urlscan.io logo urlscan.io
SecurityTrails logo

xclaim.club Open in urlscan Pro
2a06:98c1:3121::7  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://soundsplashevent.xclaim.club/
Effective URL: https://xclaim.club/redirect/SoundSplashEvent
Submission: On April 21 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is xclaim.club.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 6th 2022. Valid for: a year.
This is the only time xclaim.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 11 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 7 2a02:6b8::1:119 208722 (YNDX)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 6
11    2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)
soundsplashevent.xclaim.club
xclaim.club
ka-f.fontawesome.com
1    2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
7    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
6 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1785
ka-f.fontawesome.com — Cisco Umbrella Rank: 3473
183 KB
6 xclaim.club
soundsplashevent.xclaim.club
xclaim.club
85 KB
5 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9032
2 KB
2 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 2877
70 KB
1 gstatic.com
fonts.gstatic.com
31 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 436
110 KB
18 7
Domain Requested by
5 mc.yandex.com 2 redirects xclaim.club
5 ka-f.fontawesome.com kit.fontawesome.com
xclaim.club
5 xclaim.club xclaim.club
2 mc.yandex.ru 1 redirects xclaim.club
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com xclaim.club
1 cdn.jsdelivr.net xclaim.club
1 kit.fontawesome.com xclaim.club
1 soundsplashevent.xclaim.club 1 redirects
18 9

This site contains links to these domains. Also see Links.

Domain
tyomar.me
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-06 -
2023-01-05		 a year crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-28 -
2022-06-20		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://xclaim.club/redirect/SoundSplashEvent
Frame ID: 0BCB0C13C160548A6DACB141DF3695B5
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

xClaim.Club

Page URL History Show full URLs

  1. https://soundsplashevent.xclaim.club/ HTTP 301
    https://xclaim.club/redirect/SoundSplashEvent Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

18
Requests

89 %
HTTPS

100 %
IPv6

7
Domains

9
Subdomains

6
IPs

3
Countries

479 kB
Transfer

1253 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://soundsplashevent.xclaim.club/ HTTP 301
    https://xclaim.club/redirect/SoundSplashEvent Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9615.TBHthVC6tfeTkmS8GYG-ziHziqY-vTt4uYwHH24BMgYSu93b5McdLHzFLfmwUbsl.RxHJBhSysxG86qr2I0i9nt3EqQM%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9615.jtcvwhKPrDtCPAxkVSutvAIgWJwhuwNlbIdi0Ugi7h3QO2xicHJdSmF-eFa-dFu4pREg6NCLJTlOcfUzVEnKGA%2C%2C.utomQsNbZ0QqfEJG0DSImEyLUu4%2C
Request Chain 12
  • https://mc.yandex.com/watch/87896175?wmode=7&page-url=https%3A%2F%2Fxclaim.club%2Fredirect%2FSoundSplashEvent&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A858524070052%3Ahid%3A957604215%3Az%3A0%3Ai%3A20220421202352%3Aet%3A1650572633%3Ac%3A1%3Arn%3A910866524%3Arqn%3A1%3Au%3A1650572633278704576%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650572632251%3Ads%3A0%2C0%2C148%2C1%2C231%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1650572633%3At%3AxClaim.Club&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/87896175/1?wmode=7&page-url=https%3A%2F%2Fxclaim.club%2Fredirect%2FSoundSplashEvent&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A858524070052%3Ahid%3A957604215%3Az%3A0%3Ai%3A20220421202352%3Aet%3A1650572633%3Ac%3A1%3Arn%3A910866524%3Arqn%3A1%3Au%3A1650572633278704576%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650572632251%3Ads%3A0%2C0%2C148%2C1%2C231%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1650572633%3At%3AxClaim.Club&t=gdpr%2814%29aw%281%29ti%282%29

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SoundSplashEvent
xclaim.club/redirect/
Redirect Chain
  • https://soundsplashevent.xclaim.club/
  • https://xclaim.club/redirect/SoundSplashEvent
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://xclaim.club/redirect/SoundSplashEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dacbac4a8dc3b442663ca5c3bd11fe225b6fd9afde3eaa3900ebfd72f3afeefb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6ff8d7092e025b74-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 21 Apr 2022 20:23:52 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Sun, 20 Mar 2022 06:19:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmhAxwz44paNocPyM%2BNT%2BhfNZkNTvLYGl1w%2Fc8k4hGkQJi2HjYeOz1uqNpZRr9WyFwuoNc9ovZe98dqFlHDkQUXdNV0jZywxcu81hL6ARHK3ARB4FFrnTjHnL9ioycM3oM9A9%2FEe8Zuo3g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6ff8d7080c275b74-FRA
content-type
text/html
date
Thu, 21 Apr 2022 20:23:52 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://xclaim.club/redirect/SoundSplashEvent
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sb4Ix9icP7QY67w7JCQLBZrKLnSeO3mCb6zx%2F1QZsGvOzuDTJi2Upu%2F7nkPlaT3vmUD4nqljY0QMcQXeRIwU2mwtz0%2BflZLqPqxjLX5sg0TV6G0YPJ8iICH6VNs%2FcFeex5XnMIUwBWsadAgSB3VKKVa%2FsTqt%2B0AQPdo7"}],"group":"cf-nel","max_age":604800}
server
cloudflare
b69dd2bcf6.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/b69dd2bcf6.js
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/SoundSplashEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4217a4f515dec6fe7f839f4b73f05b6faf6c6d47c9588550b3df19a0aaa1420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://xclaim.club/
Origin
https://xclaim.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:52 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
6ff8d70a89fe9a06-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FufdsXGcQKaSnRsPImrB
app.a1e3b38e.css
xclaim.club/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://xclaim.club/css/app.a1e3b38e.css
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/SoundSplashEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b4024304fcdc0f23e872a4104fec5d118fac979d4171fa01a2c4b6dda609b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/redirect/SoundSplashEvent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 20 Mar 2022 06:19:44 GMT
server
cloudflare
etag
W/"6236c780-f7d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgpzbnsxAQkkqUdU4CXbQrGYlqtULz9Dqjln8dusllEnWETlcGZrLdnMbKROxGltxfD7jg5JFR1Mh8JHamhMoJiRmiORblAhZEubeo%2FLT2zWIJv%2B9bkDM2HbhNpU%2Bq0cmFrvs28kxSS5qQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ff8d70a3fae5b74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.2d5b8630.js
xclaim.club/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xclaim.club/js/app.2d5b8630.js
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/SoundSplashEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c5181784a048c870ef7d6f3f225555342568411735de939e9dfeac5bb263faf2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/redirect/SoundSplashEvent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:52 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sun, 20 Mar 2022 06:19:44 GMT
server
cloudflare
etag
W/"6236c780-8d2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrnF3ROUz9GxKSUnqnYwwrzqX71SCsHVpaIM9c9oDa5zE56hZCMumYbeQevMWgR19zODveDCJnV5SSlwduUThL5kEErr6VX1wQqps6k5f94FObIteC2Vt4uliEryJPy4h2oOxS2VXSlGww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ff8d70a3faf5b74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
chunk-vendors.e9ab7e88.js
xclaim.club/js/ 		194 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://xclaim.club/js/chunk-vendors.e9ab7e88.js
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/SoundSplashEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86eacb25db79021385e07ec7e405d3320e5e8271d318f03817c6862b33047a09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/redirect/SoundSplashEvent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sun, 20 Mar 2022 06:19:44 GMT
server
cloudflare
etag
W/"6236c780-30947"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FhvA6bOFpwoDOMDdzgTR2ofKsMYyRCszbFiU%2FFNRRrdl1HIsOPqQc6U6dTsuAaVvCH%2B%2BgZL91LZhLEi7lbkJfr%2BeNIIRIulPo8WtkDFP%2F460S8woRQ6h3Wt5zPQeYDctSEzETijp5VD2mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
6ff8d70a3fb05b74-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
near-api-js.js
cdn.jsdelivr.net/gh/nearprotocol/near-api-js/dist/ 		492 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/nearprotocol/near-api-js/dist/near-api-js.js
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/SoundSplashEvent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81c8a143f097630bc2d6accc37ee1f6217bebe20c7aa62bf55f99e510a73c626
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-jsd-version
0.36.0
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19127-FRA, cache-itm18835-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"7b1ad-8jn2YDeH8nD8gHk29RlLo7VHxkY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JKs2BqB57uUnYwu0IR4fKwOSkiGUkjkhbTPHYMJ6LZ8%2FC8WJEE%2FF9DtfzySwyi72uWOMGX3AiTAvc1cUX%2Bf%2FPF%2Fc9FdcNM3jjIHtSvoT6A00MVyuj4YPLTibxZu3q9smzJiZ%2FDBUdpAdOdo8hmI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6ff8d70a7dfb903a-FRA
tag.js
mc.yandex.ru/metrika/ 		202 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/SoundSplashEvent
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
75f3bd16ca645709f15708862b8523f5a5072725d1c945db54f58c343c7d21cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:52 GMT
content-encoding
br
last-modified
Mon, 18 Apr 2022 12:16:58 GMT
etag
"625d2c8a-113e7"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
70631
expires
Thu, 21 Apr 2022 21:23:52 GMT
free.min.css
ka-f.fontawesome.com/releases/v6.1.1/css/ 		99 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/css/free.min.css?token=b69dd2bcf6
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b69dd2bcf6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0281802cc2ff5e8b90c99ba9ad7368b961d1260e4337b5a98b4c2127ff2e7c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:52 GMT
via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Mar 2022 15:20:25 GMT
server
cloudflare
etag
W/"e928f2f6625d980162008b5be6edbbd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DI0Mk%2F9xGG3YxiXAqSPQ2MNz9MEL6uZzvgQAtJ4pJKTctxB2ry2YBR9p8DJ%2FL17DYMua5Sg0AXUeEBhXEV2%2FgBiNKocV0qUZ7jfS7Bnr8JHLZXENzsYXVog9iMqB9hApN0JVS5EaJRzNr0F1ALy7s75Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6ff8d70b1c2c9b67-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
nbZTTvByS7DqTyEBGwHSnttjN9b0p-hIfrOBepK3CAvcYODsk5i-7Q==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.1.1/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/css/free-v4-shims.min.css?token=b69dd2bcf6
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b69dd2bcf6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdb6555be3041a9a8cfcc4eb73472e4c8d5ecdaef1fc9348046f2e55744ec271

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:52 GMT
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Mar 2022 15:20:25 GMT
server
cloudflare
etag
W/"b11f2a3228edadb911f3cd3055998a78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UEXsnO6HZgTsk061IpvL0QX5Sc%2BWXk97L8DoE3ncPa2MZ9Ubl0v2Z8YMgRLLPP9iBqcLc99ANTx1OkSuQ5zj%2FZu4%2BdcjaGgAJwCzWFXuOLmHXE1P1ULzSJJsOtTNvxh6vHjW0pwi0n%2BL%2F3i8VMbfa3skKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6ff8d70b1c2e9b67-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
gBmgQQ1QaH0AQBgPbpjDS4HmpzMgrKU5NehEk1oT0nPllUFWdTYMSA==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.1.1/css/ 		823 B
721 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/css/free-v5-font-face.min.css?token=b69dd2bcf6
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b69dd2bcf6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d00b137617ca412b948102cd10f2c393fc78cbce53bf505fdeb161dd0e8e8157

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:52 GMT
via
1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Mar 2022 15:20:24 GMT
server
cloudflare
etag
W/"03dccdffea10bc97343873a08295ab21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6pcSR5ynIXpcjwb1Gmn206cUgZopF59kK8qAziLLcmnMZty5ckiWAynsFQYpp%2BfTIVMUljiBrG4E%2BkW8GBubeZaXFiJyBEZ2T%2FRzpsjZ3QxNDyFXTDJ3hm0Nix%2FVTq9E%2FEwAwtZDZq83cTeN1%2FROU5cXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6ff8d70b2c319b67-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
OXgegRRR1ejVtex4iCBSsRbtXYmTi3nJUhHtWwieZMybaLmkfGAEAA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.1.1/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/css/free-v4-font-face.min.css?token=b69dd2bcf6
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/b69dd2bcf6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a077714458698c2b217b2656e483a4055c3af9eef97e0cc26536c171c32359b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:52 GMT
via
1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 22 Mar 2022 15:20:24 GMT
server
cloudflare
etag
W/"46869a1d043f8dda8670a973b0773719"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7keKih8KtuBxHt1Q2uVMXg8peWDGQP1WjbjqUzLA7tFw%2FUIgPaLX72JrGWnD9Nr5KzEPXSGmTS4ciyOZoMGQg1q3S3vWXJPj5uD0iLWAUwC5xLlxXwtVaHtP4IysN9qqzTtBO4x23rJhouZZi83FWYd7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6ff8d70b2c339b67-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
-geDdCq9-e3SIze5e4VqZNBzMIZMiQjW-b7R3YI8tuGXOsG1wqquBA==
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Requested by
Host: xclaim.club
URL: https://xclaim.club/css/app.a1e3b38e.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e55d07bfd9aa8919c00ba173b1cf6fbc0fc35851b107001f3f3f6ed6418c9a90
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 19:39:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 21 Apr 2022 20:23:52 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 21 Apr 2022 20:23:52 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9615.TBHthVC6tfeTkmS8GYG-ziHziqY-vTt4uYwHH24BMgYSu93b5McdLHzFLfmwUbsl.RxHJBhSysxG86qr2I0i9nt3EqQM%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9615.jtcvwhKPrDtCPAxkVSutvAIgWJwhuwNlbIdi0Ugi7h3QO2xicHJdSmF-eFa-dFu4pREg6NCLJTlOcfUzVEnKGA%2C%2C.utomQsNbZ0QqfEJG0DSImEyLUu4%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9615.jtcvwhKPrDtCPAxkVSutvAIgWJwhuwNlbIdi0Ugi7h3QO2xicHJdSmF-eFa-dFu4pREg6NCLJTlOcfUzVEnKGA%2C%2C.utomQsNbZ0QqfEJG0DSImEyLUu4%2C
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/SoundSplashEvent
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:53 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9615.jtcvwhKPrDtCPAxkVSutvAIgWJwhuwNlbIdi0Ugi7h3QO2xicHJdSmF-eFa-dFu4pREg6NCLJTlOcfUzVEnKGA%2C%2C.utomQsNbZ0QqfEJG0DSImEyLUu4%2C
date
Thu, 21 Apr 2022 20:23:53 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
1
mc.yandex.com/watch/87896175/
Redirect Chain
  • https://mc.yandex.com/watch/87896175?wmode=7&page-url=https%3A%2F%2Fxclaim.club%2Fredirect%2FSoundSplashEvent&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen...
  • https://mc.yandex.com/watch/87896175/1?wmode=7&page-url=https%3A%2F%2Fxclaim.club%2Fredirect%2FSoundSplashEvent&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3A...
338 B
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/87896175/1?wmode=7&page-url=https%3A%2F%2Fxclaim.club%2Fredirect%2FSoundSplashEvent&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A858524070052%3Ahid%3A957604215%3Az%3A0%3Ai%3A20220421202352%3Aet%3A1650572633%3Ac%3A1%3Arn%3A910866524%3Arqn%3A1%3Au%3A1650572633278704576%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650572632251%3Ads%3A0%2C0%2C148%2C1%2C231%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1650572633%3At%3AxClaim.Club&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/SoundSplashEvent
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
b31bd06833b7b8c4c22d2c0bf8209e226c8030f8688944ac1e76f9e2fb461ed1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 21 Apr 2022 20:23:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 21-Apr-2022 20:23:53 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://xclaim.club
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
338
x-xss-protection
1; mode=block
expires
Thu, 21-Apr-2022 20:23:53 GMT

Redirect headers

pragma
no-cache
date
Thu, 21 Apr 2022 20:23:53 GMT
last-modified
Thu, 21-Apr-2022 20:23:53 GMT
location
/watch/87896175/1?wmode=7&page-url=https%3A%2F%2Fxclaim.club%2Fredirect%2FSoundSplashEvent&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A858524070052%3Ahid%3A957604215%3Az%3A0%3Ai%3A20220421202352%3Aet%3A1650572633%3Ac%3A1%3Arn%3A910866524%3Arqn%3A1%3Au%3A1650572633278704576%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1650572632251%3Ads%3A0%2C0%2C148%2C1%2C231%2C0%2C%2C%2C%2C%2C%2C%2C%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1650572633%3At%3AxClaim.Club&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://xclaim.club
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Thu, 21-Apr-2022 20:23:53 GMT
1
xclaim.club/api/v1/image/x/SoundSplashEvent/ 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://xclaim.club/api/v1/image/x/SoundSplashEvent/1
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/SoundSplashEvent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/redirect/SoundSplashEvent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25MYGXap%2BOcxVS34EAWZdMfot5QelhVYLdKy4FH8W8Qr43u1nBvDW7IKZPx6424t4dELlwKMqieBZwuheR3uTYOMeb0PQq%2BHEJ8diqrZkbLVNYIli846uqcUNJ16nl9APoEcMh0OCCAGQA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
6ff8d7142eec6939-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://xclaim.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Tue, 19 Apr 2022 11:55:47 GMT
x-content-type-options
nosniff
age
203287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 19 Apr 2023 11:55:47 GMT
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.1.1/webfonts/ 		151 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.1.1/webfonts/free-fa-solid-900.woff2
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/SoundSplashEvent
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8be8fbaff6d829178d12cb3364335db4f7b82e7a40221d56364d08b294b8a0d

Request headers

Referer
https://xclaim.club/
Origin
https://xclaim.club
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:54 GMT
via
1.1 430fc75cac3bdd04869a39405c45fba2.cloudfront.net (CloudFront)
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA2-C1
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
154228
last-modified
Tue, 22 Mar 2022 15:28:59 GMT
server
cloudflare
etag
"eda6bab551c25b803013249f75a56952"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pWBJNN%2FXG%2Ftfc8cERohPb1ARn3iJfFoH54ju2DP84pdCqzE7tUrH63%2FdgSKnB7rF5n0O%2FdDp4q8cwT9PeOwtQiCJ9pPWFEHPCQM3pK446PRLfrRNulu8EamqT6%2FZcpAbAlxXOfiSwnw%2FwW8%2FwWAEkD%2BcgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
6ff8d71448dd5b98-FRA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
kVwQLcMogujw9vJ-EVPcgl7j9O4jpt5IAeWkN0j36yYdYpWhRP9DzQ==
advert.gif
mc.yandex.com/metrika/ 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: xclaim.club
URL: https://xclaim.club/redirect/SoundSplashEvent
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://xclaim.club/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date
Thu, 21 Apr 2022 20:23:54 GMT
last-modified
Mon, 18 Apr 2022 12:16:58 GMT
etag
"625d2c8a-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Thu, 21 Apr 2022 21:23:54 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails function| ym object| FontAwesomeKitConfig object| Ya object| yaCounter87896175 object| nearApi function| Buffer object| webpackJsonp object| regeneratorRuntime boolean| __VUE__ object| __VUE_DEVTOOLS_PLUGINS__

10 Cookies

Domain/Path Name / Value
.xclaim.club/ Name: _ym_uid
Value: 1650572633278704576
.xclaim.club/ Name: _ym_d
Value: 1650572633
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 834493055fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2263821447fake
.yandex.com/ Name: yandexuid
Value: 2965760281650572633
.yandex.com/ Name: yuidss
Value: 2965760281650572633
mc.yandex.com/ Name: yabs-sid
Value: 1844660411650572633
.yandex.com/ Name: i
Value: 9RlYGzuJn/urT3nU6T3xMARDFaA3dXJyWSYWEyR9xfXYM6DublTUD/9pJzXvZilcc5C+/fF5GJ85GAoAtW6RitqEneE=
.yandex.com/ Name: ymex
Value: 1682108633.yrts.1650572633#1682108633.yrtsi.1650572633
.xclaim.club/ Name: _ym_isad
Value: 2

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9615.jtcvwhKPrDtCPAxkVSutvAIgWJwhuwNlbIdi0Ugi7h3QO2xicHJdSmF-eFa-dFu4pREg6NCLJTlOcfUzVEnKGA%2C%2C.utomQsNbZ0QqfEJG0DSImEyLUu4%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
mc.yandex.com
mc.yandex.ru
soundsplashevent.xclaim.club
xclaim.club
2606:4700::6810:5914
2606:4700::6812:1634
2a00:1450:4001:803::200a
2a00:1450:4001:808::2003
2a02:6b8::1:119
2a06:98c1:3121::7
0281802cc2ff5e8b90c99ba9ad7368b961d1260e4337b5a98b4c2127ff2e7c11
12b4024304fcdc0f23e872a4104fec5d118fac979d4171fa01a2c4b6dda609b5
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
75f3bd16ca645709f15708862b8523f5a5072725d1c945db54f58c343c7d21cc
81c8a143f097630bc2d6accc37ee1f6217bebe20c7aa62bf55f99e510a73c626
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
86eacb25db79021385e07ec7e405d3320e5e8271d318f03817c6862b33047a09
a077714458698c2b217b2656e483a4055c3af9eef97e0cc26536c171c32359b2
b31bd06833b7b8c4c22d2c0bf8209e226c8030f8688944ac1e76f9e2fb461ed1
b8be8fbaff6d829178d12cb3364335db4f7b82e7a40221d56364d08b294b8a0d
bdb6555be3041a9a8cfcc4eb73472e4c8d5ecdaef1fc9348046f2e55744ec271
c5181784a048c870ef7d6f3f225555342568411735de939e9dfeac5bb263faf2
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
d00b137617ca412b948102cd10f2c393fc78cbce53bf505fdeb161dd0e8e8157
dacbac4a8dc3b442663ca5c3bd11fe225b6fd9afde3eaa3900ebfd72f3afeefb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4217a4f515dec6fe7f839f4b73f05b6faf6c6d47c9588550b3df19a0aaa1420
e55d07bfd9aa8919c00ba173b1cf6fbc0fc35851b107001f3f3f6ed6418c9a90