claimfreecrypto.tk Open in urlscan Pro
213.238.168.52 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://claimfreecrypto.tk/
Effective URL:
https://claimfreecrypto.tk/bnb/
Submission: On June 29 via manual (June 29th 2021, 7:05:01 am UTC) from NL

Summary HTTP 99 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 16 domains to perform 99 HTTP transactions. The main IP is 213.238.168.52, located in Turkey and belongs to HOSTIXO, TR. The main domain is claimfreecrypto.tk.
TLS certificate: Issued by R3 on June 17th 2021. Valid for: 3 months.

This is the only time claimfreecrypto.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	213.238.168.52 213.238.168.52	212069 (HOSTIXO) (HOSTIXO)
3	2a04:4e42:1b:... 2a04:4e42:1b::485	54113 (FASTLY) (FASTLY)
41	85.114.134.182 85.114.134.182	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 3	104.16.168.131 104.16.168.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:3d6d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.77.129 65.9.77.129	16509 (AMAZON-02) (AMAZON-02)
2	85.10.200.158 85.10.200.158	24940 (HETZNER-AS) (HETZNER-AS)
2	195.201.242.31 195.201.242.31	24940 (HETZNER-AS) (HETZNER-AS)
9	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	67.202.114.214 67.202.114.214	32748 (STEADFAST) (STEADFAST)
12	65.9.77.73 65.9.77.73	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.119 143.204.98.119	16509 (AMAZON-02) (AMAZON-02)
1	89.163.135.156 89.163.135.156	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
7	104.16.169.131 104.16.169.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3036::6815:19ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:600... 2a04:4e42:600::729	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
99	20

8 213.238.168.52 (Turkey) 1 redirects

ASN212069 (HOSTIXO, TR)
PTR: cp50.nsixo.com

claimfreecrypto.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:1b::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 85.114.134.182 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: h104.hubuhost.com

g.cash-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.168.131 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:c1a (United States)

ASN13335 (CLOUDFLARENET, US)

www.coinpayu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:3d6d (United States)

ASN13335 (CLOUDFLARENET, US)

static.surfe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.77.129 (United States)

ASN16509 (AMAZON-02, US)

arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.10.200.158 (Munich, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 85-10-200-158.clients.your-server.de

ad.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.a-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.201.242.31 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.31.242.201.195.clients.your-server.de

surfe.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.202.114.214 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: amung.us

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 65.9.77.73 (United States)

ASN16509 (AMAZON-02, US)

static.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-119.fra50.r.cloudfront.net

core.arc.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.163.135.156 (Andernach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: h103.hubuhost.com

traffic-buchen.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.16.169.131 (United States)

ASN13335 (CLOUDFLARENET, US)

newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:19ec (United States)

ASN13335 (CLOUDFLARENET, US)

static.surfe.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	cash-ads.com g.cash-ads.com	280 KB
14	arc.io arc.io static.arc.io core.arc.io	223 KB
10	hcaptcha.com 1 redirects hcaptcha.com newassets.hcaptcha.com	456 KB
9	tawk.to embed.tawk.to va.tawk.to	120 KB
8	claimfreecrypto.tk 1 redirects claimfreecrypto.tk	21 KB
3	surfe.be static.surfe.be	313 KB
3	surfe.pro static.surfe.pro surfe.pro	7 KB
3	jsdelivr.net cdn.jsdelivr.net	58 KB
2	cloudflare.com cdnjs.cloudflare.com	2 KB
2	a-ads.com ad.a-ads.com static.a-ads.com	119 KB
1	sentry-cdn.com browser.sentry-cdn.com	20 KB
1	traffic-buchen.de traffic-buchen.de	264 B
1	amung.us whos.amung.us	145 B
1	waust.at waust.at	7 KB
1	coinpayu.com www.coinpayu.com	261 KB
0	ezmob.com Failed xml.ezmob.com Failed
99	16

	Domain	Requested by
41	g.cash-ads.com	claimfreecrypto.tk g.cash-ads.com
12	static.arc.io	arc.io core.arc.io static.arc.io
8	embed.tawk.to	claimfreecrypto.tk embed.tawk.to
8	claimfreecrypto.tk	1 redirects claimfreecrypto.tk
7	newassets.hcaptcha.com	claimfreecrypto.tk hcaptcha.com newassets.hcaptcha.com
3	static.surfe.be	claimfreecrypto.tk
3	hcaptcha.com	1 redirects newassets.hcaptcha.com
3	cdn.jsdelivr.net	claimfreecrypto.tk
2	cdnjs.cloudflare.com	static.arc.io
2	surfe.pro	claimfreecrypto.tk
1	va.tawk.to	embed.tawk.to
1	browser.sentry-cdn.com	arc.io
1	traffic-buchen.de	g.cash-ads.com
1	static.a-ads.com	ad.a-ads.com
1	core.arc.io	arc.io
1	whos.amung.us	waust.at
1	ad.a-ads.com	claimfreecrypto.tk
1	arc.io	claimfreecrypto.tk
1	waust.at	claimfreecrypto.tk
1	static.surfe.pro	claimfreecrypto.tk
1	www.coinpayu.com	claimfreecrypto.tk
0	xml.ezmob.com Failed	g.cash-ads.com
99	22

This site contains links to these domains. Also see Links.

Domain
www.coinpayu.com
surfe.pro
www.makejar.com
whos.amung.us
cash-ads.com
advertiser.cash-ads.com

Subject Issuer	Validity	Valid
*.claimfreecrypto.tk R3	`2021-06-17` - `2021-09-15`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
g.cash-ads.com R3	`2021-05-17` - `2021-08-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
arc.io Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.a-ads.com Sectigo ECC Domain Validation Secure Server CA	`2020-12-02` - `2022-01-02`	a year	crt.sh
surfe.pro R3	`2021-05-06` - `2021-08-04`	3 months	crt.sh
whos.amung.us Sectigo RSA Domain Validation Secure Server CA	`2020-05-21` - `2022-05-21`	2 years	crt.sh
traffic-buchen.de R3	`2021-06-17` - `2021-09-15`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://claimfreecrypto.tk/bnb/
Frame ID: 5B2CEB5B9BA5FED4B5FBC9BA36B01092
Requests: 49 HTTP requests in this frame

Frame: https://ad.a-ads.com/1611979?size=728x90
Frame ID: D7C6BE6F3975B3E4E02D4ABCFBAB890A
Requests: 3 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D
Frame ID: ACD314705C989ADC201A9E6AD11EA2ED
Requests: 8 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D
Frame ID: 8E7B5456D6208E034D1E6CB5B76197E5
Requests: 7 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D
Frame ID: 64769B322150C623D116255B9265429C
Requests: 7 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D
Frame ID: C4B0EE268903CE05E1FC32402757071D
Requests: 7 HTTP requests in this frame

Frame: https://core.arc.io/broker.html?e57474b
Frame ID: 92FE1C304FEA6F5CD4C32B5B4E6759BA
Requests: 6 HTTP requests in this frame

Frame: https://xml.ezmob.com/redirect?feed=318819&auth=rtY4ZS&url=https://aninter.net&subid=
Frame ID: 324B091D925CB433D09C7728EA2C5C5D
Requests: 1 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3a5eef6/static/hcaptcha-challenge.html
Frame ID: A0D36E40F613104B60D786BC7E7BE622
Requests: 3 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3a5eef6/static/hcaptcha-checkbox.html
Frame ID: 183775380ED3F915AEF5B2FDAAFDD90A
Requests: 5 HTTP requests in this frame

Frame: https://g.cash-ads.com/?nc=mbLzFUjS634dncngqZqnx0zRqSPpPk%2FmVAKXmSoauXI%3D
Frame ID: D0BA6B6FD3C2AE80F0C45066C8A816B6
Requests: 6 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?e57474b
Frame ID: C6DB7618F3B3EDEC1E97DC5DE3756B7D
Requests: 3 HTTP requests in this frame

Frame: https://static.arc.io/widget/css/widget.css?e57474b
Frame ID: 0505B0FB8EDA1120296310586DD2C5DB
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://claimfreecrypto.tk/ Page URL
https://claimfreecrypto.tk/bnb HTTP 301
https://claimfreecrypto.tk/bnb/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

LiteSpeed (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^LiteSpeed$/i

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /\/\/embed\.tawk\.to/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

99
Requests

98 %
HTTPS

42 %
IPv6

16
Domains

22
Subdomains

20
IPs

3
Countries

1887 kB
Transfer

4187 kB
Size

2
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.coinpayu.com/?r=YigitYilmaz

Search URL Search Domain Scan URL

URL: https://surfe.pro/net/click?id=ZXlKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKSVV6STFOaUo5LmV5SnBjM01pT2lKb2RIUndjenBjTDF3dmMzVnlabVV1WW1VaUxDSnBZWFFpT2pFMk1qUTVOVEF5T0RVc0ltUmhkR0VpT2lJME1UZzFORE11TWpVME16RTFPak0yTkRrd05UTTBNREVpZlEuY0VSYUNJQzQ5a00zWGRJQ3lVZFUtemhxbzlRNy1tbEk2Q2p0eVFvUHlBcw==&seed=24878069829278582
Title: Traffic flow to your offer The traffic gun is loaded - test for free on Surfe.be! surfe.be

Search URL Search Domain Scan URL

URL: https://surfe.pro/net/click?id=ZXlKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKSVV6STFOaUo5LmV5SnBjM01pT2lKb2RIUndjenBjTDF3dmMzVnlabVV1WW1VaUxDSnBZWFFpT2pFMk1qUTVOVEF5T0RVc0ltUmhkR0VpT2lJME9EYzFOek11TWpVME16RTFPak0yTkRrd05UTTBNREVpZlEuMUdVMTZVbENKODNYaUp1Zmx2ZDAwQzRETVJNSGowblIwLXZHOVFaS25LSQ==&seed=24878069829278582
Title: Получите 300 RUB за регистрацию Зарабатывайте вместе с другими пользователями add-to-me.site

Search URL Search Domain Scan URL

URL: https://surfe.pro/net/click?id=ZXlKMGVYQWlPaUpLVjFRaUxDSmhiR2NpT2lKSVV6STFOaUo5LmV5SnBjM01pT2lKb2RIUndjenBjTDF3dmMzVnlabVV1WW1VaUxDSnBZWFFpT2pFMk1qUTVOVEF5T0RVc0ltUmhkR0VpT2lJME5ERTFPVFV1TWpVME16RTFPak0yTkRrd05UTTBNREVpZlEuWjRaNEt4QVJ0cnQ5cDlYVERFanRSSDMyazZndjk4c01ZQXI4UVFEbWRITQ==&seed=24878069829278582
Title: Earn more than $10000 monthly Break ThroughYour financial ceiling Start Earning real big money that you deserve team.income24.biz

Search URL Search Domain Scan URL

URL: https://surfe.pro/?utm_medium=banner_badge&utm_source=https://claimfreecrypto.tk/bnb/
Title: surfe.pro

Search URL Search Domain Scan URL

URL: https://www.makejar.com/
Title: Faucet in a BOX Ultimate

Search URL Search Domain Scan URL

URL: https://whos.amung.us/stats/jbe872u8d4/
Title: 28

Search URL Search Domain Scan URL

URL: https://cash-ads.com/?ref=Q%2FYgx%2FiDiufW1908KVEqMA%3D%3D
Title: Publisher?

Search URL Search Domain Scan URL

URL: https://advertiser.cash-ads.com/?ref=Q%2FYgx%2FiDiufW1908KVEqMA%3D%3D
Title: Advertiser?

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://claimfreecrypto.tk/ Page URL
https://claimfreecrypto.tk/bnb HTTP 301
https://claimfreecrypto.tk/bnb/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://hcaptcha.com/1/api.js HTTP 302
https://newassets.hcaptcha.com/captcha/v1/3a5eef6/hcaptcha.js

99 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
claimfreecrypto.tk/ 81 B
325 B 344ms
214ms Document
text/html 213.238.168.52
HOSTIXO

General

Check archive.org

Show headers Download Go to

Full URL: http://claimfreecrypto.tk/
Protocol: HTTP/1.1
Server: 213.238.168.52 , Turkey, ASN212069 (HOSTIXO, TR),
Reverse DNS: cp50.nsixo.com
Software: LiteSpeed /
Resource Hash: d6b19117dc4a90130259330666cbbc6ca56091efb691ec6c0562eec4e2ef1f68

Request headers

Host: claimfreecrypto.tk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
last-modified: Mon, 28 Jun 2021 08:54:39 GMT
accept-ranges: bytes
content-length: 81
date: Tue, 29 Jun 2021 07:04:43 GMT
server: LiteSpeed

GET
H3-29

200

Primary Request / Show response
claimfreecrypto.tk/bnb/
Redirect Chain

https://claimfreecrypto.tk/bnb
https://claimfreecrypto.tk/bnb/

37 KB
17 KB

400ms
152ms

Document
text/html

213.238.168.52
HOSTIXO

General

Check archive.org

Show headers Download Go to

Full URL: https://claimfreecrypto.tk/bnb/
Protocol: H3-29
Security: QUIC, , CHACHA20_POLY1305
Server: 213.238.168.52 , Turkey, ASN212069 (HOSTIXO, TR),
Reverse DNS: cp50.nsixo.com
Software: LiteSpeed /
Resource Hash: 977fbe909a4d58862a2f0336a428058dcd8590ee0fc2e49f8feeefc90be518fa

Request headers

:method: GET
:authority: claimfreecrypto.tk
:scheme: https
:path: /bnb/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://claimfreecrypto.tk/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: http://claimfreecrypto.tk/

Response headers

set-cookie: PHPSESSID=ca3bd67a85d64d22a6ba5428ed2ed3d9; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
referrer-policy: unsafe-url
content-length: 17592
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Jun 2021 07:04:44 GMT
server: LiteSpeed

Redirect headers

content-type: text/html
content-length: 707
date: Tue, 29 Jun 2021 07:04:44 GMT
server: LiteSpeed
location: https://claimfreecrypto.tk/bnb/
alt-svc: h3-34=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-27=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.3.4/css/ 115 KB
19 KB 20ms
6ms Stylesheet
text/css 2a04:4e42:1b::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.3.4/css/bootstrap.min.css

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 719544
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 19236
etag: W/"1ca39-7SkxXg/7PxQ4JDHyckI1v2f0TrM"
x-served-by: cache-fra19158-FRA, cache-hhn4057-HHN
date: Tue, 29 Jun 2021 07:04:44 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 jquery.min.js Show response
cdn.jsdelivr.net/jquery/2.1.4/ 82 KB
29 KB 20ms
6ms Script
application/javascript 2a04:4e42:1b::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/jquery/2.1.4/jquery.min.js

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1521014
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 29595
etag: W/"1499c-gljQRvF908FaXTmE4YaLe10dsyk"
x-served-by: cache-fra19124-FRA, cache-hhn4057-HHN
date: Tue, 29 Jun 2021 07:04:44 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/bootstrap/3.3.4/js/ 35 KB
10 KB 20ms
5ms Script
application/javascript 2a04:4e42:1b::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/bootstrap/3.3.4/js/bootstrap.min.js

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:1b::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1287103
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 9537
etag: W/"8c6f-JTcRxtgl3lWoNgVSVzvpUNoYBhQ"
x-served-by: cache-fra19146-FRA, cache-hhn4057-HHN
date: Tue, 29 Jun 2021 07:04:44 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H3-29 200 united.css
claimfreecrypto.tk/bnb/templates/default/palettes/ 407 B
227 B 123ms
123ms Stylesheet
text/css 213.238.168.52
HOSTIXO

General

Check archive.org

Show headers Download Go to

Full URL: https://claimfreecrypto.tk/bnb/templates/default/palettes/united.css
Requested by: Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/
Protocol: H3-29
Security: QUIC, , CHACHA20_POLY1305
Server: 213.238.168.52 , Turkey, ASN212069 (HOSTIXO, TR),
Reverse DNS: cp50.nsixo.com
Software: LiteSpeed /
Resource Hash: f248c9a08e3e126505d2cdbcc1dfef3c5fdd614cc140af66b8a76049e858c1d1

Request headers

:path: /bnb/templates/default/palettes/united.css
pragma: no-cache
cookie: PHPSESSID=ca3bd67a85d64d22a6ba5428ed2ed3d9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: claimfreecrypto.tk
referer: https://claimfreecrypto.tk/bnb/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
content-encoding: br
last-modified: Fri, 16 Apr 2021 08:03:39 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 141
expires: Tue, 06 Jul 2021 07:04:44 GMT

GET
H2 200 / Show response
g.cash-ads.com/slider/ 9 KB
2 KB 181ms
59ms Script
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/slider/?code=WncOX%2BddsnOdV912K9VmHg%3D%3D

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

786bcafe555aa491331cfd033cfeaeeb0c2f5033091f814c7006ca0b75406de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
content-encoding: gzip
server: nginx
x-frame-options: deny
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
g.cash-ads.com/banner/ 215 B
377 B 181ms
59ms Script
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/banner/?code=GxTDnUk5nAl05tVsenH%2F6tV2KivDWUWDNNBYYN%2Bq9f4%3D

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

8f746744038297a7c6b1c50bd78464590b42ecfb627a2d3be0c7be2b41dbe511

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
content-encoding: gzip
server: nginx
x-frame-options: deny
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
g.cash-ads.com/banner/ 215 B
380 B 181ms
59ms Script
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/banner/?code=GxTDnUk5nAl05tVsenH%2F6qEdRpLugqOH2jk7NCM72LY%3D

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

f8247a68b4d23e63ec5ab35490586d679ea7927abbb3d1fa07dae3cb0e6d2fb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
content-encoding: gzip
server: nginx
x-frame-options: deny
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2

200

hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/3a5eef6/
Redirect Chain

https://hcaptcha.com/1/api.js
https://newassets.hcaptcha.com/captcha/v1/3a5eef6/hcaptcha.js

80 KB
25 KB

81ms
80ms

Script
application/javascript

104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3a5eef6/hcaptcha.js

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81e34b1780953cb0ecdbf9f8a8e9b892c5907f438cb1735877f9bea70a62ba11

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
via: 1.1 a363bcf8a299e9ee68092f31207f8870.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 47041
cf-polished: origSize=81578
x-cache: Miss from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82eba7000000d52fc240000000001
last-modified: Mon, 28 Jun 2021 17:59:44 GMT
server: cloudflare
etag: W/"cd156122285515b9c84f6e37049d3916"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: ARN1-C1
cf-ray: 666d4d70bdd30d52-ARN
x-amz-cf-id: YkKE6N44MUjlehxWIwQMSZJ2yBoX-AbR5rpvqj8WEs7Uumd5Rw6aEQ==
cf-bgj: minify

Redirect headers

date: Tue, 29 Jun 2021 07:04:44 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
location: https://newassets.hcaptcha.com/captcha/v1/3a5eef6/hcaptcha.js
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
strict-transport-security: max-age=2592000; includeSubDomains; preload
cf-ray: 666d4d703c8e0d52-ARN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82eba1f00000d5264046000000001
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 160X600.gif
www.coinpayu.com/static/earners_banner/ 260 KB
261 KB 49ms
25ms Image
image/gif 2606:4700:20::681a:c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.coinpayu.com/static/earners_banner/160X600.gif
Requested by: Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b450300c168ae491c503fb12eb08754153fdef72544534a67084422ae7153d5

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1043152
cf-polished: origSize=273378
content-length: 266178
cf-request-id: 0af82eb9e10000c277df08f000000001
last-modified: Thu, 17 Jun 2021 12:00:16 GMT
server: cloudflare
etag: "60cb3950-42be2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Bx3yYFlUVPvlnDgEB0Stle2KmadX6wkxJpqh93bAudc7IMsleB5VkkPUd1RI7PApaYjlzEcVB1tjurgwJ3OW9SWVAIcvvkz%2F%2BucqEt8zsRn204C5nBEVmr56XxC3tRhAHmDD5kPnQpKe"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
expires: Sat, 17 Jul 2021 05:18:52 GMT
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 666d4d6fcca3c277-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 / Show response
g.cash-ads.com/layer/ 11 KB
3 KB 62ms
60ms Script
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/layer/?code=WncOX%2BddsnOdV912K9VmHg%3D%3D

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

11a8458178a03fb61ad9b05a8d0562ca797e797b296f368f8e00223d3f39e812

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
content-encoding: gzip
server: nginx
x-frame-options: deny
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 net.js Show response
static.surfe.pro/js/ 4 KB
3 KB 37ms
20ms Script
application/javascript 2606:4700:3036::6815:3d6d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.surfe.pro/js/net.js
Requested by: Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:3d6d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95a29b000e578fd31100a7503263c0c6944ad11c5d9a922619d7ab21f1757685

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 12 May 2021 12:11:27 GMT
server: cloudflare
age: 3261
etag: W/"609bc5ef-ea9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=8%2BHBuKK4Bd4KetkvrR7kNFK3a3EGd6rfKnIsBs16If6TnzpGJ9z6gUT3zFYE6loEvw000ot%2BaC6fhOJ3T%2FqXWTpP4lZ0tmj871Sa%2BJqJvTYni8pOFjX4AMIt5dQNHaMmvxtzRZhoMVU6jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 666d4d6fcc9ac2ef-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82eb9d90000c2ef54b57000000001

GET
H2 200 / Show response
g.cash-ads.com/slider/ 0
207 B 60ms
58ms Script
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/slider/?code=dbIYRCa%2BqnjFa%2BOsH9feTA%3D%3D

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
content-encoding: gzip
server: nginx
x-frame-options: deny
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H3-29 200 button-timer.js Show response
claimfreecrypto.tk/bnb/libs/ 815 B
273 B 125ms
123ms Script
application/javascript 213.238.168.52
HOSTIXO

General

Check archive.org

Show headers Download Go to

Full URL: https://claimfreecrypto.tk/bnb/libs/button-timer.js
Requested by: Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/
Protocol: H3-29
Security: QUIC, , CHACHA20_POLY1305
Server: 213.238.168.52 , Turkey, ASN212069 (HOSTIXO, TR),
Reverse DNS: cp50.nsixo.com
Software: LiteSpeed /
Resource Hash: 0bfe7a56d28e579af84a087b1b70b6e976c40f868d7791c8a97e68a121d56db0

Request headers

:path: /bnb/libs/button-timer.js
pragma: no-cache
cookie: PHPSESSID=ca3bd67a85d64d22a6ba5428ed2ed3d9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: claimfreecrypto.tk
referer: https://claimfreecrypto.tk/bnb/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
content-encoding: br
last-modified: Fri, 16 Apr 2021 08:03:39 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 252
expires: Tue, 06 Jul 2021 07:04:44 GMT

GET
H3-29 200 advertisement.js Show response
claimfreecrypto.tk/bnb/libs/ 81 B
100 B 125ms
124ms Script
application/javascript 213.238.168.52
HOSTIXO

General

Check archive.org

Show headers Download Go to

Full URL: https://claimfreecrypto.tk/bnb/libs/advertisement.js
Requested by: Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/
Protocol: H3-29
Security: QUIC, , CHACHA20_POLY1305
Server: 213.238.168.52 , Turkey, ASN212069 (HOSTIXO, TR),
Reverse DNS: cp50.nsixo.com
Software: LiteSpeed /
Resource Hash: 726e6e6b7488328b9ad7746cf8a15ea2f0209c5a99a92100e1866883ca8a40eb

Request headers

:path: /bnb/libs/advertisement.js
pragma: no-cache
cookie: PHPSESSID=ca3bd67a85d64d22a6ba5428ed2ed3d9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: claimfreecrypto.tk
referer: https://claimfreecrypto.tk/bnb/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
last-modified: Fri, 16 Apr 2021 08:03:39 GMT
server: LiteSpeed
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 81
expires: Tue, 06 Jul 2021 07:04:44 GMT

GET
H3-29 200 check.js Show response
claimfreecrypto.tk/bnb/libs/ 942 B
374 B 125ms
124ms Script
application/javascript 213.238.168.52
HOSTIXO

General

Check archive.org

Show headers Download Go to

Full URL: https://claimfreecrypto.tk/bnb/libs/check.js
Requested by: Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/
Protocol: H3-29
Security: QUIC, , CHACHA20_POLY1305
Server: 213.238.168.52 , Turkey, ASN212069 (HOSTIXO, TR),
Reverse DNS: cp50.nsixo.com
Software: LiteSpeed /
Resource Hash: 33cb702b141cc8fd45ae3fa60e244cf4e966bae985fa1b6686f4067aa67f88d1

Request headers

:path: /bnb/libs/check.js
pragma: no-cache
cookie: PHPSESSID=ca3bd67a85d64d22a6ba5428ed2ed3d9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: claimfreecrypto.tk
referer: https://claimfreecrypto.tk/bnb/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
content-encoding: br
last-modified: Fri, 16 Apr 2021 08:03:39 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 352
expires: Tue, 06 Jul 2021 07:04:44 GMT

GET
H2 200 d.js Show response
waust.at/ 13 KB
7 KB 36ms
14ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/d.js
Requested by: Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1750
cf-request-id: 0af82eb9e000002b41cb3b5000000001
last-modified: Mon, 03 May 2021 17:48:39 GMT
server: cloudflare
etag: W/"60903777-3444"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=YOEAM6UbXt2%2Fqmo7Y4LhFKFw9XIheg6D1v7ws1oOdFFeTRweRAPh93QdKXe6nzhKFTnfnckiktdCHrQlTjUvO%2F5qvUXZgfmxUdedRNHOnbCbPNpUihyxfvpPF%2BQUSla9xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 666d4d6fcc162b41-FRA
expires: Wed, 30 Jun 2021 06:35:34 GMT

GET
H2 200 widget.min.js Show response
arc.io/ 7 KB
3 KB 170ms
56ms Script
application/javascript 65.9.77.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arc.io/widget.min.js

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.77.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0b2bbe2d7bbb928da62f7797b0e6eb64dc3147361d716404119f7ecbc1528bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
last-modified: Fri, 25 Jun 2021 05:22:31 GMT
age: 219
etag: "60d56817-b50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600, stale-while-revalidate=864000
date: Tue, 29 Jun 2021 07:01:05 GMT
x-amz-cf-pop: AMS1-C1
content-length: 2896
via: 1.1 bda076aae92eaf83374971b76c395857.cloudfront.net (CloudFront)
x-amz-cf-id: 6qdiVBL6-4fP5qCktPExMCoJP9_fyG6c7p7h-4k3pGqlUz32YhseFA==

GET
H/1.1 200
OK 1611979 Show response
ad.a-ads.com/ Frame D7C6 6 KB
2 KB 209ms
76ms Document
text/html 85.10.200.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.a-ads.com/1611979?size=728x90

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

85.10.200.158 Munich, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

85-10-200-158.clients.your-server.de

Software

nginx/1.14.0 (Ubuntu) / Phusion Passenger(R)

Resource Hash

47b9025aab46eab71022633c52f8957a1b6bac853dd0d9250d49289987e61357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: ad.a-ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://claimfreecrypto.tk/bnb/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://claimfreecrypto.tk/bnb/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Tue, 29 Jun 2021 07:04:44 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding Accept-Encoding
Status: 200 OK
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Original-Referer: https://claimfreecrypto.tk/bnb/
Content-Encoding: gzip

GET
H2 200 / Show response
g.cash-ads.com/ Frame ACD3 496 B
507 B 60ms
59ms Document
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBmaTI55NoE40OpP1jEJmLNQ%3D

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner/?code=GxTDnUk5nAl05tVsenH%2F6tV2KivDWUWDNNBYYN%2Bq9f4%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

02bf3c87b3c958121deeae311de290653d74c4f4d2e92ffe05c39c6d09ae0869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: g.cash-ads.com
:scheme: https
:path: /?nc=DrtMPlVXa01rEvG3MqLHBmaTI55NoE40OpP1jEJmLNQ%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://claimfreecrypto.tk/bnb/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://claimfreecrypto.tk/bnb/

Response headers

server: nginx
date: Tue, 29 Jun 2021 07:04:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 / Show response
g.cash-ads.com/ Frame 8E7B 494 B
501 B 59ms
59ms Document
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvSI0UhQbSFAfkE1zRW2l1o%3D

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner/?code=GxTDnUk5nAl05tVsenH%2F6qEdRpLugqOH2jk7NCM72LY%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

e9bee5d316556537c86d6486965be2f28d099f9ce4145b34f3473214bc6eb322

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: g.cash-ads.com
:scheme: https
:path: /?nc=DrtMPlVXa01rEvG3MqLHBvSI0UhQbSFAfkE1zRW2l1o%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://claimfreecrypto.tk/bnb/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://claimfreecrypto.tk/bnb/

Response headers

server: nginx
date: Tue, 29 Jun 2021 07:04:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80c45338f2371ae0cdcb8840f7b2cf7d749d55c971656e6efc08012933722482

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 shortlink.png
claimfreecrypto.tk/bnb/templates/default/ 2 KB
2 KB 123ms
122ms Image
image/png 213.238.168.52
HOSTIXO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://claimfreecrypto.tk/bnb/templates/default/shortlink.png
Requested by: Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/
Protocol: H3-29
Security: QUIC, , CHACHA20_POLY1305
Server: 213.238.168.52 , Turkey, ASN212069 (HOSTIXO, TR),
Reverse DNS: cp50.nsixo.com
Software: LiteSpeed /
Resource Hash: fe2bcabe9c21571c9b7f7f5e56fa97704e1d61b1563d5b94fdbf2711083960be

Request headers

:path: /bnb/templates/default/shortlink.png
pragma: no-cache
cookie: PHPSESSID=ca3bd67a85d64d22a6ba5428ed2ed3d9
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: claimfreecrypto.tk
referer: https://claimfreecrypto.tk/bnb/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
last-modified: Fri, 16 Apr 2021 08:03:39 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2383
expires: Tue, 06 Jul 2021 07:04:44 GMT

POST
H2 200 id Show response
surfe.pro/net/ 17 B
436 B 223ms
67ms XHR
text/html 195.201.242.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://surfe.pro/net/id
Requested by: Host: claimfreecrypto.tk
URL: http://claimfreecrypto.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.242.31 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.31.242.201.195.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: c2546236987caa6575455c9be65326637d297d3f4e58b014fb515c328d77c8e9

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://claimfreecrypto.tk
access-control-allow-credentials: true
the-rule: surfe.pro
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type

POST
H2 200 teaser Show response
surfe.pro/net/ 22 KB
4 KB 409ms
271ms XHR
text/html 195.201.242.31
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://surfe.pro/net/teaser?sid=254315&seed=24878069829278582&doc_ref=aHR0cDovL2NsYWltZnJlZWNyeXB0by50ay8=
Requested by: Host: claimfreecrypto.tk
URL: http://claimfreecrypto.tk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.201.242.31 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.31.242.201.195.clients.your-server.de
Software: nginx/1.10.3 /
Resource Hash: cf663092b5d9ecb41f8c7523422986878c1e7e2452467143f852370fef085240

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: gzip
server: nginx/1.10.3
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS, DELETE, PUT
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://claimfreecrypto.tk
access-control-allow-credentials: true
the-rule: surfe.pro
access-control-allow-headers: User-Agent,Keep-Alive,Content-Type

GET
H2 200 / Show response
g.cash-ads.com/ Frame 6476 496 B
507 B 59ms
59ms Document
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBmaTI55NoE40OpP1jEJmLNQ%3D

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner/?code=GxTDnUk5nAl05tVsenH%2F6tV2KivDWUWDNNBYYN%2Bq9f4%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

02bf3c87b3c958121deeae311de290653d74c4f4d2e92ffe05c39c6d09ae0869

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: g.cash-ads.com
:scheme: https
:path: /?nc=DrtMPlVXa01rEvG3MqLHBmaTI55NoE40OpP1jEJmLNQ%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://claimfreecrypto.tk/bnb/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://claimfreecrypto.tk/bnb/

Response headers

server: nginx
date: Tue, 29 Jun 2021 07:04:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 / Show response
g.cash-ads.com/ Frame C4B0 494 B
501 B 59ms
59ms Document
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvSI0UhQbSFAfkE1zRW2l1o%3D

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/banner/?code=GxTDnUk5nAl05tVsenH%2F6qEdRpLugqOH2jk7NCM72LY%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

e9bee5d316556537c86d6486965be2f28d099f9ce4145b34f3473214bc6eb322

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: g.cash-ads.com
:scheme: https
:path: /?nc=DrtMPlVXa01rEvG3MqLHBvSI0UhQbSFAfkE1zRW2l1o%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://claimfreecrypto.tk/bnb/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://claimfreecrypto.tk/bnb/

Response headers

server: nginx
date: Tue, 29 Jun 2021 07:04:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 lds.gif
g.cash-ads.com/img/ Frame ACD3 5 KB
5 KB 62ms
61ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/lds.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBmaTI55NoE40OpP1jEJmLNQ%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBmaTI55NoE40OpP1jEJmLNQ%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
last-modified: Thu, 21 Jan 2021 21:02:57 GMT
server: nginx
etag: "6009ec01-14bf"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 5311
x-xss-protection: 1; mode=block

GET
H2 200 lds.gif
g.cash-ads.com/img/ Frame 8E7B 5 KB
5 KB 66ms
65ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/lds.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvSI0UhQbSFAfkE1zRW2l1o%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvSI0UhQbSFAfkE1zRW2l1o%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
last-modified: Thu, 21 Jan 2021 21:02:57 GMT
server: nginx
etag: "6009ec01-14bf"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 5311
x-xss-protection: 1; mode=block

GET
H2 200 1esg276mk Show response
embed.tawk.to/60083a43c31c9117cb70a253/ 2 KB
956 B 45ms
19ms Script
application/x-javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/60083a43c31c9117cb70a253/1esg276mk

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17c77f5dd57ad66b639a7acf20e97f6dffb828538e785a842369424bce126725

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://claimfreecrypto.tk
Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3564
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82eba6200003128d1abc000000001
server: cloudflare
etag: W/"stable-v4-60d19012b18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 666d4d7098db3128-FRA

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4837eb2a3fedc8f188fc1e526eaaf0d25f59abf3e16720729c54aaab31d0a27

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9ec504c12bb12b7532e140df30a1b70107a7653f369ef2c3fe4757b4580f1ae

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7c506d60482f02fa52395df7c83d65b57f2a5c8daee63aa782887367e154eba

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 971 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5cf7857667a8b854f241a79939214aebf277e27f87e9405425b4985b53f1a6a0

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
whos.amung.us/pingjs/ 29 B
145 B 422ms
141ms Script
text/javascript 67.202.114.214
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=jbe872u8d4&t=CLAIM%20FREE%20BINANCE%20COIN&c=d&x=https%3A%2F%2Fclaimfreecrypto.tk%2Fbnb%2F&y=http%3A%2F%2Fclaimfreecrypto.tk%2F&a=0&v=27&r=6019
Requested by: Host: waust.at
URL: https://waust.at/d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 67.202.114.214 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS: amung.us
Software: /
Resource Hash: 54c1d5e2c853838eadaf436adc896d1488f23a196a3e8ccad1b398e57493b1e0

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: gzip
content-type: text/javascript;charset=UTF-8

GET
H2 200 core.js Show response
static.arc.io/widget/js/ 304 KB
89 KB 182ms
67ms Script
application/javascript 65.9.77.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/core.js?e57474b
Requested by: Host: arc.io
URL: https://arc.io/widget.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9b7a28dba2e76f7b3faf1790d78e4fd97391ee34481d2f8c94c2f87abc85d2be

Request headers

Origin: https://claimfreecrypto.tk
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 05:35:15 GMT
content-encoding: br
vary: Accept-Encoding
age: 350971
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 25 Jun 2021 05:22:53 GMT
server: AmazonS3
etag: W/"f91372da713cf9c4f9dfde51e2c58c6a"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: BsEO450XaxkdWL2oN1WfNzYbiFKVWUTX-Jl2ebXoKySDyE5LS09oEQ==

GET
H2 200 broker.html Show response
core.arc.io/ Frame 92FE 2 KB
946 B 199ms
63ms Document
text/html 143.204.98.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://core.arc.io/broker.html?e57474b

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-119.fra50.r.cloudfront.net

Software

Resource Hash

e9cb2db9d4920b1850a8d7b3afb6eafefba432148a7a943ea303e37c3b424846

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: core.arc.io
:scheme: https
:path: /broker.html?e57474b
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://claimfreecrypto.tk/bnb/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://claimfreecrypto.tk/bnb/

Response headers

content-type: text/html
content-length: 500
date: Fri, 25 Jun 2021 05:35:14 GMT
last-modified: Tue, 08 Jun 2021 01:23:49 GMT
etag: "60bec6a5-1f4"
content-encoding: br
expires: Sun, 25 Jul 2021 05:35:14 GMT
cache-control: max-age=2592000 public
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 3RrkqdYPsGw82YC19KPYaltNAdgP3I4f2huA6VmOXYA4uDQk-S43sA==
age: 350971

GET
H2 200 lds.gif
g.cash-ads.com/img/ Frame 6476 5 KB
5 KB 61ms
61ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/lds.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBmaTI55NoE40OpP1jEJmLNQ%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBmaTI55NoE40OpP1jEJmLNQ%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
last-modified: Thu, 21 Jan 2021 21:02:57 GMT
server: nginx
etag: "6009ec01-14bf"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 5311
x-xss-protection: 1; mode=block

GET
H2 200 lds.gif
g.cash-ads.com/img/ Frame C4B0 5 KB
5 KB 64ms
64ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/lds.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvSI0UhQbSFAfkE1zRW2l1o%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvSI0UhQbSFAfkE1zRW2l1o%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:44 GMT
last-modified: Thu, 21 Jan 2021 21:02:57 GMT
server: nginx
etag: "6009ec01-14bf"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 5311
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
g.cash-ads.com/ Frame ACD3 3 KB
1 KB 62ms
61ms Document
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

8fa5556c705b745b61c204d0aee1fc41fc68d863e2f6cead701657c6d1c8cf79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: g.cash-ads.com
:scheme: https
:path: /?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBmaTI55NoE40OpP1jEJmLNQ%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBmaTI55NoE40OpP1jEJmLNQ%3D

Response headers

server: nginx
date: Tue, 29 Jun 2021 07:04:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 / Show response
g.cash-ads.com/ Frame 8E7B 1 KB
932 B 61ms
60ms Document
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

ccb9373791754e25ac38089133785964ef978e965ecbe5ec3edb2e8081713f93

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: g.cash-ads.com
:scheme: https
:path: /?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvSI0UhQbSFAfkE1zRW2l1o%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvSI0UhQbSFAfkE1zRW2l1o%3D

Response headers

server: nginx
date: Tue, 29 Jun 2021 07:04:44 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H/1.1 200
OK 728x90
static.a-ads.com/a-ads-banners/204060/ Frame D7C6 116 KB
116 KB 235ms
97ms Image
image/gif 85.10.200.158
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.a-ads.com/a-ads-banners/204060/728x90?region=eu-central-1
Requested by: Host: ad.a-ads.com
URL: https://ad.a-ads.com/1611979?size=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.10.200.158 Munich, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: 85-10-200-158.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: feb7afb937d418b2adcd68c9c7f31652e358ba80d529450ca9dbdc3ede2ee469

Request headers

Referer: https://ad.a-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 29 Jun 2021 07:04:45 GMT
Last-Modified: Sun, 27 Jun 2021 22:44:36 GMT
Server: nginx/1.14.0 (Ubuntu)
x-amz-request-id: 3JG550BP686P7VNJ
ETag: "8f235226b6c240433f25a58c14a81e54"
Content-Type: image/gif
Cache-Control: max-age=315360000
x-amz-replication-status: PENDING
Content-Length: 118526
Connection: keep-alive
Accept-Ranges: bytes
x-amz-version-id: sbhVZDdjdhi4HH8DinojoxzZ8AtVravf
x-amz-id-2: rYBJiBKdXVooT+A/WZLSQJnqMq+qs9YlrEZfCUXCE3dwiGAz+FoT4QEHSSu48/43qRQloiUPz7M=
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame D7C6 305 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
g.cash-ads.com/ Frame 6476 1 KB
738 B 60ms
60ms Document
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

308f9212bb274dd824233c31707b8353373165efc01d5bd30d751b4c18635dc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: g.cash-ads.com
:scheme: https
:path: /?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBmaTI55NoE40OpP1jEJmLNQ%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBmaTI55NoE40OpP1jEJmLNQ%3D

Response headers

server: nginx
date: Tue, 29 Jun 2021 07:04:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 / Show response
g.cash-ads.com/ Frame C4B0 1 KB
741 B 61ms
61ms Document
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D

Requested by

Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

66b1a8a844c088eba197faafe97c315114f3a2a55778a67b191c5ae6754cfd14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: g.cash-ads.com
:scheme: https
:path: /?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvSI0UhQbSFAfkE1zRW2l1o%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvSI0UhQbSFAfkE1zRW2l1o%3D

Response headers

server: nginx
date: Tue, 29 Jun 2021 07:04:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 oflimg12.gif
traffic-buchen.de/ Frame ACD3 73 B
264 B 185ms
57ms Image
image/gif 89.163.135.156
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://traffic-buchen.de/oflimg12.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.163.135.156 Andernach, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h103.hubuhost.com

Software

nginx /

Resource Hash

6d6050d327d43312cc35598f98cd54461112602eaff109912e01342ff68deb38

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Sun, 05 Apr 2020 02:09:49 GMT
server: nginx
etag: "5e893ded-49"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 73
x-xss-protection: 1; mode=block

GET
H2 200 bovl1.gif
g.cash-ads.com/img/ Frame ACD3 1 KB
1 KB 60ms
59ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/bovl1.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:15:28 GMT
server: nginx
etag: "5f5bf700-41f"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 1055
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
g.cash-ads.com/int/ Frame ACD3 84 KB
34 KB 60ms
59ms Script
application/javascript 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/int/jquery.min.js

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 05:45:55 GMT
server: nginx
etag: W/"5fa0ee93-14e08"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET redirect
xml.ezmob.com/ Frame 324B 0
0

GET
H2 200 bovl1.gif
g.cash-ads.com/img/ Frame 8E7B 1 KB
1 KB 85ms
85ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/bovl1.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:15:28 GMT
server: nginx
etag: "5f5bf700-41f"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 1055
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
g.cash-ads.com/int/ Frame 8E7B 84 KB
34 KB 96ms
96ms Script
application/javascript 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/int/jquery.min.js

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 05:45:55 GMT
server: nginx
etag: W/"5fa0ee93-14e08"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 b1.gif
g.cash-ads.com/img/ Frame ACD3 5 KB
5 KB 101ms
100ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/b1.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

03120703c21912aa70cfb42757526df8de22fc1f4c479f1487992cc60d601fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:37:01 GMT
server: nginx
etag: "5f5bfc0d-12fc"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 4860
x-xss-protection: 1; mode=block

GET
H2 200 bovl1.gif
g.cash-ads.com/img/ Frame ACD3 1 KB
1 KB 101ms
100ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/bovl1.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:15:28 GMT
server: nginx
etag: "5f5bf700-41f"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 1055
x-xss-protection: 1; mode=block

GET
H2 200 b2.gif
g.cash-ads.com/img/ Frame 8E7B 7 KB
7 KB 106ms
105ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/b2.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

36ba7545f1bd869f5d3abcc2e0c4e1072a33be1da4934214011a8c4399438e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:38:47 GMT
server: nginx
etag: "5f5bfc77-1cf3"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 7411
x-xss-protection: 1; mode=block

GET
H2 200 bovl1.gif
g.cash-ads.com/img/ Frame 8E7B 1 KB
1 KB 103ms
103ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/bovl1.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:15:28 GMT
server: nginx
etag: "5f5bf700-41f"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 1055
x-xss-protection: 1; mode=block

GET
H3-29 200 hcaptcha-challenge.html Show response
newassets.hcaptcha.com/captcha/v1/3a5eef6/static/ Frame A0D3 2 KB
1 KB 98ms
64ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3a5eef6/static/hcaptcha-challenge.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fbf69bbf2d7962ddb3c13b3d3c24623ba9a6a5933b8ff9d22835515e8500b09

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: newassets.hcaptcha.com
:scheme: https
:path: /captcha/v1/3a5eef6/static/hcaptcha-challenge.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://claimfreecrypto.tk/bnb/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://claimfreecrypto.tk/bnb/

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-type: text/html
last-modified: Mon, 28 Jun 2021 17:59:44 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 a62f7ce6b39c676fcfdde0f9a6fcf08e.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: QhGxsB4twCrtalMI0SxxlApWJ6SYpnAyE1yLs0fucjXlbzgW7W3Q0g==
age: 47041
cf-cache-status: DYNAMIC
cf-request-id: 0af82ebb22000016a58f076000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 666d4d71c93c16a5-ARN
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H3-29 200 hcaptcha-checkbox.html Show response
newassets.hcaptcha.com/captcha/v1/3a5eef6/static/ Frame 1837 2 KB
2 KB 98ms
65ms Document
text/html 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3a5eef6/static/hcaptcha-checkbox.html

Requested by

Host: hcaptcha.com
URL: https://hcaptcha.com/1/api.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

add65b519649bee2153780b6987f5f621c6547573a4a12298f604ff704276291

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: newassets.hcaptcha.com
:scheme: https
:path: /captcha/v1/3a5eef6/static/hcaptcha-checkbox.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://claimfreecrypto.tk/bnb/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://claimfreecrypto.tk/bnb/

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-type: text/html
last-modified: Mon, 28 Jun 2021 17:59:44 GMT
cache-control: max-age=1209600
x-cache: Hit from cloudfront
via: 1.1 c908cbeaf223c80632fd467b8ff1278b.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: e6MVWK3HMOwyvTbww1RCmpMY0_1iCM3luQ6BOSQEcT6TNqX5YpL7_Q==
age: 47041
cf-cache-status: DYNAMIC
cf-request-id: 0af82ebb1d000016a5b0ba4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 666d4d71c93816a5-ARN
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 bovl1.gif
g.cash-ads.com/img/ Frame 6476 1 KB
1 KB 71ms
70ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/bovl1.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:15:28 GMT
server: nginx
etag: "5f5bf700-41f"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 1055
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
g.cash-ads.com/int/ Frame 6476 84 KB
34 KB 71ms
70ms Script
application/javascript 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/int/jquery.min.js

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 05:45:55 GMT
server: nginx
etag: W/"5fa0ee93-14e08"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 bovl1.gif
g.cash-ads.com/img/ Frame C4B0 1 KB
1 KB 67ms
66ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/bovl1.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:15:28 GMT
server: nginx
etag: "5f5bf700-41f"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 1055
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
g.cash-ads.com/int/ Frame C4B0 84 KB
34 KB 66ms
66ms Script
application/javascript 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/int/jquery.min.js

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 05:45:55 GMT
server: nginx
etag: W/"5fa0ee93-14e08"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 b1.gif
g.cash-ads.com/img/ Frame 6476 5 KB
5 KB 81ms
80ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/b1.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

03120703c21912aa70cfb42757526df8de22fc1f4c479f1487992cc60d601fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:37:01 GMT
server: nginx
etag: "5f5bfc0d-12fc"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 4860
x-xss-protection: 1; mode=block

GET
H2 200 bovl1.gif
g.cash-ads.com/img/ Frame 6476 1 KB
1 KB 81ms
80ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/bovl1.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBvyREQv6NcI2VtF3%2BxQmYy0%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:15:28 GMT
server: nginx
etag: "5f5bf700-41f"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 1055
x-xss-protection: 1; mode=block

GET
H2 200 b2.gif
g.cash-ads.com/img/ Frame C4B0 7 KB
7 KB 81ms
81ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/b2.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

36ba7545f1bd869f5d3abcc2e0c4e1072a33be1da4934214011a8c4399438e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:38:47 GMT
server: nginx
etag: "5f5bfc77-1cf3"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 7411
x-xss-protection: 1; mode=block

GET
H2 200 bovl1.gif
g.cash-ads.com/img/ Frame C4B0 1 KB
1 KB 83ms
83ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/bovl1.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBqGosGnigivonkXg2JD7R5Q%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:15:28 GMT
server: nginx
etag: "5f5bf700-41f"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 1055
x-xss-protection: 1; mode=block

GET
H2 200 broker.62c2364d.js Show response
static.arc.io/broker/js/ Frame 92FE 23 KB
9 KB 58ms
58ms Script
application/javascript 65.9.77.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/broker.62c2364d.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?e57474b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef3844e3e6dc530b2eb846f12d6a27f2cfce57dccd1fb335f38e83f9674553f1

Request headers

Origin: https://core.arc.io
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 01:37:30 GMT
content-encoding: br
vary: Accept-Encoding
age: 1834036
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 01:24:16 GMT
server: AmazonS3
etag: W/"5ece79e69dfbc4440818db97480e0c83"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 7F_HFbBHe9QBmXzXuH8TKequj2zjbTf0b3L1e-EC-eQIvlwYPeh88w==

GET
H2 200 chunk-vendors.5e1d8045.js Show response
static.arc.io/broker/js/ Frame 92FE 49 KB
18 KB 58ms
58ms Script
application/javascript 65.9.77.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/chunk-vendors.5e1d8045.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?e57474b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0

Request headers

Origin: https://core.arc.io
Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 08 Jun 2021 01:37:30 GMT
content-encoding: br
vary: Accept-Encoding
age: 1834036
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 08 Jun 2021 01:24:16 GMT
server: AmazonS3
etag: W/"7baaa27cb0e1201fe90ecc5efca8fbcf"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 2WoQGHlSpW2LcTF6su7n97JT6MdXaJWclBZT6ZYrdwKybuqwZoV7rg==

GET
H2 200 lazy-iwc.9b430e25.js
static.arc.io/broker/js/ Frame 92FE 0
5 KB 176ms
63ms Other
application/javascript 65.9.77.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-iwc.9b430e25.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?e57474b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 01:22:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2094168
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 05 May 2021 02:50:01 GMT
server: AmazonS3
etag: W/"7fd8734437dbdc553c3513d10d0c0a97"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: DuHrFSRgVcEEysda1ZRAS1LHzP0-sut9guA2JVNgSzajnhSetBbxXA==

GET
H2 200 lazy-modules.a169b1ec.js
static.arc.io/broker/js/ Frame 92FE 0
15 KB 176ms
63ms Other
application/javascript 65.9.77.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: core.arc.io
URL: https://core.arc.io/broker.html?e57474b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 01:22:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2094166
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 05 May 2021 02:50:01 GMT
server: AmazonS3
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Xl-6fMo9y5hibEnGMO_Q_ATyk_jihKYZVZwx064sqCPvFdemXIWfug==

GET
H3-29 200 hcaptcha-challenge.js Show response
newassets.hcaptcha.com/captcha/v1/3a5eef6/ Frame A0D3 206 KB
58 KB 89ms
88ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3a5eef6/hcaptcha-challenge.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3a5eef6/static/hcaptcha-challenge.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f515bc8f767ecc60d8216907d666e7dfc221d2e7070ba29a422ee917faf382d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/3a5eef6/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
via: 1.1 c7b77c915dff1aaf04e31040a3e9f3ed.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 47041
cf-polished: origSize=211212
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebb94000016a5d604c000000001
last-modified: Mon, 28 Jun 2021 17:59:42 GMT
server: cloudflare
etag: W/"d78afa4b1a8ce9843b5ca4591854bdb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: ARN1-C1
cf-ray: 666d4d728b9f16a5-ARN
x-amz-cf-id: JyN2co2iKzidqMKeEWrHnRBi1IWr8tBNjrgWJwtYCZbzled7xmwNLA==
cf-bgj: minify

GET
H3-29 200 hcaptcha-checkbox.js Show response
newassets.hcaptcha.com/captcha/v1/3a5eef6/ Frame 1837 123 KB
40 KB 54ms
54ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3a5eef6/hcaptcha-checkbox.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3a5eef6/static/hcaptcha-checkbox.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d39a3913193f88590bce6bd23a0101f350d16e09a8b69984298d805c46302c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/3a5eef6/static/hcaptcha-checkbox.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
via: 1.1 3529bf84e9522012233c3dd2a59fdfe9.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 47041
cf-polished: origSize=126273
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebb9d000016a595068000000001
last-modified: Mon, 28 Jun 2021 17:59:43 GMT
server: cloudflare
etag: W/"3158f8b6a84250454925c2961fcb695b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: ARN1-C1
cf-ray: 666d4d728ba516a5-ARN
x-amz-cf-id: d4x9j7y-gpdjjW053YPDX0IJkgxIr72UFolDBQSGN0fpEA3MucvpqQ==
cf-bgj: minify

GET
H3-29 200 style.css
newassets.hcaptcha.com/captcha/v1/3a5eef6/static/css/ Frame 1837 3 KB
1 KB 48ms
47ms Stylesheet
text/css 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3a5eef6/static/css/style.css

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3a5eef6/static/hcaptcha-checkbox.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7959ce1414a40e64aad9aac2eea4f8e5a2b2270e9e7ff3cc4c68c4c335cc0129

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/3a5eef6/static/hcaptcha-checkbox.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
via: 1.1 5fe72dc53026697b10c6bbb72b4a3144.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 47041
cf-polished: origSize=3519
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebb9d000016a5d0aaa000000001
last-modified: Mon, 28 Jun 2021 17:59:44 GMT
server: cloudflare
etag: W/"9b812422791b1d13bb61cf6f140fa8df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: text/css
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: ARN1-C1
cf-ray: 666d4d728bc416a5-ARN
x-amz-cf-id: 7d8wgr0RXRAOwZoCBjvUCZkODv6iTC7LpugmS78mOtbUsAfMGv_QRg==
cf-bgj: minify

GET
H2 200 vendors~widget-ui.js Show response
static.arc.io/widget/js/ 93 KB
31 KB 91ms
63ms Script
application/javascript 65.9.77.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/vendors~widget-ui.js?e57474b
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?e57474b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a21d72f3da7e9d5a18918a6eec681ba746f2c31e1a7fb3802a0365eaa613fbf

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 05:35:17 GMT
content-encoding: br
vary: Accept-Encoding
age: 350969
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 25 Jun 2021 05:22:53 GMT
server: AmazonS3
etag: W/"a4b6ee9135f21578e822f5d6879ec661"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: o6SMCp6yN1F-Ns9iHPDQOuG30LzUQnytdfKZc9lhs4SHVqpG5e7NvA==

GET
H2 200 widget.css
static.arc.io/widget/css/ 84 KB
6 KB 90ms
62ms Stylesheet
text/css 65.9.77.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?e57474b
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?e57474b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25a179ad46517ab44710bf38b5975a1a64f3f9a232e0a08b19035d7442bff99f

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 05:35:17 GMT
content-encoding: br
vary: Accept-Encoding
age: 350969
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 25 Jun 2021 05:22:53 GMT
server: AmazonS3
etag: W/"0c33782016ee5f3486237016152534e3"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: _Iy3fi0jtj30BVVMNQn-aQllgcomSdksW85LVDKaSONQbfnif2UFaw==

GET
H2 200 widget-ui.js Show response
static.arc.io/widget/js/ 40 KB
12 KB 90ms
62ms Script
application/javascript 65.9.77.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/widget-ui.js?e57474b
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?e57474b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9063bd7289b09f3fc1dfb7d7b04d4444b9e3e72580bce7fee27b50900612693c

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 05:35:17 GMT
content-encoding: br
vary: Accept-Encoding
age: 350969
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 25 Jun 2021 05:22:53 GMT
server: AmazonS3
etag: W/"438fc863e9e58c0d1f82c27160c36846"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: Cg_kvdp6TO5ikBWilwAr2-pos9OXTWYm8BidKj3XjNFuPAb_8KNIVg==

GET
H2 200 brokers.js Show response
static.arc.io/widget/js/ 22 KB
8 KB 79ms
63ms Script
application/javascript 65.9.77.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/js/brokers.js?e57474b
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/core.js?e57474b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5761d88a14fe8c853cf13963c0af0cbb8de44f4cb1f2882c4098e6ec2582323e

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 05:39:26 GMT
content-encoding: br
vary: Accept-Encoding
age: 350720
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 25 Jun 2021 05:22:53 GMT
server: AmazonS3
etag: W/"5459d00bf7db6ccb9c592300802433f7"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: kTIQguvTWh2NzHVclVOBTDKejC8XFn0PgRq-65lKl3adV49WBYbAcQ==

GET
H2 200 lazy-modules.a169b1ec.js Show response
static.arc.io/broker/js/ Frame 92FE 45 KB
15 KB 76ms
62ms Script
application/javascript 65.9.77.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/broker/js/lazy-modules.a169b1ec.js
Requested by: Host: static.arc.io
URL: https://static.arc.io/broker/js/broker.62c2364d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b

Request headers

Referer: https://core.arc.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 01:22:01 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 2094166
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 05 May 2021 02:50:01 GMT
server: AmazonS3
etag: W/"32ab6174f553ec44ff554a5a2406b76d"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: application/javascript
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: VZ8aqifdPEUKjVbbZvN_3YTbyGCOp7Rnb70mRZr2m74B7LFRXWVpcw==

GET
H2 200 8ee1f1872b3db0bbf2acf55acbfe6c6e.png
static.surfe.be/upload/62348/ 288 KB
289 KB 44ms
23ms Image
image/png 2606:4700:3036::6815:19ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.surfe.be/upload/62348/8ee1f1872b3db0bbf2acf55acbfe6c6e.png
Requested by: Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:19ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92435ae9c18989a903e679b82e884a518a820bd12a38639933c8f3da9cb2420a

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
cf-cache-status: HIT
last-modified: Mon, 02 Nov 2020 08:08:18 GMT
server: cloudflare
age: 47315
etag: W/"5f9fbe72-47fb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=Xt8vcc1TZ9LGxaGyHzKxBra6HBz4vFeTgKzIJCqMxXnkA%2FSCkjY0wz4Oy7jF0%2FZfqWSIjz3HCap7eqEJGzJfzswrD1zuTOO9%2FV5eBLJm3LU4JWDvxvBiiFr2VU%2FbA3dy5Ej%2BLvEIqUNQ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 666d4d731ef1e00b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebbeb0000e00bb3108000000001

GET
H2 200 5e189e0ce3f011121066f4aab1a1d7e4.jpg
static.surfe.be/upload/1247176/ 10 KB
10 KB 52ms
31ms Image
image/jpeg 2606:4700:3036::6815:19ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.surfe.be/upload/1247176/5e189e0ce3f011121066f4aab1a1d7e4.jpg
Requested by: Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:19ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 363da69777e61733b1f6344f25fd8b19560e1e7a4e3da8737b2560e315321639

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
cf-cache-status: HIT
last-modified: Tue, 25 May 2021 05:49:20 GMT
server: cloudflare
age: 161
etag: W/"60ac8fe0-26a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=43ToNsafUk0Yf3fWDWbP9rXV1pWj2%2BX%2F5ldKHyzPF%2FR7zMRL4ci40LToW9MAtPjLf6kxdf7HGDLHVxbWij3dE3f6Ena%2FKNTY%2F1HGLYcCBxMTODyNUGryumloj32%2FPYYY8BxvScG09xbw"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 666d4d731ef2e00b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebbeb0000e00beaab7000000001

GET
H2 200 97f8f757616d1583f326cb452243e285.jpg
static.surfe.be/upload/1086036/ 14 KB
14 KB 51ms
31ms Image
image/jpeg 2606:4700:3036::6815:19ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.surfe.be/upload/1086036/97f8f757616d1583f326cb452243e285.jpg
Requested by: Host: claimfreecrypto.tk
URL: https://claimfreecrypto.tk/bnb/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:19ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37071320636120fc3fc3a6ddbf185d039b817d1764fae114217e8b0d5ccdea8a

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Apr 2021 01:17:02 GMT
server: cloudflare
age: 62153
etag: W/"6078e58e-384f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=ps6Ab5MdYLMOSKg31UF%2F%2BNKhcokL%2FZHqHKzmyqX5aoxfbFVs3I5%2F3rE%2Bwh2P5d9vF6eM9IggSKUZZ2zgc6%2BYgtkJK3ZE5CJYGT%2Bc6dWWgJrTPER9Fn0PsUGwWBA4SAYluxVMrDyZRFN5"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 666d4d731ef6e00b-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebbec0000e00bce907000000001

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 1837 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 checksiteconfig Show response
hcaptcha.com/ Frame 1837 508 B
929 B 66ms
66ms XHR
application/json 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?host=claimfreecrypto.tk&sitekey=fafd7e7b-b927-47da-8acd-8ed11f46f7a9&sc=1&swa=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3a5eef6/hcaptcha-checkbox.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fddbba168f1389ee7bc18cac0ea9c334dd426f680af58a50c2c3cdfece64e05

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Cache-Control: no-cache
Referer: https://newassets.hcaptcha.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-chl-bypass: 2
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebcdf000016a5ed2d9000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cf-ray: 666d4d7499c516a5-ARN
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path

OPTIONS
H3-29 200 checksiteconfig
hcaptcha.com/ Frame 0
0 99ms
61ms Preflight 104.16.168.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hcaptcha.com/checksiteconfig?host=claimfreecrypto.tk&sitekey=fafd7e7b-b927-47da-8acd-8ed11f46f7a9&sc=1&swa=1

Protocol

H3-29

Server

104.16.168.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: cache-control,content-type
Origin: https://newassets.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-length: 0
access-control-allow-origin: https://newassets.hcaptcha.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
access-control-allow-methods: GET, HEAD, POST, OPTIONS
cf-request-id: 0af82ebc9c0000caf01ca03000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 666d4d742bc8caf0-ARN
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/6.2.2/ 65 KB
20 KB 41ms
12ms Script
application/javascript 2a04:4e42:600::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.2.2/bundle.min.js

Requested by

Host: arc.io
URL: https://arc.io/widget.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Origin: https://claimfreecrypto.tk
Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 09:25:54 GMT
server: Fastly
age: 9492861
etag: "a948fc086ec14683f3f2270913c7f702"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
content-length: 20633
expires: Fri, 11 Mar 2022 10:10:24 GMT

GET
H2 200 / Show response
g.cash-ads.com/ Frame D0BA 496 B
506 B 62ms
61ms Document
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBp%2FYpKZFAxX%2FMyVvE7M%2Bk6U%3D

Requested by

Host: claimfreecrypto.tk
URL: http://claimfreecrypto.tk/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

a30ee9bbafcb3094fcaf88a1fb4d370e660ea89ad0c3ebdf3f6c6118f563bb11

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: g.cash-ads.com
:scheme: https
:path: /?nc=DrtMPlVXa01rEvG3MqLHBp%2FYpKZFAxX%2FMyVvE7M%2Bk6U%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://claimfreecrypto.tk/bnb/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://claimfreecrypto.tk/bnb/

Response headers

server: nginx
date: Tue, 29 Jun 2021 07:04:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 b1.jpg
g.cash-ads.com/img/ 28 KB
28 KB 61ms
59ms Image
image/jpeg 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/b1.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

e49b46e8109d1609137959f802572bac4e67e6f11e993b90a9a91f02a3991e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Tue, 28 Jul 2020 00:38:56 GMT
server: nginx
etag: "5f1f73a0-6f0c"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/jpeg
accept-ranges: bytes
content-length: 28428
x-xss-protection: 1; mode=block

GET
H3-29 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/js/ 121 B
503 B 34ms
23ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60083a43c31c9117cb70a253/1esg276mk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://claimfreecrypto.tk
Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 602842
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebcd100004a5c45090000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"da5bb1dc647470204df0e49f5afac2de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 666d4d74799d4a5c-FRA

GET
H3-29 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/js/ 76 KB
26 KB 54ms
43ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60083a43c31c9117cb70a253/1esg276mk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://claimfreecrypto.tk
Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 602841
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebcd000004a5c3726e000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 666d4d7479974a5c-FRA

GET
H3-29 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/js/ 190 KB
53 KB 41ms
30ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60083a43c31c9117cb70a253/1esg276mk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b082db3eecd020183abb7c2ac281a2ed6c0b28828aa868ea901d8980b9861964

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://claimfreecrypto.tk
Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 602841
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebccf00004a5c81a37000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"f68837b24b4e376e2e783a5c9e81606f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 666d4d7479934a5c-FRA

GET
H3-29 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/js/ 136 KB
32 KB 41ms
30ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60083a43c31c9117cb70a253/1esg276mk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6177e36080bd679cdaf96178b61bfe5484b4e1a4c140f96af411c2a642e2c1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://claimfreecrypto.tk
Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 602841
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebcd000004a5c0c142000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"7ebcecd1148846c4918fe36b133aa2ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 666d4d7479994a5c-FRA

GET
H3-29 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/js/ 2 KB
1 KB 30ms
19ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60083a43c31c9117cb70a253/1esg276mk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5847165b3635f91f5348803812b44487a43ca33d99fd5f018cfa904be7fa267

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://claimfreecrypto.tk
Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 602841
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebcd000004a5c4f9fa000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"88a8779575d0c2dea25b707e96429d50"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 666d4d74799b4a5c-FRA

GET
H3-29 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/js/ 151 B
526 B 53ms
43ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/60083a43c31c9117cb70a253/1esg276mk

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://claimfreecrypto.tk
Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 602840
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebcd000004a5c0fa1a000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 666d4d7479954a5c-FRA

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame C6DB 84 KB
6 KB 57ms
57ms Stylesheet
text/css 65.9.77.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?e57474b
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?e57474b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25a179ad46517ab44710bf38b5975a1a64f3f9a232e0a08b19035d7442bff99f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 05:35:17 GMT
content-encoding: br
vary: Accept-Encoding
age: 350969
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 25 Jun 2021 05:22:53 GMT
server: AmazonS3
etag: W/"0c33782016ee5f3486237016152534e3"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: 4nYo3d7QVNgtBNZgjoqlQgs_8pSqnrqrpyb_Uglt1QwAnEUVwEwdhg==

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame C6DB 2 KB
1 KB 16ms
16ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?e57474b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 974148
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 631
cf-request-id: 0af82ebcd00000d6b14810f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=DBhuH301s3vjx9JRDg%2FI8pj4vXxbElD935MavZ7fBuEmGmdwCYughuImC%2FFJzW9FuB%2FAG5yQtjztwrNkqS8vkta%2FbW%2FPlm37nI7MYee5sK5E7T2qvyoP0YhJvpdnYk52ohqx0YwuLhMfnVOT%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 666d4d747e97d6b1-FRA
expires: Sun, 19 Jun 2022 07:04:45 GMT

GET
H2 200 widget.css
static.arc.io/widget/css/ Frame 0505 84 KB
6 KB 56ms
56ms Stylesheet
text/css 65.9.77.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.arc.io/widget/css/widget.css?e57474b
Requested by: Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?e57474b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.77.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25a179ad46517ab44710bf38b5975a1a64f3f9a232e0a08b19035d7442bff99f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 25 Jun 2021 05:35:17 GMT
content-encoding: br
vary: Accept-Encoding
age: 350969
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Fri, 25 Jun 2021 05:22:53 GMT
server: AmazonS3
etag: W/"0c33782016ee5f3486237016152534e3"
access-control-max-age: 86400
access-control-allow-methods: GET, HEAD
content-type: text/css
via: 1.1 7f71f5258c6bbee046a26011fbbfa997.cloudfront.net (CloudFront)
access-control-expose-headers: Content-Length, Content-Type, Content-MD5, ETag
cache-control: public, max-age=2592000, stale-while-revalidate=864000
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: ZMMGTf2SsndEc47cqVL9kEgtEFQ4u0J7S-k_3ljuoKgChYxBZ0uOyQ==

GET
H2 200 normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/ Frame 0505 2 KB
967 B 26ms
26ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.0/normalize.min.css

Requested by

Host: static.arc.io
URL: https://static.arc.io/widget/js/widget-ui.js?e57474b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 974148
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 631
cf-request-id: 0af82ebcdd0000d6b108193000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:13:31 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f2b-732"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=crlMB%2BoRzONPr96fUBjAs7F6zTZfntbgTtdNLiYmVVNo9H%2Bg41SlocB4pOF4qm14ZTw6JrXb4stl6rhqyGn43cyO72Gc7mEV2OwjCiVKLYWwOf3zB0thNN4t%2FO2ZIvjA8yCjlE5ABvNyoOD3Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 666d4d748eb1d6b1-FRA
expires: Sun, 19 Jun 2022 07:04:45 GMT

GET
DATA 200
OK truncated
/ Frame C6DB 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0505 411 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0505 277 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0505 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0505 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0505 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0505 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0505 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 2 KB
1 KB 24ms
23ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=60083a43c31c9117cb70a253&widgetId=1esg276mk&sv=undefined

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987e6a6794e43bfadb685e2f263eae91572dbd21c607663053f5362da584b5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 477
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebd2b00003128a1825000000001
x-served-by: visitor-application-preemptive-rbdq
server: cloudflare
etag: W/"2-3-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 666d4d751b403128-FRA
access-control-allow-headers: content-type,x-tawk-token

GET
H2 200 lds.gif
g.cash-ads.com/img/ Frame D0BA 5 KB
5 KB 58ms
58ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/lds.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBp%2FYpKZFAxX%2FMyVvE7M%2Bk6U%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBp%2FYpKZFAxX%2FMyVvE7M%2Bk6U%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Thu, 21 Jan 2021 21:02:57 GMT
server: nginx
etag: "6009ec01-14bf"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 5311
x-xss-protection: 1; mode=block

GET
H3-29 200 hsw.js Show response
newassets.hcaptcha.com/c/f12c3335/ Frame A0D3 874 KB
327 KB 45ms
44ms Script
application/javascript 104.16.169.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/f12c3335/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3a5eef6/hcaptcha-challenge.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

104.16.169.131 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a463a2464961a090e6df1d9627976a1f1f710f236d8f0153b62aacbba0edcfa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/3a5eef6/static/hcaptcha-challenge.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
via: 1.1 67d9c6999f4bc9c9c60e1e5f24b316e9.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 57186
cf-polished: origSize=895216
x-cache: Miss from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebd4d000016a5950a3000000001
last-modified: Mon, 28 Jun 2021 15:06:41 GMT
server: cloudflare
etag: W/"609eb4cd6b59025635c7a1bbef9a5763"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=2592000; includeSubDomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: max-age=1209600
x-amz-cf-pop: ARN1-C1
cf-ray: 666d4d754bc916a5-ARN
x-amz-cf-id: wlarF-suFJBDcIhDZbOn4dLM06guqPF0f2fEqSP8CWTz2O2YVafY2A==
cf-bgj: minify

GET
H3-29 200 en.js Show response
embed.tawk.to/_s/v4/app/60d19012b18/languages/ 16 KB
4 KB 36ms
25ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/60d19012b18/languages/en.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/60d19012b18/js/twk-chunk-common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b501d85b6ed1b5e66057dcde486ca7668ece819efb85d9e7242f49261b2379a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 603381
x-cache-status: HIT
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0af82ebd5100000eafe48d9000000001
last-modified: Tue, 22 Jun 2021 07:25:29 GMT
server: cloudflare
etag: W/"d53834b02ca3e2bd713150a71f06bd85"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=2592000, immutable
cf-ray: 666d4d754c340eaf-FRA

GET
H2 200 / Show response
g.cash-ads.com/ Frame D0BA 1 KB
740 B 60ms
60ms Document
text/html 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/?nc=mbLzFUjS634dncngqZqnx0zRqSPpPk%2FmVAKXmSoauXI%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

8566e2cb6f35f3ad53ddeb347d48abc602db868b80b69218b3ef3220120e5008

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: g.cash-ads.com
:scheme: https
:path: /?nc=mbLzFUjS634dncngqZqnx0zRqSPpPk%2FmVAKXmSoauXI%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBp%2FYpKZFAxX%2FMyVvE7M%2Bk6U%3D
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://g.cash-ads.com/?nc=DrtMPlVXa01rEvG3MqLHBp%2FYpKZFAxX%2FMyVvE7M%2Bk6U%3D

Response headers

server: nginx
date: Tue, 29 Jun 2021 07:04:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block
content-encoding: gzip

GET
H2 200 bovl1.gif
g.cash-ads.com/img/ Frame D0BA 1 KB
1 KB 61ms
60ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/bovl1.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=mbLzFUjS634dncngqZqnx0zRqSPpPk%2FmVAKXmSoauXI%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=mbLzFUjS634dncngqZqnx0zRqSPpPk%2FmVAKXmSoauXI%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:15:28 GMT
server: nginx
etag: "5f5bf700-41f"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 1055
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.js Show response
g.cash-ads.com/int/ Frame D0BA 84 KB
34 KB 61ms
61ms Script
application/javascript 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL

https://g.cash-ads.com/int/jquery.min.js

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=mbLzFUjS634dncngqZqnx0zRqSPpPk%2FmVAKXmSoauXI%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=mbLzFUjS634dncngqZqnx0zRqSPpPk%2FmVAKXmSoauXI%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
content-encoding: gzip
last-modified: Tue, 03 Nov 2020 05:45:55 GMT
server: nginx
etag: W/"5fa0ee93-14e08"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=15768000; includeSubDomains
x-xss-protection: 1; mode=block

GET
H2 200 b1.gif
g.cash-ads.com/img/ Frame D0BA 5 KB
5 KB 59ms
58ms Image
image/gif 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/b1.gif

Requested by

Host: g.cash-ads.com
URL: https://g.cash-ads.com/?nc=mbLzFUjS634dncngqZqnx0zRqSPpPk%2FmVAKXmSoauXI%3D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

03120703c21912aa70cfb42757526df8de22fc1f4c479f1487992cc60d601fc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://g.cash-ads.com/?nc=mbLzFUjS634dncngqZqnx0zRqSPpPk%2FmVAKXmSoauXI%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:45 GMT
last-modified: Fri, 11 Sep 2020 22:37:01 GMT
server: nginx
etag: "5f5bfc0d-12fc"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/gif
accept-ranges: bytes
content-length: 4860
x-xss-protection: 1; mode=block

GET
H2 200 x.png
g.cash-ads.com/img/ 578 B
769 B 58ms
58ms Image
image/png 85.114.134.182
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://g.cash-ads.com/img/x.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

85.114.134.182 Schopfheim, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

h104.hubuhost.com

Software

nginx /

Resource Hash

f99ec5195bb3174b4416402cde79ed86dc28ff5710ef480aa2ba549d10ea6baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://claimfreecrypto.tk/bnb/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Jun 2021 07:04:47 GMT
last-modified: Tue, 28 Jul 2020 00:38:57 GMT
server: nginx
etag: "5f1f73a1-242"
strict-transport-security: max-age=15768000; includeSubDomains
content-type: image/png
accept-ranges: bytes
content-length: 578
x-xss-protection: 1; mode=block

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: xml.ezmob.com
URL: https://xml.ezmob.com/redirect?feed=318819&auth=rtY4ZS&url=https://aninter.net&subid=

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			core.arc.io/	1970-01-20 04:08:06	Name: _immortal\|Arc_nodeId Value: N22qCp6Qniw9wVGj5FVRNA
			claimfreecrypto.tk/	1969-12-31 23:59:59	Name: PHPSESSID Value: ca3bd67a85d64d22a6ba5428ed2ed3d9

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://static.arc.io/widget/js/core.js?e57474b(Line 30) Message: Failed to install Arc's Service Worker. For installation help, see https://portal.arc.io/installation. Service Worker documentation: https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API/Using_Service_Workers#Why_is_my_service_worker_failing_to_register. TypeError Cannot read property 'removeItem' of null
console-api	log	URL: https://static.arc.io/widget/js/widget-ui.js?e57474b(Line 1) Message: Vue global error handler TypeError: Cannot convert undefined or null to object [object Object] mounted hook (Promise/async)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.a-ads.com
arc.io
browser.sentry-cdn.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
claimfreecrypto.tk
core.arc.io
embed.tawk.to
g.cash-ads.com
hcaptcha.com
newassets.hcaptcha.com
static.a-ads.com
static.arc.io
static.surfe.be
static.surfe.pro
surfe.pro
traffic-buchen.de
va.tawk.to
waust.at
whos.amung.us
www.coinpayu.com
xml.ezmob.com
xml.ezmob.com
104.16.168.131
104.16.169.131
143.204.98.119
195.201.242.31
213.238.168.52
2606:4700:10::6816:1983
2606:4700:20::681a:c1a
2606:4700:20::ac43:4739
2606:4700:3036::6815:19ec
2606:4700:3036::6815:3d6d
2606:4700::6810:125e
2a04:4e42:1b::485
2a04:4e42:600::729
65.9.77.129
65.9.77.73
67.202.114.214
85.10.200.158
85.114.134.182
89.163.135.156
02bf3c87b3c958121deeae311de290653d74c4f4d2e92ffe05c39c6d09ae0869
03120703c21912aa70cfb42757526df8de22fc1f4c479f1487992cc60d601fc3
0b2bbe2d7bbb928da62f7797b0e6eb64dc3147361d716404119f7ecbc1528bbd
0bfe7a56d28e579af84a087b1b70b6e976c40f868d7791c8a97e68a121d56db0
11a8458178a03fb61ad9b05a8d0562ca797e797b296f368f8e00223d3f39e812
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
17c77f5dd57ad66b639a7acf20e97f6dffb828538e785a842369424bce126725
19311967464cd6447bb7fba382aa67939dcca903a56f1ac925ac2a80ff33642e
1d39a3913193f88590bce6bd23a0101f350d16e09a8b69984298d805c46302c8
1fbf69bbf2d7962ddb3c13b3d3c24623ba9a6a5933b8ff9d22835515e8500b09
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
25a179ad46517ab44710bf38b5975a1a64f3f9a232e0a08b19035d7442bff99f
3082b0f5d766f08f34a2077d48da01d41c9283376883472fa0965bf1b77283e0
308f9212bb274dd824233c31707b8353373165efc01d5bd30d751b4c18635dc2
33cb702b141cc8fd45ae3fa60e244cf4e966bae985fa1b6686f4067aa67f88d1
35e8d96d42f0ffa258060a98b45f013829bc57b3ae7be71c9f54c037b6e0e707
363da69777e61733b1f6344f25fd8b19560e1e7a4e3da8737b2560e315321639
36ba7545f1bd869f5d3abcc2e0c4e1072a33be1da4934214011a8c4399438e0f
37071320636120fc3fc3a6ddbf185d039b817d1764fae114217e8b0d5ccdea8a
45344ec706e661760887e42f8797c4dd446805b24657d99318b08d211f2e549b
47b9025aab46eab71022633c52f8957a1b6bac853dd0d9250d49289987e61357
4f515bc8f767ecc60d8216907d666e7dfc221d2e7070ba29a422ee917faf382d
4fddbba168f1389ee7bc18cac0ea9c334dd426f680af58a50c2c3cdfece64e05
54c1d5e2c853838eadaf436adc896d1488f23a196a3e8ccad1b398e57493b1e0
5761d88a14fe8c853cf13963c0af0cbb8de44f4cb1f2882c4098e6ec2582323e
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
5cf7857667a8b854f241a79939214aebf277e27f87e9405425b4985b53f1a6a0
5d8b123d692b5e61bc24ee0ec2134ed95bd2f5e9baa788180bee718fc00da8c4
6177e36080bd679cdaf96178b61bfe5484b4e1a4c140f96af411c2a642e2c1f3
66b1a8a844c088eba197faafe97c315114f3a2a55778a67b191c5ae6754cfd14
6a311efa0bbd120ad039d952829eda4134bf7820e69c1fa7c881d0c04397dbd3
6b450300c168ae491c503fb12eb08754153fdef72544534a67084422ae7153d5
6d6050d327d43312cc35598f98cd54461112602eaff109912e01342ff68deb38
6f4587fb64cd2e7ce26ba21941c80f3ab8d28c257b73d04a87c949b32e4cde2d
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
726e6e6b7488328b9ad7746cf8a15ea2f0209c5a99a92100e1866883ca8a40eb
786bcafe555aa491331cfd033cfeaeeb0c2f5033091f814c7006ca0b75406de8
7959ce1414a40e64aad9aac2eea4f8e5a2b2270e9e7ff3cc4c68c4c335cc0129
7a21d72f3da7e9d5a18918a6eec681ba746f2c31e1a7fb3802a0365eaa613fbf
7bf1676189cf3eafe5008e1f905c101bf78776253edf18030d43505cac297947
80c45338f2371ae0cdcb8840f7b2cf7d749d55c971656e6efc08012933722482
81e34b1780953cb0ecdbf9f8a8e9b892c5907f438cb1735877f9bea70a62ba11
8566e2cb6f35f3ad53ddeb347d48abc602db868b80b69218b3ef3220120e5008
8f746744038297a7c6b1c50bd78464590b42ecfb627a2d3be0c7be2b41dbe511
8fa5556c705b745b61c204d0aee1fc41fc68d863e2f6cead701657c6d1c8cf79
8fb1850e00c24b83e04ea4f41fe5774cff1d476a293fa7b35cba97827eb194cd
8fe9d28d12e8c33e9f1d5ab109c2570547ee6648ca11fdd79b7523c6d2e2f6a2
9063bd7289b09f3fc1dfb7d7b04d4444b9e3e72580bce7fee27b50900612693c
92435ae9c18989a903e679b82e884a518a820bd12a38639933c8f3da9cb2420a
95347f5a02237a0ff92fc87be7ad78f0fb44eebc125ffb61edc17da98a6d23d7
95a29b000e578fd31100a7503263c0c6944ad11c5d9a922619d7ab21f1757685
977fbe909a4d58862a2f0336a428058dcd8590ee0fc2e49f8feeefc90be518fa
987e6a6794e43bfadb685e2f263eae91572dbd21c607663053f5362da584b5d3
9b08cb6068e70fb67de0576ef27d427a403e1f0055777b7fc5d736963e6c1ea6
9b7a28dba2e76f7b3faf1790d78e4fd97391ee34481d2f8c94c2f87abc85d2be
a12ac29d1617bc71b7d520627ea3f63ccd6e8deed2254c97d274f03b6449579e
a30ee9bbafcb3094fcaf88a1fb4d370e660ea89ad0c3ebdf3f6c6118f563bb11
a463a2464961a090e6df1d9627976a1f1f710f236d8f0153b62aacbba0edcfa5
add65b519649bee2153780b6987f5f621c6547573a4a12298f604ff704276291
b082db3eecd020183abb7c2ac281a2ed6c0b28828aa868ea901d8980b9861964
b501d85b6ed1b5e66057dcde486ca7668ece819efb85d9e7242f49261b2379a7
c2546236987caa6575455c9be65326637d297d3f4e58b014fb515c328d77c8e9
ccb9373791754e25ac38089133785964ef978e965ecbe5ec3edb2e8081713f93
cf663092b5d9ecb41f8c7523422986878c1e7e2452467143f852370fef085240
d4837eb2a3fedc8f188fc1e526eaaf0d25f59abf3e16720729c54aaab31d0a27
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d6b19117dc4a90130259330666cbbc6ca56091efb691ec6c0562eec4e2ef1f68
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49b46e8109d1609137959f802572bac4e67e6f11e993b90a9a91f02a3991e9b
e5847165b3635f91f5348803812b44487a43ca33d99fd5f018cfa904be7fa267
e593e95cfe0f3335088d5643951e90c8b4b3a4dfbe773614bb0070d544edb02e
e7c506d60482f02fa52395df7c83d65b57f2a5c8daee63aa782887367e154eba
e9bee5d316556537c86d6486965be2f28d099f9ce4145b34f3473214bc6eb322
e9cb2db9d4920b1850a8d7b3afb6eafefba432148a7a943ea303e37c3b424846
e9ec504c12bb12b7532e140df30a1b70107a7653f369ef2c3fe4757b4580f1ae
ef3844e3e6dc530b2eb846f12d6a27f2cfce57dccd1fb335f38e83f9674553f1
f04b517ba5d6a0510485689a3e42dac000f51640fd71b986804cba178eae42a5
f248c9a08e3e126505d2cdbcc1dfef3c5fdd614cc140af66b8a76049e858c1d1
f8247a68b4d23e63ec5ab35490586d679ea7927abbb3d1fa07dae3cb0e6d2fb6
f87a4b2a4acbaa053da2e6df56367f4396be15a72f719cedd071e7812725a443
f99ec5195bb3174b4416402cde79ed86dc28ff5710ef480aa2ba549d10ea6baa
fb1d7b6144bde90327cd64b86e7742a9b11a3b2b3658d71dd80115195ff2debb
fb2b1971e54b31144a8794057598aba69ebe1d416c8c75d3a142942917f5e58b
fe2bcabe9c21571c9b7f7f5e56fa97704e1d61b1563d5b94fdbf2711083960be
feb7afb937d418b2adcd68c9c7f31652e358ba80d529450ca9dbdc3ede2ee469

claimfreecrypto.tk Open in urlscan Pro 213.238.168.52 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

99 Requests

98 %HTTPS

42 %IPv6

16 Domains

22 Subdomains

20 IPs

3 Countries

1887 kBTransfer

4187 kBSize

2 Cookies

9 Outgoing links

Page URL History

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

claimfreecrypto.tk Open in urlscan Pro
213.238.168.52 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

98 %
HTTPS

42 %
IPv6

16
Domains

22
Subdomains

20
IPs

3
Countries

1887 kB
Transfer

4187 kB
Size

2
Cookies

99 HTTP transactions
16 data transactions