claimitemfreefire-2022.ml Open in urlscan Pro
2606:4700:3034::6815:4b11  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

31 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response claimitemfreefire-2022.ml/	17 KB 4 KB	499ms 423ms	Document text/html	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claimitemfreefire-2022.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8236bb8a75d2f546115bc1e68c82e00d341c82c7e6882cd4061cf460ef0c55d4 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Sat, 18 Dec 2021 07:22:17 GMT content-type text/html; charset=UTF-8 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YhAxlcxSgNjECIQVryHVcelE4ifKyFCsBiZDdQ8b3RBZcnJdcA0KbKC0UcFU0ZQX4KHEdC7uSZiT1pAMFlnMCFyuqRa5zuYQJW%2BC%2BQE3mwGBTQe0ewVLHRnj0F7nbAYmJYD27xeKr5JNsoXKqB0svIjnwg3BZm8P"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6bf6a39e99664e0d-FRA content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	style.css claimitemfreefire-2022.ml/css/	9 KB 3 KB	390ms 389ms	Stylesheet text/css	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claimitemfreefire-2022.ml/css/style.css Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8176bef1d9ec55d133dd7acf8886ecf9e7d4232ef06e511511872741cc08a56e Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:17 GMT content-encoding br cf-cache-status MISS last-modified Sat, 25 Sep 2021 12:47:50 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZwGMVILnC%2BZDUBPyY8j3vhr%2FkYzJ310ibIUik3tlzXvH4%2B%2B49wavuEMyEsIJUv4wfwVrJdjPGPM6GfxseQjKbBUBlFxV6OTIXNGtrLTJpFPrHZoWN3YCQy%2BqA14J8GYUKmh9ZNQeaZCupQ7iZs7kmpwQ%2FNaKy7i9"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6bf6a3a16d974e0d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	facebook.css claimitemfreefire-2022.ml/css/	4 KB 1 KB	394ms 393ms	Stylesheet text/css	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claimitemfreefire-2022.ml/css/facebook.css Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1a4a3fd645c4d3668ae63a17150f293ca95d1a743baac3aece8a4446e6e346e2 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:17 GMT content-encoding br cf-cache-status MISS last-modified Sat, 25 Sep 2021 12:47:50 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZMIbSD8jT0iAN1GLY5zK%2BUDeMl2hFsLA5CwDzufgUgZtruiWAwFfg2XBksLn7tiSx4AqFHkmH6FhnuJiowiUaiAtDMzgkfDevjmxyYLzkcDHCT2RhSpOV3NMvb0ryPLvTaa0V53Vqx1bbA7uftiv5d1IcusnzGpz"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6bf6a3a16d984e0d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	30ms 12ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:17 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3136197 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 5631 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTSu9SF60WwtOX%2FeXSF4e7f%2FqiYmNl9bG%2Fj3maflA2oFeI0Eu7Ad%2FS%2FZmjsXAQzZ%2FTeW2RA%2BHNqWT7tUtsBXOkHoV15abqArXeObH0%2FKW2WcUWyp42BgUMV0yehzdmMg0M%2BZaGzq700dy7A1c48n4DSG"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 6bf6a3a18cd3694b-FRA expires Thu, 08 Dec 2022 07:22:17 GMT
GET H/1.1	200 OK	logo-small_20210113.png freefiremobile-a.akamaihd.net/common/web_event/official/	2 KB 2 KB	76ms 7ms	Image image/png	2.16.107.41 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://freefiremobile-a.akamaihd.net/common/web_event/official/logo-small_20210113.png Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2.16.107.41 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS a2-16-107-41.deploy.static.akamaitechnologies.com Software AkamaiNetStorage / Resource Hash 3895476107ca7059eae80df1cd387245e111e3899dfdffbf5b0193b1743afdaa Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers Date Sat, 18 Dec 2021 07:22:17 GMT Last-Modified Wed, 13 Jan 2021 10:02:42 GMT Server AkamaiNetStorage ETag "ba49fcb56c6fad1b8c7a94b750dac51e:1610532162.946953" Content-Type image/png Access-Control-Allow-Origin * Connection keep-alive Accept-Ranges bytes Content-Length 2140
GET H2	200	675666d840a9c8fa1c61eaf584ff2a50.gif i.pinimg.com/originals/67/56/66/	25 KB 26 KB	131ms 34ms	Image image/gif	2a04:4e42:54::84 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.pinimg.com/originals/67/56/66/675666d840a9c8fa1c61eaf584ff2a50.gif Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 654cb99fb0cdc3b32bf8efbd77c8171f09580840dbd8084e3dbd2427210a9b9e Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:17 GMT x-cdn fastly etag "58c7f1e8e4bfaadbcbd8ccc470e363cb" vary Origin content-type image/gif cache-control max-age=31536000, immutable accept-ranges bytes alt-svc h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600 content-length 26108
GET H2	200	crate.jpg claimitemfreefire-2022.ml/ngMedia/	493 KB 494 KB	746ms 746ms	Image image/jpeg	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://claimitemfreefire-2022.ml/ngMedia/crate.jpg Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b5bfeab68d153699fdf0d57d92c5b2d9ede9cdf031697989a9e2a978e9b677c5 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:17 GMT cf-cache-status MISS last-modified Sat, 25 Sep 2021 12:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwJBFYGsjiWxCuWW6UqomoiE%2Fly%2BPkgg3P3IXICmDhboyo%2FAVvvtoQRQrNOIwbnDajhsKDQg9r9HadRegbzHRPIbDVM2E%2FfP3RuTeyZUWVEqPxC6xxf2RG2IgX8DRBh1bxJKpLQT0ininTLtB4S15tCQ9g7APgCh"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6bf6a3a16d9c4e0d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 504904
GET H2	200	facebook_text.png claimitemfreefire-2022.ml/img/	28 KB 28 KB	566ms 565ms	Image image/png	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://claimitemfreefire-2022.ml/img/facebook_text.png Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:17 GMT cf-cache-status MISS last-modified Sat, 25 Sep 2021 12:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bh8Hp0%2FxdV2rdTpK5OZnhuIkiNTowZgCcNi%2BA%2Fz6lZ%2BEx9JU2%2BzitaFg%2FAOErN%2FD1EotMUkr7sTZYNMtNOvaTLeX9inJjSFRueMKg0rPxvc8RQXddaZD47iOjRqkJSQRYM8xwhjl0CC394%2B7zL1ZmFS5O8vUqMlW"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6bf6a3a16d9d4e0d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 28789
GET H2	404	thumbnail.jpg i.ibb.co/fFbdRKj/	1 KB 1 KB	71ms 16ms	Image image/png	141.94.99.191 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/fFbdRKj/thumbnail.jpg Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.94.99.191 , France, ASN16276 (OVH, FR), Reverse DNS ns3198505.ip-141-94-99.eu Software nginx / Resource Hash 383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:17 GMT server nginx content-length 1157 content-type image/png
GET H2	200	jquery-3.6.0.min.js Show response code.jquery.com/	87 KB 30 KB	92ms 30ms	Script application/javascript	2001:4de0:ac18::1:a:3a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.6.0.min.js Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:17 GMT content-encoding gzip last-modified Tue, 02 Mar 2021 17:27:20 GMT server nginx etag W/"603e7578-15d9d" vary Accept-Encoding x-hw 1639812137.dop208.ml1.t,1639812137.cds223.ml1.hn,1639812137.cds012.ml1.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 30875
GET		1.0.0.js randomjs.com/	0 0
GET H2	206	ngBg.3gpp claimitemfreefire-2022.ml/ngMedia/	1 MB 1 MB	377ms 377ms	Media application/octet-stream	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claimitemfreefire-2022.ml/ngMedia/ngBg.3gpp Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 104b8338fe458890a927c07c902f3675055226ad97f898ce523acd358a5b6ae9 Request headers Referer https://claimitemfreefire-2022.ml/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=0- Response headers date Sat, 18 Dec 2021 07:22:17 GMT cf-cache-status DYNAMIC last-modified Sat, 25 Sep 2021 12:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBvyfOqmfGiR2GsIrIk5lIis2DF6mlmfD9X9wtNP5ub%2FRHO6NqTT5jfTvQrXTllE1JR46qXd6DacCj9oPJSukHrfN1gIL%2Bqs33Or2fA5DdVkkSDYSZnvJ4r%2BycGUJ7dN%2FBJ6RrmZpM5L0%2Fj%2FY9mxI1aidqN1v8be"}],"group":"cf-nel","max_age":604800} Content-Range bytes 0-1083765/1083766 accept-ranges bytes cf-ray 6bf6a3a17da34e0d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 1083766
GET H2	206	popSound.mp4 claimitemfreefire-2022.ml/ngMedia/	18 KB 18 KB	578ms 577ms	Media video/mp4	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claimitemfreefire-2022.ml/ngMedia/popSound.mp4 Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1ac0787254aa7a1e125885fdc5aba866dc7c3f406e596a7f17b399f10a7d3999 Request headers Referer https://claimitemfreefire-2022.ml/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=0- Response headers date Sat, 18 Dec 2021 07:22:17 GMT cf-cache-status MISS last-modified Sat, 25 Sep 2021 12:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fX9y0nD7f87%2FTRYGQvzLTTGfnogW%2BFQyfG73JWnM9y%2BWrJNGK9L0uDqI7693yfBtl9eIfCP44lKlx%2BJoemhR70DNIPsUUeYQEHDUuulY3vFgcvSDBM0%2BrxiL7i0feg5Jp6U0JJ%2By7MtTVxtreDWCz599La70i1h8"}],"group":"cf-nel","max_age":604800} content-type video/mp4 Content-Range bytes 0-18381/18382 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6bf6a3a17da54e0d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 18382
GET H2	206	clickSound.mpeg claimitemfreefire-2022.ml/ngMedia/	9 KB 10 KB	396ms 396ms	Media video/mpeg	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claimitemfreefire-2022.ml/ngMedia/clickSound.mpeg Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b82ec79a87b79ba6f90b5b18614d3a49b4bf9bce01a9519e18dfd4aaf739df97 Request headers Referer https://claimitemfreefire-2022.ml/ Accept-Encoding identity;q=1, *;q=0 Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Range bytes=0- Response headers date Sat, 18 Dec 2021 07:22:17 GMT cf-cache-status DYNAMIC last-modified Sat, 25 Sep 2021 12:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h9lBbCifIzz4Eo8Ikn8hu876HMnGy9KeCEMQcat1FHc75HvS9%2F%2FxHlgO1KLjH5Uao37LuwrNBYQ0NsdcHEQSjIIVBfDxSddATCr%2Fa7tGMz15cBjS6X%2BrTUPUnt59jkhO6y%2F41UdGzxXklH%2BLeZiiNo2DWCFJt7jW"}],"group":"cf-nel","max_age":604800} content-type video/mpeg Content-Range bytes 0-9701/9702 accept-ranges bytes cf-ray 6bf6a3a17da64e0d-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 Content-Length 9702
GET H2	200	css2 fonts.googleapis.com/	399 B 387 B	40ms 16ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Fredoka+One&display=swap Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 6f49a3460d02695e4d95596206144506779462fbda9875dc45b7ac46ab645606 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 18 Dec 2021 05:24:33 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 18 Dec 2021 07:22:17 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 18 Dec 2021 07:22:17 GMT
GET H2	200	css2 fonts.googleapis.com/	728 B 877 B	39ms 15ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Sniglet&display=swap Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 398cdf5368493b91862a38ac78d7a47d8c90a922ac4710092a754470ff5ab49c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 18 Dec 2021 07:18:39 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 18 Dec 2021 07:22:17 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 18 Dec 2021 07:22:17 GMT
GET H2	200	css2 fonts.googleapis.com/	1 KB 525 B	49ms 25ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Itim&display=swap Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 5473bb5ad6e474d0fdbaf9bde667a0a7b516d31a52f583792ef927666edb4dec Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 18 Dec 2021 06:37:30 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 18 Dec 2021 07:22:17 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 18 Dec 2021 07:22:17 GMT
GET H2	200	css2 fonts.googleapis.com/	1 KB 502 B	47ms 24ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Teko&display=swap Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 572b033ea8f1072b9cbbd17462095c08c070b3e898ec8952d3fc2228577e7dc4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 18 Dec 2021 06:32:46 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 18 Dec 2021 07:22:17 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 18 Dec 2021 07:22:17 GMT
GET H2	200	css2 fonts.googleapis.com/	378 B 371 B	48ms 24ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Acme&display=swap Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 73be6524fb9be16d689e253fab524c347e665480c42487fa7ca0be7966cc0261 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 18 Dec 2021 07:09:53 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sat, 18 Dec 2021 07:22:17 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 18 Dec 2021 07:22:17 GMT
GET H3	200	6.jpg claimitemfreefire-2022.ml/ngMedia/ngReward/	33 KB 34 KB	578ms 577ms	Image image/jpeg	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://claimitemfreefire-2022.ml/ngMedia/ngReward/6.jpg Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4c8c501f2643af6e7cf81a765e7b7cdb8a76dcea523fb875bd17faa355aada23 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:18 GMT cf-cache-status MISS last-modified Sat, 25 Sep 2021 12:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYvd7EAqCunDQZp9z45qXT8qu4qqHSVqyToXtpCfyZgF1R8mR3%2FQNSbxtcavUgVaIJGKjVTZP4Ghjm13PXsYn95s%2B9z1rFtL%2BqgcOFQ%2Fwnp9tS5oXes%2FPipysswarSsI95nqXujDNhKkg8%2BlukKD2wy8lMeo0kYF"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6bf6a3a43ccc4ebc-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 33878
GET H3	200	24.jpg claimitemfreefire-2022.ml/ngMedia/ngReward/	116 KB 117 KB	1354ms 1353ms	Image image/jpeg	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://claimitemfreefire-2022.ml/ngMedia/ngReward/24.jpg Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3a124f7c8781af398764ba316b3fa7bad44e83520f78a90521b0cbb3012a783b Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:18 GMT cf-cache-status MISS last-modified Sat, 25 Sep 2021 12:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2Fp4nblycYYXhfFoMEd%2F2LNCyE%2BSboPRpUrwikK6AR1K1U6BgDOoPD%2BHAwtarfMLV9PwYVgblr3qRB%2BBrA0mhAKtuYxaFNgVpSXuGyrhObth7wkZJXWsEBXsNYt9lDx1%2F%2BA5Tmf8RLd5n2W5W7Yd8X3YrmsFfNOX"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6bf6a3a43ccd4ebc-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 118900
GET H3	200	31.jpg claimitemfreefire-2022.ml/ngMedia/ngReward/	263 KB 264 KB	933ms 932ms	Image image/jpeg	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://claimitemfreefire-2022.ml/ngMedia/ngReward/31.jpg Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ece5c1b9c7018fe87ced5b0786e6d9a7e80738039501f41e5264a8dcacce9e8b Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:18 GMT cf-cache-status MISS last-modified Sat, 25 Sep 2021 12:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGZUsFCILCwfGWyAkUJI0kiuJ2BQTHWe7dsTFJvbR0BCzPsLMeOx1ZcxX4%2F3T0yI2eRwaDcuJ%2FomG2L2vjnxcZFx%2Fb4z1VanQibaN4cSXR0hwjknjfiIGmiTGi2BuMoOwwdwOhm9XXpvBtkIrHvxXGGvb%2Bv4gWkS"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6bf6a3a43ccf4ebc-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 269431
GET H3	200	14.jpg claimitemfreefire-2022.ml/ngMedia/ngReward/	382 KB 383 KB	779ms 779ms	Image image/jpeg	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://claimitemfreefire-2022.ml/ngMedia/ngReward/14.jpg Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f047fdd4bf3ea2e7994115f284fb06c93a7c1c0333993db02cef24004527f51 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:18 GMT cf-cache-status MISS last-modified Sat, 25 Sep 2021 12:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZRaQXGNa7bAqg%2FADHZnoVwCzMEF60fOvG%2BUWWl6TRA%2FGo7LIZLT0OphvYwkJ2re6oCA9mgLCvcrZLl9wrMExxzpCZtYrc83DS4xj40BsTGUO4HZmztOlokqJrnpkAJ7%2Fxsf8XsuUQPxMpwRjXIGZdKSHZ00I3iwp"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6bf6a3a43cd24ebc-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 391298
GET H3	200	4.jpg claimitemfreefire-2022.ml/ngMedia/ngReward/	31 KB 31 KB	569ms 569ms	Image image/jpeg	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://claimitemfreefire-2022.ml/ngMedia/ngReward/4.jpg Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6079598ca6146c5463794913e4ead6bfd284c86f0c4b3f9298a87e999f2833cf Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:18 GMT cf-cache-status MISS last-modified Sat, 25 Sep 2021 12:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gdbz9vm6VENZtOfnibc3NTeWTgyWt2WD93pgR3tl5Z0bM34NiO1OCZQBKuUsWtNTDBAJFOJJ1K%2FyeZ%2FIOw4Z%2FVLfRHUc%2BQnkDkwv8D%2FmhpMg9FIov88b%2FGrwjREwNhGlWbqpcbYzpU97jcm0rb%2Bbdhi7wULqN4Mh"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 6bf6a3a43cd44ebc-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 31361
GET H2	200	getcountry Show response api.pubgameshowtime.com/ip/	59 B 426 B	636ms 476ms	XHR application/json	65.9.64.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.pubgameshowtime.com/ip/getcountry Requested by Host: code.jquery.com URL: https://code.jquery.com/jquery-3.6.0.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.64.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-64-81.fra56.r.cloudfront.net Software / Resource Hash d685d0f6c6cb505aeba79995624a71cda1d1769b01f52628eda1f5d04bf1cdcb Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://claimitemfreefire-2022.ml/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:18 GMT via 1.1 f58d1aa3b3b084adbea41c7523e2047f.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-C1 x-amzn-requestid c3a3404e-e70e-4c41-af94-2b51c93a5135 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * x-amzn-trace-id Root=1-61bd8c2a-74c8a41d01cca76740cf42bf;Sampled=0 x-amz-apigw-id KiLWnHJxyK4FudA= content-length 59 x-amz-cf-id gcNyWEl5HHQGdB5vACfCffgxKp0XdS7-_6blAWJO697NkKKtOy7FzQ==
GET H2	200	p_2072opz2q5.jpg f.top4top.io/	646 KB 648 KB	90ms 32ms	Image image/jpeg	163.172.212.102 Online SAS
General Check archive.org Show headers Download Go to Show image Full URL https://f.top4top.io/p_2072opz2q5.jpg Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/css/style.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 163.172.212.102 Amsterdam, Netherlands, ASN12876 (Online SAS, FR), Reverse DNS 163-172-212-102.rev.poneytelecom.eu Software nginx / Resource Hash 718746d6d553ccd21160c5605f9893c9d4dcb3acb250b29661651739d35370dd Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers x-file-id x40526933x date Sat, 18 Dec 2021 07:22:18 GMT last-modified Fri, 03 Sep 2021 15:29:53 GMT server nginx etag "61323f71-a19ba" content-type image/jpeg cache-control max-age=7200 content-disposition inline; filename="Screenshot_2021-09-03-22-29-16-51_998d3425f9e75a0428f0fabdce419960.jpg" accept-ranges bytes content-length 661946 expires Sat, 18 Dec 2021 09:22:18 GMT
GET H2	200	wp6827098.jpg wallpapercave.com/wp/	443 KB 444 KB	338ms 296ms	Image image/webp	2606:4700:10::6816:3d47 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://wallpapercave.com/wp/wp6827098.jpg Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3d47 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc2a48620db3d4fc294dc90839055ac9edaa61301fb6614098cb32da05603482 Request headers Accept-Language de-DE,de;q=0.9 Referer https://claimitemfreefire-2022.ml/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:18 GMT cf-cache-status REVALIDATED cf-polished qual=85, origFmt=jpeg, origSize=536588 content-disposition inline; filename="wp6827098.webp" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 453410 last-modified Thu, 02 Jul 2020 13:49:43 GMT server cloudflare etag "5efde5f7-8300c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept content-type image/webp cache-control max-age=31536000 accept-ranges bytes cf-ray 6bf6a3a88b6b4309-FRA cf-bgj imgq:85,h2pri
GET H2	200	cIf9MaFLtkE3UjaJ9C6hYQ.woff2 fonts.gstatic.com/s/sniglet/v12/	24 KB 24 KB	32ms 11ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/sniglet/v12/cIf9MaFLtkE3UjaJ9C6hYQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Sniglet&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f58beaba5f7381ecc5a682cdbe508cd28f8f1565abce59e7870d3e9aea8a7f51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://claimitemfreefire-2022.ml Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Tue, 14 Dec 2021 21:11:53 GMT x-content-type-options nosniff age 295825 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 24736 x-xss-protection 0 last-modified Thu, 23 Jul 2020 19:40:47 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Wed, 14 Dec 2022 21:11:53 GMT
GET H2	200	k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2 fonts.gstatic.com/s/fredokaone/v8/	15 KB 16 KB	23ms 7ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/fredokaone/v8/k3kUo8kEI-tA1RRcTZGmTlHGCac.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Fredoka+One&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8c77cd0cb3cc4a3f294c6b86ba5302fe3139f89758ac460e5f5fb6a6a01b5dec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://claimitemfreefire-2022.ml Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 11:15:20 GMT x-content-type-options nosniff age 245218 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15524 x-xss-protection 0 last-modified Tue, 01 Sep 2020 04:39:17 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 15 Dec 2022 11:15:20 GMT
GET H2	200	RrQfboBx-C5_XxrBbg.woff2 fonts.gstatic.com/s/acme/v11/	8 KB 8 KB	31ms 15ms	Font font/woff2	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/acme/v11/RrQfboBx-C5_XxrBbg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Acme&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 77fb74c793e3bfa921d1cbfa6f781ac9a024c2b8aec71efd5495977f68bf5a9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://claimitemfreefire-2022.ml Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Wed, 15 Dec 2021 05:52:21 GMT x-content-type-options nosniff age 264597 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8240 x-xss-protection 0 last-modified Thu, 22 Oct 2020 18:55:07 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Thu, 15 Dec 2022 05:52:21 GMT
GET H3	200	digital-7.ttf claimitemfreefire-2022.ml/ngMedia/	105 KB 44 KB	939ms 939ms	Font font/ttf	2606:4700:3034::6815:4b11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claimitemfreefire-2022.ml/ngMedia/digital-7.ttf Requested by Host: claimitemfreefire-2022.ml URL: https://claimitemfreefire-2022.ml/css/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3034::6815:4b11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3c91f1efaa227e417bce31248ba3b45bf0118dd9b0a0b9652f227b42a37c4648 Request headers Referer https://claimitemfreefire-2022.ml/css/style.css Origin https://claimitemfreefire-2022.ml Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36 Response headers date Sat, 18 Dec 2021 07:22:19 GMT content-encoding br cf-cache-status MISS last-modified Sat, 25 Sep 2021 12:47:52 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PySLiWtrdBj3VnaOo3wHTdITaiND0Gm24eUuzisZ%2FzhQtq5Y7gH9q5qMxewYysgnnTYc9NOdODQFSjpMguZOKUIZeBGIFPPbzF2LV%2Boyub0clHavn7ueNXr2hCjuviQ5EOXxEs85fJUIeEDsnVHN12fkB%2B9dL%2BR1"}],"group":"cf-nel","max_age":604800} content-type font/ttf cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6bf6a3aa7e234ebc-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

randomjs.com

URL

https://randomjs.com/1.0.0.js

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| openCrate number| countDownDate number| x function| tiktok function| checkip function| valid

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://randomjs.com/1.0.0.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://i.ibb.co/fFbdRKj/thumbnail.jpg Message: Failed to load resource: the server responded with a status of 404 ()
deprecation	warning	URL: https://code.jquery.com/jquery-3.6.0.min.js(Line 1) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pubgameshowtime.com
cdnjs.cloudflare.com
claimitemfreefire-2022.ml
code.jquery.com
f.top4top.io
fonts.googleapis.com
fonts.gstatic.com
freefiremobile-a.akamaihd.net
i.ibb.co
i.pinimg.com
randomjs.com
wallpapercave.com
randomjs.com
141.94.99.191
163.172.212.102
2.16.107.41
2001:4de0:ac18::1:a:3a
2606:4700:10::6816:3d47
2606:4700:3034::6815:4b11
2606:4700::6810:125e
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a04:4e42:54::84
65.9.64.81
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
104b8338fe458890a927c07c902f3675055226ad97f898ce523acd358a5b6ae9
1a4a3fd645c4d3668ae63a17150f293ca95d1a743baac3aece8a4446e6e346e2
1ac0787254aa7a1e125885fdc5aba866dc7c3f406e596a7f17b399f10a7d3999
383267c9f5ee8f68d2aa68642d500e0f471463d4781205ba8f22fa01af34f5e0
3895476107ca7059eae80df1cd387245e111e3899dfdffbf5b0193b1743afdaa
398cdf5368493b91862a38ac78d7a47d8c90a922ac4710092a754470ff5ab49c
3a124f7c8781af398764ba316b3fa7bad44e83520f78a90521b0cbb3012a783b
3c91f1efaa227e417bce31248ba3b45bf0118dd9b0a0b9652f227b42a37c4648
4c8c501f2643af6e7cf81a765e7b7cdb8a76dcea523fb875bd17faa355aada23
5473bb5ad6e474d0fdbaf9bde667a0a7b516d31a52f583792ef927666edb4dec
572b033ea8f1072b9cbbd17462095c08c070b3e898ec8952d3fc2228577e7dc4
5f047fdd4bf3ea2e7994115f284fb06c93a7c1c0333993db02cef24004527f51
6079598ca6146c5463794913e4ead6bfd284c86f0c4b3f9298a87e999f2833cf
654cb99fb0cdc3b32bf8efbd77c8171f09580840dbd8084e3dbd2427210a9b9e
6f49a3460d02695e4d95596206144506779462fbda9875dc45b7ac46ab645606
718746d6d553ccd21160c5605f9893c9d4dcb3acb250b29661651739d35370dd
73be6524fb9be16d689e253fab524c347e665480c42487fa7ca0be7966cc0261
77fb74c793e3bfa921d1cbfa6f781ac9a024c2b8aec71efd5495977f68bf5a9a
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8176bef1d9ec55d133dd7acf8886ecf9e7d4232ef06e511511872741cc08a56e
8236bb8a75d2f546115bc1e68c82e00d341c82c7e6882cd4061cf460ef0c55d4
8c77cd0cb3cc4a3f294c6b86ba5302fe3139f89758ac460e5f5fb6a6a01b5dec
b5bfeab68d153699fdf0d57d92c5b2d9ede9cdf031697989a9e2a978e9b677c5
b82ec79a87b79ba6f90b5b18614d3a49b4bf9bce01a9519e18dfd4aaf739df97
d685d0f6c6cb505aeba79995624a71cda1d1769b01f52628eda1f5d04bf1cdcb
ece5c1b9c7018fe87ced5b0786e6d9a7e80738039501f41e5264a8dcacce9e8b
f58beaba5f7381ecc5a682cdbe508cd28f8f1565abce59e7870d3e9aea8a7f51
fc2a48620db3d4fc294dc90839055ac9edaa61301fb6614098cb32da05603482
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e