getusd.click Open in urlscan Pro
2606:4700:3033::ac43:c102 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://getusd.click/#ne
Effective URL:
https://getusd.click/
Submission Tags: 0xscam
Submission: On February 14 via api (February 14th 2024, 4:38:46 am UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 34 HTTP transactions. The main IP is 2606:4700:3033::ac43:c102, located in United States and belongs to CLOUDFLARENET, US. The main domain is getusd.click.
TLS certificate: Issued by E1 on February 12th 2024. Valid for: 3 months.

This is the only time getusd.click was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2606:4700:303... 2606:4700:3033::ac43:c102	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	5

15 2606:4700:3033::ac43:c102 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

getusd.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

jscdnweb.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	getusd.click 1 redirects getusd.click	2 MB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 353	116 KB
1	pages.dev jscdnweb.pages.dev — Cisco Umbrella Rank: 522665	731 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	2 KB
34	4

	Domain	Requested by
15	getusd.click	1 redirects getusd.click
3	cdn.jsdelivr.net	getusd.click
1	jscdnweb.pages.dev	getusd.click
1	fonts.googleapis.com	getusd.click
34	4

This site contains links to these domains. Also see Links.

Domain
plus.cex.io
cex.io
broker.cex.io
earn.cex.io
loan.cex.io
wallet.cex.io
university.cex.io
prime.cex.io
twitter.com
t.me
www.facebook.com
www.linkedin.com

Subject Issuer	Validity	Valid
getusd.click E1	`2024-02-12` - `2024-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
jscdnweb.pages.dev GTS CA 1P5	`2024-01-15` - `2024-04-14`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://getusd.click/
Frame ID: B36CF4BA05989996A7A22BA2A9AB01B7
Requests: 32 HTTP requests in this frame

Frame: https://getusd.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
Frame ID: F43254D8213A754E2BCE6D9BD961EB45
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get Free USD with Cex.io Airdrop on Our DEX Platform5,000 USDT Airdrop by CEX.IO Exchange Plus

Detected technologies

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js
/npm/sweetalert2@([\d.]+)
sweetalert2@([\d.]+)/dist/sweetalert2(?:\.all)(?:\.min)\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

34
Requests

53 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

3073 kB
Transfer

4669 kB
Size

1
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://plus.cex.io/?source=cexplus-products-header

Search URL Search Domain Scan URL

URL: https://cex.io/btc-usd

Search URL Search Domain Scan URL

URL: https://broker.cex.io/

Search URL Search Domain Scan URL

URL: https://cex.io/mobile

Search URL Search Domain Scan URL

URL: https://cex.io/cex-api

Search URL Search Domain Scan URL

URL: https://cex.io/buysell

Search URL Search Domain Scan URL

URL: https://earn.cex.io/

Search URL Search Domain Scan URL

URL: https://loan.cex.io/

Search URL Search Domain Scan URL

URL: https://wallet.cex.io/

Search URL Search Domain Scan URL

URL: https://university.cex.io/

Search URL Search Domain Scan URL

URL: https://cex.io/getmydebitcard

Search URL Search Domain Scan URL

URL: https://prime.cex.io/

Search URL Search Domain Scan URL

URL: https://twitter.com/cex_io/status/1678711531578458112
Title: official Twitter Airdrop announcement

Search URL Search Domain Scan URL

URL: https://twitter.com/cex_io

Search URL Search Domain Scan URL

URL: https://t.me/CEX_IO

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/CEXIO/420149274752615?fref=ts

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cex-io

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://getusd.click/manrope-semibold.efec073b2dad7da44f290831982fa978.woff2 HTTP 302
https://getusd.click/404 HTTP 0
http://getusd.click/404/

Request Chain 5

https://getusd.click/manrope-bold.c7fbae38130f55868124a2240153a9c4.woff2 HTTP 302
https://getusd.click/404 HTTP 0
http://getusd.click/404/

Request Chain 6

https://getusd.click/manrope-regular.534dc2c762e745bf40a9e7b16b9acae5.woff2 HTTP 302
https://getusd.click/404 HTTP 0
http://getusd.click/404/

Request Chain 7

https://getusd.click/OpenSans-Bold.woff2 HTTP 302
https://getusd.click/404 HTTP 0
http://getusd.click/404/

Request Chain 8

https://getusd.click/OpenSans-Regular.woff2 HTTP 302
https://getusd.click/404 HTTP 0
http://getusd.click/404/

Request Chain 21

https://getusd.click/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://getusd.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Request Chain 23

https://getusd.click/OpenSans-Regular.woff HTTP 302
https://getusd.click/404 HTTP 0
http://getusd.click/404/

Request Chain 24

https://getusd.click/manrope-bold.f2eee0fe2a3dff2f9fc5b5f69333b61e.woff HTTP 302
https://getusd.click/404 HTTP 0
http://getusd.click/404/

Request Chain 25

https://getusd.click/manrope-semibold.b09d59c14ed655ba16de25eb974fa775.woff HTTP 302
https://getusd.click/404 HTTP 0
http://getusd.click/404/

Request Chain 26

https://getusd.click/manrope-regular.4e9ea19e66e5a5c83fee9b00bcb046bc.woff HTTP 302
https://getusd.click/404 HTTP 0
http://getusd.click/404/

Request Chain 27

https://getusd.click/OpenSans-Bold.woff HTTP 302
https://getusd.click/404 HTTP 0
http://getusd.click/404/

Request Chain 28

https://getusd.click/OpenSans-Regular.ttf HTTP 302
https://getusd.click/404 HTTP 0
http://getusd.click/404/

Request Chain 29

https://getusd.click/manrope-bold.ec973fb108dae54503b27fb722941af4.ttf HTTP 302
https://getusd.click/404

Request Chain 30

https://getusd.click/manrope-regular.a71f8f825406037bbdf42a78d3b7cedc.ttf HTTP 302
https://getusd.click/404 HTTP 0
http://getusd.click/404/

Request Chain 32

https://getusd.click/manrope-semibold.3337066fc397c8e59b9343f44333608d.ttf HTTP 302
https://getusd.click/404

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
getusd.click/ 104 KB
24 KB 2329ms
2241ms Document
text/html 2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getusd.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 344de56a6ae905acd5c8ae75f4883b205e386d4ee6896babe5ed5122be714ef1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85529ece3e871981-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 14 Feb 2024 04:38:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q85McIvnWZCB31KM0o518%2FrMjkNGtSypnG3ISe1oXumk80%2FF%2F99%2Fvvft0qwbwGaTENUX0kuvVdYCOilUHmHyFIUnrloZ2MO4F11QfsDxt5dAsB3je%2B1BIxckT0hmmUdNXohIwgJTMCq2y2Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 216e27171df2f047.css
getusd.click/ 56 KB
8 KB 234ms
232ms Stylesheet
text/css 2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getusd.click/216e27171df2f047.css
Requested by: Host: getusd.click
URL: https://getusd.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 12d8d6c20a65b3f2437e6f6fa2b9b65893648b057d5b85ff296030ba2aa1ae18

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:15 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 12 Feb 2024 23:55:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65caafe0-df2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzJBg9g3IIbeFkpxSl0cnjqtXb52jT2ivnQSj75YflTTYzC6wPmattNaU9kdUvCyBt276eL2nuxlWYjLO5yrsDNc5en7PLKrYahwww2egdAnmlBjc%2Bhgs9Kl6pl%2B6oUHTVYL%2B0Ql5Jbu7Ho%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 85529edc38a21981-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 sweetalert2.min.css
cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/ 23 KB
5 KB 115ms
32ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.min.css

Requested by

Host: getusd.click
URL: https://getusd.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee3512f8c59eaa415d996f68ce467b98f6a0cfe42631bb0196df90dccb04f855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6560395
x-jsd-version: 11.7.16
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230083-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"5d2b-SWuOdTKSzHjUlk2U7uXCUNU8oTo"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0DxyMM1hJAGxRK3O8PecmP7VLeeZ1ups6gGWm4FEzhM1Oe3PB2onr9EyUxVwvFkCkNLGGn8wn%2BvSGpj4FtkE5qu4hm2dBFBl2sLyQuCB18afnGHa0OsPhgUX6DM6H5jH7j%2Fdb%2FIdvpDCl%2BLjVGU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 85529edccb989b8c-FRA

GET
H2 200 css2
fonts.googleapis.com/ 24 KB
2 KB 106ms
34ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500;700&family=Montserrat:wght@400;500;700&family=Raleway:wght@400;500;700&family=Roboto:wght@400;500;700&display=swap

Requested by

Host: getusd.click
URL: https://getusd.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4e93eab6f0103db3049bfe01d9ee8347d7a7356d6b6ca5f19b01f33711a7764f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 14 Feb 2024 04:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 04:38:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Feb 2024 04:38:15 GMT

GET
H2 200 rocket-loader.min.js Show response
getusd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 30ms
25ms Script
application/javascript 2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://getusd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: getusd.click
URL: https://getusd.click/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Feb 2024 16:52:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65c3b54b-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mGDgOtY55ATPnj%2FWcekbOPy8HrXNgKEXVJ7If%2BTyGnH0wmsQMcVbtBk4A%2F5t2Qu6mN0Xl9xlLiWQ%2F4hmVk9CNvwrXfvlAfm3XI53VeVuQONVJsCtEiXJWELwqqwaJLQLvGG9Xk6sfaUQXyM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 85529edd39791981-FRA
expires: Fri, 16 Feb 2024 04:38:15 GMT

GET

/
getusd.click/404/
Redirect Chain

https://getusd.click/manrope-semibold.efec073b2dad7da44f290831982fa978.woff2
https://getusd.click/404
http://getusd.click/404/

0
0

GET

/
getusd.click/404/
Redirect Chain

https://getusd.click/manrope-bold.c7fbae38130f55868124a2240153a9c4.woff2
https://getusd.click/404
http://getusd.click/404/

0
0

GET

/
getusd.click/404/
Redirect Chain

https://getusd.click/manrope-regular.534dc2c762e745bf40a9e7b16b9acae5.woff2
https://getusd.click/404
http://getusd.click/404/

0
0

GET

/
getusd.click/404/
Redirect Chain

https://getusd.click/OpenSans-Bold.woff2
https://getusd.click/404
http://getusd.click/404/

0
0

GET

/
getusd.click/404/
Redirect Chain

https://getusd.click/OpenSans-Regular.woff2
https://getusd.click/404
http://getusd.click/404/

0
0

GET
H2 200 Coin-1.png
getusd.click/ 273 KB
274 KB 458ms
430ms Image
image/png 2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getusd.click/Coin-1.png
Requested by: Host: getusd.click
URL: https://getusd.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d5d72b33ebf9ecb4dbe3c1f0f8c3a6a033629bb9b3e6c2e257825956ca88811

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:16 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Feb 2024 23:55:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65caafe2-4440e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OOMZxFLXH2j4sXoGh16ScH%2BWZzFK%2BITVx4BE12Nm%2FS2H4agvV3nAAURvU%2BuC5Xs7%2B1xspmFAM%2B091rHC3mm66tEudSWEIabXKoZMfELNYxIn45WZUclwoybJZxvCjU%2FzPxk50NolQRaR3xA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 85529ede4a5f1981-FRA
alt-svc: h3=":443"; ma=86400
content-length: 279566

GET
H2 200 Coin-2.png
getusd.click/ 197 KB
198 KB 470ms
442ms Image
image/png 2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getusd.click/Coin-2.png
Requested by: Host: getusd.click
URL: https://getusd.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9390bdb22f8e01681d55cd80754178f8e54bdc0e8418fb10ef9db58425f8e6d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:16 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Feb 2024 23:55:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65caafe2-31521"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1hXsi3hIldfeZIn4d9Tfmjycxgnx4DvKD4A7SySbcazKaYW3ihBkEowbRFB3icKhLt69oeSy6GO8wA%2FhDUsjX%2Ft9sHg%2BTBDLe4WJh4pv%2FIHET%2ByClJV7dsW5uTv0V%2F2NKjeXOFicR3aVg2I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 85529ede4a621981-FRA
alt-svc: h3=":443"; ma=86400
content-length: 202017

GET
H2 200 Coin-3.png
getusd.click/ 237 KB
237 KB 471ms
446ms Image
image/png 2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getusd.click/Coin-3.png
Requested by: Host: getusd.click
URL: https://getusd.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47504af907be211c7bc3e895fc0987773ec174775a8b2ec9fd7fc518eee6001e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:16 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Feb 2024 23:55:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65caafe2-3b2f8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0jTqWtoOB2bo6L2Ia%2FLMEG1mVu501ckxeJ4QdB4od2dGigqRGVowTEOxJtZdiokTEdhnR4NsYNbEaE33o%2FtHTCixeVDDFe%2FIoREOkTlE0TyzMlIUwb5oVu01FNRkbFXa%2B99ZY8b843DsvY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 85529ede4a631981-FRA
alt-svc: h3=":443"; ma=86400
content-length: 242424

GET
H2 200 Air-Desktop-1.png
getusd.click/ 815 KB
817 KB 452ms
428ms Image
image/png 2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getusd.click/Air-Desktop-1.png
Requested by: Host: getusd.click
URL: https://getusd.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad89f64dcabdd16c12c9a0c7ce01f616be01dc528f264e602ceca73b678ce25f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:16 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Feb 2024 23:55:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65caafe0-cbdcd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TTWIHG%2BZCOK%2BpV74xgtq%2F48rmPkb3GWwmRbAq%2BdMt0TWhwIIWMdjFNVjUsq0hBM%2FJvMp%2BQX9%2BtkRXHaSuyLvD2XxzXwWadv8A0%2B1zZiRu0FYLNUCtDquO0vuI11oGcUnTUkvf7Ku9nFW3yM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 85529ede4a641981-FRA
alt-svc: h3=":443"; ma=86400
content-length: 835021

GET
H2 200 trading.png
getusd.click/ 625 KB
626 KB 257ms
233ms Image
image/png 2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getusd.click/trading.png
Requested by: Host: getusd.click
URL: https://getusd.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9510d44eaacec220c2911cd05d2f771cf57d8dd84de60513718cd03d930ec616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:16 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 12 Feb 2024 23:55:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "65caafe2-9c22e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsWyjGOfyMWglqpJeECqu7KsAi0WsI9kz5oidgyfHzTO5s1amHw4uVof8n1kejJw%2FbFwdl%2BxR3PL%2Byb26vswqQ2aZUPfV9bK7hAJ%2Fzj%2BUYsKoQkYWjEEJpMB7NV8QUtqy7DRWYy%2FJmRf4N0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 85529ede4a651981-FRA
alt-svc: h3=":443"; ma=86400
content-length: 639534

GET
H2 200 reload-icon.924db10b.svg
getusd.click/ 1 KB
745 B 255ms
232ms Image
image/svg+xml 2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getusd.click/reload-icon.924db10b.svg
Requested by: Host: getusd.click
URL: https://getusd.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5da74119cb1ae4e7651fc0acd2fbad463c80382d086d544d86c9553a35ae9c26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 12 Feb 2024 23:55:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65caafe2-540"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FVjMFBZdiJGY%2BBYtLr%2BsluOKvWxO60s%2FXyW1j%2FJJ1qrTXybZQa9g2ei%2FviB0x%2FCjhJoA01mgaiOZNiyYt9fe0Plkfa2ZOqmmBiW%2FLXYZs5S9miXSc6zSVdDM2dxyClORIXtRdm0BCieV3Xg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 85529ede4a661981-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 user-icon.36d70495.svg
getusd.click/ 3 KB
1 KB 282ms
259ms Image
image/svg+xml 2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getusd.click/user-icon.36d70495.svg
Requested by: Host: getusd.click
URL: https://getusd.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed6bfe3d431a3af95f02713273f73af3d6b3b337df7040f778c32de282e226ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 12 Feb 2024 23:55:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65caafe2-c99"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFipRGOBk4mDukf47f%2FdvDRAV6ovr3%2FCprGw8aRcOcRnCp6tGHoM4RHTEvK1Di6JAHvwxFWhh%2FDRb5cFi9eZFIo8IgiCOnwy69up3oxjiz7VpGlyTv7vG0UIQyfWgHo7kCfe1zxMCXkwZpo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 85529ede4a671981-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 chart-icon.e9408329.svg
getusd.click/ 2 KB
853 B 251ms
228ms Image
image/svg+xml 2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getusd.click/chart-icon.e9408329.svg
Requested by: Host: getusd.click
URL: https://getusd.click/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbe4313602f9a2170710756baab4ca47b60c46fc3451aa4793f17c58d3a8a26b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 12 Feb 2024 23:55:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65caafe2-702"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQIZoK1p6HQf5HU29xtNQSpUK2yhmiAh%2BsW5Yb56Vh%2B4zxr4wd2bnJgKs3DbeHk5nr9w0IKfR0BnRm3b%2FGjYwjr4bxVMHuHxYFATprzXOaX1QzgwbazkMlZaSPjLwwXR%2BRL2WCIrATXJXu0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cf-ray: 85529ede4a681981-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 chair.js Show response
jscdnweb.pages.dev/ 2 MB
731 KB 162ms
72ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdnweb.pages.dev/chair.js

Requested by

Host: getusd.click
URL: https://getusd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d36f8dd039ae731ac42f17f62a846e2600b0d0a771e6b9e4b1df38d20061f7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:16 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63c2ca83610723bfff4b1bb5b193a3fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hj%2FHx%2FUBeewNWSj1PzjQs%2BT7I2GvbZnd680oACSy3eOlkQ4XtErGiCnjCx036fqRGBBsodA8vj7cmXWm4w7vGtcVVs4WKCx9ilNqaRlK3CbArbPWYNGffoT4M9cso7cGYquIEEoqDcOiAn96NWMCqsk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 85529eded991360a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 encryption.js Show response
getusd.click/ 82 KB
31 KB 439ms
433ms Script
application/javascript 2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getusd.click/encryption.js
Requested by: Host: getusd.click
URL: https://getusd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0a9f0840be094f6fc48b6e8abff400e72e937aba6ceeb6eca4b60db4e8806fd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:16 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 12 Feb 2024 23:55:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65caafe2-146d6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPMutjSje6AyRPYsMCNM36KY1ft06g78b1KKZH8DwMYevDGipAukP1a9Htzq0enyeG6yXf%2B30L7ijt4cqybWJDZ0J7%2FmLQG%2Bj1CHCr0d51Zu8PA8yjaa03UGgNj40pI3WJBMCa76zZ1I3kg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 85529ede5a6a1981-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ethereumjs-tx-1.3.3.min.js Show response
cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ 315 KB
92 KB 56ms
50ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/ethereumjs/browser-builds/dist/ethereumjs-tx/ethereumjs-tx-1.3.3.min.js

Requested by

Host: getusd.click
URL: https://getusd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 754
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230107-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"4edeb-1sQW5dFT9QD3rGbSWitz20WGetQ"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gj6jFW4s4g3pkrEdJ6NTac2pcJLe60233p%2BDgY7O0rf2yRcIZXxODfCIUwG2HAV1hayktosy6NKW%2F%2FNPif76bYrwoylX3wBbdAieUPmcOK2PCWKfDarN%2FGnFE7%2Fs83EVJXRqEOajqqRLXR%2Bjj6U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 85529ede6d129b8c-FRA

GET
H2 200 sweetalert2.all.min.js Show response
cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/ 66 KB
19 KB 48ms
44ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11.7.16/dist/sweetalert2.all.min.js

Requested by

Host: getusd.click
URL: https://getusd.click/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b030031299100b9d6c6b413bf9e9d712f59695f1384ef548c3f43b0a0faecbfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://getusd.click/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6740559
x-jsd-version: 11.7.16
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230070-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"10917-UZ72hgnB9ZXuapy7dmDkyFhaDUE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2a3YkOIR0gM%2FhdcT3VMNHKvkMO0j6etSmYS4rfQnAN%2FILnSDFzB9G%2FBf0qD97Bl7ASSQIzoIFN0VBuUrKjged1Jco7lmcYgO%2Ffo%2Bow1s6gqr75e7SGgRqC2waq4tf4Rhnh8JC6DaoGfbglPh8ak%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 85529ede6d139b8c-FRA

GET
H3

200

main.js Show response
getusd.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/ Frame F432
Redirect Chain

https://getusd.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://getusd.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

7 KB
4 KB

205ms
203ms

Script
application/javascript

2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://getusd.click/cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js

Requested by

Host: getusd.click
URL: https://getusd.click/

Protocol

Server

2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8964bba48b2dd39f8c841bdf3a47a6ecf0db1898262f5c0e80893369eb0a9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:38:16 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xW%2By7GsuQx%2Fmf8nZ2%2Fu4PRj%2Fgfbd50gzOw82wq0fsvO2vKb1p5K1ldbNZMU2qtbTLMNyKEvOpQfsgLFBkPfj1nRbR0sEzElZ5zlBlqRAYCDW0Oeng84TV%2FU52Nh7%2BpqOfAl66Q%2FeQijeolg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 85529edf2e594100-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 14 Feb 2024 04:38:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COXcXUsNdAesuYT8i8ry8Xxs2qbyIOZPV1ui3oUtpcjYMCm7UxsEC41L231UJY1T%2FDkAuAcwfqXj%2Ff60BmFB7q7jf84L1QLqSEg1FQESc2EW4oyqexKx3MZ0BGAA7yP3cgjTNGp7z4oc%2BR8%3D"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/a990e557/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 85529ede7a7e1981-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 85529ece3e871981 Show response
getusd.click/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame F432 0
593 B 538ms
532ms XHR
text/plain 2606:4700:3033::ac43:c102
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getusd.click/cdn-cgi/challenge-platform/h/b/jsd/r/85529ece3e871981
Requested by: Host: getusd.click
URL: https://getusd.click/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::ac43:c102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Feb 2024 04:38:17 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ExnnoO9OPngmTBMrVE586Vj1NpTTX4wIUiN17iQSpWN73jWkFgIt5HqAtuqVwhIByFVvZkGbjoZ5Io7ShzEN3QYuF8zMpqPjxp4HgpBieEgiL8KW%2B2UPK8sYScKQRUltbpYY%2FcsMMlcACKs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 85529ee249a84100-SIN
alt-svc: h3=":443"; ma=86400

GET

/
getusd.click/404/
Redirect Chain

https://getusd.click/OpenSans-Regular.woff
https://getusd.click/404
http://getusd.click/404/

0
0

GET

/
getusd.click/404/
Redirect Chain

https://getusd.click/manrope-bold.f2eee0fe2a3dff2f9fc5b5f69333b61e.woff
https://getusd.click/404
http://getusd.click/404/

0
0

GET

/
getusd.click/404/
Redirect Chain

https://getusd.click/manrope-semibold.b09d59c14ed655ba16de25eb974fa775.woff
https://getusd.click/404
http://getusd.click/404/

0
0

GET

/
getusd.click/404/
Redirect Chain

https://getusd.click/manrope-regular.4e9ea19e66e5a5c83fee9b00bcb046bc.woff
https://getusd.click/404
http://getusd.click/404/

0
0

GET

/
getusd.click/404/
Redirect Chain

https://getusd.click/OpenSans-Bold.woff
https://getusd.click/404
http://getusd.click/404/

0
0

GET

/
getusd.click/404/
Redirect Chain

https://getusd.click/OpenSans-Regular.ttf
https://getusd.click/404
http://getusd.click/404/

0
0

GET

404
getusd.click/
Redirect Chain

https://getusd.click/manrope-bold.ec973fb108dae54503b27fb722941af4.ttf
https://getusd.click/404

0
0

GET

/
getusd.click/404/
Redirect Chain

https://getusd.click/manrope-regular.a71f8f825406037bbdf42a78d3b7cedc.ttf
https://getusd.click/404
http://getusd.click/404/

0
0

GET OpenSans-Bold.ttf
getusd.click/ 0
0

GET

404
getusd.click/
Redirect Chain

https://getusd.click/manrope-semibold.3337066fc397c8e59b9343f44333608d.ttf
https://getusd.click/404

0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: getusd.click
URL: http://getusd.click/404/

Domain: getusd.click
URL: http://getusd.click/404/

Domain: getusd.click
URL: http://getusd.click/404/

Domain: getusd.click
URL: http://getusd.click/404/

Domain: getusd.click
URL: http://getusd.click/404/

Domain: getusd.click
URL: http://getusd.click/404/

Domain: getusd.click
URL: http://getusd.click/404/

Domain: getusd.click
URL: http://getusd.click/404/

Domain: getusd.click
URL: http://getusd.click/404/

Domain: getusd.click
URL: http://getusd.click/404/

Domain: getusd.click
URL: http://getusd.click/404/

Domain: getusd.click
URL: https://getusd.click/404

Domain: getusd.click
URL: http://getusd.click/404/

Domain: getusd.click
URL: https://getusd.click/OpenSans-Bold.ttf

Domain: getusd.click
URL: https://getusd.click/404

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| __cfQR

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.getusd.click/	1970-01-21 03:10:21	Name: cf_clearance Value: TKA0P_hhLEamIPzVoNZrFoE9Szh14N5Q5y33o5fepj0-1707885497-1-AYFWMt53dx2ylyB0Uu0YohK8nzRKnEWLhAyW47dTtad+6fFLn+B2SaOTx00Rtq59O6WnOsphZAJIWBAmI+LrDvw=

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://getusd.click/#ne Message: Mixed Content: The page at 'https://getusd.click/#ne' was loaded over HTTPS, but requested an insecure font 'http://getusd.click/404/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://getusd.click/#ne Message: Mixed Content: The page at 'https://getusd.click/#ne' was loaded over HTTPS, but requested an insecure font 'http://getusd.click/404/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://getusd.click/#ne Message: Mixed Content: The page at 'https://getusd.click/#ne' was loaded over HTTPS, but requested an insecure font 'http://getusd.click/404/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://getusd.click/#ne Message: Mixed Content: The page at 'https://getusd.click/#ne' was loaded over HTTPS, but requested an insecure font 'http://getusd.click/404/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://getusd.click/#ne Message: Mixed Content: The page at 'https://getusd.click/#ne' was loaded over HTTPS, but requested an insecure font 'http://getusd.click/404/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://getusd.click/#ne Message: Mixed Content: The page at 'https://getusd.click/#ne' was loaded over HTTPS, but requested an insecure font 'http://getusd.click/404/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://getusd.click/#ne Message: Mixed Content: The page at 'https://getusd.click/#ne' was loaded over HTTPS, but requested an insecure font 'http://getusd.click/404/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://getusd.click/#ne Message: Mixed Content: The page at 'https://getusd.click/#ne' was loaded over HTTPS, but requested an insecure font 'http://getusd.click/404/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://getusd.click/#ne Message: Mixed Content: The page at 'https://getusd.click/#ne' was loaded over HTTPS, but requested an insecure font 'http://getusd.click/404/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://getusd.click/#ne Message: Mixed Content: The page at 'https://getusd.click/#ne' was loaded over HTTPS, but requested an insecure font 'http://getusd.click/404/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://getusd.click/#ne Message: Mixed Content: The page at 'https://getusd.click/#ne' was loaded over HTTPS, but requested an insecure font 'http://getusd.click/404/'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://getusd.click/#ne Message: Mixed Content: The page at 'https://getusd.click/#ne' was loaded over HTTPS, but requested an insecure font 'http://getusd.click/404/'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
fonts.googleapis.com
getusd.click
jscdnweb.pages.dev
getusd.click
2606:4700:3033::ac43:c102
2606:4700::6810:5814
2a00:1450:4001:831::200a
2a06:98c1:3120::3
0a9f0840be094f6fc48b6e8abff400e72e937aba6ceeb6eca4b60db4e8806fd7
10d78c0a5e8664889dc8eb47c72bfa46ad0ed02c70a234be9acdefa27dbb24b0
12d8d6c20a65b3f2437e6f6fa2b9b65893648b057d5b85ff296030ba2aa1ae18
2d5d72b33ebf9ecb4dbe3c1f0f8c3a6a033629bb9b3e6c2e257825956ca88811
344de56a6ae905acd5c8ae75f4883b205e386d4ee6896babe5ed5122be714ef1
47504af907be211c7bc3e895fc0987773ec174775a8b2ec9fd7fc518eee6001e
4e93eab6f0103db3049bfe01d9ee8347d7a7356d6b6ca5f19b01f33711a7764f
5da74119cb1ae4e7651fc0acd2fbad463c80382d086d544d86c9553a35ae9c26
6d36f8dd039ae731ac42f17f62a846e2600b0d0a771e6b9e4b1df38d20061f7f
8964bba48b2dd39f8c841bdf3a47a6ecf0db1898262f5c0e80893369eb0a9ee5
9390bdb22f8e01681d55cd80754178f8e54bdc0e8418fb10ef9db58425f8e6d8
9510d44eaacec220c2911cd05d2f771cf57d8dd84de60513718cd03d930ec616
ad89f64dcabdd16c12c9a0c7ce01f616be01dc528f264e602ceca73b678ce25f
b030031299100b9d6c6b413bf9e9d712f59695f1384ef548c3f43b0a0faecbfa
bbe4313602f9a2170710756baab4ca47b60c46fc3451aa4793f17c58d3a8a26b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed6bfe3d431a3af95f02713273f73af3d6b3b337df7040f778c32de282e226ee
ee3512f8c59eaa415d996f68ce467b98f6a0cfe42631bb0196df90dccb04f855

getusd.click Open in urlscan Pro 2606:4700:3033::ac43:c102 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

34 Requests

53 %HTTPS

100 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

3073 kBTransfer

4669 kBSize

1 Cookies

17 Outgoing links

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

12 Console Messages

Indicators

getusd.click Open in urlscan Pro
2606:4700:3033::ac43:c102 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

53 %
HTTPS

100 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

3073 kB
Transfer

4669 kB
Size

1
Cookies

34 HTTP transactions
0 data transactions