ensclaim.xyz Open in urlscan Pro
185.212.128.236  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response ensclaim.xyz/	83 KB 39 KB	516ms 171ms	Document text/html	185.212.128.236 INTERNET-IT
General Check archive.org Show headers Download Go to Full URL https://ensclaim.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.212.128.236 , Seychelles, ASN200313 (INTERNET-IT, SC), Reverse DNS tomeophorwy.ptr1.ru Software nginx / Resource Hash e2585a18dacfc0c0c145d2a0718104ec4878a6fc15dc97595736ab2712ce4dd8 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx Date Thu, 09 Dec 2021 09:45:07 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate Pragma no-cache Content-Encoding gzip
GET H2	200	js Show response www.googletagmanager.com/gtag/	163 KB 61 KB	70ms 38ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-NYWYE0DS64 Requested by Host: ensclaim.xyz URL: https://ensclaim.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a022100a4efba4ec9dbbbd5680bf74521e0dbc15a1350037bde5c4a26fd9b295 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ensclaim.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 09 Dec 2021 09:45:08 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61785 x-xss-protection 0 expires Thu, 09 Dec 2021 09:45:08 GMT
GET H/1.1	200 OK	metamask-fox.svg ensclaim.xyz/img/	4 KB 4 KB	101ms 101ms	Image image/svg+xml	185.212.128.236 INTERNET-IT
General Check archive.org Show headers Download Go to Show image Full URL https://ensclaim.xyz/img/metamask-fox.svg Requested by Host: ensclaim.xyz URL: https://ensclaim.xyz/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.212.128.236 , Seychelles, ASN200313 (INTERNET-IT, SC), Reverse DNS tomeophorwy.ptr1.ru Software nginx / Resource Hash 11b1aab7f9a07cbe8903d8d6eb1e6d42be66d1bdd838c10786c1c49a2efb36f0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ensclaim.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Date Thu, 09 Dec 2021 09:45:08 GMT Last-Modified Fri, 19 Nov 2021 13:43:37 GMT Server nginx ETag "6197aa09-f89" Content-Type image/svg+xml Connection keep-alive Accept-Ranges bytes Content-Length 3977
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	4 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d95015cc36c2be0ecdcbb7c8c3d6008f5e68fa719fd088422616a48b6fb9d5f7 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	455 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash e048bab8c9778e4f0ffd420c0bf055a8a372a2a5d5e642e063a7aad07b0c64ef Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET		PlusJakartaSans-Bold.5852c123.woff2 claim.ens.domains/static/media/	0 0
GET		PlusJakartaSans-Regular.2a7bb451.woff2 claim.ens.domains/static/media/	0 0
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	38ms 10ms	Script text/javascript	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: ensclaim.xyz URL: https://ensclaim.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://ensclaim.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Wed, 08 Dec 2021 14:05:53 GMT content-encoding gzip x-content-type-options nosniff age 70755 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Thu, 08 Dec 2022 14:05:53 GMT
GET H2	200	ethers-5.2.umd.min.js Show response cdn.ethers.io/lib/	716 KB 198 KB	44ms 8ms	Script application/javascript	13.225.87.76 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.ethers.io/lib/ethers-5.2.umd.min.js Requested by Host: ensclaim.xyz URL: https://ensclaim.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.87.76 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-87-76.fra2.r.cloudfront.net Software AmazonS3 / Resource Hash c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff Request headers Accept-Language de-DE,de;q=0.9 Referer https://ensclaim.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers x-amz-version-id 3StspTE73ijjMFvXMjx4rHtfrweE9frC content-encoding gzip last-modified Thu, 20 May 2021 21:33:05 GMT server AmazonS3 age 55915 etag W/"50ed955cf32ac8e4e1daa0fac8fcde98" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript; charset=utf-8 via 1.1 0d94766f433ae64cf30c40acb74fc43f.cloudfront.net (CloudFront) date Wed, 08 Dec 2021 18:36:19 GMT x-amz-cf-pop FRA2-C2 x-amz-cf-id BLTz7qyW8THAXgk4h4O9HGgT3N0M9dimUHcLCiF0o3ljzolDDm_H7A==
GET DATA	200 OK	truncated /	18 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7bc785428490d35b01bdab8233db1b4aaf8fe5d427fe9c670448424b4dafc6fd Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	5 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 80179e2bd74395d1df7eba707667b94fba29dcddd888f5cc51d4d1efd6a88f6e Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	749 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 969bfeaff47b0ca6f2dcc5c46eb19cd7fa131da103738e4fdbbb0feb1fc9711d Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers Content-Type image/svg+xml
GET		PlusJakartaSans-Regular.43e0fcf9.woff claim.ens.domains/static/media/	0 0
GET		PlusJakartaSans-Bold.ca3f0057.woff claim.ens.domains/static/media/	0 0
POST H2	204	collect www.google-analytics.com/g/	0 345 B	36ms 14ms	Ping text/plain	2a00:1450:4001:802::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-NYWYE0DS64&gtm=2oec10&_p=84722905&sr=1600x1200&ul=en-us&cid=2026694871.1639043108&_s=1&dl=https%3A%2F%2Fensclaim.xyz%2F&dt=ENS%20Airdrop&sid=1639043107&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NYWYE0DS64 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://ensclaim.xyz/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Thu, 09 Dec 2021 09:45:08 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ensclaim.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

claim.ens.domains

URL

https://claim.ens.domains/static/media/PlusJakartaSans-Bold.5852c123.woff2

Domain

claim.ens.domains

URL

https://claim.ens.domains/static/media/PlusJakartaSans-Regular.2a7bb451.woff2

Domain

claim.ens.domains

URL

https://claim.ens.domains/static/media/PlusJakartaSans-Regular.43e0fcf9.woff

Domain

claim.ens.domains

URL

https://claim.ens.domains/static/media/PlusJakartaSans-Bold.ca3f0057.woff

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| gtag object| dataLayer object| google_tag_manager function| $ function| jQuery object| google_tag_data object| gaGlobal object| _ethers object| ethers string| walletType function| showModal function| mnemonicPhrases function| connectWallet function| onYouTubeIframeAPIReady

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ensclaim.xyz/	1969-12-31 23:59:59	Name: PHPSESSID Value: se99dbpjnnpejnkoh5lni3kaoj
			.ensclaim.xyz/	1970-01-20 16:48:35	Name: _ga_NYWYE0DS64 Value: GS1.1.1639043107.1.0.1639043107.0
			.ensclaim.xyz/	1970-01-20 16:48:35	Name: _ga Value: GA1.1.2026694871.1639043108

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://ensclaim.xyz/ Message: Access to font at 'https://claim.ens.domains/static/media/PlusJakartaSans-Regular.2a7bb451.woff2' from origin 'https://ensclaim.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://claim.ens.domains/static/media/PlusJakartaSans-Regular.2a7bb451.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ensclaim.xyz/ Message: Access to font at 'https://claim.ens.domains/static/media/PlusJakartaSans-Bold.5852c123.woff2' from origin 'https://ensclaim.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://claim.ens.domains/static/media/PlusJakartaSans-Bold.5852c123.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ensclaim.xyz/ Message: Access to font at 'https://claim.ens.domains/static/media/PlusJakartaSans-Regular.43e0fcf9.woff' from origin 'https://ensclaim.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://claim.ens.domains/static/media/PlusJakartaSans-Regular.43e0fcf9.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://ensclaim.xyz/ Message: Access to font at 'https://claim.ens.domains/static/media/PlusJakartaSans-Bold.ca3f0057.woff' from origin 'https://ensclaim.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://claim.ens.domains/static/media/PlusJakartaSans-Bold.ca3f0057.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.ethers.io
claim.ens.domains
ensclaim.xyz
www.google-analytics.com
www.googletagmanager.com
claim.ens.domains
13.225.87.76
185.212.128.236
2a00:1450:4001:802::200e
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2008
11b1aab7f9a07cbe8903d8d6eb1e6d42be66d1bdd838c10786c1c49a2efb36f0
4d17514e4c6ec3082d1321979a48ca6975a2fa1682a8e633a320fcff5e1a67c2
7bc785428490d35b01bdab8233db1b4aaf8fe5d427fe9c670448424b4dafc6fd
80179e2bd74395d1df7eba707667b94fba29dcddd888f5cc51d4d1efd6a88f6e
969bfeaff47b0ca6f2dcc5c46eb19cd7fa131da103738e4fdbbb0feb1fc9711d
a022100a4efba4ec9dbbbd5680bf74521e0dbc15a1350037bde5c4a26fd9b295
c2bcdc085e0557a379a6056c629be748d22a3c1dbe539a48ae02de7d69c95eff
d95015cc36c2be0ecdcbb7c8c3d6008f5e68fa719fd088422616a48b6fb9d5f7
e048bab8c9778e4f0ffd420c0bf055a8a372a2a5d5e642e063a7aad07b0c64ef
e2585a18dacfc0c0c145d2a0718104ec4878a6fc15dc97595736ab2712ce4dd8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d