refundxgas.com Open in urlscan Pro
2a06:98c1:3121::3  Malicious Activity! Public Scan

URL: https://refundxgas.com/
Submission: On January 24 via automatic, source certstream-suspicious — Scanned from NL

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 26 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is refundxgas.com.
TLS certificate: Issued by GTS CA 1P5 on January 24th 2024. Valid for: 3 months.
This is the only time refundxgas.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Ethereum (Crypto)

Domain & IP information

IP Address AS Autonomous System
20 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 20.4.130.154 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700:303... 13335 (CLOUDFLAR...)
26 4
Apex Domain
Subdomains
Transfer
20 refundxgas.com
refundxgas.com
3 MB
4 badfffghj88.com
badfffghj88.com
15 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28
1 KB
1 cryptocompare.com
min-api.cryptocompare.com — Cisco Umbrella Rank: 33740
723 B
26 4
Domain Requested by
20 refundxgas.com refundxgas.com
4 badfffghj88.com refundxgas.com
1 fonts.googleapis.com client
1 min-api.cryptocompare.com refundxgas.com
26 4

This site contains links to these domains. Also see Links.

Domain
github.com
twitter.com
discord.gg
blog.ethereum.org
esp.ethereum.foundation
devcon.org
Subject Issuer Validity Valid
refundxgas.com
GTS CA 1P5
2024-01-24 -
2024-04-23
3 months crt.sh
*.cryptocompare.com
Go Daddy Secure Certificate Authority - G2
2023-04-24 -
2024-05-25
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-01-02 -
2024-03-26
3 months crt.sh
badfffghj88.com
GTS CA 1P5
2023-12-14 -
2024-03-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://refundxgas.com/
Frame ID: 26C9AF7216A1215E7F7B0F45DE965C1A
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Layer 2 | ethereum.org

Page Statistics

26
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

2942 kB
Transfer

7321 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
refundxgas.com/
340 KB
45 KB
Document
General
Full URL
https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b800459f6063a12f07f0e2a2fbeaa4efc884d35b4325fde73c85c9f23c2a05c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84a858f61a9166cf-AMS
content-encoding
br
content-type
text/html
date
Wed, 24 Jan 2024 12:40:53 GMT
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZNFpwhPPwpDG0NBvqll41Pc66EbwUbdEau3laL2XRUBvNoKnJzqVsLeVyiGkiImzFrZrU4i8XiFyB%2BHLuzDkbPWyK0vGzPyJ2dqW9UcPrUeARFbj4EcKdqpqfKLQnxyLdDMJz65fmWZVukMvwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
1f30f.svg
refundxgas.com/images/
2 KB
1 KB
Image
General
Full URL
https://refundxgas.com/images/1f30f.svg
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d2d0108dccd06c7b3a250f32dc91986852cdf02eb9c5136db81d888091aa7aa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zu2laazvZ79UeuAHCfGEXvukwxNob6NuDn2vT%2FfnvNnJFZW9ADmjw4tnw5o0VsiM3iv19rkyu%2BdXRU%2FT0B3lmj6j7r4loWstRxHOc3JjZA6euu3jjORPZAoOxzPabwxTVMoid6lfOaR29F3NvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84a858f6fc0f66cf-AMS
alt-svc
h3=":443"; ma=86400
1f41b.svg
refundxgas.com/images/
3 KB
2 KB
Image
General
Full URL
https://refundxgas.com/images/1f41b.svg
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4baa20e467a3f55ea47d4baf2520a7c9c91a9ce03ddeb9e48e4ba6f703689876

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tj%2Fyqts4MkFZsO1nql%2BFWcwC%2F3sBkZYWAVpDSQ0Z3d60VcoGHhWxkECYsb0bCHLjQBYcZ7zAeGEYhH0iofG9bUgfKZ94AT1KbarqN4pJg5ub4L06bCUOQFlx2CDcd9PTSJ9s2x2EmsduuVJzHw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84a858f6fc1066cf-AMS
alt-svc
h3=":443"; ma=86400
layer-2-hub-hero.5bb68ce2.jpg
refundxgas.com/images/
380 KB
381 KB
Image
General
Full URL
https://refundxgas.com/images/layer-2-hub-hero.5bb68ce2.jpg
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c375e741930e3f2eff14c0a023bcdc610493424119a059a758752c76a9593c0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMTtQQN3hSWSv4gM1RHR7MgE15Lr6GB5wz6CtE2RSvJoZlCNhIOh%2BG28YOVr%2F58HPeR4co5vu2TOCxVgywopnbogSJRXsKZ50xrC4IqvCIVsuKag4Qz3yIal%2BHFxo%2FYPqlqj7iDTUVqXChLpHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84a858f6fc0c66cf-AMS
alt-svc
h3=":443"; ma=86400
content-length
389316
what-is-ethereum.b37ce60e_1.png
refundxgas.com/images/
109 KB
110 KB
Image
General
Full URL
https://refundxgas.com/images/what-is-ethereum.b37ce60e_1.png
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
200a7f8382380965e4870411c16242e3b3be8453c37886543c663acf611b76ea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6c27yciDCvg5yEgw6BcjwV4Rr8lqVobcKAzRQ39A3PZP77exPdJb97xJ%2BDP244zmFYxTK51RaPwrWyNIGIOTcnpur5vjpjZTgZLkjeYSocR7NgfloFMZ2jhTlqRu%2FfHzUJpbrV8%2Fanq7EQrBg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84a858f70c1f66cf-AMS
alt-svc
h3=":443"; ma=86400
content-length
112019
dao-2.62aa97a7_1.png
refundxgas.com/images/
69 KB
70 KB
Image
General
Full URL
https://refundxgas.com/images/dao-2.62aa97a7_1.png
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f16c2442eb3e46fc742b2471b21bd5ee5b9729e5196ecaa35af668ae8bc8d7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FZreXpnB9HWqKFg5sfMsnGYpVcwQFCdJD%2Fw0znJ6VqxcwibdSuiDOS%2FPpf%2Fvc40dnnxLlB8qIJYdEqDcY%2FkUx0FmzqQ1mUpgyW%2BFquQ%2FS%2FceZus4EJ1ocRHYjubhWs0G7bTm9r%2BGgneJOsmJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84a858f70c2166cf-AMS
alt-svc
h3=":443"; ma=86400
content-length
70815
web3-modal.js
refundxgas.com/assets/web3-provider/
35 KB
10 KB
Script
General
Full URL
https://refundxgas.com/assets/web3-provider/web3-modal.js
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ab8b77f0645edd26fa1c6e0f69d07cc06d9763b9904e01b71902f12d05c6e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOLAaDiXoqSAoNrg5vy7okYH%2FWvo09hdlYmHMl9mr50nuxtDy%2FEh1OkMLMQb%2Fi5qDJplJhGHB9tXGCTSXQrskM1lDnnHUGxa6ZbGKwoJuO9UVCvYF%2FPfOHUk335Yh0rontT7byA0nGN%2FUXVNYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84a858f73c5f66cf-AMS
alt-svc
h3=":443"; ma=86400
1f30f.svg
refundxgas.com/images/
2 KB
1 KB
Image
General
Full URL
https://refundxgas.com/images/1f30f.svg
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d2d0108dccd06c7b3a250f32dc91986852cdf02eb9c5136db81d888091aa7aa

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2BLBwoWaSyIkgEXCMx3y73cFu12dewVfwrQLL855gPWikmjD46wCTc7RogNQoxtHX%2F5ZSDTbMvpkPEK%2FVy%2BvTjwr6i2d1h%2FYEsOdcnb00lLlqpYEOTJDN6FHZEr6J2mkAqKIMAsHEnmUiRCCIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84a858f73c6f66cf-AMS
alt-svc
h3=":443"; ma=86400
1f41b.svg
refundxgas.com/images/
3 KB
2 KB
Image
General
Full URL
https://refundxgas.com/images/1f41b.svg
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4baa20e467a3f55ea47d4baf2520a7c9c91a9ce03ddeb9e48e4ba6f703689876

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rzKQMzAWMaQW49OSu84fwCnlU4ZfSlZJP6grgY3cgnthJGw%2F1VCusGIef1JUCKwQeHQGdtr0BdQYo%2Bi%2BoHurQ%2FtYiMDARBShzXn%2Bhb7eDL%2BzKmQwLJNHoOf6Zi5nEMvqCWR0WHFAzRTsR6uYqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84a858f73c7066cf-AMS
alt-svc
h3=":443"; ma=86400
layer-2-hub-hero.5bb68ce2.jpg
refundxgas.com/images/
380 KB
381 KB
Image
General
Full URL
https://refundxgas.com/images/layer-2-hub-hero.5bb68ce2.jpg
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c375e741930e3f2eff14c0a023bcdc610493424119a059a758752c76a9593c0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
cf-cache-status
HIT
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
0
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bU1yhQJqAGxX1JA4ybL0eikP2QGxO1JaeKx8yqMf3O6TYh6tAZBpcKK7%2B%2B9aUgIleKKx1jkbq7HqOSsphFrml5uu57PjdLXzfWD%2BjDOrsUF%2Fbo7oYfIUzicFqsepgnrVS1xCKoPYfYdKYtaOOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
84a858f73c6c66cf-AMS
alt-svc
h3=":443"; ma=86400
content-length
389316
web3-loader.js
refundxgas.com/assets/web3-provider/
41 KB
7 KB
Script
General
Full URL
https://refundxgas.com/assets/web3-provider/web3-loader.js
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
801d62fc02f89e7c1b414392e066dcda139ea3154cb3a48da721ff9a9df49f1f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W4Eqe2rYI3K7qh1LE5oCyUR1O3w5DABABTPktT%2FDVkrzWKWt0atqvCLmlPLmf6hKoLdnFoF4xwIFbHF10vpbFdj45r7KDqLMLhwpYeQdd%2B0iElXY4MD0F7V5P2qkQLdxT%2Fas9ccQi8HV%2FBHcLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84a858f73c7266cf-AMS
alt-svc
h3=":443"; ma=86400
web3-router.js
refundxgas.com/assets/web3-provider/
610 KB
170 KB
Script
General
Full URL
https://refundxgas.com/assets/web3-provider/web3-router.js
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c259624218132a2cd36ad673de1ef15631307c4c491c3c63b5e930084b6308ef

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BljHkkis62RLIGojTbYKMAfEWm6gtK6c7UcvX6ilmgoeEgzgPkD7MKN0nyDdWDlDBLRUQhCc%2FOtZeJqauL9QXq1jzM4wid9xLtkBelXAr1uR2KUaFhsr%2B8weQi%2FRcR5a8WbiDF1IzverG97qAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84a858f73c7566cf-AMS
alt-svc
h3=":443"; ma=86400
web3-connect.js
refundxgas.com/assets/web3-provider/
730 KB
194 KB
Script
General
Full URL
https://refundxgas.com/assets/web3-provider/web3-connect.js
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39f201db3b9481261cc1660c3c2f9880fb09ef44c1e5fe5d9e2fd9deb818bd10

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V1xH8km0YUsLlTu3xljluqhW6e94r5PRUEFNSEQ7Y3%2FYPO%2BgpNYKBtzknkvN6aslJGUZLx1UqSJUmf4VXqMyn4IQtKABwc%2F3g5IHnK27OR7SLc8rCTwWFSa9nGrszpF5%2BE%2FAI4JrLV3nJonwpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84a858f73c7666cf-AMS
alt-svc
h3=":443"; ma=86400
web3-module.js
refundxgas.com/assets/web3-provider/
1 MB
310 KB
Script
General
Full URL
https://refundxgas.com/assets/web3-provider/web3-module.js
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
571b68cfb2c3208ba5bd8420dafc5827de5815a9c72718e2324711fbd3b00f12

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQ9oBHuFPPzX5fUnPFje%2BxWa5rQ3q%2BRRNIzaZDis4l3OOhReUvTHAytfECVrJsAtu3ASfylhpuPWgPkZGM3wtXn5QaCZR6hZg0f3IbCerLRbptp5YT9H2rpx1wxSvf%2F8gM2e2YJTZ7FC0GMmVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84a858f73c7766cf-AMS
alt-svc
h3=":443"; ma=86400
web3-alert.js
refundxgas.com/assets/web3-provider/
142 KB
32 KB
Script
General
Full URL
https://refundxgas.com/assets/web3-provider/web3-alert.js
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22becfcf833e51cc71faf4b3a99c596e5ef3879543f7007065c8a9730692b6ad

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUppRAzu2KsuC5QYsDKwYTJSY2gq04At%2BTZnrc3oC10AD2SHAXgXbo4ywSZYiyPhHo3DXhZ21hvOMOVjgvrIAczonuY585YGsJgVqafs3WVh97gfi69sTjCVbPGwsX1Rb5fP5bA0cqctpeBUoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84a858f73c7866cf-AMS
alt-svc
h3=":443"; ma=86400
web3-seaport.js
refundxgas.com/assets/web3-provider/
665 KB
189 KB
Script
General
Full URL
https://refundxgas.com/assets/web3-provider/web3-seaport.js
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e9952bf40a202b4d047ea5157e5c67930667d29749dcecfd20df0fc1a40f276

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tv6Qfp70x9OJ2W468AUNKkkFMo2gNtBnPKY9mYS66t5b%2FGtCyHz%2B%2BHZaIbyu2BAcn6HM6049wK01BButkHtgzZstuDdQXB%2F1D%2F7koXE5H8CFZGsi9kTU%2B8Tzgm1sn9gMLSS9PwcRAiUf7IDt2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84a858f73c7966cf-AMS
alt-svc
h3=":443"; ma=86400
web3-data.js
refundxgas.com/assets/web3-provider/
1 MB
719 KB
Script
General
Full URL
https://refundxgas.com/assets/web3-provider/web3-data.js
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e5f7c28c6614ae5f1fba671c315cbf6d4ff809a305503ddc2eb3e1fe908e0d7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:54 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bc%2BWxJUJMTmVbJ14PQrNZuhF8y035dy1Ez7OH0J2tQb5fvl8zlNiluw9vNgQNiu5Jmx7Gvetm5Ea6T%2FHsWCpzC8o11xzPZ35g6c0JEcbZ5EkRYsU6fGI79ffgeI2B2mo7bIAxM9oNSqA6FCVnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84a858f75c9566cf-AMS
alt-svc
h3=":443"; ma=86400
ethers.js
refundxgas.com/assets/web3-provider/
742 KB
176 KB
Script
General
Full URL
https://refundxgas.com/assets/web3-provider/ethers.js
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2UTXvatIEcHYa5wRIs3WzloZULZJcb%2F7iXck66oxh%2F8PxIagR%2FZqV5QFUXgWKBOO6ZQ1EbOvt%2B3HJ%2BmemUsL3iHvuq3jepoVt%2B%2FupqONu0ZiNN%2BVRQQ2HInv%2Fj8RCC5JqHiVU%2F%2FD6LgFTHjxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84a858f739470e58-AMS
alt-svc
h3=":443"; ma=86400
ethereum-tx.js
refundxgas.com/assets/web3-provider/
317 KB
92 KB
Script
General
Full URL
https://refundxgas.com/assets/web3-provider/ethereum-tx.js
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c9805c397f6744b6bf1aafdc22980094c41e659c636aa453981659fdf873eaf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJif8iK8IKO6Sux1wpBJEeAWNnAQESkm270hOPfKnkoDez1FI5%2BiEa%2BNlLsr4J6WDNs8WJkdlm11XvyaKaSy0BU8jizMnSd566XGDWahAvcwhNiBMlYYsR%2BGIG%2FGGqHu%2FG1AdlXfQ0Kqr7P7%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84a858f7394a0e58-AMS
alt-svc
h3=":443"; ma=86400
web3-provider.js
refundxgas.com/assets/
138 KB
32 KB
Script
General
Full URL
https://refundxgas.com/assets/web3-provider.js
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73312cbf8e81b62c2b7ffd737d9a3897d57c06ebfd2d1216633d3191d44d413d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Wed, 24 Jan 2024 12:40:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 24 Jan 2024 12:36:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4KmGmcJNdkQI8C%2FJmWEzYExuew5EyTIAQmg2sV5%2F7iCmdglBHR3JmYlj9P49VjYh6HO4qrny3AdiIeIo9P6Lk2eXrxBTwNM%2Fue0Gast5bXTMWxob6egiuae06AI2s51iqkRRpHb%2FpotSUXxjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
84a858f7394c0e58-AMS
alt-svc
h3=":443"; ma=86400
pricemulti
min-api.cryptocompare.com/data/
148 B
723 B
Fetch
General
Full URL
https://min-api.cryptocompare.com/data/pricemulti?fsyms=ETH,BNB,MATIC,AVAX,ARB,FTM,OP&tsyms=USD
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/assets/web3-provider.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.4.130.154 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
5c8da7d1700cf3a1a863fd42c18f7193e089e6ea2473c92624800fe2e97a2210
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'

Request headers

Accept
application/json
Referer
https://refundxgas.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date
Wed, 24 Jan 2024 12:40:56 GMT
Content-Security-Policy
frame-ancestors 'none'
X-CryptoCompare-Server-Id
cc-api-min-v2-11
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://refundxgas.com
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
public, max-age=10
Access-Control-Allow-Credentials
true
X-CryptoCompare-Cache-HIT
false
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type, Cookie, Set-Cookie, Authorization
css2
fonts.googleapis.com/
23 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&family=Nunito:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b5b23b720c833da7d8c270aaa3c2951b6f37df719727560e47e2c059a645cec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://refundxgas.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 24 Jan 2024 12:40:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 12:40:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 24 Jan 2024 12:40:54 GMT
/
badfffghj88.com/
80 B
513 B
Fetch
General
Full URL
https://badfffghj88.com/
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/assets/web3-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:2a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8235135dbbf8e98c80059672e3ead5369851727d876131e7f344abc60a66e254

Request headers

Accept
text/plain
Referer
https://refundxgas.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 12:40:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=129hrYNlwcx7at4uh%2Bx4kxfT4NAT9mn1LFX6bkBVD%2Fz5cyAxUJ%2F7H6PsowMy1iEQWxagIGnJKap17kAyrIuAiiA3G0L2QS0iGscgERRIMlYPFmiTiUcimCzBor6Ny3ooHqAEa8HfGFmSWo2cNL8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
84a858fcabca0e3b-AMS
alt-svc
h3=":443"; ma=86400
/
badfffghj88.com/
37 KB
10 KB
Fetch
General
Full URL
https://badfffghj88.com/
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/assets/web3-provider.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:2a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3bac4e38405e132151142c183a8848f1ccfc67a3272d60d3259839f401a5ea47

Request headers

Accept
text/plain
Referer
https://refundxgas.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 12:40:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUg9nTfgGXOsOCFxpE4zJirpP0yGzvrnI%2FmnyitREDj94jgnBXzQ9wy49jvPaHp1CzeKpE2IozPljgewthb7a%2FVnxGN2btdKXBp5vDpmSn47ayt6nLZmpjdSapDywuSdiW%2FoVM%2BJC1f%2FfpxIQyI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
84a858fcec340e3b-AMS
alt-svc
h3=":443"; ma=86400
/
badfffghj88.com/
58 KB
4 KB
Fetch
General
Full URL
https://badfffghj88.com/
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/assets/web3-provider.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4f574647ff2ca8f19b0b7b2656c0f8199a3542baae0028ba3ceaa66ced01491e

Request headers

Accept
text/plain
Referer
https://refundxgas.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 12:40:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maLCgOsiyl7ZhWU%2FbQkn5GxFrnJrK3uf2c%2BKS%2Fi7rWRtGlhifA7tiYYKgJ4XzWmIbEu6f65LEvXjrtBWUVDG5KmEBeB9EaerAMnj%2BGcGvnhp3ex74uAyo9804OrRHInmFIaFJWqWV7v7NFV1hEs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
84a858fd8e750a53-AMS
alt-svc
h3=":443"; ma=86400
/
badfffghj88.com/
40 B
453 B
Fetch
General
Full URL
https://badfffghj88.com/
Requested by
Host: refundxgas.com
URL: https://refundxgas.com/assets/web3-provider.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:2a2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0bdcfd8e9bd6918234ee4f9c31401fc3e3471f4bc71812a6c991b6b0c34e06e9

Request headers

Accept
text/plain
Referer
https://refundxgas.com/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 24 Jan 2024 12:40:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LkWOCsg1a%2BK%2FD5plct4Dk5mUYvvikjbULgHZYQUy8EA9RR4bJIcBatq%2FR5lFIK8L%2BUcrsds37Yy%2F23t1g2i6egggaSI%2Fu5ZnyUoqLXu0KTh5f%2BIfnEjUmBSkNMX6oyYRXjfwLuIeMWlzIBMgShU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
84a858fe3f6f0a53-AMS
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Ethereum (Crypto)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| @walletconnect/ethereum-provider function| Buffer object| global object| process object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| setImmediate function| clearImmediate object| WalletConnectProvider object| regeneratorRuntime function| Web3 function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| _ethers function| MerkleTree function| MerkleMountainRange function| IncrementalMerkleTree function| MerkleSumTree object| seaport object| ethers object| ethereumjs function| _0x4572 object| MS_Worker_ID function| _0x4137 object| MS_MetaMask_ChainData

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

badfffghj88.com
fonts.googleapis.com
min-api.cryptocompare.com
refundxgas.com
20.4.130.154
2606:4700:3031::6815:2a2
2a00:1450:4001:82a::200a
2a06:98c1:3121::3
0bdcfd8e9bd6918234ee4f9c31401fc3e3471f4bc71812a6c991b6b0c34e06e9
0d2d0108dccd06c7b3a250f32dc91986852cdf02eb9c5136db81d888091aa7aa
0e5f7c28c6614ae5f1fba671c315cbf6d4ff809a305503ddc2eb3e1fe908e0d7
200a7f8382380965e4870411c16242e3b3be8453c37886543c663acf611b76ea
22becfcf833e51cc71faf4b3a99c596e5ef3879543f7007065c8a9730692b6ad
39f201db3b9481261cc1660c3c2f9880fb09ef44c1e5fe5d9e2fd9deb818bd10
3bac4e38405e132151142c183a8848f1ccfc67a3272d60d3259839f401a5ea47
3c375e741930e3f2eff14c0a023bcdc610493424119a059a758752c76a9593c0
4baa20e467a3f55ea47d4baf2520a7c9c91a9ce03ddeb9e48e4ba6f703689876
4f574647ff2ca8f19b0b7b2656c0f8199a3542baae0028ba3ceaa66ced01491e
571b68cfb2c3208ba5bd8420dafc5827de5815a9c72718e2324711fbd3b00f12
5b800459f6063a12f07f0e2a2fbeaa4efc884d35b4325fde73c85c9f23c2a05c
5c8da7d1700cf3a1a863fd42c18f7193e089e6ea2473c92624800fe2e97a2210
5c9805c397f6744b6bf1aafdc22980094c41e659c636aa453981659fdf873eaf
66f16c2442eb3e46fc742b2471b21bd5ee5b9729e5196ecaa35af668ae8bc8d7
73312cbf8e81b62c2b7ffd737d9a3897d57c06ebfd2d1216633d3191d44d413d
7e9952bf40a202b4d047ea5157e5c67930667d29749dcecfd20df0fc1a40f276
801d62fc02f89e7c1b414392e066dcda139ea3154cb3a48da721ff9a9df49f1f
8235135dbbf8e98c80059672e3ead5369851727d876131e7f344abc60a66e254
a66293a6a2bb4dee061a68612be0be3c5c0ab7e4068ab8d98a4a357baf664c73
b5b23b720c833da7d8c270aaa3c2951b6f37df719727560e47e2c059a645cec6
c259624218132a2cd36ad673de1ef15631307c4c491c3c63b5e930084b6308ef
c2ab8b77f0645edd26fa1c6e0f69d07cc06d9763b9904e01b71902f12d05c6e9