libertyxcryptomining.com Open in urlscan Pro
162.0.235.5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://libertyxcryptomining.com/register.php
Submission Tags: advance fee fraud malicious other romance Search All
Submission: On July 12 via api (July 12th 2021, 6:41:23 pm UTC) from ZA

Summary HTTP 37 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 9 domains to perform 37 HTTP transactions. The main IP is 162.0.235.5, located in United States and belongs to NAMECHEAP-NET, US. The main domain is libertyxcryptomining.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 7th 2020. Valid for: a year.

This is the only time libertyxcryptomining.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
18	162.0.235.5 162.0.235.5	22612 (NAMECHEAP...) (NAMECHEAP-NET)
3	13.224.99.63 13.224.99.63	16509 (AMAZON-02) (AMAZON-02)
1	51.79.28.110 51.79.28.110	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3033::ac43:dc88	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	78.46.57.120 78.46.57.120	24940 (HETZNER-AS) (HETZNER-AS)
6	2606:4700::68... 2606:4700::6812:1c5b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:219... 2600:9000:2190:9c00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.209.43.140 34.209.43.140	16509 (AMAZON-02) (AMAZON-02)
37	11

18 162.0.235.5 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server292-3.web-hosting.com

libertyxcryptomining.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.99.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-99-63.zrh50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.79.28.110 (United States)

ASN16276 (OVH, FR)
PTR: ip-51-79-28.eu

net-cents.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:dc88 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

static.whatshelp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.46.57.120 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.120.57.46.78.clients.your-server.de

static.getbutton.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1c5b (United States)

ASN13335 (CLOUDFLARENET, US)

client.crisp.chat	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2190:9c00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.209.43.140 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-209-43-140.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	libertyxcryptomining.com libertyxcryptomining.com	269 KB
6	crisp.chat client.crisp.chat	127 KB
4	gstatic.com fonts.gstatic.com	78 KB
4	stripe.com js.stripe.com m.stripe.com	64 KB
2	stripe.network m.stripe.network	20 KB
2	getbutton.io 1 redirects static.getbutton.io	85 KB
1	whatshelp.io 1 redirects static.whatshelp.io	599 B
1	googleapis.com fonts.googleapis.com	875 B
1	net-cents.com net-cents.com	4 KB
37	9

	Domain	Requested by
18	libertyxcryptomining.com	libertyxcryptomining.com
6	client.crisp.chat	libertyxcryptomining.com client.crisp.chat
4	fonts.gstatic.com	fonts.googleapis.com
3	js.stripe.com	libertyxcryptomining.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	static.getbutton.io	1 redirects libertyxcryptomining.com
1	m.stripe.com	m.stripe.network
1	static.whatshelp.io	1 redirects
1	fonts.googleapis.com	libertyxcryptomining.com
1	net-cents.com	libertyxcryptomining.com
37	10

This site contains links to these domains. Also see Links.

Domain
wa.me
getbutton.io

Subject Issuer	Validity	Valid
libertyxcryptomining.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-07` - `2021-10-07`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-04-14` - `2021-08-04`	4 months	crt.sh
net-cents.com DigiCert SHA2 Extended Validation Server CA	`2020-11-24` - `2021-12-25`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.getbutton.io Sectigo RSA Domain Validation Secure Server CA	`2019-09-26` - `2021-09-23`	2 years	crt.sh
crisp.chat Cloudflare Inc ECC CA-3	`2021-07-08` - `2022-07-07`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-16` - `2021-08-04`	4 months	crt.sh

This page contains 3 frames:

Primary Page: https://libertyxcryptomining.com/register.php
Frame ID: 76A467035728B053F5BB1B393794B2F7
Requests: 33 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-c19b0c166354f5488c8a7f316eaada90.html
Frame ID: C4A3A147903FA4C89D3F916B526E2B60
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 18663C1F6517627A023EEBF34FB864D0
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

script /js\.stripe\.com/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

Page Statistics

37
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

648 kB
Transfer

2645 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wa.me/18056227585
Title: Message us

Search URL Search Domain Scan URL

URL: http://getbutton.io/?utm_campaign=multy_widget&utm_medium=widget&utm_source=libertyxcryptomining.com
Title: GetButton

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://static.whatshelp.io/widget-send-button/js/init.js HTTP 301
https://static.getbutton.io/widget-send-button/js/init.js HTTP 302
https://static.getbutton.io/widget/bundle.js

37 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request register.php Show response
libertyxcryptomining.com/ 59 KB
5 KB 606ms
203ms Document
text/html 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed / PHP/7.2.34
Resource Hash: 49d3e30161e84236aa73891458e596fee7d735793fc5da659f3a159456821521

Request headers

:method: GET
:authority: libertyxcryptomining.com
:scheme: https
:path: /register.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by: PHP/7.2.34
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Mon, 12 Jul 2021 18:40:56 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 bootstrap.min.css
libertyxcryptomining.com/assets/css/ 124 KB
18 KB 205ms
204ms Stylesheet
text/css 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/assets/css/bootstrap.min.css
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 4b77a410d8c572230569c08a0accf6de169d27645bd7a2532865cc8f1bbdbd52

Request headers

:path: /assets/css/bootstrap.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17700
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 icons.css
libertyxcryptomining.com/assets/css/ 168 KB
24 KB 207ms
205ms Stylesheet
text/css 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/assets/css/icons.css
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5c1b2d49b48701f5b4205cde753bb14c73635b8bb683956b4888e3ae8087e0bc

Request headers

:path: /assets/css/icons.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 23976
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 style.css
libertyxcryptomining.com/assets/css/ 103 KB
17 KB 544ms
541ms Stylesheet
text/css 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/assets/css/style.css
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 75eab1b9e98a1b1d1561f3ef1c992622eaaa16fcec716faef4ea6ee4ee68f3ad

Request headers

:path: /assets/css/style.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17607
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 modernizr.min.js Show response
libertyxcryptomining.com/assets/js/ 11 KB
4 KB 544ms
541ms Script
application/javascript 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/assets/js/modernizr.min.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: c9dedb58b9b0169530e843cc812d6c630b17220c3e2f5a734395c001688b2766

Request headers

:path: /assets/js/modernizr.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4237
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 225 KB
62 KB 295ms
89ms Script
application/javascript 13.224.99.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.99.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-99-63.zrh50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f0d6f64ca5ef5d317c366804dc883c0efd1a67638cc736e02199d22098fc65f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://libertyxcryptomining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:04 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 53
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: MD7QR2JBX636EBEQ
x-amz-id-2: oIfRVj2qLfSA+w+Cfrtu+aYgSWa4StioWArZuK+gjgizl+QrutsqQarwj95j6XJ3EMGb2iqtwBI=
last-modified: Fri, 09 Jul 2021 16:18:07 GMT
server: AmazonS3
etag: W/"730ec937c6afe61d0e253d5e48556918"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: L5Fg03RU2H8imgXTNjBZlj7zaJQzpBIj2u_QZKZKtg924bk23vvEHQ==

GET
H/1.1 200
OK aliant.js Show response
net-cents.com/ 3 KB
4 KB 774ms
160ms Script
application/javascript 51.79.28.110
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://net-cents.com/aliant.js

Requested by

Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.79.28.110 , United States, ASN16276 (OVH, FR),

Reverse DNS

ip-51-79-28.eu

Software

nginx /

Resource Hash

6c89d0ccd6b262ea4b58a029cad2e48e11ee580c6d726683ea9a650c68253e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;
X-Frame-Options	deny

Request headers

Referer: https://libertyxcryptomining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 18:40:56 GMT
Vary: Accept-Encoding
Last-Modified: Thu, 10 Jun 2021 20:00:09 GMT
Server: nginx
X-Frame-Options: deny
ETag: "60c26f49-dc2"
Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3522

GET
H2 200 jquery.min.js Show response
libertyxcryptomining.com/assets/js/ 85 KB
29 KB 551ms
549ms Script
application/javascript 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/assets/js/jquery.min.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e

Request headers

:path: /assets/js/jquery.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 29468
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 popper.min.js Show response
libertyxcryptomining.com/assets/js/ 19 KB
7 KB 551ms
549ms Script
application/javascript 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/assets/js/popper.min.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0883ffacfd4c998ca72bcaac0bfa192ea0c9cd0db257c03a3ef83d5df5fe8a7c

Request headers

:path: /assets/js/popper.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6582
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 bootstrap.min.js Show response
libertyxcryptomining.com/assets/js/ 49 KB
13 KB 559ms
557ms Script
application/javascript 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/assets/js/bootstrap.min.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 34427800379ae3d475892ed15fecd68d9cfeff4941ae51aecd6ca68f9b5e37d6

Request headers

:path: /assets/js/bootstrap.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 12564
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 waves.js Show response
libertyxcryptomining.com/assets/js/ 68 KB
22 KB 560ms
558ms Script
application/javascript 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/assets/js/waves.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 1556a1125405f1eae1c94ccd91d22f6b272a3d4b306719ce815717aaa7afe757

Request headers

:path: /assets/js/waves.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 21992
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 jquery.slimscroll.js Show response
libertyxcryptomining.com/assets/js/ 14 KB
4 KB 718ms
716ms Script
application/javascript 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/assets/js/jquery.slimscroll.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 3c316c955d5306999ca666e787be8ad40b47e565421fbb930cdc5bb32e42344b

Request headers

:path: /assets/js/jquery.slimscroll.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3563
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 jquery.waypoints.min.js Show response
libertyxcryptomining.com/plugins/waypoints/lib/ 9 KB
3 KB 893ms
891ms Script
application/javascript 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/plugins/waypoints/lib/jquery.waypoints.min.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 038b00a8feee11c9adaf8c4ead95abcbd309179f6bfa7293e56c5a39976effad

Request headers

:path: /plugins/waypoints/lib/jquery.waypoints.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2542
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 jquery.counterup.min.js Show response
libertyxcryptomining.com/plugins/counterup/ 1 KB
742 B 893ms
892ms Script
application/javascript 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/plugins/counterup/jquery.counterup.min.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 3145a2ee536ea38dbcb2563fe7dad866ca2bceff859249e069cf33224f43b7cd

Request headers

:path: /plugins/counterup/jquery.counterup.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 499
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 chart.bundle.js Show response
libertyxcryptomining.com/plugins/chart.js/ 533 KB
120 KB 893ms
892ms Script
application/javascript 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/plugins/chart.js/chart.bundle.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: f2840079d919de56499e4f1eba2f350e65264efad8c775cfed90e0a73968e46d

Request headers

:path: /plugins/chart.js/chart.bundle.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 122515
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 jquery.dashboard.init.js Show response
libertyxcryptomining.com/assets/pages/ 6 KB
2 KB 893ms
892ms Script
application/javascript 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/assets/pages/jquery.dashboard.init.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: c5bee50bfaba91690baf2d9a827ef94fab3f27207a0859c0e8db7c809ef735c3

Request headers

:path: /assets/pages/jquery.dashboard.init.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1317
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 jquery.core.js Show response
libertyxcryptomining.com/assets/js/ 3 KB
1 KB 893ms
892ms Script
application/javascript 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/assets/js/jquery.core.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5bd2ac74877e0d6fa033e22984cbd55d4464e9774cdb0a1b5cb900c061e1531b

Request headers

:path: /assets/js/jquery.core.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 843
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 200 jquery.app.js Show response
libertyxcryptomining.com/assets/js/ 2 KB
813 B 902ms
901ms Script
application/javascript 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/assets/js/jquery.app.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 26c98d45c60202a97a01b1eb3751facacf81b4ea933337fcfc99a22639f3a559

Request headers

:path: /assets/js/jquery.app.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:56 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 17:42:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 570
expires: Mon, 19 Jul 2021 18:40:56 GMT

GET
H2 404 register.js
libertyxcryptomining.com/js/register/ 0
0 902ms
901ms Script
text/html 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/js/register/register.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

:path: /js/register/register.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 18:40:56 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H2 200 css
fonts.googleapis.com/ 7 KB
875 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Quattrocento+Sans:400,700|Roboto:400,500,700

Requested by

Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/assets/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f7fd632b5104c5e20fabc89f2225cfc4904ea82f3c9e95c4943aae0d730b0c79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://libertyxcryptomining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Jul 2021 18:40:56 GMT
server: ESF
date: Mon, 12 Jul 2021 18:40:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Jul 2021 18:40:56 GMT

GET
H2 200 va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2
fonts.gstatic.com/s/quattrocentosans/v13/ 24 KB
24 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocentosans/v13/va9c4lja2NVIDdIAAoMR5MfuElaRB0zJt08.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quattrocento+Sans:400,700|Roboto:400,500,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f871adc17c31230ef87ade94971fcb56a5b611fee9edf6de533535a4512c15d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://libertyxcryptomining.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 04:54:03 GMT
x-content-type-options: nosniff
age: 568013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24360
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 06:34:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 04:54:03 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quattrocento+Sans:400,700|Roboto:400,500,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://libertyxcryptomining.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 03:00:34 GMT
x-content-type-options: nosniff
age: 574823
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 03:00:34 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 23ms
21ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quattrocento+Sans:400,700|Roboto:400,500,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://libertyxcryptomining.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 06:52:18 GMT
x-content-type-options: nosniff
age: 560919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 06:52:18 GMT

GET
H3-29 200 va9Z4lja2NVIDdIAAoMR5MfuElaRB0RyklrRPXw.woff2
fonts.gstatic.com/s/quattrocentosans/v13/ 24 KB
24 KB 27ms
26ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/quattrocentosans/v13/va9Z4lja2NVIDdIAAoMR5MfuElaRB0RyklrRPXw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Quattrocento+Sans:400,700|Roboto:400,500,700

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f78458058ad1c379c6fbd9d5a407e2d1f0249046b195a6ec1427f7587379f51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://libertyxcryptomining.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 06 Jul 2021 03:00:36 GMT
x-content-type-options: nosniff
age: 574821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24244
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 04:38:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Jul 2022 03:00:36 GMT

GET
H2 404 register.js
libertyxcryptomining.com/js/register/ 0
0 200ms
200ms Script
text/html 162.0.235.5
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://libertyxcryptomining.com/js/register/register.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.235.5 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server292-3.web-hosting.com
Software: LiteSpeed /
Resource Hash

Request headers

:path: /js/register/register.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: libertyxcryptomining.com
referer: https://libertyxcryptomining.com/register.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://libertyxcryptomining.com/register.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Jul 2021 18:40:58 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
server: LiteSpeed
content-length: 1238
content-type: text/html

GET
H/1.1

200
OK

bundle.js Show response
static.getbutton.io/widget/
Redirect Chain

https://static.whatshelp.io/widget-send-button/js/init.js
https://static.getbutton.io/widget-send-button/js/init.js
https://static.getbutton.io/widget/bundle.js

266 KB
85 KB

105ms
105ms

Script
application/javascript

78.46.57.120
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getbutton.io/widget/bundle.js
Requested by: Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.46.57.120 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.120.57.46.78.clients.your-server.de
Software: nginx/1.6.2 /
Resource Hash: cfb62d0ee56f68d7f6c106f7b52b659906631372992c1c6c39a38d2c698b7f9f

Request headers

Referer: https://libertyxcryptomining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 12 Jul 2021 18:41:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Jun 2021 11:26:37 GMT
Server: nginx/1.6.2
Transfer-Encoding: chunked
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=10800
Connection: keep-alive
Expires: Mon, 12 Jul 2021 21:41:03 GMT

Redirect headers

Location: https://static.getbutton.io/widget/bundle.js
Date: Mon, 12 Jul 2021 18:41:03 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 160
Content-Type: text/html

GET
H2 200 l.js Show response
client.crisp.chat/ 8 KB
3 KB 28ms
13ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/l.js

Requested by

Host: libertyxcryptomining.com
URL: https://libertyxcryptomining.com/register.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

825e72fc1faf1795167573a940b81383ab3c4c09f7f4900a26f0b39d526bd0e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libertyxcryptomining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36448
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 11 Jul 2021 08:32:47 GMT
server: cloudflare
etag: W/"60eaacaf-1e7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=86400
access-control-allow-credentials: false
cf-ray: 66dc672e6fe205e9-FRA
access-control-allow-headers: Content-Type, Origin
expires: Tue, 13 Jul 2021 18:40:58 GMT

GET
H2 200 m-outer-c19b0c166354f5488c8a7f316eaada90.html Show response
js.stripe.com/v3/ Frame C4A3 215 B
951 B 79ms
78ms Document
text/html 13.224.99.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-c19b0c166354f5488c8a7f316eaada90.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.99.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-99-63.zrh50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

5852f3bf8aa98a4c248050f0be0dd0a643e7c041a34c28e3f67ad12c9aef7314

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-c19b0c166354f5488c8a7f316eaada90.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://libertyxcryptomining.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://libertyxcryptomining.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: hrVdI9l5YDY0UvzLGSESIyNrNTkif7605+F2G5dBHdAmhmaEBMryTjziKb6mTbGnYmqv4iuTwC8=
x-amz-request-id: PV71W21RD8Q3HV1H
last-modified: Tue, 22 Jun 2021 21:59:33 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Mon, 12 Jul 2021 18:38:00 GMT
cache-control: public, max-age=300
etag: "c19b0c166354f5488c8a7f316eaada90"
x-cache: Hit from cloudfront
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: hWge1_wf0NuMstwV6zlbCGyZN0l0mP_63yaEGTYo_GSGI039Zh7mEg==
age: 178

GET
H3-29 200 client.js Show response
client.crisp.chat/static/javascripts/ 384 KB
84 KB 3623ms
3610ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/client.js?6450942

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd639a8573199b641e9c4259d15f07658c3e6d81facfffea952884767fe39f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libertyxcryptomining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:41:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36458
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 11 Jul 2021 08:32:47 GMT
server: cloudflare
etag: W/"60eaacaf-5ff0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 66dc672e9d890631-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 10 Jul 2031 18:41:02 GMT

GET
H3-29 200 client_default.css
client.crisp.chat/static/stylesheets/ 325 KB
36 KB 3676ms
3663ms Stylesheet
text/css 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/stylesheets/client_default.css?6450942

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/l.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c799442243fad953bc2fcf7491f1e4bd539d03d6c258580ec36731b1b8ea9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libertyxcryptomining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:41:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36458
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 11 Jul 2021 08:32:47 GMT
server: cloudflare
etag: W/"60eaacaf-515ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 66dc672e9d870631-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 10 Jul 2031 18:41:02 GMT

GET
H2 200 m-outer-d887d0dff5675390e1f75e9f1623eaa0.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C4A3 1 KB
1 KB 81ms
81ms Script
application/javascript 13.224.99.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-d887d0dff5675390e1f75e9f1623eaa0.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-c19b0c166354f5488c8a7f316eaada90.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.99.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-99-63.zrh50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-c19b0c166354f5488c8a7f316eaada90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"78581b5abad6c4e7b59c0f8ee45a8134"
age: 1
via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: HFQACW2Z4RC2NND6
x-amz-id-2: OP82haK8O2Ah7W7SfIbuOQ3OiCdJFfMRnUMCgWe3PhDUCnAZFpSb4664glbdjHHX0BT/MZD+V74=
last-modified: Tue, 22 Jun 2021 21:59:25 GMT
server: AmazonS3
date: Mon, 12 Jul 2021 18:40:57 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: m8VbT2OrnVqhacSJLjpgcTufNTc8eTsCjr1hUeKKDBz1C3twL6D7BA==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 1866 932 B
1 KB 76ms
13ms Document
text/html 2600:9000:2190:9c00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-d887d0dff5675390e1f75e9f1623eaa0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:9c00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Thu, 20 May 2021 17:57:41 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Mon, 12 Jul 2021 18:39:41 GMT
cache-control: public, max-age=300
etag: W/"60a6a315-3a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: 5AqqniRzlZ50KeqiqkjON9TRUOi1gnok2ze3i8clPSrxmJlpSTTHkA==
age: 77

GET
H2 200 out-4.5.35.js Show response
m.stripe.network/ Frame 1866 85 KB
19 KB 19ms
17ms Script
application/x-javascript 2600:9000:2190:9c00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.35.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2190:9c00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"60a6a315-153a9"
age: 82
x-cache: Hit from cloudfront
last-modified: Thu, 20 May 2021 17:57:41 GMT
server: nginx
date: Mon, 12 Jul 2021 18:39:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: ZRH50-C1
timing-allow-origin: *
x-amz-cf-id: 4hm_LFKSN3InDl7-MqxnlWHLvNHhMadLfX6VdgJ_KHAhqRAiXFJgtQ==

POST
H2 200 6 Show response
m.stripe.com/ Frame 1866 156 B
517 B 648ms
221ms XHR
text/plain 34.209.43.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.35.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.209.43.140 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-209-43-140.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0d6c8abe7b29360e3bcf1357e031f81ecf1ae6f87b171067be23d0396b07bd7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 12 Jul 2021 18:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H3-29 200 / Show response
client.crisp.chat/settings/website/b57e1cae-cd27-4567-92b1-91929a3e85de/prelude/ 78 B
493 B 1002ms
1002ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/b57e1cae-cd27-4567-92b1-91929a3e85de/prelude/?callback=window.%24crisp.__spool.website_handler&2021-6-12-20-41

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?6450942

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

660abe3389b1573f94df49a827fb21d733c66833dc0563ec382448407aa6326d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libertyxcryptomining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:41:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 66dc67460de00631-FRA
access-control-allow-headers: Content-Type, Origin
expires: Mon, 12 Jul 2021 22:41:03 GMT

GET
H3-29 200 / Show response
client.crisp.chat/settings/website/b57e1cae-cd27-4567-92b1-91929a3e85de/ 1 KB
969 B 386ms
386ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/settings/website/b57e1cae-cd27-4567-92b1-91929a3e85de/?callback=window.%24crisp.__spool.website_handler&1603871201207

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?6450942

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1874e07f86d311cfd9137877a86f76160e3ed6f82052fe9329b49d5789a54d21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libertyxcryptomining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:41:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2677
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 66dc674cff710631-FRA
access-control-allow-headers: Content-Type, Origin
expires: Mon, 12 Jul 2021 22:41:03 GMT

GET
H3-29 200 en.js Show response
client.crisp.chat/static/javascripts/locales/ 6 KB
3 KB 217ms
217ms Script
application/javascript 2606:4700::6812:1c5b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://client.crisp.chat/static/javascripts/locales/en.js?6450942

Requested by

Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?6450942

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1c5b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50a9af86f68bb5caddbed65201b025bcf66b8dc363b9f08e8b4e7d77f56f420f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://libertyxcryptomining.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Jul 2021 18:41:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36453
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified: Sun, 11 Jul 2021 08:32:48 GMT
server: cloudflare
etag: W/"60eaacb0-17fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 300
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=315360000
access-control-allow-credentials: false
cf-ray: 66dc674f5d2a0631-FRA
access-control-allow-headers: Content-Type, Origin
expires: Thu, 10 Jul 2031 18:41:04 GMT

GET
DATA 200
OK truncated
/ 881 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.libertyxcryptomining.com/	1970-01-20 00:04:43	Name: crisp-client%2Fsession%2Fb57e1cae-cd27-4567-92b1-91929a3e85de Value: session_d3a407f9-5bac-4a97-8943-a825789d8f90

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

client.crisp.chat
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
libertyxcryptomining.com
m.stripe.com
m.stripe.network
net-cents.com
static.getbutton.io
static.whatshelp.io
13.224.99.63
162.0.235.5
2600:9000:2190:9c00:19:7d10:bd80:93a1
2606:4700:3033::ac43:dc88
2606:4700::6812:1c5b
2a00:1450:4001:803::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
34.209.43.140
51.79.28.110
78.46.57.120
038b00a8feee11c9adaf8c4ead95abcbd309179f6bfa7293e56c5a39976effad
0883ffacfd4c998ca72bcaac0bfa192ea0c9cd0db257c03a3ef83d5df5fe8a7c
0d6c8abe7b29360e3bcf1357e031f81ecf1ae6f87b171067be23d0396b07bd7a
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1556a1125405f1eae1c94ccd91d22f6b272a3d4b306719ce815717aaa7afe757
1874e07f86d311cfd9137877a86f76160e3ed6f82052fe9329b49d5789a54d21
1cd639a8573199b641e9c4259d15f07658c3e6d81facfffea952884767fe39f5
1cf30e59d21d4ae560af7143f5913efcc8222bcaa4fcc7508eb802b5faa9e94e
1f871adc17c31230ef87ade94971fcb56a5b611fee9edf6de533535a4512c15d
26c98d45c60202a97a01b1eb3751facacf81b4ea933337fcfc99a22639f3a559
3145a2ee536ea38dbcb2563fe7dad866ca2bceff859249e069cf33224f43b7cd
34427800379ae3d475892ed15fecd68d9cfeff4941ae51aecd6ca68f9b5e37d6
3c316c955d5306999ca666e787be8ad40b47e565421fbb930cdc5bb32e42344b
3f78458058ad1c379c6fbd9d5a407e2d1f0249046b195a6ec1427f7587379f51
49d3e30161e84236aa73891458e596fee7d735793fc5da659f3a159456821521
4b77a410d8c572230569c08a0accf6de169d27645bd7a2532865cc8f1bbdbd52
50a9af86f68bb5caddbed65201b025bcf66b8dc363b9f08e8b4e7d77f56f420f
52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d
5852f3bf8aa98a4c248050f0be0dd0a643e7c041a34c28e3f67ad12c9aef7314
5bd2ac74877e0d6fa033e22984cbd55d4464e9774cdb0a1b5cb900c061e1531b
5c1b2d49b48701f5b4205cde753bb14c73635b8bb683956b4888e3ae8087e0bc
61c799442243fad953bc2fcf7491f1e4bd539d03d6c258580ec36731b1b8ea9d
660abe3389b1573f94df49a827fb21d733c66833dc0563ec382448407aa6326d
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
6c89d0ccd6b262ea4b58a029cad2e48e11ee580c6d726683ea9a650c68253e92
75eab1b9e98a1b1d1561f3ef1c992622eaaa16fcec716faef4ea6ee4ee68f3ad
825e72fc1faf1795167573a940b81383ab3c4c09f7f4900a26f0b39d526bd0e2
847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
c5bee50bfaba91690baf2d9a827ef94fab3f27207a0859c0e8db7c809ef735c3
c9dedb58b9b0169530e843cc812d6c630b17220c3e2f5a734395c001688b2766
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cfb62d0ee56f68d7f6c106f7b52b659906631372992c1c6c39a38d2c698b7f9f
f0d6f64ca5ef5d317c366804dc883c0efd1a67638cc736e02199d22098fc65f3
f2840079d919de56499e4f1eba2f350e65264efad8c775cfed90e0a73968e46d
f7fd632b5104c5e20fabc89f2225cfc4904ea82f3c9e95c4943aae0d730b0c79

libertyxcryptomining.com Open in urlscan Pro 162.0.235.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

37 Requests

100 %HTTPS

55 %IPv6

9 Domains

10 Subdomains

11 IPs

2 Countries

648 kBTransfer

2645 kBSize

1 Cookies

2 Outgoing links

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

libertyxcryptomining.com Open in urlscan Pro
162.0.235.5 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

100 %
HTTPS

55 %
IPv6

9
Domains

10
Subdomains

11
IPs

2
Countries

648 kB
Transfer

2645 kB
Size

1
Cookies

37 HTTP transactions
1 data transactions