claimspinff-ip2y.gq Open in urlscan Pro
194.163.169.238 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://claimspinff-ip2y.gq/
Submission: On September 05 via automatic, source certstream-suspicious (September 5th 2021, 2:43:43 pm UTC)

Summary HTTP 40 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 40 HTTP transactions. The main IP is 194.163.169.238, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is claimspinff-ip2y.gq.
TLS certificate: Issued by R3 on September 5th 2021. Valid for: 3 months.

This is the only time claimspinff-ip2y.gq was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Gaming (Entertainment)

Domain & IP information

	IP Address	AS Autonomous System
30	194.163.169.238 194.163.169.238	51167 (CONTABO) (CONTABO)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:eb0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	146.59.152.166 146.59.152.166	16276 (OVH) (OVH)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	13.225.87.107 13.225.87.107	16509 (AMAZON-02) (AMAZON-02)
40	7

30 194.163.169.238 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi652968.contaboserver.net

claimspinff-ip2y.gq	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:eb0 (United States)

ASN13335 (CLOUDFLARENET, US)

i.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.59.152.166 (France)

ASN16276 (OVH, FR)
PTR: i.ibb.co

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-107.fra2.r.cloudfront.net

api.pubgameshowtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	claimspinff-ip2y.gq claimspinff-ip2y.gq	2 MB
3	googleapis.com fonts.googleapis.com	2 KB
2	ibb.co i.ibb.co	394 KB
2	pinimg.com i.pinimg.com	137 KB
1	pubgameshowtime.com api.pubgameshowtime.com	427 B
1	jquery.com code.jquery.com	30 KB
1	cloudflare.com cdnjs.cloudflare.com	6 KB
40	7

	Domain	Requested by
30	claimspinff-ip2y.gq	claimspinff-ip2y.gq code.jquery.com
3	fonts.googleapis.com	claimspinff-ip2y.gq
2	i.ibb.co	claimspinff-ip2y.gq
2	i.pinimg.com	claimspinff-ip2y.gq
1	api.pubgameshowtime.com	code.jquery.com
1	code.jquery.com	claimspinff-ip2y.gq
1	cdnjs.cloudflare.com	claimspinff-ip2y.gq
40	7

This site contains no links.

Subject Issuer	Validity	Valid
claimspinff-ip2y.gq R3	`2021-09-05` - `2021-12-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.pinimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-08` - `2022-07-09`	a year	crt.sh
ibb.co R3	`2021-08-06` - `2021-11-04`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
api.pubgameshowtime.com Amazon	`2020-04-17` - `2021-05-17`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://claimspinff-ip2y.gq/
Frame ID: 360F5B5B921225F5D158570105D46B2F
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MYSTERY CRATE FREEFIRE

Detected technologies

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

40
Requests

98 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

2160 kB
Transfer

2294 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
claimspinff-ip2y.gq/ 10 KB
3 KB 200ms
38ms Document
text/html 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://claimspinff-ip2y.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: ed47605b4d8ed40d419d21c4f52c31c9852ee05a385a1cac0f4717f75d0e7b07

Request headers

:method: GET
:authority: claimspinff-ip2y.gq
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-type: text/html
last-modified: Fri, 30 Jul 2021 13:14:48 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2553
date: Sun, 05 Sep 2021 14:43:24 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H3-29 200 style.css
claimspinff-ip2y.gq/css/ 13 KB
2 KB 97ms
32ms Stylesheet
text/css 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://claimspinff-ip2y.gq/css/style.css
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 1d0fe91bee7c92f9429f8c9780219fde7aeaf6f1487452ac88d996cd2bba1e5c

Request headers

:path: /css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:24 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 19:25:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2136
expires: Sun, 12 Sep 2021 14:43:24 GMT

GET
H3-29 200 facebook.css
claimspinff-ip2y.gq/css/ 4 KB
953 B 97ms
32ms Stylesheet
text/css 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://claimspinff-ip2y.gq/css/facebook.css
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 64da2a91b74954739c7bcf5065b509d4ce0ecd8c2af95cbe872b62af44595b7f

Request headers

:path: /css/facebook.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:24 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 19:25:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 918
expires: Sun, 12 Sep 2021 14:43:24 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 28ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1084221
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a16IVun7LtbHHKD6u%2F%2B%2BGUFsFB%2F7%2B1iYbbXF%2FiNxqsO2112wCnUq6xPZMtuQUUQDqijbFgiSf3t9WkxW9D3bhrEumzhSM6%2FqMy28k%2FNP0e80lBMlvU8%2B4zDlTMytx3fR%2BuEY5IM9etC%2BLrgtaS2B0WUZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 68a03acf7efe5c1a-FRA
expires: Fri, 26 Aug 2022 14:43:24 GMT

GET
H2 200 675666d840a9c8fa1c61eaf584ff2a50.gif
i.pinimg.com/originals/67/56/66/ 25 KB
26 KB 53ms
36ms Image
image/gif 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/67/56/66/675666d840a9c8fa1c61eaf584ff2a50.gif
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 654cb99fb0cdc3b32bf8efbd77c8171f09580840dbd8084e3dbd2427210a9b9e

Request headers

Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:24 GMT
etag: "58c7f1e8e4bfaadbcbd8ccc470e363cb"
x-cdn: cloudflare
edge-start: 1630853004727
vary: Origin, Accept-Encoding
content-type: image/gif
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 68a03acf7efc5c38-FRA
content-length: 26108
origin-latency: 16
server: cloudflare

GET
H3-29 200 top.png
claimspinff-ip2y.gq/ngMedia/ 22 KB
22 KB 96ms
33ms Image
image/png 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/top.png
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 20a1e9a219e82870fd083777616f070679174002e5e795e3f2b57956c82d81f2

Request headers

:path: /ngMedia/top.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:24 GMT
last-modified: Wed, 21 Apr 2021 19:25:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 22034
expires: Sun, 12 Sep 2021 14:43:24 GMT

GET
H2 200 Screenshot-20210728-191833.png
i.ibb.co/ZMzKLfg/ 270 KB
271 KB 283ms
203ms Image
image/png 146.59.152.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/ZMzKLfg/Screenshot-20210728-191833.png
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 4a11931898c778f67ae6da1c46528757265d697273d2959e91e83739b0ebd054

Request headers

Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:24 GMT
last-modified: Fri, 30 Jul 2021 15:05:48 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 276510
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3-29 200 1.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 7 KB
7 KB 94ms
31ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/1.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: a55faa5d672b45a4961db0a51247d8b67798dfe7bbabbbaa48b196cd0dd6f580

Request headers

:path: /ngMedia/hadiah/old/1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:24 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7482
expires: Sun, 12 Sep 2021 14:43:24 GMT

GET
H3-29 200 button.png
claimspinff-ip2y.gq/ngMedia/ 7 KB
7 KB 94ms
31ms Image
image/png 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/button.png
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: c9cf320db08b8e9f234f02d8661cd45027c7e32342e7bc21686a58bf47e647d3

Request headers

:path: /ngMedia/button.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:24 GMT
last-modified: Wed, 21 Apr 2021 19:25:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 7281
expires: Sun, 12 Sep 2021 14:43:24 GMT

GET
H3-29 200 facebook_text.png
claimspinff-ip2y.gq/img/ 28 KB
28 KB 100ms
37ms Image
image/png 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/img/facebook_text.png
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401

Request headers

:path: /img/facebook_text.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:24 GMT
last-modified: Wed, 21 Apr 2021 19:25:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 28789
expires: Sun, 12 Sep 2021 14:43:24 GMT

GET
H2 200 thumbnail.jpg
i.ibb.co/fFbdRKj/ 123 KB
123 KB 186ms
107ms Image
image/jpeg 146.59.152.166
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/fFbdRKj/thumbnail.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.59.152.166 , France, ASN16276 (OVH, FR),
Reverse DNS: i.ibb.co
Software: nginx /
Resource Hash: 5473a3651c97ad32105165c5edea7a7f30a288bdbf3cb7e83f952e162a646c01

Request headers

Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:24 GMT
last-modified: Sun, 20 Dec 2020 21:07:24 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 126051
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 28ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:24 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 17:27:20 GMT
server: nginx
etag: W/"603e7578-15d9d"
vary: Accept-Encoding
x-hw: 1630853004.dop222.fr8.t,1630853004.cds206.fr8.hn,1630853004.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
581 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Yanone+Kaffeesatz&display=swap

Requested by

Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0167455c69be5f6a7d2f8ab4a5216bf156134e57997dd2b7fd9d70de84f4860d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Sep 2021 13:33:08 GMT
server: ESF
date: Sun, 05 Sep 2021 14:43:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Sep 2021 14:43:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
673 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Staatliches&family=Yanone+Kaffeesatz&display=swap

Requested by

Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00b2f87d077a01428b8026349cd78bd7e8c01de1dbcac4f92837c796d3441064

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Sep 2021 14:43:24 GMT
server: ESF
date: Sun, 05 Sep 2021 14:43:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Sep 2021 14:43:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
621 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto&display=swap

Requested by

Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 05 Sep 2021 13:41:24 GMT
server: ESF
date: Sun, 05 Sep 2021 14:43:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Sep 2021 14:43:24 GMT

GET
H3-29 200 1.php Show response
claimspinff-ip2y.gq/pages/ 4 KB
217 B 33ms
33ms XHR
text/html 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://claimspinff-ip2y.gq/pages/1.php
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 5b6db1b05fb781560bbec00bf9aee96a60cb054632bb84edddd6a0e237e887cb

Request headers

:path: /pages/1.php
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: text/html, */*; q=0.01
cache-control: no-cache
sec-fetch-dest: empty
:authority: claimspinff-ip2y.gq
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://claimspinff-ip2y.gq/
:method: GET
Accept: text/html, */*; q=0.01
Referer: https://claimspinff-ip2y.gq/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:24 GMT
content-encoding: br
server: LiteSpeed
content-length: 180
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 getcountry Show response
api.pubgameshowtime.com/ip/ 60 B
427 B 856ms
515ms XHR
application/json 13.225.87.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pubgameshowtime.com/ip/getcountry
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-107.fra2.r.cloudfront.net
Software: /
Resource Hash: 00c6d8b8f46ed73faea8df9e835e37130a6986271bf0625de505349f9a3fb0a2

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: 9433ea7c-734f-4a5f-9e4b-fd3bae97676b
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-6134d78d-6306717e7b54a7761fcff66a;Sampled=0
x-amz-apigw-id: FMaeJGauyK4Ftrg=
content-length: 60
x-amz-cf-id: 8wxAAioXpH0lFg9l--TQoaVF0ZW_pPB5YfBZhu9hqCXVqtDXiJR0Nw==

GET
H2 200 b7ac99965b68f4e232d0d473fff16fa8.jpg
i.pinimg.com/originals/b7/ac/99/ 111 KB
111 KB 22ms
22ms Image
image/jpeg 2606:4700::6812:eb0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.pinimg.com/originals/b7/ac/99/b7ac99965b68f4e232d0d473fff16fa8.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/css/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:eb0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160c678b182be5aea66d8572e907b418d84a1ebdbfa8222fdc38e92556b3d9b0

Request headers

Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
etag: "afca80f988e761e959e41a9d369adcce"
cf-bgj: h2pri
x-cdn: cloudflare
edge-start: 1630853005697
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 68a03ad59f575c38-FRA
content-length: 113196
origin-latency: 9
server: cloudflare

GET
H3-29 200 for_grand.png
claimspinff-ip2y.gq/ngMedia/ 900 B
965 B 31ms
31ms Image
image/png 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/for_grand.png
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: bd819daf4422cb003fa1a9d2be638f7427f09a10f6234e1d02930c582ac8f02c

Request headers

:path: /ngMedia/for_grand.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Wed, 21 Apr 2021 19:25:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 900
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 dialog_bg.png
claimspinff-ip2y.gq/ngMedia/ 5 KB
5 KB 32ms
31ms Image
image/png 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/dialog_bg.png
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 55aa2b435246d8a9c3b18777fa919278c8d41a4ac52c66ed271d58ec89c6ee2d

Request headers

:path: /ngMedia/dialog_bg.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Wed, 21 Apr 2021 19:25:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5098
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 super_spin.png
claimspinff-ip2y.gq/ngMedia/ 4 KB
4 KB 32ms
31ms Image
image/png 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/super_spin.png
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: c26b896588d0ad1639167fdbddbb588221ec49becbf6d35d0585c5c049c83d9f

Request headers

:path: /ngMedia/super_spin.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Wed, 21 Apr 2021 19:25:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4027
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 spin.png
claimspinff-ip2y.gq/ngMedia/ 5 KB
5 KB 32ms
32ms Image
image/png 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/spin.png
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: e80f127e54668213efa2d29220958603ef48a9c77a6c05359706d17971224eb6

Request headers

:path: /ngMedia/spin.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Wed, 21 Apr 2021 19:25:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4836
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 dialog.png
claimspinff-ip2y.gq/ngMedia/ 42 KB
42 KB 32ms
32ms Image
image/png 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/dialog.png
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 2041a48d786c722b74f4e190442cc44cb4da5a4312e8f7784f2718c327527a15

Request headers

:path: /ngMedia/dialog.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Wed, 21 Apr 2021 19:25:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 42601
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 Alphakind.ttf
claimspinff-ip2y.gq/css/ 42 KB
15 KB 38ms
38ms Font
font/ttf 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://claimspinff-ip2y.gq/css/Alphakind.ttf
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 895259e486c5fcffa037a580191fda184c57ef29678650972279d9760652c3eb

Request headers

:path: /css/Alphakind.ttf
pragma: no-cache
origin: https://claimspinff-ip2y.gq
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://claimspinff-ip2y.gq
Referer: https://claimspinff-ip2y.gq/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
content-encoding: br
last-modified: Wed, 21 Apr 2021 19:25:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: font/ttf
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 15020
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 banner.png
claimspinff-ip2y.gq/ngMedia/ 1 KB
1 KB 41ms
40ms Image
image/png 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/banner.png
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 0e1d5f49bfbcf1ce9eac55223298b7876570bfa0022015ac36024089a693dae0

Request headers

:path: /ngMedia/banner.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Wed, 21 Apr 2021 19:25:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1469
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 2.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 9 KB
9 KB 32ms
31ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/2.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 11e362ff1695e72d4ceca71f8f26835a09de7775e7a04249d5e474029da553db

Request headers

:path: /ngMedia/hadiah/old/2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9110
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 3.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 125 KB
125 KB 35ms
34ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/3.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: a6a56a95923885f3cecf04a82e556b8e3ec9de2d7444b758c8123167cc2b0157

Request headers

:path: /ngMedia/hadiah/old/3.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 128277
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 4.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 143 KB
144 KB 64ms
62ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/4.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 428b2fa1c0d2af9ed2daa4c697ff32fd50b673ee504b066398aee31e0430c140

Request headers

:path: /ngMedia/hadiah/old/4.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 146930
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 5.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 14 KB
14 KB 89ms
87ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/5.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 00f0bcb3d93178b3e6d47f48998131dac8692ae4b402ee9e462b5a04ab5474ab

Request headers

:path: /ngMedia/hadiah/old/5.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 14229
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 6.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 51 KB
51 KB 89ms
87ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/6.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 5d3f77667709f3812378b7c787bc5d86afa06a47104575ae8510d7853f15f6ec

Request headers

:path: /ngMedia/hadiah/old/6.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 51813
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 7.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 259 KB
259 KB 90ms
88ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/7.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 9b400d69d6d454de0ba56b3b3b811d45fc18f7de4e2b27ac638511dd147f9e3a

Request headers

:path: /ngMedia/hadiah/old/7.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 265507
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 8.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 305 KB
305 KB 99ms
98ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/8.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: d73512ccd840bf4f7e572b5b584b623f4d74073baa6dbb50e6b3bb6a3c50f074

Request headers

:path: /ngMedia/hadiah/old/8.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 312074
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 9.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 245 KB
246 KB 126ms
124ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/9.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: b310f07bf6d153379ce841fc8b83102c14c112d36810c6ff2febd89a60d9db70

Request headers

:path: /ngMedia/hadiah/old/9.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 251317
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 10.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 197 KB
197 KB 144ms
142ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/10.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 0d95995253612ac1950ea2d1cc4cf9cfc7e435995dbc706a92811d986557d4b7

Request headers

:path: /ngMedia/hadiah/old/10.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 202000
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 11.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 14 KB
14 KB 152ms
151ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/11.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 62a7d4d12c1008b6c24fcaa2f5d2d05d155dbb1761e2833ecbcc3c6a78a0dfae

Request headers

:path: /ngMedia/hadiah/old/11.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 13858
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 12.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 9 KB
9 KB 153ms
152ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/12.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: bcbaf830e2c66710070b01d475f6c2607c66b5a0920cddae3c6a897e58f52650

Request headers

:path: /ngMedia/hadiah/old/12.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9498
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 13.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 7 KB
7 KB 153ms
152ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/13.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: 3125ba9373aaaa3a02427661bd7e215bacbc554064de76034766a8da03195d2a

Request headers

:path: /ngMedia/hadiah/old/13.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6968
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 14.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 8 KB
8 KB 154ms
153ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/14.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: c4d09e764d04b2c6feaea024962eb8709165f4b2cf500306d0ef7436771a67db

Request headers

:path: /ngMedia/hadiah/old/14.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8279
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 15.jpg
claimspinff-ip2y.gq/ngMedia/hadiah/old/ 54 KB
54 KB 154ms
153ms Image
image/jpeg 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/hadiah/old/15.jpg
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: ad9092871d9b4c33254009998e3ee52b898fe0d5e35d820d0576237144d5bb0a

Request headers

:path: /ngMedia/hadiah/old/15.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Fri, 03 Sep 2021 10:27:08 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 55566
expires: Sun, 12 Sep 2021 14:43:25 GMT

GET
H3-29 200 prize0.png
claimspinff-ip2y.gq/ngMedia/ 6 KB
6 KB 155ms
154ms Image
image/png 194.163.169.238
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimspinff-ip2y.gq/ngMedia/prize0.png
Requested by: Host: claimspinff-ip2y.gq
URL: https://claimspinff-ip2y.gq/css/style.css
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 194.163.169.238 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi652968.contaboserver.net
Software: LiteSpeed /
Resource Hash: b9ced009cc9cbff491c2c97c0b30ec3c45ddea28864eea123c0b9deb3a626e27

Request headers

:path: /ngMedia/prize0.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimspinff-ip2y.gq
referer: https://claimspinff-ip2y.gq/css/style.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimspinff-ip2y.gq/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 14:43:25 GMT
last-modified: Wed, 21 Apr 2021 19:25:24 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6247
expires: Sun, 12 Sep 2021 14:43:25 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Gaming (Entertainment)

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.pubgameshowtime.com
cdnjs.cloudflare.com
claimspinff-ip2y.gq
code.jquery.com
fonts.googleapis.com
i.ibb.co
i.pinimg.com
13.225.87.107
146.59.152.166
194.163.169.238
2001:4de0:ac18::1:a:1b
2606:4700::6810:135e
2606:4700::6812:eb0
2a00:1450:4001:82f::200a
00b2f87d077a01428b8026349cd78bd7e8c01de1dbcac4f92837c796d3441064
00c6d8b8f46ed73faea8df9e835e37130a6986271bf0625de505349f9a3fb0a2
00f0bcb3d93178b3e6d47f48998131dac8692ae4b402ee9e462b5a04ab5474ab
0136a3f123a1e9b3abff969b246786854e58bd66c321dadec9ee9539ed4ede31
0167455c69be5f6a7d2f8ab4a5216bf156134e57997dd2b7fd9d70de84f4860d
092a3cd5f86b3f039feefdeb86694cd16ae545af214cfda614bdbbe2d1bde401
0d95995253612ac1950ea2d1cc4cf9cfc7e435995dbc706a92811d986557d4b7
0e1d5f49bfbcf1ce9eac55223298b7876570bfa0022015ac36024089a693dae0
11e362ff1695e72d4ceca71f8f26835a09de7775e7a04249d5e474029da553db
160c678b182be5aea66d8572e907b418d84a1ebdbfa8222fdc38e92556b3d9b0
1d0fe91bee7c92f9429f8c9780219fde7aeaf6f1487452ac88d996cd2bba1e5c
2041a48d786c722b74f4e190442cc44cb4da5a4312e8f7784f2718c327527a15
20a1e9a219e82870fd083777616f070679174002e5e795e3f2b57956c82d81f2
3125ba9373aaaa3a02427661bd7e215bacbc554064de76034766a8da03195d2a
428b2fa1c0d2af9ed2daa4c697ff32fd50b673ee504b066398aee31e0430c140
4a11931898c778f67ae6da1c46528757265d697273d2959e91e83739b0ebd054
5473a3651c97ad32105165c5edea7a7f30a288bdbf3cb7e83f952e162a646c01
55aa2b435246d8a9c3b18777fa919278c8d41a4ac52c66ed271d58ec89c6ee2d
5b6db1b05fb781560bbec00bf9aee96a60cb054632bb84edddd6a0e237e887cb
5d3f77667709f3812378b7c787bc5d86afa06a47104575ae8510d7853f15f6ec
62a7d4d12c1008b6c24fcaa2f5d2d05d155dbb1761e2833ecbcc3c6a78a0dfae
64da2a91b74954739c7bcf5065b509d4ce0ecd8c2af95cbe872b62af44595b7f
654cb99fb0cdc3b32bf8efbd77c8171f09580840dbd8084e3dbd2427210a9b9e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
895259e486c5fcffa037a580191fda184c57ef29678650972279d9760652c3eb
9b400d69d6d454de0ba56b3b3b811d45fc18f7de4e2b27ac638511dd147f9e3a
a55faa5d672b45a4961db0a51247d8b67798dfe7bbabbbaa48b196cd0dd6f580
a6a56a95923885f3cecf04a82e556b8e3ec9de2d7444b758c8123167cc2b0157
ad9092871d9b4c33254009998e3ee52b898fe0d5e35d820d0576237144d5bb0a
b310f07bf6d153379ce841fc8b83102c14c112d36810c6ff2febd89a60d9db70
b9ced009cc9cbff491c2c97c0b30ec3c45ddea28864eea123c0b9deb3a626e27
bcbaf830e2c66710070b01d475f6c2607c66b5a0920cddae3c6a897e58f52650
bd819daf4422cb003fa1a9d2be638f7427f09a10f6234e1d02930c582ac8f02c
c26b896588d0ad1639167fdbddbb588221ec49becbf6d35d0585c5c049c83d9f
c4d09e764d04b2c6feaea024962eb8709165f4b2cf500306d0ef7436771a67db
c9cf320db08b8e9f234f02d8661cd45027c7e32342e7bc21686a58bf47e647d3
d73512ccd840bf4f7e572b5b584b623f4d74073baa6dbb50e6b3bb6a3c50f074
e80f127e54668213efa2d29220958603ef48a9c77a6c05359706d17971224eb6
ed47605b4d8ed40d419d21c4f52c31c9852ee05a385a1cac0f4717f75d0e7b07
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

claimspinff-ip2y.gq Open in urlscan Pro 194.163.169.238 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

98 %HTTPS

57 %IPv6

7 Domains

7 Subdomains

7 IPs

4 Countries

2160 kBTransfer

2294 kBSize

0 Cookies

0 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

claimspinff-ip2y.gq Open in urlscan Pro
194.163.169.238 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

98 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

2160 kB
Transfer

2294 kB
Size

0
Cookies

40 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!