freeusd.xyz
Open in
urlscan Pro
107.189.31.154
Public Scan
Effective URL: https://freeusd.xyz/?cp=19833
Submission: On September 20 via api from US — Scanned from DE
Summary
TLS certificate: Issued by R3 on July 22nd 2021. Valid for: 3 months.
This is the only time freeusd.xyz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 | 2607:fad0:380... 2607:fad0:3801:4::1 | 32244 (LIQUIDWEB) (LIQUIDWEB) | |
1 1 | 198.134.116.30 198.134.116.30 | 27257 (WEBAIR-IN...) (WEBAIR-INTERNET) | |
3 3 | 213.227.156.13 213.227.156.13 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
1 | 5.9.5.202 5.9.5.202 | 24940 (HETZNER-AS) (HETZNER-AS) | |
1 | 104.21.80.230 104.21.80.230 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.67.171.70 172.67.171.70 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 107.21.8.49 107.21.8.49 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 107.189.31.154 107.189.31.154 | 53667 (PONYNET) (PONYNET) | |
2 | 185.85.242.92 185.85.242.92 | 49683 (MASSIVEGRID) (MASSIVEGRID) | |
4 | 136.243.55.84 136.243.55.84 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 | 185.85.240.72 185.85.240.72 | 49683 (MASSIVEGRID) (MASSIVEGRID) | |
1 | 185.189.56.92 185.189.56.92 | 49683 (MASSIVEGRID) (MASSIVEGRID) | |
16 | 11 |
ASN27257 (WEBAIR-INTERNET, US)
click.expmediadirect1.com |
ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
biggerpicture.g2afse.com |
ASN24940 (HETZNER-AS, DE)
PTR: static.202.5.9.5.clients.your-server.de
armr.trckswrm.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-21-8-49.compute-1.amazonaws.com
p.asce.xyz |
ASN24940 (HETZNER-AS, DE)
PTR: static.84.55.243.136.clients.your-server.de
ad.a-ads.com | |
static.a-ads.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
cointraffic.io
appsha-lon2.cointraffic.io apps-lon2.cointraffic.io files.cointraffic.io |
41 KB |
4 |
a-ads.com
ad.a-ads.com static.a-ads.com |
565 KB |
3 |
g2afse.com
3 redirects
biggerpicture.g2afse.com |
662 B |
2 |
asce.xyz
1 redirects
p.asce.xyz |
657 B |
2 |
capitalonebankgroup.com
capitalonebankgroup.com |
3 KB |
1 |
freeusd.xyz
freeusd.xyz |
5 KB |
1 |
poqueras.com
poqueras.com |
1 KB |
1 |
bercioles.com
bercioles.com |
1 KB |
1 |
trckswrm.com
armr.trckswrm.com |
288 B |
1 |
expmediadirect1.com
1 redirects
click.expmediadirect1.com |
230 B |
16 | 10 |
Domain | Requested by | |
---|---|---|
3 | biggerpicture.g2afse.com | 3 redirects |
2 | apps-lon2.cointraffic.io |
appsha-lon2.cointraffic.io
|
2 | static.a-ads.com |
ad.a-ads.com
|
2 | ad.a-ads.com |
freeusd.xyz
|
2 | appsha-lon2.cointraffic.io |
freeusd.xyz
appsha-lon2.cointraffic.io |
2 | p.asce.xyz |
1 redirects
poqueras.com
|
2 | capitalonebankgroup.com |
capitalonebankgroup.com
|
1 | files.cointraffic.io |
capitalonebankgroup.com
|
1 | freeusd.xyz |
p.asce.xyz
|
1 | poqueras.com |
bercioles.com
|
1 | bercioles.com |
armr.trckswrm.com
|
1 | armr.trckswrm.com |
capitalonebankgroup.com
|
1 | click.expmediadirect1.com | 1 redirects |
16 | 13 |
This site contains links to these domains. Also see Links.
Domain |
---|
faucetlist.top |
faucetpay.io |
curvapay.com |
dollarz.xyz |
www.8pm.fun |
7to11.club |
Subject Issuer | Validity | Valid | |
---|---|---|---|
armr.trckswrm.com R3 |
2021-07-17 - 2021-10-15 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-11-10 - 2021-11-09 |
a year | crt.sh |
freeusd.xyz R3 |
2021-07-22 - 2021-10-20 |
3 months | crt.sh |
appsha-lon2.cointraffic.io Gandi Standard SSL CA 2 |
2021-04-27 - 2022-05-11 |
a year | crt.sh |
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
apps-lon2.cointraffic.io Gandi Standard SSL CA 2 |
2021-04-27 - 2022-05-11 |
a year | crt.sh |
files.cointraffic.io Gandi Standard SSL CA 2 |
2020-12-07 - 2021-12-15 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://freeusd.xyz/?cp=19833
Frame ID: F038CF7871FC99D6D01D6725CEFDF6F9
Requests: 11 HTTP requests in this frame
Frame:
https://ad.a-ads.com/1568442?size=728x90&background_color=eeeeee
Frame ID: D453F4BF2DB5F429320EC71985A060A1
Requests: 3 HTTP requests in this frame
Frame:
https://ad.a-ads.com/1568442?size=728x90&background_color=eeeeee
Frame ID: 992C8F58A05684BD8BDD6291EE771E0B
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Free USDPage URL History Show full URLs
- http://capitalonebankgroup.com/ Page URL
- http://capitalonebankgroup.com/page/bouncy.php?&bpae=Gbh%2Btqsmolx797uvSZcwm3RFI0KsUz6ucxT7%2Fpz%2BAKSzU8ES... Page URL
-
http://click.expmediadirect1.com/click?i=h4f0fGwtC04_0
HTTP 302
http://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source] HTTP 302
https://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source] HTTP 302
https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 HTTP 302
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 Page URL
- http://bercioles.com/redirect?id=82&auth=82ead305c138eb8fefc6187658dc9b5e4d67d425&sid=154&clk=AsQ... Page URL
- https://poqueras.com/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D Page URL
- http://p.asce.xyz/go/216668/575137?wnw=false Page URL
-
http://p.asce.xyz/ad/ad?p=216668&w=575137&t=f96e77581acaa9f3&r=aHR0cHMlM0ElMkYlMkZwb3F1ZXJhcy5...
HTTP 303
https://freeusd.xyz/?cp=19833 Page URL
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: ✔️ Best Faucet List
Search URL Search Domain Scan URL
Title: FaucetPay
Search URL Search Domain Scan URL
Title: CurvaPay
Search URL Search Domain Scan URL
Title: DollarZ
Search URL Search Domain Scan URL
Title: 8pm.fun
Search URL Search Domain Scan URL
Title: 7to11.club
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://capitalonebankgroup.com/ Page URL
- http://capitalonebankgroup.com/page/bouncy.php?&bpae=Gbh%2Btqsmolx797uvSZcwm3RFI0KsUz6ucxT7%2Fpz%2BAKSzU8ESxVLbu8AykA2ttu9THK9GmMqrYSoLqIPDTYX67rwOpxzMKlfnpWxtcw8nE1wPO1TSXeZ0hwCh0FYoBmRQ6rmCFsYpNs3Tvr7VnV5NZosL0qbYEtKgR%2B0PsuyewPG2uy8qlbQREJxiibQJ%2FSehs3tylOQ4E9875HW4PkHqO6mcoFCSk1K%2F0gVGH4or2G99YuFmpp7QHE7Jyja6sW6nZwXRDuHVWBEdOSF2zUWIgMCZrD7ZR9NqimkLHWZF23dfaXldiTJwxLa%2BbcAe2Z8NUgb9gFvUDOy4RwhvQam4hbaTuMyk2Ih7g0H7gBt%2FhXN9EPOd8dVut2vVlHP71Ln3FKkmq6M42uNZCDZejzgShK6IfvlFeLK0VolzlRY%3D&redirectType=js&inIframe=false&inPopUp=false Page URL
-
http://click.expmediadirect1.com/click?i=h4f0fGwtC04_0
HTTP 302
http://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source] HTTP 302
https://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source] HTTP 302
https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 HTTP 302
https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154 Page URL
- http://bercioles.com/redirect?id=82&auth=82ead305c138eb8fefc6187658dc9b5e4d67d425&sid=154&clk=AsQvqgYAAAF8AQbRlwAAAlEAAACaAAABMg Page URL
- https://poqueras.com/noid/slope?lame=2H9bknzlz6BNNCcn10k5gQ%3D%3D Page URL
- http://p.asce.xyz/go/216668/575137?wnw=false Page URL
-
http://p.asce.xyz/ad/ad?p=216668&w=575137&t=f96e77581acaa9f3&r=aHR0cHMlM0ElMkYlMkZwb3F1ZXJhcy5jb20lMkY=&vw=1600&vh=1200
HTTP 303
https://freeusd.xyz/?cp=19833 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- http://click.expmediadirect1.com/click?i=h4f0fGwtC04_0 HTTP 302
- http://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source] HTTP 302
- https://biggerpicture.g2afse.com/sl?id=5dca95883bf47917e8f2530d&pid=112&sub5=[conversion]&sub1=[source] HTTP 302
- https://biggerpicture.g2afse.com/click?pid=1&offer_id=188 HTTP 302
- https://armr.trckswrm.com/recommendation?rec_link_id=306&pub_id=154
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
capitalonebankgroup.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bouncy.php
capitalonebankgroup.com/page/ |
688 B 964 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
recommendation
armr.trckswrm.com/ Redirect Chain
|
211 B 288 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
redirect
bercioles.com/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
slope
poqueras.com/noid/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
575137
p.asce.xyz/go/216668/ |
466 B 495 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
freeusd.xyz/ Redirect Chain
|
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
appsha-lon2.cointraffic.io/js/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1568442
ad.a-ads.com/ Frame D453 |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1568442
ad.a-ads.com/ Frame 992C |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
728x90
static.a-ads.com/a-ads-banners/269043/ Frame D453 |
279 KB 280 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
728x90
static.a-ads.com/a-ads-banners/269043/ Frame 992C |
279 KB 280 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame D453 |
305 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame 992C |
305 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popunder.js
appsha-lon2.cointraffic.io/ats/ |
721 B 762 B |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
tmp
apps-lon2.cointraffic.io/ |
475 B 931 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
tmp
apps-lon2.cointraffic.io/ Frame |
0 0 |
Preflight
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script_130421.js
files.cointraffic.io/js/pnd/ |
87 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
28 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster function| SHAMIR64 function| M function| X function| V function| Y function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol object| ctaYmi0xo8Df function| U6CC function| S2aa function| A7RR function| b2aa function| m5KK function| g0hh function| V5kk function| o5KK string| popns function| b133 object| CoinTrafficPnd4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
biggerpicture.g2afse.com/ | Name: afclick Value: 6147f15cb1e33300012d1999 |
|
biggerpicture.g2afse.com/ | Name: afoffers Value: {"188":1632104796} |
|
freeusd.xyz/ | Name: PHPSESSID Value: j95sahr7uk3as6inkjmlutmf7a |
|
freeusd.xyz/ | Name: r Value: 19833 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.a-ads.com
apps-lon2.cointraffic.io
appsha-lon2.cointraffic.io
armr.trckswrm.com
bercioles.com
biggerpicture.g2afse.com
capitalonebankgroup.com
click.expmediadirect1.com
files.cointraffic.io
freeusd.xyz
p.asce.xyz
poqueras.com
static.a-ads.com
104.21.80.230
107.189.31.154
107.21.8.49
136.243.55.84
172.67.171.70
185.189.56.92
185.85.240.72
185.85.242.92
198.134.116.30
213.227.156.13
2607:fad0:3801:4::1
5.9.5.202
02ca1e2a49e4525eb3b52a9a9d440baeac4556697c782f1874de554a1ae2ae8e
185c84d27d02688035e29c885bf2c028a5ddac4f0cb2b18f8b677444dc450cbf
1cc1a9f9e94a846e8374e3632582d5232aa5bfa715c7e4defcc8fb12ac3a0f69
36d8a6a15aaf0bb71a13e8ac03a808deba4c31c2396edb211e82aa4f21350759
4ed36b7360ed81ceb491fe1a919d6c4bc04c54b1ed46d7f8769bf59699eda926
8426d3c8331064688cf7580097f227cd315c2e76ba3ccec9474e75abb9c856ab
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
a2c5640a4136a2d44076f104ca8c455348f3f66fc69add7b4a757a37edc89613
c99f906cdd973cb07db964fd9cf7391a4ed7843d45972c284b8dc746215d8612
f8b5ab9dfe16da21be6ac048fd5adf54035c04655c8c6bfa4a4566557520c213
ff9b51eb459b2bd73727d2a0e88fef48e0169ea141beb7c0092d1d3bd188888b