aforocfreebroimax.ml Open in urlscan Pro
2606:4700:3032::ac43:872a Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://stouthalemar.tk/help/?15791650979726=
Effective URL:
https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
Submission: On May 03 via automatic, source openphish (May 3rd 2022, 1:06:40 pm UTC) — Scanned from DE

Summary HTTP 24 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3032::ac43:872a, located in United States and belongs to CLOUDFLARENET, US. The main domain is aforocfreebroimax.ml.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 26th 2021. Valid for: a year.

This is the only time aforocfreebroimax.ml was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::6815:211d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3032::ac43:872a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.201.79 143.204.201.79	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	76.76.21.22 76.76.21.22	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:303... 2606:4700:3037::6815:4393	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	7

1 2606:4700:3036::6815:211d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

stouthalemar.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3032::ac43:872a (United States)

ASN13335 (CLOUDFLARENET, US)

aforocfreebroimax.ml	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-79.fra53.r.cloudfront.net

cdn.ethers.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 76.76.21.22 (United States)

ASN16509 (AMAZON-02, US)

tokens.pancakeswap.finance	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:4393 (United States)

ASN13335 (CLOUDFLARENET, US)

nodes.pancakeswap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	aforocfreebroimax.ml aforocfreebroimax.ml	2 MB
4	pancakeswap.com nodes.pancakeswap.com — Cisco Umbrella Rank: 136922 Failed
4	pancakeswap.finance tokens.pancakeswap.finance — Cisco Umbrella Rank: 139228	36 KB
2	gstatic.com fonts.gstatic.com	38 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 432	31 KB
1	ethers.io cdn.ethers.io — Cisco Umbrella Rank: 320047	91 KB
1	stouthalemar.tk 1 redirects stouthalemar.tk	1 KB
24	7

	Domain	Requested by
7	aforocfreebroimax.ml	aforocfreebroimax.ml
4	nodes.pancakeswap.com	aforocfreebroimax.ml
4	tokens.pancakeswap.finance	aforocfreebroimax.ml
2	fonts.gstatic.com	aforocfreebroimax.ml
1	ajax.googleapis.com	aforocfreebroimax.ml
1	cdn.ethers.io	aforocfreebroimax.ml
1	stouthalemar.tk	1 redirects
24	7

This site contains links to these domains. Also see Links.

Domain
medium.com
docs.pancakeswap.finance
twitter.com
t.me
reddit.com
instagram.com
github.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-26` - `2022-12-25`	a year	crt.sh
ethers.io Amazon	`2021-12-02` - `2022-12-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tokens.pancakeswap.finance R3	`2022-04-14` - `2022-07-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
Frame ID: 0BB6C030688839868302D8915B5533DB
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Exchange | PancakeSwap - ...

Page URL History Show full URLs

http://stouthalemar.tk/help/?15791650979726= HTTP 302
https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703 Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

79 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

2640 kB
Transfer

5878 kB
Size

2
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://medium.com/pancakeswap
Title: Blog

Search URL Search Domain Scan URL

URL: https://docs.pancakeswap.finance/
Title: Docs

Search URL Search Domain Scan URL

URL: https://twitter.com/pancakeswap

Search URL Search Domain Scan URL

URL: https://t.me/pancakeswap
Title: English

Search URL Search Domain Scan URL

URL: https://t.me/PancakeSwapIndonesia
Title: Bahasa Indonesia

Search URL Search Domain Scan URL

URL: https://t.me/PancakeSwap_CN
Title: 中文

Search URL Search Domain Scan URL

URL: https://t.me/PancakeSwapVN
Title: Tiếng Việt

Search URL Search Domain Scan URL

URL: https://t.me/pancakeswap_ita
Title: Italiano

Search URL Search Domain Scan URL

URL: https://t.me/pancakeswap_ru
Title: русский

Search URL Search Domain Scan URL

URL: https://t.me/pancakeswapturkiye
Title: Türkiye

Search URL Search Domain Scan URL

URL: https://t.me/PancakeSwapPortuguese
Title: Português

Search URL Search Domain Scan URL

URL: https://t.me/PancakeswapEs
Title: Español

Search URL Search Domain Scan URL

URL: https://t.me/pancakeswapjp
Title: 日本語

Search URL Search Domain Scan URL

URL: https://t.me/pancakeswapfr
Title: Français

Search URL Search Domain Scan URL

URL: https://t.me/PancakeSwapAnn
Title: Announcements

Search URL Search Domain Scan URL

URL: https://t.me/PancakeSwapWhales
Title: Whale Alert

Search URL Search Domain Scan URL

URL: https://reddit.com/r/pancakeswap

Search URL Search Domain Scan URL

URL: https://instagram.com/pancakeswap_official

Search URL Search Domain Scan URL

URL: https://github.com/pancakeswap/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://stouthalemar.tk/help/?15791650979726= HTTP 302
https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request swap Show response
aforocfreebroimax.ml/p/
Redirect Chain

http://stouthalemar.tk/help/?15791650979726=
https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703

92 KB
20 KB

752ms
517ms

Document
text/html

2606:4700:3032::ac43:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12738328a1d7099776909a749173db3f1fbfb94bcd18da8ef35be8a4f4aa0e2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 705936ebabce9969-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 03 May 2022 13:06:33 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2gxkLCb2aHyG%2F2%2BnAnsNLMMqx9bKaaggOAjRHfXCthRJ%2B8IVRmjoDhj%2FT71Auf4RTZ21bG6ng2bWwfAroP7XQRkC7krwOvOMDmLxCkMkJHF18QlWD4OH4h4aPATEia3Km42FAY30LAyhCGquSuEXBxsgw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 705936e6093b9208-FRA
Cache-Control: max-age=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Date: Tue, 03 May 2022 13:06:32 GMT
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Tue, 03 May 2022 13:06:32 GMT
Location: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=osCGgOJf8PWvakxyTC6%2BJFC14iErz49g3RIOeAGeKt12XTM45la6u3UMtRt5DgOLSaEl0Z%2FgMb1XaFSa0kdOHcRr7aUXqY8IyWp8XQl3cpLzU5K%2F84%2FCBPTkVbQpq29G8TB2Xg2Cyx4CaxphM7Y%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
X-Powered-By: PHP/7.0.33
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2.css
aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/ 3 KB
867 B 479ms
478ms Stylesheet
text/css 2606:4700:3032::ac43:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/css2.css
Requested by: Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3c51374ca5a103dc0e1ab8912141aa3fec91993eed4ab17704f7cb263e8c535

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:06:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 09:25:41 GMT
server: cloudflare
etag: W/"6184f895-a40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njCjQotetnOf%2BZ1jEen30ZCnDS35GLXebWNteGRoLDUBtHRDDz3wSBNa%2FhbpvAR2Kd%2BKLfDdIxllmXZdkTkq38prsLL%2ByTVHHrh6LrVJOz5YGF7AoA%2FJPQ%2Fs79hqv0exMPn3fSyx8%2FuXM%2FO4YK9EwXSinQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 705936eef86a9969-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7.ecdd39c8.chunk.css
aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/ 21 KB
3 KB 668ms
667ms Stylesheet
text/css 2606:4700:3032::ac43:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/7.ecdd39c8.chunk.css
Requested by: Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 551bb3e110a18211e27d5b3c7c7c6fcb4b7effdcf74099ee84d8fe79410452fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:06:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 09:25:42 GMT
server: cloudflare
etag: W/"6184f896-545f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zf7d%2BZSTB%2FleFv6TXl7I2qNVxXwPFKo54a%2BG5bdA%2Fc8iTvVY32%2B8BwdeizgBZfohQkj1VXDMcna0D6fQUAwL%2BXLVrkdouBTgMvqxkw0DfsUBnEhElXM5g310ZiIW9ZIac%2FSZVXKNKAWzlR8onUFg2AShKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 705936eef8709969-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7.5e7e5373.chunk.js Show response
aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/ 2 MB
577 KB 1419ms
1418ms Script
application/javascript 2606:4700:3032::ac43:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/7.5e7e5373.chunk.js
Requested by: Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de118191efd898f798dd43fe402e3e87a3d3fc211864a89ae350a8929968586c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:06:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 22 Nov 2021 05:14:10 GMT
server: cloudflare
etag: W/"619b2722-1ec076"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SyCP5GuHce41ug%2FvFVKHfp5MAPWpsfzn0QAhsd0bgHCl%2BmmJ7BE%2Bo4NBuLGn3EhJGGhWDtK7uV4NVDgK%2B5nrJnpXDIioSdvkPEnkvoWFSPU2f2C%2BlnTkL4YwJVIxVqZuURkw8427C97yLey5KW%2F%2FTNwyMg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 705936eef8719969-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 main.a9914825.chunk.js Show response
aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/ 991 KB
209 KB 1274ms
1274ms Script
application/javascript 2606:4700:3032::ac43:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/main.a9914825.chunk.js
Requested by: Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d44d24d01f66f6761763f0e7658047b6c08de3a9677951a067bacbdd3ee850d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:06:34 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 22 Nov 2021 04:54:51 GMT
server: cloudflare
etag: W/"619b229b-f7b6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKjp8yMywz8qXffSYG%2B0Dqp8QgyrcVZVxf3i%2FAmZHoHVkY%2BdQk%2FSYcTAhb4VvPGbhOVaxPhUUztzUfpZTIuCn0t1jkgUhjwECYkI0Y8TryYmhd%2Fjn4JiFTt2CCg%2FmO%2B05Tqow8NYS0DbCtjybP72XNEzKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 705936eef8739969-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 ethers-v4.min.js Show response
cdn.ethers.io/scripts/ 296 KB
91 KB 109ms
27ms Script
application/javascript 143.204.201.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ethers.io/scripts/ethers-v4.min.js
Requested by: Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.201.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-79.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f426ca96f459f9229cf53665db2de4ec82d15ce49f767915378d87f733ccf9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aforocfreebroimax.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 05:20:18 GMT
content-encoding: gzip
last-modified: Fri, 23 Oct 2020 03:52:54 GMT
server: AmazonS3
age: 27976
etag: W/"0e66b864a27c5961a702e18683961608"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 1vIDD7850l9p1Juv2dxP72RhnSV02NFY
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: oqMyczlj5YlaVCgURkDfGHQhuq9FVG1HgbQIf01xASRD1kLAiNLVSQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
31 KB 91ms
27ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aforocfreebroimax.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 09:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 30 Apr 2023 09:16:22 GMT

GET
H2 200 pancakeswap-top-100.json Show response
tokens.pancakeswap.finance/ 28 KB
5 KB 98ms
30ms Fetch
application/json 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tokens.pancakeswap.finance/pancakeswap-top-100.json

Requested by

Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/main.a9914825.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

856eb20adf6607e87d1e179ea2a4168dd8aef18fde4320b37e4cee7071ca93b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aforocfreebroimax.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:06:35 GMT
content-encoding: br
server: Vercel
age: 690176
x-vercel-id: fra1:fra1::nkgks-1651583195661-4f92205e8e26
etag: W/"170df02cdbf35b4e739d5723268fda79"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="pancakeswap-top-100.json"
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
access-control-allow-headers: Accept, Content-Type, Origin

GET
H2 200 pancakeswap-extended.json Show response
tokens.pancakeswap.finance/ 79 KB
13 KB 111ms
43ms Fetch
application/json 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tokens.pancakeswap.finance/pancakeswap-extended.json

Requested by

Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/main.a9914825.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bcb7cbdaf31799e0e32cb8a0fe17a61aba563fa0d3475a82bf6893dc43f4c3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aforocfreebroimax.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:06:35 GMT
content-encoding: br
server: Vercel
age: 690175
x-vercel-id: fra1:fra1::nkgks-1651583195662-6283a0fd282e
etag: W/"4fa81beddbaefe918a60bb735f66e3c8"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="pancakeswap-extended.json"
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
access-control-allow-headers: Accept, Content-Type, Origin

GET
H2 200 pancakeswap-top-100.json Show response
tokens.pancakeswap.finance/ 28 KB
5 KB 99ms
32ms Fetch
application/json 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tokens.pancakeswap.finance/pancakeswap-top-100.json

Requested by

Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/main.a9914825.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

856eb20adf6607e87d1e179ea2a4168dd8aef18fde4320b37e4cee7071ca93b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aforocfreebroimax.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:06:35 GMT
content-encoding: br
server: Vercel
age: 690176
x-vercel-id: fra1:fra1::nkgks-1651583195661-b77d49e5b3cc
etag: W/"170df02cdbf35b4e739d5723268fda79"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="pancakeswap-top-100.json"
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
access-control-allow-headers: Accept, Content-Type, Origin

GET
H2 200 pancakeswap-extended.json Show response
tokens.pancakeswap.finance/ 79 KB
13 KB 100ms
34ms Fetch
application/json 76.76.21.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tokens.pancakeswap.finance/pancakeswap-extended.json

Requested by

Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/main.a9914825.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

bcb7cbdaf31799e0e32cb8a0fe17a61aba563fa0d3475a82bf6893dc43f4c3a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aforocfreebroimax.ml/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:06:35 GMT
content-encoding: br
server: Vercel
age: 690175
x-vercel-id: fra1:fra1::nkgks-1651583195661-1b0152820aa2
etag: W/"4fa81beddbaefe918a60bb735f66e3c8"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="pancakeswap-extended.json"
strict-transport-security: max-age=63072000
x-vercel-cache: HIT
access-control-allow-headers: Accept, Content-Type, Origin

GET
H2 200 nKKZ-Go6G5tXcraVGwA.woff2
fonts.gstatic.com/s/kanit/v7/ 19 KB
19 KB 130ms
65ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v7/nKKZ-Go6G5tXcraVGwA.woff2

Requested by

Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/css2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d522ceba20f12d2594bca7ab06bc6cc877e8ee1c5d94c2ae3c3af0d90c38ccc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aforocfreebroimax.ml/
Origin: https://aforocfreebroimax.ml
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 08:29:02 GMT
x-content-type-options: nosniff
age: 16653
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19040
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:14:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 03 May 2023 08:29:02 GMT

GET
H2 200 nKKU-Go6G5tXcr5KPxWnVaE.woff2
fonts.gstatic.com/s/kanit/v7/ 19 KB
19 KB 151ms
90ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/kanit/v7/nKKU-Go6G5tXcr5KPxWnVaE.woff2

Requested by

Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/Home%20_%20PancakeSwap%20-%20..._files/css2.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

def634b44436d1e006b02b68051da6df2bc1bfd4f5405bc93a03c46e034e8fa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://aforocfreebroimax.ml/
Origin: https://aforocfreebroimax.ml
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 02 May 2022 14:25:04 GMT
x-content-type-options: nosniff
age: 81691
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19220
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 05:42:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 May 2023 14:25:04 GMT

GET
BLOB 200
OK d8590ef4-7ed8-4ace-8fdf-5ce5527788a8
https://aforocfreebroimax.ml/ 7 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://aforocfreebroimax.ml/d8590ef4-7ed8-4ace-8fdf-5ce5527788a8
Requested by: Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 45d92bae6f1c6c3f731b7cba2239003a6284978e546a80865d61d496c4f08e3c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 7648

GET
H3 200 swap.mp3
aforocfreebroimax.ml/p/ 92 KB
92 KB 561ms
561ms Media
text/html 2606:4700:3032::ac43:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://aforocfreebroimax.ml/p/swap.mp3
Requested by: Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12738328a1d7099776909a749173db3f1fbfb94bcd18da8ef35be8a4f4aa0e2

Request headers

Referer: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 03 May 2022 13:06:36 GMT
cf-cache-status: MISS
last-modified: Tue, 03 May 2022 13:06:36 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ml8bVXJIUSqmA1qnu6ry7SpFw8tAN0CG%2FgN4%2Ftx8oX4bl%2Br54oSNj8g%2FeOCnbpIkd5x0oL96TH2d35u4ODDiTrIMcymNlJwFvMH5d89weqyIbXDnHQ%2Fd4ht9byOdyFr6Eu2zcQLLSs6EMZSuYRVSiGpSbg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 705936fd39cc9bc4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 help.svg
aforocfreebroimax.ml/p/images/ 2 MB
2 MB 1288ms
1288ms Image
image/svg+xml 2606:4700:3032::ac43:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aforocfreebroimax.ml/p/images/help.svg
Requested by: Host: aforocfreebroimax.ml
URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6943f64277136491891a83bf86e73a0df2b7031640f5b7661fd3421fe3b0c8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 03 May 2022 13:06:36 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 05 Nov 2021 10:36:05 GMT
server: cloudflare
etag: W/"61850915-2055fc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5vsiVYGeijI0v9kvuG6Zx4yPgDj%2F%2BjEAvqkgXjfIGnKJxK25D5VVYbJ1snXYFGRf%2FTeQ21QqTKR8Wa60EuG0kNpXKDKFTvo32wz9EG32hyIIvAQTAsfL9f26%2FeZKSyNfwNKSYg0S1Ic%2Bna6oN4u9Z6i1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 705936fd49e89bc4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST /
nodes.pancakeswap.com/ 0
0

OPTIONS
H2 204 /
nodes.pancakeswap.com/ 0
0 390ms
59ms Preflight
text/plain 2606:4700:3037::6815:4393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nodes.pancakeswap.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aforocfreebroimax.ml
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 705936ff6cb59265-FRA
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 03 May 2022 13:06:36 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53NN7ifgdS4TrunL54dJK6EwUvf0ksqc1Fx3byAyyghVGTFDuXd4%2BnQbZs1jqYkkJEQokhI%2BvBZ%2BzuJVRIu%2B6W9pCxToFTLwAOgR4mTJy0LAhtppcq%2Fy4Oq%2B1k9fcS6%2F4V5PbJRBql8UNc9UaKCDFjd%2FVL0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

POST /
nodes.pancakeswap.com/ 0
0

OPTIONS
H2 204 /
nodes.pancakeswap.com/ 0
0 334ms
34ms Preflight
text/plain 2606:4700:3037::6815:4393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nodes.pancakeswap.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aforocfreebroimax.ml
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70593701a8699265-FRA
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 03 May 2022 13:06:36 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zy7rBLg87sKVUVBYr0N%2FPQO0L%2BE7udP1zSPlLUBuQL%2F8HyrJrfKfI9Vrmr2tEXJONICWyeaShqXZV12Aj1MhYpWke5U%2FB1ELf%2Bq5csj0YTEzKFk6WzRkONuEEMoQOyW27CiwG6S1uDvRPxNEkEFEEbUGgKc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

OPTIONS
H2 204 /
nodes.pancakeswap.com/ 0
0 335ms
34ms Preflight
text/plain 2606:4700:3037::6815:4393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nodes.pancakeswap.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aforocfreebroimax.ml
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70593703cbe39265-FRA
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 03 May 2022 13:06:36 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6aqC2nRSnzV93lehN6BHC6GXrn483WILb8z4xc906wnesrfFtNwMYzzzfFuRUdkwtB61aHYWsK9RnSZFavBpE3kWcsePR657HKemYHATydr8ESclw5vbBiJEtEGMZKoq20AKH0ltEkUZiTwKff%2BVXydWIE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

POST /
nodes.pancakeswap.com/ 0
0

OPTIONS
H2 204 /
nodes.pancakeswap.com/ 0
0 340ms
40ms Preflight
text/plain 2606:4700:3037::6815:4393
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nodes.pancakeswap.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4393 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://aforocfreebroimax.ml
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 70593705efa39265-FRA
content-length: 0
content-type: text/plain; charset=utf-8
date: Tue, 03 May 2022 13:06:37 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyEzoyAIlLMfiD4OGH0x%2FnBnKccK8W4snBGlL6FTZesm0K0L0TA6pdVVNWY5%2F0d2veGA20ceavH2PsEYpdr5L3TZhsbZZabbgAJBxn0eGrK2%2Fvd%2FXM%2FLDlZiC8MPwCB4ukf8TRbisH1xDZAQFnjfn%2B5RXOo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nodes.pancakeswap.com
URL: https://nodes.pancakeswap.com/

Domain: nodes.pancakeswap.com
URL: https://nodes.pancakeswap.com/

Domain: nodes.pancakeswap.com
URL: https://nodes.pancakeswap.com/

Domain: nodes.pancakeswap.com
URL: https://nodes.pancakeswap.com/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			aforocfreebroimax.ml/p	1970-01-20 03:29:35	Name: ktr Value: 7079-9831-20220503160632615703
			.stouthalemar.tk/	1970-01-20 03:31:01	Name: 00831 Value: %7B%22streams%22%3A%7B%229831%22%3A1651583192%7D%2C%22campaigns%22%3A%7B%227079%22%3A1651583192%7D%2C%22time%22%3A1651583192%7D

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703 Message: Access to fetch at 'https://nodes.pancakeswap.com/' from origin 'https://aforocfreebroimax.ml' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://nodes.pancakeswap.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703 Message: Access to fetch at 'https://nodes.pancakeswap.com/' from origin 'https://aforocfreebroimax.ml' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://nodes.pancakeswap.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703 Message: Access to fetch at 'https://nodes.pancakeswap.com/' from origin 'https://aforocfreebroimax.ml' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://nodes.pancakeswap.com/ Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://aforocfreebroimax.ml/p/swap?subid=7079-9831-20220503160632615703 Message: Access to fetch at 'https://nodes.pancakeswap.com/' from origin 'https://aforocfreebroimax.ml' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network	error	URL: https://nodes.pancakeswap.com/ Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aforocfreebroimax.ml
ajax.googleapis.com
cdn.ethers.io
fonts.gstatic.com
nodes.pancakeswap.com
stouthalemar.tk
tokens.pancakeswap.finance
nodes.pancakeswap.com
143.204.201.79
2606:4700:3032::ac43:872a
2606:4700:3036::6815:211d
2606:4700:3037::6815:4393
2a00:1450:4001:812::200a
2a00:1450:4001:831::2003
76.76.21.22
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
2f426ca96f459f9229cf53665db2de4ec82d15ce49f767915378d87f733ccf9a
45d92bae6f1c6c3f731b7cba2239003a6284978e546a80865d61d496c4f08e3c
551bb3e110a18211e27d5b3c7c7c6fcb4b7effdcf74099ee84d8fe79410452fd
6d44d24d01f66f6761763f0e7658047b6c08de3a9677951a067bacbdd3ee850d
856eb20adf6607e87d1e179ea2a4168dd8aef18fde4320b37e4cee7071ca93b0
bcb7cbdaf31799e0e32cb8a0fe17a61aba563fa0d3475a82bf6893dc43f4c3a4
c6943f64277136491891a83bf86e73a0df2b7031640f5b7661fd3421fe3b0c8f
d12738328a1d7099776909a749173db3f1fbfb94bcd18da8ef35be8a4f4aa0e2
d522ceba20f12d2594bca7ab06bc6cc877e8ee1c5d94c2ae3c3af0d90c38ccc6
de118191efd898f798dd43fe402e3e87a3d3fc211864a89ae350a8929968586c
def634b44436d1e006b02b68051da6df2bc1bfd4f5405bc93a03c46e034e8fa0
f3c51374ca5a103dc0e1ab8912141aa3fec91993eed4ab17704f7cb263e8c535

aforocfreebroimax.ml Open in urlscan Pro 2606:4700:3032::ac43:872a Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

79 %HTTPS

71 %IPv6

7 Domains

7 Subdomains

7 IPs

2 Countries

2640 kBTransfer

5878 kBSize

2 Cookies

19 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

16 JavaScript Global Variables

2 Cookies

8 Console Messages

Indicators

aforocfreebroimax.ml Open in urlscan Pro
2606:4700:3032::ac43:872a Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

79 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

2640 kB
Transfer

5878 kB
Size

2
Cookies

24 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!