urlscan.io logo urlscan.io
SecurityTrails logo

claim.fun Open in urlscan Pro
2a02:4780:a:761:0:199c:170d:8  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://claim.fun/
Effective URL: https://claim.fun/
Submission Tags: falconsandbox
Submission: On January 28 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 16 domains to perform 42 HTTP transactions. The main IP is 2a02:4780:a:761:0:199c:170d:8, located in Manchester, United Kingdom and belongs to AS-HOSTINGER, CY. The main domain is claim.fun.
TLS certificate: Issued by R3 on December 10th 2022. Valid for: 3 months.
This is the only time claim.fun was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

14    2a02:4780:a:761:0:199c:170d:8 (Manchester, United Kingdom)

ASN47583 (AS-HOSTINGER, CY)
claim.fun
1    2a00:1450:400d:807::200e (Ireland)

ASN15169 (GOOGLE, US)
translate.google.com
1    2600:9000:20eb:9000:1f:946:f000:21 (United States)

ASN16509 (AMAZON-02, US)
d3u598arehftfk.cloudfront.net
3    2600:9000:2138:b400:2:e529:700:93a1 (United States)

ASN16509 (AMAZON-02, US)
tags.orquideassp.com
2    2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
translate.googleapis.com
2    2606:4700:3036::6815:fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
hbagency.it
1    13.32.27.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-12.fra56.r.cloudfront.net
services.brid.tv
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
4    2600:9000:21f3:fe00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.quantcast.com
1    2600:9000:2057:0:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2600:9000:21c7:4400:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
3    2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    2600:9000:211e:4400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    192.0.78.146 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
supertruco.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2600:9000:21f3:f400:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
1    3.127.204.120 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-204-120.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
Apex Domain
Subdomains		 Transfer
14 claim.fun
claim.fun
116 KB
6 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 2796
test.cmp.quantcast.com — Cisco Umbrella Rank: 10347
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 11904
145 KB
3 gstatic.com
www.gstatic.com
4 KB
3 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
158 KB
3 orquideassp.com
tags.orquideassp.com — Cisco Umbrella Rank: 107766
6 KB
2 hbagency.it
hbagency.it — Cisco Umbrella Rank: 234009
134 KB
2 googleapis.com
translate.googleapis.com — Cisco Umbrella Rank: 823
78 KB
1 supertruco.com
supertruco.com — Cisco Umbrella Rank: 224605
2 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 904
643 B
1 consensu.org
quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2961
43 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 979
10 KB
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 27962
3 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 198
6 KB
1 brid.tv
services.brid.tv — Cisco Umbrella Rank: 16213
49 KB
1 cloudfront.net
d3u598arehftfk.cloudfront.net
26 KB
1 google.com
translate.google.com — Cisco Umbrella Rank: 1198
26 KB
42 16
Domain Requested by
14 claim.fun 1 redirects claim.fun
4 cmp.quantcast.com hbagency.it
quantcast.mgr.consensu.org
3 www.gstatic.com claim.fun
translate.googleapis.com
3 securepubads.g.doubleclick.net tags.orquideassp.com
securepubads.g.doubleclick.net
3 tags.orquideassp.com claim.fun
2 hbagency.it d3u598arehftfk.cloudfront.net
2 translate.googleapis.com
1 audit-tcfv2.cmp.quantcast.com cmp.quantcast.com
1 test.cmp.quantcast.com quantcast.mgr.consensu.org
1 supertruco.com claim.fun
1 rules.quantcount.com secure.quantserve.com
1 quantcast.mgr.consensu.org cmp.quantcast.com
1 secure.quantserve.com cmp.quantcast.com
1 wrappers.geoedge.be hbagency.it
1 cdnjs.cloudflare.com d3u598arehftfk.cloudfront.net
1 services.brid.tv d3u598arehftfk.cloudfront.net
1 d3u598arehftfk.cloudfront.net claim.fun
1 translate.google.com claim.fun
42 18

This site contains links to these domains. Also see Links.

Domain
www.kadencewp.com
translate.google.com
orquidea.ai
Subject Issuer Validity Valid
claim.fun
R3		 2022-12-10 -
2023-03-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
tags.orquideassp.com
Amazon		 2022-05-30 -
2023-06-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
hbagency.it
Cloudflare Inc ECC CA-3		 2022-10-21 -
2023-10-20		 a year crt.sh
brid.tv
Amazon		 2022-12-20 -
2024-01-18		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
cmp.quantcast.com
R3		 2023-01-08 -
2023-04-08		 3 months crt.sh
gw.geoedge.be
Amazon		 2022-09-12 -
2023-10-10		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
quantserve.com
R3		 2023-01-10 -
2023-04-10		 3 months crt.sh
tls.automattic.com
R3		 2023-01-13 -
2023-04-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://claim.fun/
Frame ID: 1B37700E388AFD2800E040C5BD443B37
Requests: 43 HTTP requests in this frame

Frame: data://truncated
Frame ID: 5BCEDFCF197A316F42918C1BEF8F0DD8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Claim BLOGToggle MenuContinueContinueContinueContinue

Page URL History Show full URLs

  1. http://claim.fun/ HTTP 301
    https://claim.fun/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • quantcast\.mgr\.consensu\.org
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Page Statistics

42
Requests

98 %
HTTPS

83 %
IPv6

16
Domains

18
Subdomains

20
IPs

4
Countries

807 kB
Transfer

2841 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://claim.fun/ HTTP 301
    https://claim.fun/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
claim.fun/
Redirect Chain
  • http://claim.fun/
  • https://claim.fun/
59 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed / PHP/7.3.33
Resource Hash
29a9abcb870d37f7f118c4069f3a38b680b4136e3484c66f297d54526623a520
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Sat, 28 Jan 2023 01:25:25 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://claim.fun/wp-json/>; rel="https://api.w.org/"
platform
hostinger
pragma
no-cache
server
LiteSpeed
vary
Accept-Encoding
x-powered-by
PHP/7.3.33

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Sat, 28 Jan 2023 01:25:24 GMT
location
https://claim.fun/
platform
hostinger
server
LiteSpeed
style.min.css
claim.fun/wp-includes/css/dist/block-library/ 		93 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://claim.fun/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 26 Jan 2023 15:32:17 GMT
server
LiteSpeed
etag
"172a9-63d29d01-ca5407f8d34c028b;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
11353
expires
Sat, 04 Feb 2023 01:25:25 GMT
classic-themes.min.css
claim.fun/wp-includes/css/ 		217 B
277 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://claim.fun/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 26 Jan 2023 15:32:17 GMT
server
LiteSpeed
etag
"d9-63d29d01-791c728f4756232c;;;"
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
217
expires
Sat, 04 Feb 2023 01:25:25 GMT
global.min.css
claim.fun/wp-content/themes/kadence_blog_theme/assets/css/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://claim.fun/wp-content/themes/kadence_blog_theme/assets/css/global.min.css?ver=1.1.30
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 26 Jan 2023 15:35:25 GMT
server
LiteSpeed
etag
"4bb7-63d29dbd-76de64796f3ec27c;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4238
expires
Sat, 04 Feb 2023 01:25:25 GMT
wp-emoji-release.min.js
claim.fun/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://claim.fun/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 26 Jan 2023 15:32:17 GMT
server
LiteSpeed
etag
"48b9-63d29d01-7746601a9dc1b716;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4572
expires
Sat, 04 Feb 2023 01:25:25 GMT
header.min.css
claim.fun/wp-content/themes/kadence_blog_theme/assets/css/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://claim.fun/wp-content/themes/kadence_blog_theme/assets/css/header.min.css?ver=1.1.30
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 26 Jan 2023 15:35:25 GMT
server
LiteSpeed
etag
"6c84-63d29dbd-fc0d4bc68acfc89a;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4235
expires
Sat, 04 Feb 2023 01:25:25 GMT
content.min.css
claim.fun/wp-content/themes/kadence_blog_theme/assets/css/ 		32 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://claim.fun/wp-content/themes/kadence_blog_theme/assets/css/content.min.css?ver=1.1.30
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 26 Jan 2023 15:35:25 GMT
server
LiteSpeed
etag
"7fcd-63d29dbd-20a46a97b4d3c0da;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
5481
expires
Sat, 04 Feb 2023 01:25:25 GMT
footer.min.css
claim.fun/wp-content/themes/kadence_blog_theme/assets/css/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://claim.fun/wp-content/themes/kadence_blog_theme/assets/css/footer.min.css?ver=1.1.30
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 26 Jan 2023 15:35:25 GMT
server
LiteSpeed
etag
"49c0-63d29dbd-29113da42e8a9a76;br"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
1651
expires
Sat, 04 Feb 2023 01:25:25 GMT
MakerDAO-460x230-1.jpg
claim.fun/wp-content/uploads/2023/01/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claim.fun/wp-content/uploads/2023/01/MakerDAO-460x230-1.jpg
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
c80f05d29fec6da3bf037640b4747dba77749cd5b0cbe750294b5dffe80e00c9
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 26 Jan 2023 15:51:33 GMT
server
LiteSpeed
etag
"fb2-63d2a185-35e3d79263afb7e4;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
4018
expires
Sat, 04 Feb 2023 01:25:25 GMT
navigation.min.js
claim.fun/wp-content/themes/kadence_blog_theme/assets/js/ 		21 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://claim.fun/wp-content/themes/kadence_blog_theme/assets/js/navigation.min.js?ver=1.1.30
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-encoding
br
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 26 Jan 2023 15:35:25 GMT
server
LiteSpeed
etag
"543e-63d29dbd-da6b74c0ecbf8cb3;br"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
5227
expires
Sat, 04 Feb 2023 01:25:25 GMT
element.js
translate.google.com/translate_a/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ceecfc7654fc4f686caceb04740298c08088c61e2be04bf34d555ff7ea4bc0df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 28 Jan 2023 01:25:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
prebid_hb_1652_3954.js
d3u598arehftfk.cloudfront.net/ 		93 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3954.js
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:9000:1f:946:f000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33e828e825c40dcf9428e389e9edd150bee93346d1209dab64a5fac15d7292ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:26 GMT
content-encoding
gzip
via
1.1 1d67a4c00b06651cb6daa95ec3f21f9a.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 08:14:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C1
etag
W/"90c277abdabf0730c914e5e1591fc0c1"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=31536000
x-amz-cf-id
s97U5Q6zMvjZY7eRn9mTbBUyTbTwNktRBKHUTB1ZuoeMj4wo8pgx2A==
31613
tags.orquideassp.com/tag/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/31613
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2138:b400:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c26db56c1a42d5069d248d67ec7a054240b5552dbbf282586553d5f19b44fd58
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
via
1.1 b4fb3cede6d11b735dc8f5d78841f470.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
2011
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"7db-hQE0aNdraOWAZ2fW6/6MZbEht5A"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
ghtj9Vqrg8M8j2pK24chZVPrBhB6XXZlYxYFC3F6XyO1_Uj5ZPD0eA==
31614
tags.orquideassp.com/tag/ 		714 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/31614
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2138:b400:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
773c4ddf261edff83153376e63bd582cf10a8d12e0409674c0d3af3313b07d5e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
via
1.1 b4fb3cede6d11b735dc8f5d78841f470.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
714
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"2ca-E+VsBkm2SOoLw8rHjMlxU9aNmow"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
cNlery5lv8FwWscJG_N0rrYnnHnb26QteEgtvzQRJMjFWA_1A1B44g==
31616
tags.orquideassp.com/tag/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.orquideassp.com/tag/31616
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2138:b400:2:e529:700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
8038b9a545afe8fe21b8bc05086a9c3a3893d78f669ebf839c6a9ed1200e54ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
via
1.1 b4fb3cede6d11b735dc8f5d78841f470.cloudfront.net (CloudFront)
x-amz-cf-pop
NRT12-C2
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
content-length
2226
x-xss-protection
1; mode=block
server
nginx/1.16.1
etag
W/"8b2-csIilsv+kUNmryhmw5nPiwq5Rss"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
kIvUYD1mjkGd5F_9qYTyDU2EORFWsiem23EJqAi-wvFlN6N-M2CHzg==
crypto_market_altcoins_rise-460x307-1.jpg
claim.fun/wp-content/uploads/2023/01/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claim.fun/wp-content/uploads/2023/01/crypto_market_altcoins_rise-460x307-1.jpg
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
1f574c118cb55e21584bfa0b2dbe2904a35f7b20a2db0934d7392a1434ea056c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 26 Jan 2023 15:42:07 GMT
server
LiteSpeed
etag
"27dc-63d29f4f-aa1bc6d3b9688df7;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
10204
expires
Sat, 04 Feb 2023 01:25:25 GMT
iStock-1383710952-460x307-1.jpg
claim.fun/wp-content/uploads/2023/01/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claim.fun/wp-content/uploads/2023/01/iStock-1383710952-460x307-1.jpg
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
24d949d7aa9093ed7b6d85715c343e5729943fb0588a6fb7f33988154afa8e51
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 26 Jan 2023 15:41:07 GMT
server
LiteSpeed
etag
"8cfe-63d29f13-34b2d4ee37561c44;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
36094
expires
Sat, 04 Feb 2023 01:25:25 GMT
hans-eiskonen-wn57cSQ7VzI-unsplash-1-460x307-1.jpg
claim.fun/wp-content/uploads/2023/01/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://claim.fun/wp-content/uploads/2023/01/hans-eiskonen-wn57cSQ7VzI-unsplash-1-460x307-1.jpg
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a02:4780:a:761:0:199c:170d:8 Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
Software
LiteSpeed /
Resource Hash
06172b207f98765b125a15cfeb32205a57b52d110f8b63a97ad10d774479a640
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-security-policy
upgrade-insecure-requests
last-modified
Thu, 26 Jan 2023 15:38:40 GMT
server
LiteSpeed
etag
"3650-63d29e80-5ce3fd8febd29429;;;"
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
platform
hostinger
content-length
13904
expires
Sat, 04 Feb 2023 01:25:25 GMT
translateelement.css
translate.googleapis.com/translate_static/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/translate_static/css/translateelement.css
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.I_n1hHNKRQg.O/d=1/rs=AN8SPfq1BaON9PeD_0qd-QgiiAO9yry5vg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8953492dba77df435e5fbcd568b638fe049279d04fa0403f859d33e72fea74e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 00:50:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
2075
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3632
x-xss-protection
0
last-modified
Mon, 09 Jan 2023 20:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 28 Jan 2023 01:50:50 GMT
m=el_main
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.I_n1hHNKRQg.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq1BaON9PeD_0qd-QgiiAO9yry5vg/ 		207 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.en_GB.I_n1hHNKRQg.O/d=1/exm=el_conf/ed=1/rs=AN8SPfq1BaON9PeD_0qd-QgiiAO9yry5vg/m=el_main
Requested by
Host:
URL: /_/translate_http/_/js/k=translate_http.tr.en_GB.I_n1hHNKRQg.O/d=1/rs=AN8SPfq1BaON9PeD_0qd-QgiiAO9yry5vg/m=el_conf
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 15:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
75142
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 22:10:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="rosetta"
vary
Accept-Encoding
report-to
{"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 Jan 2024 15:53:37 GMT
tcf2_cmp_hbagency.js
hbagency.it/cdn/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbagency.it/cdn/tcf2_cmp_hbagency.js
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3954.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7991792e9d0180277e9d4fc436c99c46698d13cce366a397d7714bdab036e33e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
403
cf-polished
origSize=3983
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 07 Dec 2022 14:17:05 GMT
server
cloudflare
etag
W/"f8f-5ef3d933cd00b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17F%2BjCJ8ZUuwgkjDNcMC3p6%2FGn4HCi%2B5Zh9cYUOHUhMZYO7o5EFidf0tNF5C5MTxcIjeBGlCRRCfAhpMOnZ6FJWQRHdHP1fIH2GL1KavjUlmp5RCrxS%2FikELR2QNJxA9baz4vwdtxmjR0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7905ef231a7576e9-LHR
brid.outstream.min.js
services.brid.tv/player/build/ 		174 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.brid.tv/player/build/brid.outstream.min.js
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3954.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-12.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6152b2f61daa303847ee7ba9f7d2cd1ea1e4a99322d957f9f92b056c1a8bdc46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:17:34 GMT
content-encoding
br
via
1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
last-modified
Thu, 26 Jan 2023 13:28:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C2
age
477
etag
W/"582f50f97d28e1172107b23542dfb267"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1200, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Uyd6hwAcv-J-Zrc8gWMsHJbVsoRjOlv42LQCsQZ1WGTZRZ3I4dzwgQ==
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3954.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
173901
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5117
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-45f4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FW3KLRFQM6NrQCH1Vh32fWB0ORBDBMu1QN%2FLhfI7jv32%2BSuhhjVv9J%2FeJAJl%2FeCRKqtgIXICdeZF1mevyG82stWOUJ5frgdOR9nR1APc5j6lrEYESXNIGCjoh9c7JHXmkCYZ4fwtkEwEFVaH4jZ3Zp4T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7905ef230bd471cf-LHR
expires
Thu, 18 Jan 2024 01:25:25 GMT
prebid__hba_7_19_view.js
hbagency.it/cdn/ 		450 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbagency.it/cdn/prebid__hba_7_19_view.js
Requested by
Host: d3u598arehftfk.cloudfront.net
URL: https://d3u598arehftfk.cloudfront.net/prebid_hb_1652_3954.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46d5ddb3ebadeea0eba93f1874be9be89eaf872120ba8e83f54ce4d96e7e5962

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2144
cf-polished
origSize=461238
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 07 Dec 2022 14:17:05 GMT
server
cloudflare
etag
W/"709b6-5ef3d933b8bd2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8JRg6kgHJEw%2FX7Y6CDNG%2BdB%2ByPMnBHckleE7sl%2BWJTmNzUG08Ump4SErOqLzkfiaf%2FT8P40mvFzP7wN2kkaue6IjTbRwPDJ0oLrGMTMa9ptvUXeyJjlpAmzvLYye0UTvokSiTFo0Yi8iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
cf-ray
7905ef231a7776e9-LHR
choice.js
cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/choice.js
Requested by
Host: hbagency.it
URL: https://hbagency.it/cdn/tcf2_cmp_hbagency.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fe00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
32aae5c43fa382dde29a65f39d86fa0060c44d9dafa9adc7ecc3a0efebd2f75c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:27 GMT
content-encoding
br
via
1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 10:37:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
x-amz-server-side-encryption
AES256
etag
W/"e65bb654e0616b9e5b0d468dc10ae334"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
RC-iBt-UBELOIeQJNhBywbhrNJeA1JK-sWueX6Vt2JumRovelvkHiw==
dd3b2ada-bb08-4c4c-b920-4bf6ff4c5bdd
https://claim.fun/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://claim.fun/dd3b2ada-bb08-4c4c-b920-4bf6ff4c5bdd
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: hbagency.it
URL: https://hbagency.it/cdn/prebid__hba_7_19_view.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:0:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://claim.fun/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Fri, 27 Jan 2023 08:12:28 GMT
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
61981
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
L6Pfatc8KtgzXWEXK_coZOa2k6v4Nr_hGBwE1AcuyX6Vtfg1MX-RLA==
quant.js
secure.quantserve.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/choice.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f7da44c9657d7a2dbd9d127c5d9834ab4d9599445f264f90e2b922e61bdc9ff9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:26 GMT
content-encoding
gzip
etag
"OVi4z6W4qM+KoQEZlRgh5w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sat, 04 Feb 2023 01:25:26 GMT
cmp2.js
quantcast.mgr.consensu.org/tcfv2/ 		177 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/cJsduNRegvC-s/hbagency.it/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21c7:4400:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 00:56:13 GMT
content-encoding
br
via
1.1 f5e34f7c59830a3caffb7df5f36b4dae.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS54-C1
age
1760
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 10 Nov 2022 18:23:42 GMT
server
AmazonS3
etag
W/"37fdfbac0c6ef64496f7d86258c934a8"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
_-C1-t2Ks2pmhOCl5LopQtQFx-i8iRopDaJz7_u6B1FibCCBmTS8qw==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.orquideassp.com
URL: https://tags.orquideassp.com/tag/31613
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa6eae7dacc962a6d43ea3ff692f1208bf289d86d959c2393332719a6000e383
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27568
x-xss-protection
0
server
sffe
etag
"1465 / 720 of 1000 / last-modified: 1674860937"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 28 Jan 2023 01:25:26 GMT
rules-p-cJsduNRegvC-s.js
rules.quantcount.com/ 		160 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-cJsduNRegvC-s.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:4400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d6eeced513e69e1ac89ce78dcf11108ee15d4a0e3ac647ffaefa8cc8d729059c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 00:31:18 GMT
via
1.1 07fbd2276304c86925071791c7032950.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
3273
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:17:49 GMT
server
AmazonS3
etag
"afa54eedc608b365bbc9eab8bd1ca4e2"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
GTsAumhvXdUKj6meZ8zSvyw-Mm60kLdXWM0VEjjS4jx8DnyDV-aCVw==
icon.svg
supertruco.com/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://supertruco.com/icon.svg
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.146 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6500f7835a2323775cb4c894af2f8c7506ab6266809823cd23c1de35e6b63e77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:26 GMT
strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Tue, 30 Aug 2022 14:43:20 GMT
server
nginx
x-ac
3.lhr _atomic_ams HIT
etag
W/"630e2208-102b"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
expires
Tue, 27 Dec 2022 20:19:25 GMT
truncated
/ Frame 5BCE 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Content-Type
text/html;charset=UTF-8
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 		846 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/1x/translate_24dp.png
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 00:37:45 GMT
x-content-type-options
nosniff
age
2861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
846
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 28 Jan 2024 00:37:45 GMT
googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 		910 B
1023 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png
Requested by
Host: claim.fun
URL: https://claim.fun/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 21:21:04 GMT
x-content-type-options
nosniff
age
14662
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
910
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 27 Jan 2024 21:21:04 GMT
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/branding/product/2x/translate_24dp.png
Requested by
Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://translate.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 00:50:59 GMT
x-content-type-options
nosniff
age
2067
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1842
x-xss-protection
0
last-modified
Thu, 14 Oct 2021 09:08:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 28 Jan 2024 00:50:59 GMT
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:f400:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0470e7119c89629f6ced246c8071e6f49b5b124acbb10b5f316d314fd4e78ab

Request headers

Accept
application/json, text/plain, */*
Referer
https://claim.fun/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 03:00:35 GMT
x-amz-version-id
POuYi4.QbUYhHN4p2tbIMulQrwaf1j8L
content-encoding
gzip
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
80692
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 14 Jan 2023 19:52:29 GMT
server
AmazonS3
etag
W/"16f9ea1cc7a71cfed1d4482a599ccd27"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
Nh1TIyEJGAcdiOihfoN62wABNM9S9e5dsMJnQCz0CKHtJHly8H9itg==
cmp2ui-en.js
cmp.quantcast.com/tcfv2/45/ 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fe00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Thu, 26 Jan 2023 08:00:46 GMT
content-encoding
br
via
1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
149081
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 10 Nov 2022 18:23:24 GMT
server
AmazonS3
etag
W/"39d0cac7e548f81f1e1e1c36db3c775e"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
uziBaSd_JPSz1Wrl9zvLEsJAcabA3eDutt9TrL-mnDIPJl-BOi92Rw==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		350 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fe00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80fd4cf05bd80846d467d08abcb621742769fe832f83fa40c9816b8eb3a7e831

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 03:00:44 GMT
content-encoding
br
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
80683
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 27 Jan 2023 03:00:32 GMT
server
AmazonS3
etag
W/"721c912bad0ae28ec9367496fc725a0d"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
IGv-KXk7u4h5gVhz4P7x4xbc6XPYQtw1GOB4-TUrrox-ALZC7rPY_w==
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		151 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=hbagency.it
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fe00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b

Request headers

Accept
application/json, text/plain, */*
Referer
https://claim.fun/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 03:01:41 GMT
content-encoding
br
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
80626
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 27 Jan 2023 03:01:38 GMT
server
AmazonS3
etag
W/"1dbfd79d4ea7f69c0c42a2f6065532e7"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
aKUP6TB1tQeFh-eAMgTXQygUeTiBV_e0wbzxjwpSGchqidXiH3EtzA==
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22cJsduNRegvC-s%22%2C%22domain%22%3A%22claim.fun%22%2C%22publisher%22%3A%22hbagency.it%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22LGDgJWUxtd52IEw3CY2J%2FA%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1674869126743%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-ia0bztdcldlxdnr334ec%22%7D
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.204.120 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-204-120.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://claim.fun/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 28 Jan 2023 01:25:26 GMT
content-length
2
content-type
text/plain; charset=utf-8
truncated
/ 		237 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
db091352fcaa3462cce0ff4e640ff4e7c00fe32c076340c600f934498cc34ff3

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
pubads_impl_2023012401.js
securepubads.g.doubleclick.net/gpt/ 		385 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023012401.js?cb=31071904
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1529002ff0f1d31928a5090c1f28de571b19464dcd04540a5dcff9be9277dffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 27 Jan 2023 09:04:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58886
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133217
x-xss-protection
0
last-modified
Tue, 24 Jan 2023 09:35:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 27 Jan 2024 09:04:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		74 B
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=claim.fun
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5825c81f083a9db6674c4ae979ca10e56e2160b6b78fe6a375285a273cd8814
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://claim.fun/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:25:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59
x-xss-protection
0
expires
Sat, 28 Jan 2023 01:25:26 GMT

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange object| _wpemojiSettings object| kadenceConfig function| googleTranslateElementInit object| twemoji object| wp object| kadence function| _DumpException object| default_tr string| MSG_TRANSLATE string| MSG_CANCEL string| MSG_CLOSE function| MSGFUNC_PAGE_TRANSLATED_TO function| MSGFUNC_TRANSLATED_TO string| MSG_GENERAL_ERROR string| MSG_LEARN_MORE function| MSGFUNC_POWERED_BY string| MSG_TRANSLATE_PRODUCT_NAME string| MSG_TRANSLATION_IN_PROGRESS function| MSGFUNC_TRANSLATE_PAGE_TO function| MSGFUNC_VIEW_PAGE_IN string| MSG_RESTORE string| MSG_SSL_INFO_LOCAL_FILE string| MSG_SSL_INFO_SECURE_PAGE string| MSG_SSL_INFO_INTRANET_PAGE string| MSG_SELECT_LANGUAGE function| MSGFUNC_TURN_OFF_TRANSLATION function| MSGFUNC_TURN_OFF_FOR string| MSG_ALWAYS_HIDE_AUTO_POPUP_BANNER string| MSG_ORIGINAL_TEXT string| MSG_FILL_SUGGESTION string| MSG_SUBMIT_SUGGESTION string| MSG_SHOW_TRANSLATE_ALL string| MSG_SHOW_RESTORE_ALL string| MSG_SHOW_CANCEL_ALL string| MSG_TRANSLATE_TO_MY_LANGUAGE function| MSGFUNC_TRANSLATE_EVERYTHING_TO string| MSG_SHOW_ORIGINAL_LANGUAGES string| MSG_OPTIONS string| MSG_TURN_OFF_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_SUGGESTION string| MSG_ALT_ACTIVITY_HELPER_TEXT string| MSG_USE_ALTERNATIVES string| MSG_DRAG_TIP string| MSG_CLICK_FOR_ALT string| MSG_DRAG_INSTUCTIONS string| MSG_SUGGESTION_SUBMITTED string| MSG_MANAGE_TRANSLATION_FOR_THIS_SITE string| MSG_ALT_AND_CONTRIBUTE_ACTIVITY_HELPER_TEXT string| MSG_ORIGINAL_TEXT_NO_COLON string| MSG_LANGUAGE_UNSUPPORTED string| MSG_LANGUAGE_TRANSLATE_WIDGET string| MSG_RATE_THIS_TRANSLATION string| MSG_FEEDBACK_USAGE_FOR_IMPROVEMENT string| MSG_FEEDBACK_SATISFIED_LABEL string| MSG_FEEDBACK_DISSATISFIED_LABEL string| MSG_TRANSLATION_NO_COLON function| _exportVersion function| _getCallbackFunction function| _exportMessages function| _loadJs function| _loadCss function| _isNS function| _setupNS object| google boolean| Tghb boolean| hbagency_ismobile boolean| hasvideo_hbagency boolean| hasvideo_hbagency_content boolean| hassmilewanted_hbagency boolean| hasgeoedge_hbagency boolean| hascmp_hbagency boolean| registerConsent_hbagency boolean| hbagency_usp boolean| autoapprovecmp_hbagency boolean| monitor_hbagency string| analytics_hbagency number| PREBID_TIMEOUT_hbagency number| PREBID_TIMEOUT_R_hbagency string| USER_ID_hbagency string| WEBSITE_ID_hbagency string| nomesite_hbagency string| domain_hbagency object| ZONE_ID object| headerbidding_mp object| hb_floors_hbagency object| adUnits_hbagency string| urlhb_3 object| playerHBOUTStream object| playerHBContent object| pbjs_hbagencyicd boolean| autopromo_hbagency number| cpmfixvideo_hbagency boolean| adagioanalytics_hbagency boolean| hbrefreshFD object| refreshedHB object| refreshedHBT object| refreshedHBPassback boolean| cmphbagency object| adUnitNorefresh_hbagency object| bidder number| j object| safe_b_hbagency object| realTimeDataHB object| dp boolean| hbagencyisIE11 object| hbManager function| HBManager function| postscribe function| __tcfapi function| __uspapi function| $bp function| Brid function| $bos object| _bos object| pbjs_hbagencyicdChunk object| _pbjsGlobals object| ADAGIO object| invibes object| _qevents number| google_footer_width number| google_footer_height object| googletag object| interstitialSlot function| quantserve function| __qc object| ezt object| _qoptions object| closure_lm_771128 object| regeneratorRuntime function| __tcfapiui object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| google_reactive_ads_global_state function| inView

1 Cookies

Domain/Path Name / Value
claim.fun/ Name: PHPSESSID
Value: eccb59756f374daaf0314ecce37efea2

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

audit-tcfv2.cmp.quantcast.com
cdnjs.cloudflare.com
claim.fun
cmp.quantcast.com
d3u598arehftfk.cloudfront.net
hbagency.it
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
services.brid.tv
supertruco.com
tags.orquideassp.com
test.cmp.quantcast.com
translate.google.com
translate.googleapis.com
wrappers.geoedge.be
www.gstatic.com
13.32.27.12
192.0.78.146
2600:9000:2057:0:2:d490:4d80:93a1
2600:9000:20eb:9000:1f:946:f000:21
2600:9000:211e:4400:6:44e3:f8c0:93a1
2600:9000:2138:b400:2:e529:700:93a1
2600:9000:21c7:4400:9:46dc:4700:93a1
2600:9000:21f3:f400:3:a4cd:8380:93a1
2600:9000:21f3:fe00:9:46dc:4700:93a1
2606:4700:3036::6815:fe6
2606:4700::6811:190e
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:828::2003
2a00:1450:400d:807::200e
2a00:1450:400d:80c::2002
2a00:1450:400d:80e::200a
2a02:4780:a:761:0:199c:170d:8
3.127.204.120
06172b207f98765b125a15cfeb32205a57b52d110f8b63a97ad10d774479a640
10908b6e6cfaeb149b47a6dc31aaa65aca0cf22158c74096c384bbc47285914a
1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628
1529002ff0f1d31928a5090c1f28de571b19464dcd04540a5dcff9be9277dffe
1f574c118cb55e21584bfa0b2dbe2904a35f7b20a2db0934d7392a1434ea056c
24d949d7aa9093ed7b6d85715c343e5729943fb0588a6fb7f33988154afa8e51
29a9abcb870d37f7f118c4069f3a38b680b4136e3484c66f297d54526623a520
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01
31d1a8b234ef7e3fcd967fe38bb63298be8faf869e0dcd5352c330ed5c18964b
32aae5c43fa382dde29a65f39d86fa0060c44d9dafa9adc7ecc3a0efebd2f75c
33e828e825c40dcf9428e389e9edd150bee93346d1209dab64a5fac15d7292ea
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
46d5ddb3ebadeea0eba93f1874be9be89eaf872120ba8e83f54ce4d96e7e5962
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6152b2f61daa303847ee7ba9f7d2cd1ea1e4a99322d957f9f92b056c1a8bdc46
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
6500f7835a2323775cb4c894af2f8c7506ab6266809823cd23c1de35e6b63e77
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
773c4ddf261edff83153376e63bd582cf10a8d12e0409674c0d3af3313b07d5e
7991792e9d0180277e9d4fc436c99c46698d13cce366a397d7714bdab036e33e
8038b9a545afe8fe21b8bc05086a9c3a3893d78f669ebf839c6a9ed1200e54ce
80fd4cf05bd80846d467d08abcb621742769fe832f83fa40c9816b8eb3a7e831
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
8953492dba77df435e5fbcd568b638fe049279d04fa0403f859d33e72fea74e8
c26db56c1a42d5069d248d67ec7a054240b5552dbbf282586553d5f19b44fd58
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c80f05d29fec6da3bf037640b4747dba77749cd5b0cbe750294b5dffe80e00c9
ceecfc7654fc4f686caceb04740298c08088c61e2be04bf34d555ff7ea4bc0df
d6eeced513e69e1ac89ce78dcf11108ee15d4a0e3ac647ffaefa8cc8d729059c
db091352fcaa3462cce0ff4e640ff4e7c00fe32c076340c600f934498cc34ff3
dbc13e868fc37e5decb688b506ac4dea2da1690396694b7289530600e15f0816
dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7
e0470e7119c89629f6ced246c8071e6f49b5b124acbb10b5f316d314fd4e78ab
f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505
f5825c81f083a9db6674c4ae979ca10e56e2160b6b78fe6a375285a273cd8814
f7da44c9657d7a2dbd9d127c5d9834ab4d9599445f264f90e2b922e61bdc9ff9
fa6eae7dacc962a6d43ea3ff692f1208bf289d86d959c2393332719a6000e383