afr%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://xclaim.club
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 22-Mar-2022 08:10:01 GMT

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| ym object| FontAwesomeKitConfig object| Ya object| yaCounter87896175 object| nearApi function| Buffer object| webpackJsonp object| regeneratorRuntime boolean| __VUE__ object| __VUE_DEVTOOLS_PLUGINS__

10 Cookies

Domain/Path Name / Value
.xclaim.club/ Name: _ym_uid
Value: 164793660112067973
.xclaim.club/ Name: _ym_d
Value: 1647936601
.xclaim.club/ Name: _ym_isad
Value: 2
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 3131821331fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 721463692fake
.yandex.com/ Name: yandexuid
Value: 4794577111647936601
.yandex.com/ Name: yuidss
Value: 4794577111647936601
mc.yandex.com/ Name: yabs-sid
Value: 1589106421647936601
.yandex.com/ Name: i
Value: IgmnGEACAPwqV6i3+yvVddY8naXPkfBAq3q4zyoVTBweqtq8nOAQi1PsllJcQWJm6d37SWYhskx9Ke18HPNIoxexIb4=
.yandex.com/ Name: ymex
Value: 1679472601.yrts.1647936601#1679472601.yrtsi.1647936601

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9585.SA-bWduTao5v4vdLRYPrgIKR4DJPfuU28wHDq8n05mdP02Vm_iuKeUBjqos4GvNJNrwQ3RIbn-mAu1cUFg3nxg%2C%2C.vf33AxOFYsDe4aXruE2gbISu-Hk%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
mc.yandex.com
mc.yandex.ru
nearnymphs.xclaim.club
xclaim.club
2606:4700::6810:5514
2606:4700::6812:1734
2a00:1450:4001:803::2003
2a00:1450:4001:812::200a
2a02:6b8::1:119
2a06:98c1:3120::7
2a06:98c1:3121::7
12b4024304fcdc0f23e872a4104fec5d118fac979d4171fa01a2c4b6dda609b5
20a54fb249fe894e07ec9c0487d78629433e1ecb8694d5c1563f790309620a95
20c2d6fd9c605aeb3f07dacf566abf2d7fb40bf870e91a5dc9c098bbeaa56707
3f92d4d6919a5964e8770f1e6bbe274c7203a5113b3ca1b7e2b3827e2ab01a31
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
64d2cc196e1ad41b14be754ab6ffb00e32d11e78832c5dee55ba066ab606831e
7c242f38e650eba397bbcc33272b8ac308b4297639d8a93b9ac81f9bff626b29
81c8a143f097630bc2d6accc37ee1f6217bebe20c7aa62bf55f99e510a73c626
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86eacb25db79021385e07ec7e405d3320e5e8271d318f03817c6862b33047a09
89bf7a6607c80c11abb666ef73884939013e46fe4c8273af261e1bd023ac6109
8e6e1dc2464ce3d3ad6fd3fa1d73fb8b2cc9a6ba6e530ef52139dca22a766da6
91303dc77bd96a696071fd5c7ecf93e518c7f222362b37d8b169055f2bb975f2
c5181784a048c870ef7d6f3f225555342568411735de939e9dfeac5bb263faf2
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
dacbac4a8dc3b442663ca5c3bd11fe225b6fd9afde3eaa3900ebfd72f3afeefb
e324f04bc076180ddb51d604021fb6f7b2b5b4f38e04f8933cac10440cef68ec
e55d07bfd9aa8919c00ba173b1cf6fbc0fc35851b107001f3f3f6ed6418c9a90
f970d35978173ad12de0fda4c65a966a2b00e636d1c09e59d7587fa618658001