claimhadiah11.klaimhadiah2.info Open in urlscan Pro
2606:4700:3037::ac43:8d47 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://claimhadiah11.klaimhadiah2.info/
Submission: On November 17 via automatic, source certstream-suspicious (November 17th 2024, 5:53:08 pm UTC) — Scanned from GB

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3037::ac43:8d47, located in United States and belongs to CLOUDFLARENET, US. The main domain is claimhadiah11.klaimhadiah2.info.
TLS certificate: Issued by WE1 on November 16th 2024. Valid for: 3 months.

This is the only time claimhadiah11.klaimhadiah2.info was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: DANA (Financial)

Domain & IP information

	IP Address	AS Autonomous System
1 16	2606:4700:303... 2606:4700:3037::ac43:8d47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
19	5

16 2606:4700:3037::ac43:8d47 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

claimhadiah11.klaimhadiah2.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	klaimhadiah2.info 1 redirects claimhadiah11.klaimhadiah2.info	2 MB
2	gstatic.com fonts.gstatic.com encrypted-tbn0.gstatic.com	33 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	989 B
0	userstat.net Failed userstat.net Failed
19	4

	Domain	Requested by
16	claimhadiah11.klaimhadiah2.info	1 redirects claimhadiah11.klaimhadiah2.info
1	encrypted-tbn0.gstatic.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	claimhadiah11.klaimhadiah2.info
0	userstat.net Failed	claimhadiah11.klaimhadiah2.info
19	5

This site contains no links.

Subject Issuer	Validity	Valid
klaimhadiah2.info WE1	`2024-11-16` - `2025-02-14`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://claimhadiah11.klaimhadiah2.info/
Frame ID: 1BD53B7CA96F80E43FF35B39C62BDC12
Requests: 18 HTTP requests in this frame

Frame: https://claimhadiah11.klaimhadiah2.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: E4BFEAE518D6957C19687577A6E73B27
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Dana Customer Service

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

89 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2367 kB
Transfer

2436 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://claimhadiah11.klaimhadiah2.info/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://claimhadiah11.klaimhadiah2.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
claimhadiah11.klaimhadiah2.info/ 18 KB
6 KB 164ms
50ms Document
text/html 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daecb842f434b29eb2d802c3c37c18e751fbc28d2b840fd110a8bff0eac57c25

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e4193f76deecd89-LHR
content-encoding: zstd
content-type: text/html
date: Sun, 17 Nov 2024 17:53:02 GMT
last-modified: Sun, 17 Nov 2024 17:53:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w6bRYGYPPrHz1PxFu9H5djOOaquERoq1na9KpFPmVWBnbGCnLNUwIsXbsF2bXY3atOqTjw3hCb%2F%2BCtzLsPwv%2FREv%2FhwSJ4SYdVUYnCQ89itL2pLKy6zNQmP6gUc%2BFVlLt2ZH4vrjyYEGQ59hhEZAuHVSE8k1wNK0bcHPv%2BLm"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=25299&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4120&recv_bytes=4304&delivery_rate=87969&cwnd=12000&unsent_bytes=0&cid=2c7b7232bad697ac&ts=67&x=1" cfExtPri cfHdrFlush;dur=0

GET
H3 404 reset.min.css
claimhadiah11.klaimhadiah2.info/css/ 0
0 50ms
48ms Stylesheet
text/html 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimhadiah11.klaimhadiah2.info/css/reset.min.css
Requested by: Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3e7luBBX%2BDw%2Fim2ylJVv%2FgcDzIBxt3If191z5499exVbcKJL1bdCb9kpc8Uy2C3fMA53NpEa1uCcT26beFh1tP3f6OGXgW4a1WKna73%2F%2B6B4g4G9jGNmj8k%2FPPgOrfFtUPRhlb0ZnZnClSk88LxTOmt12xD1TnWdqtf3dJFz"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e4193f7de86cd89-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27390&sent=20&recv=22&lost=0&retrans=0&sent_bytes=10948&recv_bytes=7335&delivery_rate=178701&cwnd=12000&unsent_bytes=0&cid=2c7b7232bad697ac&ts=124&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H2 200 css
fonts.googleapis.com/ 2 KB
989 B 250ms
114ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Varela+Round&display=swap

Requested by

Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d144d92ad388cf8f35465af047943e92b78b78fce585a28284a3b2086424646d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 17 Nov 2024 17:53:02 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 17 Nov 2024 17:08:29 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 404 style.css
claimhadiah11.klaimhadiah2.info/css/ 0
0 52ms
49ms Stylesheet
text/html 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimhadiah11.klaimhadiah2.info/css/style.css
Requested by: Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eJCIC8u1%2FZi7gFQ8F53s5eHDqFBLpx4JC7gRHJ1tIb1B2aen0DTs8NxoCtFGTTxMxk77oT5%2B9ECf2jk3oKlepPDIZRnPnNpWbmSxYhuBs8dKQAu%2B4K9qO%2FZiTtL6Dz9E18wekO21o4VesAX2e7kxKjmjJM5QAljf%2FU%2BiMyBn"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e4193f7de88cd89-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27390&sent=22&recv=22&lost=0&retrans=0&sent_bytes=11902&recv_bytes=7335&delivery_rate=178701&cwnd=12000&unsent_bytes=0&cid=2c7b7232bad697ac&ts=128&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 404 owl.carousel.min.css
claimhadiah11.klaimhadiah2.info/css/ 0
0 74ms
72ms Stylesheet
text/html 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimhadiah11.klaimhadiah2.info/css/owl.carousel.min.css
Requested by: Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PUAw5XUpauj6JXDyF0HE4PfZdTEXulwqkfz4RnreVIKbSen25WcFJsP31JRBSdqbEAPRh6Qtc9vedwgA8FnAJBJXzwD8gT%2BNusiT6bIBJQNK9TMuYeO%2B%2FayJT3SGcdHjrwF16dONjWfheHG2ZoEcxwY3Xj840t1J17muEBUL"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e4193f7de89cd89-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27390&sent=33&recv=22&lost=0&retrans=0&sent_bytes=22948&recv_bytes=7335&delivery_rate=178701&cwnd=12000&unsent_bytes=0&cid=2c7b7232bad697ac&ts=131&x=1", cfExtPri, cfHdrFlush;dur=20
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 404 owl.theme.default.min.css
claimhadiah11.klaimhadiah2.info/css/ 0
0 77ms
75ms Stylesheet
text/html 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimhadiah11.klaimhadiah2.info/css/owl.theme.default.min.css
Requested by: Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2om9ssho%2F2ITtwxky8YNrI3XFdch7G0GEm%2BwNbjpgqB63Cg%2FPdmRtcDlCEYFGbsrufhHUttWaxGpbLUy0Xb690Je7P3HL%2FxXLZEcNckcKDGUJS23mF41Pfe3AuRZCHd54xPVuv25QwRHO4J5%2FSTkcY59Pin2FmLVNaBAq7%2BU"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e4193f7de8ccd89-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27390&sent=33&recv=22&lost=0&retrans=0&sent_bytes=22948&recv_bytes=7335&delivery_rate=178701&cwnd=12000&unsent_bytes=0&cid=2c7b7232bad697ac&ts=143&x=1", cfExtPri, cfHdrFlush;dur=10
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=0,i=?0

GET
H3 200 jquery.min.js Show response
claimhadiah11.klaimhadiah2.info/js/ 94 KB
35 KB 77ms
75ms Script
text/javascript 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimhadiah11.klaimhadiah2.info/js/jquery.min.js
Requested by: Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b965f59779d9f25352e7349803f2c8c21839c9f717880c02406d39eff0afd366

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

server: cloudflare
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8kMH65DPB%2Fj5Nxr5cABnnnXBgiJiDZIRXmzqALagAa1r5n3GJA%2B1XxpyU7k4tvqb2iQkCwL%2FWgByAmSQUe%2BGqIAHjYkkeerSIi0LbPV1cW6qCxpEl4oSJzbnbfVYVOzjWMMsQR0vrH7FNz1bipURgUTxZRnVX%2Bvv07l%2Fy8w"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e4193f7de8ecd89-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27390&sent=33&recv=22&lost=0&retrans=0&sent_bytes=22948&recv_bytes=7335&delivery_rate=178701&cwnd=12000&unsent_bytes=0&cid=2c7b7232bad697ac&ts=141&x=1", cfExtPri, cfHdrFlush;dur=12
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: text/javascript
last-modified: Sun, 17 Nov 2024 17:51:51 GMT
vary: Accept-Encoding
priority: u=1,i=?0

GET
H3 404 owl.carousel.js
claimhadiah11.klaimhadiah2.info/js/ 0
0 105ms
103ms Script
text/html 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://claimhadiah11.klaimhadiah2.info/js/owl.carousel.js
Requested by: Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
age: 71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aXMJNyB7rkwSIeGy6DAhI%2Fc9mTYAw8i2QpZI9I81URst4weSRlB0pBsLDaH3%2Bj9vS1lYxPYm42ZHLcIli0j%2Ba%2Fbl2eDhAGd9BmzD%2FkG2vnzeehhS%2BV1zY%2BQ0R63URVcpfH1CTKvzE3Rm9Mt69b6v%2F%2FCOEdAx9F41OUhb4kjz"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e4193f7de90cd89-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27390&sent=33&recv=22&lost=0&retrans=0&sent_bytes=22948&recv_bytes=7335&delivery_rate=178701&cwnd=12000&unsent_bytes=0&cid=2c7b7232bad697ac&ts=150&x=1", cfExtPri, cfHdrFlush;dur=3
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
server: cloudflare
priority: u=1,i=?0

GET
H3 200 dana-logo.fe46647.png
claimhadiah11.klaimhadiah2.info/assets/img/ 12 KB
13 KB 50ms
49ms Image
image/png 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimhadiah11.klaimhadiah2.info/assets/img/dana-logo.fe46647.png
Requested by: Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c67e5431f9c00bb690ea8b8add63d5ca9250bf2925f2c2a691eeee498ac75853

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

cf-cache-status: HIT
age: 71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T4wkUCL5VRYh5x80fwsAO%2FMjJZSoHDHT0M8U60m3qWapDYoJ2JaELa6Dp77%2BhZ%2B%2FLMf1N9u3oHROLwuD2ztb1VP9D12i6kwM1YL9AXFcyaA%2FsynS%2BZAEYg28iOhJPmflVNLkuzdPY0jmiajm2XDMa1Nz%2FHPrsRhsftS6WO4k"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27390&sent=24&recv=22&lost=0&retrans=0&sent_bytes=12857&recv_bytes=7335&delivery_rate=178701&cwnd=12000&unsent_bytes=0&cid=2c7b7232bad697ac&ts=128&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: image/png
last-modified: Sun, 17 Nov 2024 17:51:51 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4193f7de92cd89-LHR
accept-ranges: bytes
content-length: 12786
server: cloudflare

GET
H3 200 dana-kaget-dana.jpg
claimhadiah11.klaimhadiah2.info/assets/img/ 45 KB
46 KB 105ms
103ms Image
image/jpeg 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimhadiah11.klaimhadiah2.info/assets/img/dana-kaget-dana.jpg
Requested by: Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d407678c5a8e6dcc80a5c3c8b3cff9ec03222b03cc70b6489cfad137f6dfc2f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

cf-cache-status: HIT
age: 71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O9gtMJDiu%2FoQP5FimN4FjRL7YW%2FHhMcwkMjOunmRuUZL8%2FpkVe8QcnEB%2F7WNysLD%2F088S5Y6gS2T%2Bgrceugl%2F2oaTOqt0V6JMc6EK6tO3mXlZdqz8AbCWI26ZcBKhYZqVOmj8%2Bcffs6r%2FLD4EEAE3ja0mXms3StUhuu4RkKl"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27390&sent=33&recv=22&lost=0&retrans=0&sent_bytes=22948&recv_bytes=7335&delivery_rate=178701&cwnd=12000&unsent_bytes=0&cid=2c7b7232bad697ac&ts=140&x=1", cfExtPri, cfHdrFlush;dur=13
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: image/jpeg
last-modified: Sun, 17 Nov 2024 17:51:51 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4193f7de93cd89-LHR
accept-ranges: bytes
content-length: 46347
server: cloudflare

GET
H3 200 load_bg.png
claimhadiah11.klaimhadiah2.info/assets/img/ 8 KB
8 KB 44ms
43ms Image
image/png 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimhadiah11.klaimhadiah2.info/assets/img/load_bg.png
Requested by: Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f2f502509f3cdd2e98dc540b4f7dd57a7962524012e0210e1ef64cee17d79ae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

cf-cache-status: HIT
age: 71
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L6N0gBKBrOMMM2ufGI6Z7%2BhlylBry3mC46WbQ%2B9Pq9sV%2FSNDaNX%2BzRlpEWVSUiZyAlqFhQlAf1ZdXG1rCEOm9PnqahvrqlbqVkmrLYsCTvezUndJ528Ui6JiVCv423uUzm%2B3L9CcwsJTZrehlJR3L6bTiKUZiFIq1ch51PF9"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29276&sent=116&recv=60&lost=0&retrans=0&sent_bytes=114699&recv_bytes=9331&delivery_rate=1687691&cwnd=56400&unsent_bytes=0&cid=2c7b7232bad697ac&ts=228&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: image/png
last-modified: Sun, 17 Nov 2024 17:51:51 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4193f87f7ecd89-LHR
accept-ranges: bytes
content-length: 7768
server: cloudflare

GET
H3 200 load_spin.png
claimhadiah11.klaimhadiah2.info/assets/img/ 5 KB
6 KB 46ms
46ms Image
image/png 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimhadiah11.klaimhadiah2.info/assets/img/load_spin.png
Requested by: Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f386554dbf390b4ab08123fb5466f5d833c12de955344ce9ea722e1182cc473f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

cf-cache-status: HIT
age: 69
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tqm%2FqOV8c%2BdWHRp7RWfSoNGVz4GoZKdzRqjECanvChzcP5Xf3QiFWYtlPbxzTMInYeuUeQKmyPdbFYkRh%2B4qabazS4bFe2QXETzK6KxWtodcVJsXNZ6eP4ci5MZh8mbn2fFAGWIPbq0LGT15fbq3hgl2%2F9pGmgMRnVEIJT7x"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28941&sent=125&recv=67&lost=0&retrans=0&sent_bytes=123355&recv_bytes=9972&delivery_rate=2093293&cwnd=56400&unsent_bytes=0&cid=2c7b7232bad697ac&ts=253&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: image/png
last-modified: Sun, 17 Nov 2024 17:51:53 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4193f89fcacd89-LHR
accept-ranges: bytes
content-length: 4995
server: cloudflare

GET
H3 200 1704436332522.png
claimhadiah11.klaimhadiah2.info/assets/img/ 90 KB
91 KB 45ms
44ms Image
image/png 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimhadiah11.klaimhadiah2.info/assets/img/1704436332522.png
Requested by: Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00126c88e5f527e92a6095ca9dc1daa3cde773531debdd68257550f1eb99b638

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

cf-cache-status: HIT
age: 70
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6pbWK3V3a0%2BfH09EwbGvMULr6ogdgRSgz0a8iDtQQ6GZvQR2EqF0oLp0cd77p9YiQgE%2F8DDWRKfv33q41yg7HIHvRy0Z0MX065XTCFdkFFrZF%2FvXf2gcXJ4fHXZv1HvSGHjixYRSpgOXLFdObx3vT1%2B4%2FNSnH6TT%2FVDDe73j"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28563&sent=131&recv=68&lost=0&retrans=0&sent_bytes=129166&recv_bytes=10357&delivery_rate=1103329&cwnd=56400&unsent_bytes=0&cid=2c7b7232bad697ac&ts=273&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: image/png
last-modified: Sun, 17 Nov 2024 17:51:52 GMT
vary: Accept-Encoding
priority: u=2,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4193f8cff0cd89-LHR
accept-ranges: bytes
content-length: 92417
server: cloudflare

GET
H3 200 hero-personal-bg-back.png
claimhadiah11.klaimhadiah2.info/assets/img/ 257 KB
257 KB 48ms
47ms Image
image/png 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimhadiah11.klaimhadiah2.info/assets/img/hero-personal-bg-back.png
Requested by: Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d7aef89df5aa26fab6f1049d29067638b044525ff6738d4b5893b814129b162

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

cf-cache-status: HIT
age: 69
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nP%2BF2tgpDkC3ohE2v72aLTekHpH%2B8Lz6yPbdvtOQbazBBdxasEQTbXY1mprbaZMfSZunj1rtHyV6LiimzMcDCrFTW8F94NQR6SIL6emJ37y%2Fx%2FMJ7YMh9%2FT5%2Fj89ce2n48MkMhKIDegJQfFT%2FGepIMOMUtQS0kf%2BLOtI55DB"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27149&sent=215&recv=81&lost=0&retrans=0&sent_bytes=224431&recv_bytes=11868&delivery_rate=1013579&cwnd=110400&unsent_bytes=0&cid=2c7b7232bad697ac&ts=404&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: image/png
last-modified: Sun, 17 Nov 2024 17:51:53 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4193f98936cd89-LHR
accept-ranges: bytes
content-length: 262679
server: cloudflare

GET
H3 200 AddText_04-03-07.31.42.png
claimhadiah11.klaimhadiah2.info/assets/img/ 2 MB
2 MB 77ms
77ms Image
image/png 2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimhadiah11.klaimhadiah2.info/assets/img/AddText_04-03-07.31.42.png
Requested by: Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faf0a07a64b78a8541915e5b0e779b8092d8f059e0cfeadcd295354abc4b5d4f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

cf-cache-status: HIT
age: 68
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ih%2BiQFlK%2Bnxdm7tVZ41GNDaJvWyEX%2B7q%2BCfivbh0ghWbqXqzYaJIeNBviNuJ%2Fw4qzPJFE0N%2F6MFurEH56kvXQq76TvODuF%2BdPLo%2Fpo3wuUx5raVH1%2B2McS9velUrt1dTujZfq0k7DnzAssYKSSbZV64g23d7b54z1c2czEZH"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=27149&sent=307&recv=81&lost=0&retrans=0&sent_bytes=334831&recv_bytes=11868&delivery_rate=1013579&cwnd=110400&unsent_bytes=0&cid=2c7b7232bad697ac&ts=410&x=1", cfExtPri, cfHdrFlush;dur=24
date: Sun, 17 Nov 2024 17:53:02 GMT
content-type: image/png
last-modified: Sun, 17 Nov 2024 17:51:54 GMT
vary: Accept-Encoding
priority: u=3,i
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e4193f9993bcd89-LHR
accept-ranges: bytes
content-length: 1909109
server: cloudflare

GET
H3 200 w8gdH283Tvk__Lua32TysjIfp8uP.woff2
fonts.gstatic.com/s/varelaround/v20/ 21 KB
21 KB 150ms
38ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/varelaround/v20/w8gdH283Tvk__Lua32TysjIfp8uP.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Varela+Round&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2044a0abfd7b116f6d091d6d9227a5720bd4848519cd38d274b2a3a9356969dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://claimhadiah11.klaimhadiah2.info
Referer: https://fonts.googleapis.com/

Response headers

age: 352977
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 13 Nov 2025 15:50:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 13 Nov 2024 15:50:06 GMT
last-modified: Wed, 15 Feb 2023 23:41:52 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21808
x-xss-protection: 0
server: sffe

GET
H3

200

main.js Show response
claimhadiah11.klaimhadiah2.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame E4BF
Redirect Chain

https://claimhadiah11.klaimhadiah2.info/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://claimhadiah11.klaimhadiah2.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

8 KB
4 KB

59ms
58ms

Script
application/javascript

2606:4700:3037::ac43:8d47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://claimhadiah11.klaimhadiah2.info/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?

Requested by

Host: claimhadiah11.klaimhadiah2.info
URL: https://claimhadiah11.klaimhadiah2.info/

Protocol

Server

2606:4700:3037::ac43:8d47 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

533e9ea1c732452f5d361b0babea478c325743bf6f8462e94dc55649270d4aa1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ohtf0O5FMOGYh6jxezF5NRXpCpetXiwPflH%2BEWNctWWSLsyXLoUYj4eutL82MMgJEsailnRGrgkZL0GEMQWMaQT9QVFZBUwPT4%2Fl%2FFng7sOQdSE0M42b9UREyVlbAmWHLX5KCbPRHGZ9jRADz2EHcgxB7i81MmjOcfy0%2FDHH"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
cf-ray: 8e4193fa09f6cd89-LHR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=30963&sent=704&recv=115&lost=43&retrans=43&sent_bytes=803105&recv_bytes=13743&delivery_rate=2980332&cwnd=229320&unsent_bytes=0&cid=2c7b7232bad697ac&ts=482&x=1", cfExtPri, cfHdrFlush;dur=0
date: Sun, 17 Nov 2024 17:53:03 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

Redirect headers

cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rBTI%2B36pTZig1T0TONSIA6%2F1tRDjXVilMyCXsx34w1St3wA6xbHoGLcUYq2Fuspq7tc0GpT6QLruEFt%2FbFOhfgOxvTeXXGdToUEt76Bsxp8etNWBUSYmUAdr2A6AwU9elUDeldURe%2Fq9lsBugsi28uxoQ5Ku%2Fvrro1PFazJ2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e4193f9a951cd89-LHR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 0
server-timing: cfL4;desc="?proto=QUIC&rtt=27149&sent=307&recv=81&lost=0&retrans=0&sent_bytes=334831&recv_bytes=11868&delivery_rate=1013579&cwnd=110400&unsent_bytes=0&cid=2c7b7232bad697ac&ts=417&x=1", cfExtPri, cfHdrFlush;dur=17
date: Sun, 17 Nov 2024 17:53:03 GMT
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H2 200 images
encrypted-tbn0.gstatic.com/ 11 KB
12 KB 190ms
53ms Other
image/jpeg 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQZ9dATs_nkzyO-gSoQWbtIhJV7bG51r3gOKg&usqp=CAU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0546f98f9019a3d2afbe9372ba08aba895e2aa716bd0fec8e78ff5879162f134

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://claimhadiah11.klaimhadiah2.info/

Response headers

age: 17313
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
x-content-type-options: nosniff
expires: Mon, 17 Nov 2025 13:04:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 17 Nov 2024 13:04:30 GMT
last-modified: Sun, 15 Sep 2019 17:10:09 GMT
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
content-length: 11540
x-xss-protection: 0
server: sffe

GET script.js
userstat.net/get/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: userstat.net
URL: https://userstat.net/get/script.js?referrer=https://claimhadiah11.klaimhadiah2.info/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: DANA (Financial)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			claimhadiah11.klaimhadiah2.info/	1970-01-21 01:05:05	Name: PHPREFS Value: full

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://claimhadiah11.klaimhadiah2.info/css/reset.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://claimhadiah11.klaimhadiah2.info/css/style.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://claimhadiah11.klaimhadiah2.info/css/owl.carousel.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://claimhadiah11.klaimhadiah2.info/css/owl.theme.default.min.css Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://claimhadiah11.klaimhadiah2.info/js/owl.carousel.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://userstat.net/get/script.js?referrer=https://claimhadiah11.klaimhadiah2.info/ Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

claimhadiah11.klaimhadiah2.info
encrypted-tbn0.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
userstat.net
userstat.net
2606:4700:3037::ac43:8d47
2a00:1450:4001:811::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
00126c88e5f527e92a6095ca9dc1daa3cde773531debdd68257550f1eb99b638
0546f98f9019a3d2afbe9372ba08aba895e2aa716bd0fec8e78ff5879162f134
2044a0abfd7b116f6d091d6d9227a5720bd4848519cd38d274b2a3a9356969dd
533e9ea1c732452f5d361b0babea478c325743bf6f8462e94dc55649270d4aa1
8d7aef89df5aa26fab6f1049d29067638b044525ff6738d4b5893b814129b162
9f2f502509f3cdd2e98dc540b4f7dd57a7962524012e0210e1ef64cee17d79ae
b965f59779d9f25352e7349803f2c8c21839c9f717880c02406d39eff0afd366
c67e5431f9c00bb690ea8b8add63d5ca9250bf2925f2c2a691eeee498ac75853
d144d92ad388cf8f35465af047943e92b78b78fce585a28284a3b2086424646d
d407678c5a8e6dcc80a5c3c8b3cff9ec03222b03cc70b6489cfad137f6dfc2f0
daecb842f434b29eb2d802c3c37c18e751fbc28d2b840fd110a8bff0eac57c25
f386554dbf390b4ab08123fb5466f5d833c12de955344ce9ea722e1182cc473f
faf0a07a64b78a8541915e5b0e779b8092d8f059e0cfeadcd295354abc4b5d4f

claimhadiah11.klaimhadiah2.info Open in urlscan Pro 2606:4700:3037::ac43:8d47 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

89 %HTTPS

100 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

2367 kBTransfer

2436 kBSize

1 Cookies

0 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

18 JavaScript Global Variables

1 Cookies

6 Console Messages

Indicators

claimhadiah11.klaimhadiah2.info Open in urlscan Pro
2606:4700:3037::ac43:8d47 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

89 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2367 kB
Transfer

2436 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!