URL: https://safelyton.shop/
Submission: On November 20 via api from JP — Scanned from JP

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 16 HTTP transactions. The main IP is 172.67.193.122, located in United States and belongs to CLOUDFLARENET, US. The main domain is safelyton.shop.
TLS certificate: Issued by WE1 on November 18th 2024. Valid for: 3 months.
This is the only time safelyton.shop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 172.67.193.122 13335 (CLOUDFLAR...)
1 172.66.0.102 13335 (CLOUDFLAR...)
1 2001:67c:4e8:... 62041 (Telegram ...)
16 3
Apex Domain
Subdomains
Transfer
14 safelyton.shop
safelyton.shop
4 MB
1 telegram.org
telegram.org — Cisco Umbrella Rank: 10608
22 KB
1 onemintconnect.com
onemintconnect.com
104 KB
16 3
Domain Requested by
14 safelyton.shop safelyton.shop
1 telegram.org onemintconnect.com
1 onemintconnect.com safelyton.shop
16 3

This site contains no links.

Subject Issuer Validity Valid
safelyton.shop
WE1
2024-11-18 -
2025-02-16
3 months crt.sh
onemintconnect.com
WE1
2024-11-06 -
2025-02-04
3 months crt.sh
*.telegram.org
Go Daddy Secure Certificate Authority - G2
2024-08-10 -
2025-09-11
a year crt.sh

This page contains 1 frames:

Primary Page: https://safelyton.shop/
Frame ID: D8BECD0911578A5A992A466E2AE6CBD7
Requests: 16 HTTP requests in this frame

Screenshot

Page Title

USDT Airdrop

Page Statistics

16
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

4181 kB
Transfer

5506 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
safelyton.shop/
13 KB
6 KB
Document
General
Full URL
https://safelyton.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d21003fafdddee8ed08ebcfe345eaaee3ab2e42ea36935c2d264e19d9f1606d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
cf-cache-status
DYNAMIC
cf-ray
8e542bbd09b9af2e-NRT
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Wed, 20 Nov 2024 00:02:23 GMT
expires
0
last-modified
Wed, 20 Nov 2024 00:02:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cr5PtqQ%2Bv1tjCni667gj%2BIYoPkpool8MMbojqH7O7BNdBPpMfWUtwldj7Qv0Mhewc%2BCnTmx478FeGFFp9hOs49Nub3onFtCo8%2FG6wWI2nErwLTX4CXM8Z4bA7oQxiXQszw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=1632&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4218&recv_bytes=5736&delivery_rate=1033&cwnd=12000&unsent_bytes=0&cid=938546946e1a1a85&ts=584&x=1" cfExtPri cfHdrFlush;dur=0
vary
Accept-Encoding
style.css
safelyton.shop/lander/tonxusdt/css/
362 KB
48 KB
Stylesheet
General
Full URL
https://safelyton.shop/lander/tonxusdt/css/style.css
Requested by
Host: safelyton.shop
URL: https://safelyton.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b95e8fb5ef643f6fcbd0dbd5ded9752e1fea29a13d434f84398ee90956297b84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://safelyton.shop/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6713a6da-5a84a"
age
130
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VD99cAyuutBVfaHbiFQZhgKFnBG15Hb9gBmr5HmVqinbhLz5%2FSvjmxFT7fvW6pQVTWsd1dRwOKVAitf%2BzaH7aYZTSp1eS2sF2DDL8gJ0GnTXlixwK8ZBJOxj9Nw5TB7CdA%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 30 Nov 2024 00:00:13 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1554&sent=20&recv=18&lost=0&retrans=0&sent_bytes=10508&recv_bytes=7992&delivery_rate=4607783&cwnd=12000&unsent_bytes=0&cid=938546946e1a1a85&ts=603&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 00:02:23 GMT
content-type
text/css
last-modified
Sat, 19 Oct 2024 12:32:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e542bc0bcd1af2e-NRT
access-control-allow-origin
*
server
cloudflare
script.js
safelyton.shop/lander/tonxusdt/js/
0
0
Script
General
Full URL
https://safelyton.shop/lander/tonxusdt/js/script.js
Requested by
Host: safelyton.shop
URL: https://safelyton.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://safelyton.shop/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
age
130
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jH%2BnErjPViGNaYgRinTLdhDK5SVbmTZLyPQA%2BXoXW86ASrkveNjwR6J5TazytU2CcRW1JCGxDCHbyDqXCq6dB0sJYMAHeOjD9zBBmxbr6PRFi0EFZvPik%2BGiBNhn1D8yJw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e542bc0bcd4af2e-NRT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1554&sent=30&recv=18&lost=0&retrans=0&sent_bytes=22508&recv_bytes=7992&delivery_rate=4607783&cwnd=12000&unsent_bytes=0&cid=938546946e1a1a85&ts=604&x=1", cfExtPri, cfHdrFlush;dur=1
date
Wed, 20 Nov 2024 00:02:23 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i=?0
tonxusdt.svg
safelyton.shop/lander/tonxusdt/images/
388 KB
213 KB
Image
General
Full URL
https://safelyton.shop/lander/tonxusdt/images/tonxusdt.svg
Requested by
Host: safelyton.shop
URL: https://safelyton.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2855034c3c476df52e820e60ed93f4a4e351229d464d18798accc6d3c09aff2f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://safelyton.shop/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6713a6da-61142"
age
130
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ahss41%2BDYLc2xU1DkEQn9vCGkjH1mk4yEX%2BPVlwlpb7KEKXOBBgdtBQJ%2BJUCFn3nbj0TilRbAlnplvE39GaL%2BwU7n8%2Fg%2BEule21TRWoFV1G%2BvoHk8LekSwVOuV1mWWbkyw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 30 Nov 2024 00:00:13 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1613&sent=50&recv=23&lost=0&retrans=0&sent_bytes=46508&recv_bytes=8207&delivery_rate=1322387&cwnd=24000&unsent_bytes=0&cid=938546946e1a1a85&ts=606&x=1", cfExtPri, cfHdrFlush;dur=1
date
Wed, 20 Nov 2024 00:02:23 GMT
content-type
image/svg+xml
last-modified
Sat, 19 Oct 2024 12:32:26 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e542bc0bcd5af2e-NRT
access-control-allow-origin
*
server
cloudflare
coins1.png
safelyton.shop/lander/tonxusdt/images/
938 KB
938 KB
Image
General
Full URL
https://safelyton.shop/lander/tonxusdt/images/coins1.png
Requested by
Host: safelyton.shop
URL: https://safelyton.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7764b0dda3d1901db07630e1bade6c2bdf05e43e719e5a6a59545755afcd756

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://safelyton.shop/

Response headers

cf-cache-status
HIT
etag
"6713a6da-ea62e"
age
130
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7bwmaKo%2FXzyd4k6L0hyusx1W1zvo%2BsyEVfazVYQkS3VQfo%2BwFd69wx1%2F%2FmzfCPOm4Eg6kKOy88SCov9a0ar3TbPXU54tbj1KFkK5FQp%2FBYpZoFCc2szoiCkd3I4UsCtQuw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 30 Nov 2024 00:00:13 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1613&sent=50&recv=23&lost=0&retrans=0&sent_bytes=46508&recv_bytes=8207&delivery_rate=1322387&cwnd=24000&unsent_bytes=0&cid=938546946e1a1a85&ts=605&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 00:02:23 GMT
content-type
image/png
last-modified
Sat, 19 Oct 2024 12:32:26 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e542bc0bcd7af2e-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
960046
server
cloudflare
coins2.png
safelyton.shop/lander/tonxusdt/images/
2 MB
2 MB
Image
General
Full URL
https://safelyton.shop/lander/tonxusdt/images/coins2.png
Requested by
Host: safelyton.shop
URL: https://safelyton.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
902f284f4fff9ebe22a6d330878c5c061ee926f94ad305e690e7a048e665067b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://safelyton.shop/

Response headers

cf-cache-status
HIT
etag
"6713a6da-1b1985"
age
128
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tlla7jnd%2F%2B4HWXA9r0BF3nFpTIX7a91jynQtKy8fdh1FPBVDJrBmbyxxvtuBA9DLJuyrOkIB%2Fj9k5rmImg7kTwvzLQGmTWQquoasKxi9lXBqUwTK6WA6UL8NoijuelppcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 30 Nov 2024 00:00:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2634&sent=1194&recv=172&lost=102&retrans=102&sent_bytes=1407786&recv_bytes=17445&delivery_rate=4342876&cwnd=245909&unsent_bytes=0&cid=938546946e1a1a85&ts=677&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 00:02:23 GMT
content-type
image/png
last-modified
Sat, 19 Oct 2024 12:32:26 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e542bc12d6caf2e-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
1776005
server
cloudflare
drn.js
onemintconnect.com/lander/drainer3/js/
627 KB
104 KB
Script
General
Full URL
https://onemintconnect.com/lander/drainer3/js/drn.js
Requested by
Host: safelyton.shop
URL: https://safelyton.shop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.66.0.102 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f6ede7dbdfea6e0a87e5fadf4ff2aa4976f92ae5b26798d3278a6d6f3545600

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://safelyton.shop/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6728eeef-9cca1"
age
232270
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A36KoceCURm5g5K5FVcsFweVJk6yjYqnklrHe4KNQxRxRh8Sw2UfKyffvlcdyJpBHKQS147QjEin6%2FyaGF0gYszG0cyTNzPAv5B2KQXfR4NJQ80F%2FEWJtdPqo8m4tzGivNRiljo%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 27 Nov 2024 07:31:12 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 20 Nov 2024 00:02:23 GMT
content-type
application/javascript
last-modified
Mon, 04 Nov 2024 15:57:35 GMT
vary
Accept-Encoding
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=864000
cf-ray
8e542bc15f94e38b-NRT
access-control-allow-origin
*
server
cloudflare
feather.css
safelyton.shop/lander/tonxusdt/css/
11 KB
3 KB
Stylesheet
General
Full URL
https://safelyton.shop/lander/tonxusdt/css/feather.css
Requested by
Host: safelyton.shop
URL: https://safelyton.shop/lander/tonxusdt/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b121fe039784cf045cffacd9707b1f60f6e809afedec6edc96cf06d79e38b1dd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://safelyton.shop/lander/tonxusdt/css/style.css

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6713a6da-2cdf"
age
129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ksDYSzfv2ZzBCPgrWen1pqbo%2B5o7R98SLULtLgVn6fiuw4iyWj6aTZk6Eqnb%2FnWwbheGNbxIrpvV23eWNjatQxSpLOCYU6Wqbhd2yisdnoSp746EY%2BMEEdSSMVxPoRUuw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 30 Nov 2024 00:00:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3583&sent=1173&recv=165&lost=102&retrans=102&sent_bytes=1388227&recv_bytes=16592&delivery_rate=37660029&cwnd=245909&unsent_bytes=0&cid=938546946e1a1a85&ts=650&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 00:02:23 GMT
content-type
text/css
last-modified
Sat, 19 Oct 2024 12:32:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e542bc0fd34af2e-NRT
access-control-allow-origin
*
server
cloudflare
bootstrap-icons.css
safelyton.shop/lander/tonxusdt/css/
86 KB
13 KB
Stylesheet
General
Full URL
https://safelyton.shop/lander/tonxusdt/css/bootstrap-icons.css
Requested by
Host: safelyton.shop
URL: https://safelyton.shop/lander/tonxusdt/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90096d297d17ac3aa6da32a3b34c6e86f70273dd10eeb84bc76d5f0e00742296

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://safelyton.shop/lander/tonxusdt/css/style.css

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6713a6da-159c6"
age
129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hcAy0g0%2B48u6hrNl9j%2BbA711I7NlUK%2BeaDEL%2BfGgc8y%2F6HE9%2FsWmRfh%2BvaYIyQY%2B4xdUrAaa3gVZWQMq1qrkVWEoinahJUm6nXZIZPKyUQdWZrsU90iRcFgtBbPXi5baXw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 30 Nov 2024 00:00:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3300&sent=1180&recv=167&lost=102&retrans=102&sent_bytes=1394269&recv_bytes=16690&delivery_rate=3062124&cwnd=245909&unsent_bytes=0&cid=938546946e1a1a85&ts=655&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 00:02:23 GMT
content-type
text/css
last-modified
Sat, 19 Oct 2024 12:32:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e542bc0fd37af2e-NRT
access-control-allow-origin
*
server
cloudflare
owl.carousel.min.css
safelyton.shop/lander/tonxusdt/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://safelyton.shop/lander/tonxusdt/css/owl.carousel.min.css
Requested by
Host: safelyton.shop
URL: https://safelyton.shop/lander/tonxusdt/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f9e2f8af6c2ecc50d0713bc0aaf98fea6f525132700d9fd09c62ce76f6b304c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://safelyton.shop/lander/tonxusdt/css/style.css

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6713a6da-d32"
age
129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WuVfKQ8SwEEFSyGg1ixouBi5E2wx5%2F3SIwTeacRsSLdTh3ZQYT6SoykoqxQwysMt3SjCb5Zq2wiHC9VW7lSZ%2FCOE4UQvgE64cU8mogDdF%2FCRQNACNiTuB62BCHdJ2AIP4A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 30 Nov 2024 00:00:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3582&sent=1176&recv=166&lost=102&retrans=102&sent_bytes=1391132&recv_bytes=16641&delivery_rate=40890490&cwnd=245909&unsent_bytes=0&cid=938546946e1a1a85&ts=652&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 00:02:23 GMT
content-type
text/css
last-modified
Sat, 19 Oct 2024 12:32:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e542bc0fd3aaf2e-NRT
access-control-allow-origin
*
server
cloudflare
owl.theme.default.min.css
safelyton.shop/lander/tonxusdt/css/
1013 B
1 KB
Stylesheet
General
Full URL
https://safelyton.shop/lander/tonxusdt/css/owl.theme.default.min.css
Requested by
Host: safelyton.shop
URL: https://safelyton.shop/lander/tonxusdt/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
924b0dc630d1c5dff9fa31aead9509775b1d476bfe0a5ac2977b2f11205a26ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://safelyton.shop/lander/tonxusdt/css/style.css

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"6713a6da-3f5"
age
129
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L6F5thGgTJMGWts%2FkqE8QJ%2FEjn%2FOD6KSdIwJbvDkeieYiqpETWBX4yfS345q72jD1uqLWwnRE6FM1%2F3sPsMrTR1fp%2BKhkoNBMPL7f9c2h53akztCI0PoWo%2FKunMozSSajw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 30 Nov 2024 00:00:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3300&sent=1178&recv=167&lost=102&retrans=102&sent_bytes=1393024&recv_bytes=16690&delivery_rate=3062124&cwnd=245909&unsent_bytes=0&cid=938546946e1a1a85&ts=654&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 00:02:23 GMT
content-type
text/css
last-modified
Sat, 19 Oct 2024 12:32:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e542bc0fd3caf2e-NRT
access-control-allow-origin
*
server
cloudflare
Rajdhani-Bold.ttf
safelyton.shop/lander/tonxusdt/fonts/
364 KB
365 KB
Font
General
Full URL
https://safelyton.shop/lander/tonxusdt/fonts/Rajdhani-Bold.ttf
Requested by
Host: safelyton.shop
URL: https://safelyton.shop/lander/tonxusdt/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e2754864bf70da4f279189b713026551927c0c10258ff6dd431ff71fd6c8dd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://safelyton.shop
Referer
https://safelyton.shop/lander/tonxusdt/css/style.css

Response headers

cf-cache-status
HIT
etag
"6713a6da-5b1c8"
age
128
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p9Nya%2FAJ1ljRQ0M4%2FsnrwXoeoN9opA4u8UeEyAwjlqcwdzzHA9SPvOXd4PychyIW5QmwyEY%2F%2BhsCiNwf%2BPu4LkFDRsdCnntyScczmwrMX8HAq6iARSRrcghQM7bvM%2Brx5A%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 30 Nov 2024 00:00:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=5569&sent=2784&recv=337&lost=166&retrans=166&sent_bytes=3300941&recv_bytes=26599&delivery_rate=16702111&cwnd=175376&unsent_bytes=0&cid=938546946e1a1a85&ts=718&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 00:02:23 GMT
content-type
application/octet-stream
last-modified
Sat, 19 Oct 2024 12:32:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e542bc16daeaf2e-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
373192
server
cloudflare
Rajdhani-SemiBold.ttf
safelyton.shop/lander/tonxusdt/fonts/
355 KB
356 KB
Font
General
Full URL
https://safelyton.shop/lander/tonxusdt/fonts/Rajdhani-SemiBold.ttf
Requested by
Host: safelyton.shop
URL: https://safelyton.shop/lander/tonxusdt/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fd51c1334cafd3654059b0ee61aa470088a70e4637a9cfc0274557c751eb0cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://safelyton.shop
Referer
https://safelyton.shop/lander/tonxusdt/css/style.css

Response headers

cf-cache-status
HIT
etag
"6713a6da-58bec"
age
128
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H1M3quDvtnC20qjwuaZlGOl3PfhIumNy9xnN2tSN48wMWamiyNqCoDtaQ3SByAofZMLJQd8kBB48kCjakel%2FypDY7RFvWS9kZjlVWjKqnzyWwHgnFgzIOzhcPE9lyrq29w%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 30 Nov 2024 00:00:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=5078&sent=2931&recv=338&lost=166&retrans=166&sent_bytes=3476317&recv_bytes=26643&delivery_rate=6268877&cwnd=175376&unsent_bytes=0&cid=938546946e1a1a85&ts=720&x=1", cfExtPri, cfHdrFlush;dur=2
date
Wed, 20 Nov 2024 00:02:23 GMT
content-type
application/octet-stream
last-modified
Sat, 19 Oct 2024 12:32:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e542bc16db0af2e-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
363500
server
cloudflare
Rajdhani-Medium.ttf
safelyton.shop/lander/tonxusdt/fonts/
349 KB
350 KB
Font
General
Full URL
https://safelyton.shop/lander/tonxusdt/fonts/Rajdhani-Medium.ttf
Requested by
Host: safelyton.shop
URL: https://safelyton.shop/lander/tonxusdt/css/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88a3937dc5d0d96d6b1a313b82802b78541bfdb5c004a208dfeab56192938538

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://safelyton.shop
Referer
https://safelyton.shop/lander/tonxusdt/css/style.css

Response headers

cf-cache-status
HIT
etag
"6713a6da-575fc"
age
128
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Su1rYnU0MXVjUimys4X3ibMKDOw45MFm6z1xq44GO5p4SXbw%2Fy%2BownLiM6WmHfmt%2FE1MPo05WklMWuFBisyuhH44gZ62CzCeQDaFrEdueRNZuL0YOD8cKAlolV1HU2%2BH9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 30 Nov 2024 00:00:15 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=5078&sent=2844&recv=338&lost=166&retrans=166&sent_bytes=3372941&recv_bytes=26643&delivery_rate=6268877&cwnd=175376&unsent_bytes=0&cid=938546946e1a1a85&ts=719&x=1", cfExtPri, cfHdrFlush;dur=3
date
Wed, 20 Nov 2024 00:02:23 GMT
content-type
application/octet-stream
last-modified
Sat, 19 Oct 2024 12:32:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e542bc16db1af2e-NRT
accept-ranges
bytes
access-control-allow-origin
*
content-length
357884
server
cloudflare
telegram-web-app.js
telegram.org/js/
106 KB
22 KB
Script
General
Full URL
https://telegram.org/js/telegram-web-app.js
Requested by
Host: onemintconnect.com
URL: https://onemintconnect.com/lander/drainer3/js/drn.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2001:67c:4e8:f004::9 Amsterdam, Netherlands, ASN62041 (Telegram Telegram Messenger Inc, VG),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3ab59994e7fad6650796e799102a64bcd660dd1b421887c74989729fcea14efc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://safelyton.shop/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=345600
content-encoding
gzip
etag
W/"6739f222-1a916"
expires
Sun, 24 Nov 2024 00:02:24 GMT
date
Wed, 20 Nov 2024 00:02:24 GMT
content-type
application/javascript
last-modified
Sun, 17 Nov 2024 13:39:46 GMT
server
nginx/1.18.0
favicon.ico
safelyton.shop/lander/tonxusdt/
167 KB
25 KB
Other
General
Full URL
https://safelyton.shop/lander/tonxusdt/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.193.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db15ed64450335e9f50cad5783a7e4bf41cae02c1881c26641a5d2fb48d1d003

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://safelyton.shop/

Response headers

content-encoding
zstd
cf-cache-status
MISS
etag
W/"6713a6da-29ba2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lA2IQneyW2L5rpdAS9qJIRLmvdxyeQQ%2FzNS2CY4QuBSOEtJc%2F39Xw%2BhP6ida8t932yHYbj0n9zT%2B4W0Ziwp7jA41wCYKQgjp8LOioggjx4ndndSYKwE7i4Q%2F5JOO%2BEOhvw%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Sat, 30 Nov 2024 00:02:25 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=2220&sent=3725&recv=434&lost=166&retrans=166&sent_bytes=4422300&recv_bytes=31484&delivery_rate=49283064&cwnd=178976&unsent_bytes=0&cid=938546946e1a1a85&ts=3083&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 20 Nov 2024 00:02:25 GMT
content-type
image/x-icon
last-modified
Sat, 19 Oct 2024 12:32:26 GMT
vary
Accept-Encoding
priority
u=1,i
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e542bc81e0baf2e-NRT
access-control-allow-origin
*
server
cloudflare

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| secondsToNextOddHour function| secondsToHMS function| updateTimer object| sc2 function| qrcode function| xorConvert function| addTcRoot function| changeGoober function| tonconnect_close function| tonconnect_openStart function| tonconnect_dewallet function| tonconnect_openAllWallets function| tonconnect_tonhub function| tonconnect_telegram function| tonconnect_tonkeeper function| tonconnect_mytonwallet function| tonconnect_bitget function| _0x5d2f function| connectWallet function| _0x176b function| mobileCheck object| Telegram function| TelegramGameProxy_receiveEvent object| TelegramGameProxy

2 Cookies

Domain/Path Name / Value
safelyton.shop/ Name: _subid
Value: dpt73jjf9sv
safelyton.shop/ Name: 0c9c8
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI2OTRcIjoxNzMyMDYwOTQzfSxcImNhbXBhaWduc1wiOntcIjI2MzlcIjoxNzMyMDYwOTQzfSxcInRpbWVcIjoxNzMyMDYwOTQzfSJ9.MVQ26KntpL7dLIxIcBxH3MP5y73Kb-OCuuORIguiI8E

1 Console Messages

Source Level URL
Text
network error URL: https://safelyton.shop/lander/tonxusdt/js/script.js
Message:
Failed to load resource: the server responded with a status of 404 ()