client.withdrawal-celsius.network Open in urlscan Pro
193.143.1.13  Malicious Activity! Public Scan

Submitted URL: https://href.li/?http://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS
Effective URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Submission: On June 05 via manual from IL — Scanned from IL

Summary

This website contacted 18 IPs in 5 countries across 16 domains to perform 105 HTTP transactions. The main IP is 193.143.1.13, located in Moscow, Russian Federation and belongs to PROTON66, RU. The main domain is client.withdrawal-celsius.network.
TLS certificate: Issued by R3 on June 5th 2024. Valid for: 3 months.
This is the only time client.withdrawal-celsius.network was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Stretto (Legal)

Domain & IP information

IP Address AS Autonomous System
1 192.0.78.27 2635 (AUTOMATTIC)
1 2 209.94.90.1 40680 (PROTOCOL)
2 104.18.11.112 13335 (CLOUDFLAR...)
1 169.150.247.37 60068 (CDN77 _)
49 193.143.1.13 198953 (PROTON66)
1 23.10.249.32 20940 (AKAMAI-ASN1)
2 104.17.25.14 13335 (CLOUDFLAR...)
4 23.10.249.9 20940 (AKAMAI-ASN1)
2 192.229.233.34 15133 (EDGECAST)
1 142.250.186.104 15169 (GOOGLE)
3 142.250.185.238 15169 (GOOGLE)
1 172.67.182.145 13335 (CLOUDFLAR...)
4 34.96.127.16 396982 (GOOGLE-CL...)
4 151.101.1.229 54113 (FASTLY)
26 104.18.28.72 13335 (CLOUDFLAR...)
1 172.217.16.202 15169 (GOOGLE)
1 35.157.175.173 16509 (AMAZON-02)
1 52.57.37.233 ()
105 18
Apex Domain
Subdomains
Transfer
49 withdrawal-celsius.network
client.withdrawal-celsius.network
2 MB
26 web3modal.com
api.web3modal.com — Cisco Umbrella Rank: 102400
70 KB
6 olark.com
static.olark.com — Cisco Umbrella Rank: 17517
log.olark.com — Cisco Umbrella Rank: 18391
22 KB
5 typekit.net
p.typekit.net — Cisco Umbrella Rank: 778
use.typekit.net — Cisco Umbrella Rank: 621
86 KB
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 354
81 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
21 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 260
143 KB
2 cloudflare-eth.com
cloudflare-eth.com — Cisco Umbrella Rank: 179405
322 B
2 ipfs.io
ipfs.io — Cisco Umbrella Rank: 86402
1002 B
1 walletconnect.org
verify.walletconnect.org
1 walletconnect.com
verify.walletconnect.com — Cisco Umbrella Rank: 38547
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
1 KB
1 security-web3-cryptosecurity.ru
security-web3-cryptosecurity.ru
4 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
91 KB
1 ipfs.tech
ipfs.tech — Cisco Umbrella Rank: 197550
5 KB
1 href.li
href.li — Cisco Umbrella Rank: 185585
425 B
105 16
Domain Requested by
49 client.withdrawal-celsius.network ipfs.io
client.withdrawal-celsius.network
26 api.web3modal.com client.withdrawal-celsius.network
4 cdn.jsdelivr.net client.withdrawal-celsius.network
4 log.olark.com client.withdrawal-celsius.network
4 use.typekit.net client.withdrawal-celsius.network
3 www.google-analytics.com client.withdrawal-celsius.network
2 static.olark.com srcdoc
client.withdrawal-celsius.network
2 cdnjs.cloudflare.com client.withdrawal-celsius.network
2 cloudflare-eth.com ipfs.io
2 ipfs.io 1 redirects href.li
1 verify.walletconnect.org client.withdrawal-celsius.network
1 verify.walletconnect.com client.withdrawal-celsius.network
1 fonts.googleapis.com client
1 security-web3-cryptosecurity.ru client.withdrawal-celsius.network
1 www.googletagmanager.com client.withdrawal-celsius.network
1 p.typekit.net client.withdrawal-celsius.network
1 ipfs.tech
1 href.li
105 18

This site contains links to these domains. Also see Links.

Domain
www.stretto.com
cases.stretto.com
www.olark.com
Subject Issuer Validity Valid
tls.automattic.com
R3
2024-05-06 -
2024-08-04
3 months crt.sh
ipfs.io
GTS CA 1P5
2024-04-16 -
2024-07-15
3 months crt.sh
cloudflare-eth.com
GTS CA 1P5
2024-05-21 -
2024-08-19
3 months crt.sh
client.withdrawal-celsius.network
R3
2024-06-05 -
2024-09-03
3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-01 -
2025-03-03
a year crt.sh
cdnjs.cloudflare.com
E1
2024-06-02 -
2024-08-31
3 months crt.sh
static.olark.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-20 -
2025-03-22
a year crt.sh
*.google-analytics.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
security-web3-cryptosecurity.ru
E1
2024-04-13 -
2024-07-12
3 months crt.sh
*.olark.com
GeoTrust TLS RSA CA G1
2023-10-24 -
2024-11-05
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
web3modal.com
E1
2024-06-04 -
2024-09-02
3 months crt.sh
upload.video.google.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
verify.walletconnect.com
Amazon RSA 2048 M02
2024-02-05 -
2025-03-05
a year crt.sh
verify.walletconnect.org
Amazon RSA 2048 M03
2024-02-05 -
2025-03-05
a year crt.sh

This page contains 5 frames:

Primary Page: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Frame ID: C318631C9C48905356F78091AACB59E7
Requests: 85 HTTP requests in this frame

Frame: https://client.withdrawal-celsius.network/claim/Voyager_files/saved_resource.html
Frame ID: 569904E11649C95AB6C9D55C0E7A7170
Requests: 3 HTTP requests in this frame

Frame: https://static.olark.com/jsclient/app.js
Frame ID: 29C9CACFE9FD413B6DB538DA49F16376
Requests: 1 HTTP requests in this frame

Frame: https://verify.walletconnect.com/31b31047eb32d937cd5deb50bb010a9c
Frame ID: B9095F807D48675F81B3532B15058A98
Requests: 1 HTTP requests in this frame

Frame: https://verify.walletconnect.org/31b31047eb32d937cd5deb50bb010a9c
Frame ID: 9F1F1490EA911E12B7B1DB65633823AF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Celsius Distribution

Page URL History Show full URLs

  1. https://href.li/?http://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS Page URL
  2. http://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS HTTP 307
    https://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS Page URL
  3. https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /npm/sweetalert2@([\d.]+)

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

105
Requests

99 %
HTTPS

0 %
IPv6

16
Domains

18
Subdomains

18
IPs

5
Countries

2145 kB
Transfer

7734 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://href.li/?http://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS Page URL
  2. http://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS HTTP 307
    https://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS Page URL
  3. https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS HTTP 307
  • https://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS
Request Chain 4
  • https://ipfs.io/favicon.ico HTTP 301
  • https://ipfs.tech/favicon.ico

105 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
href.li/
606 B
425 B
Document
General
Full URL
https://href.li/?http://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.27 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 05 Jun 2024 10:04:58 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-ac
3.mxp _dca MISS
QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS
ipfs.io/ipfs/
Redirect Chain
  • http://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS
  • https://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS
510 B
830 B
Document
General
Full URL
https://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS
Requested by
Host: href.li
URL: https://href.li/?http://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.94.90.1 , United States, ASN40680 (PROTOCOL, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48b90aef68f914783d402ec5a638422adb1f61799f907c258a1e8818253a93e1

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://href.li/?http://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type Range User-Agent X-Requested-With
access-control-allow-methods
GET HEAD OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length Content-Range X-Chunked-Output X-Ipfs-Path X-Ipfs-Roots X-Stream-Output
age
12300
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=29030400, immutable
cf-cache-status
HIT
cf-ray
88ef57745dc3e3d3-TLV
content-encoding
br
content-type
text/html
date
Wed, 05 Jun 2024 10:04:58 GMT
server
cloudflare
vary
Accept-Encoding
x-ipfs-path
/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS
x-ipfs-pop
rainbow-fr2-01
x-ipfs-roots
QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS

Redirect headers

Cross-Origin-Resource-Policy
Cross-Origin
Location
https://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS
Non-Authoritative-Reason
HSTS
/
cloudflare-eth.com/
358 B
322 B
Fetch
General
Full URL
https://cloudflare-eth.com/
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53a73efa7ac773e59f3c654359e81ed85512a59f9edc8da1798388464a56426

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://ipfs.io/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 05 Jun 2024 10:04:59 GMT
x-cf-eth-has-latest-tag
true
content-encoding
br
x-cf-eth-methods
eth_call
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
POST, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
88ef5775ec64e3ed-TLV
access-control-allow-headers
Content-Type
alt-svc
h3=":443"; ma=86400
/
cloudflare-eth.com/ Frame
0
0
Preflight
General
Full URL
https://cloudflare-eth.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.11.112 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ipfs.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cf-ray
88ef57757bc8e3ed-TLV
content-length
0
date
Wed, 05 Jun 2024 10:04:59 GMT
server
cloudflare
vary
Accept-Encoding
favicon.ico
ipfs.tech/
Redirect Chain
  • https://ipfs.io/favicon.ico
  • https://ipfs.tech/favicon.ico
15 KB
5 KB
Other
General
Full URL
https://ipfs.tech/favicon.ico
Protocol
H2
Server
169.150.247.37 Frankfurt am Main, Germany, ASN60068 (CDN77 _, GB),
Reverse DNS
169-150-247-37.bunnyinfra.net
Software
BunnyCDN-DE1-1080 /
Resource Hash
94a9fefbbe42310c03ff1e52c1f753c21038805f632867ea78930a52c445a456
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://ipfs.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 05 Jun 2024 10:04:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
content-encoding
br
cdn-edgestorageid
1081
x-cache-status
MISS
cdn-cachedat
04/28/2024 13:52:02
cdn-pullzone
2016121
x-xss-protection
0
x-request-id
d11de914c93bce2139a1bcd4aa45debb
referrer-policy
strict-origin-when-cross-origin
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
x-ipfs-roots
bafybeigi77rim3p5tw3upw2ca4ep5ng7uaarvrz46zidd2ai6cjh46yxoy,QmULFXXZMtQ2wCXDU6L8d9R4bYiQi7GpENhhZFF7ctPJDT
etag
W/"QmULFXXZMtQ2wCXDU6L8d9R4bYiQi7GpENhhZFF7ctPJDT"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/x-icon
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
070ccd6e-b4b0-4c90-b45a-e26d7534205d
access-control-expose-headers
Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
cache-control
max-age=60, stale-while-revalidate=3600
x-ipfs-path
/ipfs/bafybeigi77rim3p5tw3upw2ca4ep5ng7uaarvrz46zidd2ai6cjh46yxoy/favicon.ico
cdn-requestpullcode
200
cdn-requestid
5685823c4c9e7fcc67c2be39d26317e3
cdn-requestcountrycode
IL
access-control-allow-headers
Content-Type, Range, User-Agent, X-Requested-With
cdn-status
200
cdn-requestpullsuccess
True

Redirect headers

date
Wed, 05 Jun 2024 10:04:59 GMT
cf-cache-status
HIT
x-ipfs-pop
rainbow-fr2-02
server
cloudflare
vary
Accept-Encoding
content-type
text/html
location
https://ipfs.tech/favicon.ico
cf-ray
88ef57750eb7e3d3-TLV
alt-svc
h3=":443"; ma=86400
Primary Request /
client.withdrawal-celsius.network/claim/
30 KB
9 KB
Document
General
Full URL
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Requested by
Host: ipfs.io
URL: https://ipfs.io/ipfs/QmQoUYfdG6pMvbcxjwTS491x4TwPeTk7qVCdHJwgzGsFdS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
87992c2a32036ec241a43f5042654e4bce7788434c3ac293d6afa39b1af06df9

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://ipfs.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-encoding
br
content-type
text/html
date
Wed, 05 Jun 2024 10:04:59 GMT
etag
W/"66600668-78f3"
last-modified
Wed, 05 Jun 2024 06:32:08 GMT
server
nginx
x-powered-by
PleskLin
jquery-simple-mobilemenu.css
client.withdrawal-celsius.network/claim/Voyager_files/
3 KB
1016 B
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/jquery-simple-mobilemenu.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
c776e11cc488f18eaba0dd193d69ac11b435ca58e0a983490086a36fdad7c030

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 22:28:46 GMT
server
nginx
etag
W/"66219e9e-d9f"
x-powered-by
PleskLin
content-type
text/css
bootstrap.css
client.withdrawal-celsius.network/claim/Voyager_files/
169 KB
20 KB
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/bootstrap.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
a5b36333c91eab5ae6884f2058041b1cb4e67f7555e14c1f07ae895af5c04c89

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 22:28:36 GMT
server
nginx
etag
W/"66219e94-2a5fe"
x-powered-by
PleskLin
content-type
text/css
style.css
client.withdrawal-celsius.network/claim/Voyager_files/
37 KB
7 KB
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/style.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
4d147216f3002eb26020124dfe6cdf845ce3417a323f640e36ffe071528cd2e1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 22:28:48 GMT
server
nginx
etag
W/"66219ea0-9406"
x-powered-by
PleskLin
content-type
text/css
custom.min.css
client.withdrawal-celsius.network/claim/Voyager_files/
10 KB
2 KB
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/custom.min.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3570f78164c933794b9f2caee64d5cbeee9888b3ede7a46355972367f544f6a0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 22:28:45 GMT
server
nginx
etag
W/"66219e9d-265f"
x-powered-by
PleskLin
content-type
text/css
responsive.min.css
client.withdrawal-celsius.network/claim/Voyager_files/
1 KB
727 B
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/responsive.min.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
665430bdd1bc4a275bf574948dedbb436896233814d1d65728a35fd437d291fc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 22:28:52 GMT
server
nginx
etag
W/"66219ea4-5e0"
x-powered-by
PleskLin
content-type
text/css
css2
client.withdrawal-celsius.network/claim/Voyager_files/
4 KB
5 KB
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/css2
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
last-modified
Thu, 18 Apr 2024 22:28:54 GMT
server
nginx
etag
"66219ea6-11bc"
x-powered-by
PleskLin
content-type
application/octet-stream
accept-ranges
bytes
content-length
4540
ctv4hmv.css
client.withdrawal-celsius.network/claim/Voyager_files/
6 KB
866 B
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/ctv4hmv.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
c1369cc6af6ae0ea46a62192b39d805dc78a4dab65a14fc51becd4d67b2ffdc3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 22:28:32 GMT
server
nginx
etag
W/"66219e90-17be"
x-powered-by
PleskLin
content-type
text/css
font-awesome.css
client.withdrawal-celsius.network/claim/Voyager_files/
21 KB
4 KB
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/font-awesome.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 22:28:48 GMT
server
nginx
etag
W/"66219ea0-549a"
x-powered-by
PleskLin
content-type
text/css
analytics.js.download
client.withdrawal-celsius.network/claim/Voyager_files/
52 KB
20 KB
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/analytics.js.download
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 22:28:51 GMT
server
nginx
etag
W/"66219ea3-ceb4"
x-powered-by
PleskLin
content-type
application/javascript
js
client.withdrawal-celsius.network/claim/Voyager_files/
184 KB
184 KB
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
c3d134313ae6f18c2915b87042a81b03a8866d733ef83d61fce81bde7fa5fa10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
last-modified
Thu, 18 Apr 2024 22:28:38 GMT
server
nginx
etag
"66219e96-2e034"
x-powered-by
PleskLin
content-type
application/octet-stream
accept-ranges
bytes
content-length
188468
js(1)
client.withdrawal-celsius.network/claim/Voyager_files/
224 KB
224 KB
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/js(1)
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
613bc12aa7f33d10086042031dc51dc19d9bb0b60f11dc11d79bd346174ebceb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
last-modified
Thu, 18 Apr 2024 22:28:37 GMT
server
nginx
etag
"66219e95-37f92"
x-powered-by
PleskLin
content-type
application/octet-stream
accept-ranges
bytes
content-length
229266
base.css
client.withdrawal-celsius.network/claim/Voyager_files/
936 B
588 B
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/base.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
10710090d6c781d51e29c098ce8f0d1ebbd90c4b0f8f8d1138f70d190ea59330

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
gzip
last-modified
Thu, 18 Apr 2024 22:28:55 GMT
server
nginx
x-accel-version
0.01
etag
"3a8-616667f17b7c0-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
381
textbox.css
client.withdrawal-celsius.network/claim/Voyager_files/
320 B
391 B
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/textbox.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
ea9fe6f470bc7a96a9300a54b43db1e0c7589069e97830c0cb4a291c4688179d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
gzip
last-modified
Thu, 18 Apr 2024 22:28:38 GMT
server
nginx
x-accel-version
0.01
etag
"140-616667e145180-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
184
button.css
client.withdrawal-celsius.network/claim/Voyager_files/
748 B
543 B
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/button.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2f7990fd586ebadf1d39337d9310d3440fe599b7ea0041145235d450d19c4ee9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
gzip
last-modified
Thu, 18 Apr 2024 22:28:50 GMT
server
nginx
x-accel-version
0.01
etag
"2ec-616667ecb6c80-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
337
form.min.css
client.withdrawal-celsius.network/claim/Voyager_files/
15 KB
3 KB
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/form.min.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e3c5ddbd3734533a01c70632ee04d57382dc05f628723c6b5b36d68da6c61155

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 22:28:45 GMT
server
nginx
etag
W/"66219e9d-3bc8"
x-powered-by
PleskLin
content-type
text/css
cookie-policy.min.css
client.withdrawal-celsius.network/claim/Voyager_files/
1 KB
636 B
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/cookie-policy.min.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
0abb1dd90f49c0af581d6d81a8a5edf63266c4a34a9039f7c391e492ed1ce4ae

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 22:28:41 GMT
server
nginx
etag
W/"66219e99-5db"
x-powered-by
PleskLin
content-type
text/css
vue.global.prod.js.download
client.withdrawal-celsius.network/claim/Voyager_files/
125 KB
45 KB
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/vue.global.prod.js.download
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
da77709c70be37662de07c0e01da3201be91eaef4376df91dd30468a3e94df94

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 22:28:43 GMT
server
nginx
etag
W/"66219e9b-1f243"
x-powered-by
PleskLin
content-type
application/javascript
app
client.withdrawal-celsius.network/claim/Voyager_files/
12 KB
12 KB
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/app
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
80e112270014c708acf9bbede1bbd7e3cc281404dbdc35933604c17e408870b8

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Origin
https://client.withdrawal-celsius.network
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
last-modified
Thu, 18 Apr 2024 22:28:34 GMT
server
nginx
etag
"66219e92-2fdf"
x-powered-by
PleskLin
content-type
application/octet-stream
accept-ranges
bytes
content-length
12255
app(1)
client.withdrawal-celsius.network/claim/Voyager_files/
12 KB
12 KB
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/app(1)
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
91f68f65af1532b23cbddb05a48a8cc3d92789befdaf4c94b395729775820065

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Origin
https://client.withdrawal-celsius.network
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
last-modified
Thu, 18 Apr 2024 22:28:53 GMT
server
nginx
etag
"66219ea5-2fdf"
x-powered-by
PleskLin
content-type
application/octet-stream
accept-ranges
bytes
content-length
12255
cookie-policy.min.js.download
client.withdrawal-celsius.network/claim/Voyager_files/
927 B
683 B
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/cookie-policy.min.js.download
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
9abcf37604a770b7736d7b191c8a49dc0daa5fa0cf6c9dfeb5642111fec2b108

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
gzip
last-modified
Thu, 18 Apr 2024 22:28:39 GMT
server
nginx
x-accel-version
0.01
etag
"39f-616667e2393c0-gzip"
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
466
rofltest.js
client.withdrawal-celsius.network/claim/
3 MB
443 KB
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/rofltest.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
78ad308e2ad3d5fd606a13693a00d15369927237abef0ce044807a450cc86e07

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 06:31:42 GMT
server
nginx
etag
W/"6660064e-2893d5"
x-powered-by
PleskLin
content-type
application/javascript
theme.css
client.withdrawal-celsius.network/claim/Voyager_files/
167 KB
18 KB
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/theme.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
7462596be483e2fa5642286df7fd84beccd98f5e5e1107c5afa883573709e4b6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 22:28:33 GMT
server
nginx
etag
W/"66219e91-29dec"
x-powered-by
PleskLin
content-type
text/css
stretto-logo-dark.svg
client.withdrawal-celsius.network/claim/Voyager_files/
3 KB
3 KB
Image
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/stretto-logo-dark.svg
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
de2226910ceb20f69a14f872ae61efa98c4ffa5dfd9bcabc882a4861ff605514

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
last-modified
Thu, 18 Apr 2024 22:28:42 GMT
server
nginx
etag
"66219e9a-ac2"
x-powered-by
PleskLin
content-type
image/svg+xml
accept-ranges
bytes
content-length
2754
voyager-logo.jpg
client.withdrawal-celsius.network/claim/Voyager_files/
6 KB
6 KB
Image
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/voyager-logo.jpg
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
9d25e1a72052bda62d6ffafb635519fd563880215df7105cbb9cc77f211d0ab3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
last-modified
Thu, 18 Apr 2024 22:28:35 GMT
server
nginx
etag
"66219e93-18d2"
x-powered-by
PleskLin
content-type
image/jpeg
accept-ranges
bytes
content-length
6354
jquery-3.6.1.min.js
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/jquery-3.6.1.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
jquery-simple-mobilemenu.min.js
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/jquery-simple-mobilemenu.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
jquery-ui-1.13.2.min.css
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/jquery-ui-1.13.2.min.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
jquery-ui-1.13.2.min.js
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/jquery-ui-1.13.2.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
bootstrap.min.js
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/bootstrap.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Origin
https://client.withdrawal-celsius.network
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
olark.js
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/olark.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
jquery.inview.min.js
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/jquery.inview.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
wow.min.js
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/wow.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
mousescroll.min.js
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/mousescroll.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
jquery.countto.min.js
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/jquery.countto.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
main.min.js
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/main.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
stretto-icon-orange.png
client.withdrawal-celsius.network/claim/Celsius_files/
808 B
808 B
Image
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/stretto-icon-orange.png
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
redirect-popup.js
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/redirect-popup.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
iframeResizer.contentWindow.min.js
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/iframeResizer.contentWindow.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
iframeResizer.min.js
client.withdrawal-celsius.network/claim/Celsius_files/
0
0
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Celsius_files/iframeResizer.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=ctv4hmv&ht=tk&f=37155.37156.37157.37158.37159.37160.37163.37164&a=92821537&app=typekit&e=css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/ctv4hmv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.10.249.32 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-249-32.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
last-modified
Fri, 14 Jul 2023 12:39:49 GMT
server
nginx
etag
"64b14215-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
crypto-js.min.js
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/
59 KB
20 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/rofltest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
72257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19621
last-modified
Tue, 24 Oct 2023 23:03:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65384d58-4ca5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AZKrTENjEcIQAuL07KodsxsK54ibEi20BscQ%2FvRrvNY1z8OSCrcHrqf6d9pqXNoAIDZGC7i3Hm8Xp8adS0TYNjSbDw8ngiInhZdPvJVNGHpnpHktoWTCEwBwx4gJUcTy29PcN2MU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88ef57813a04903c-FRA
expires
Mon, 26 May 2025 10:05:01 GMT
bg.jpg
client.withdrawal-celsius.network/claim/images/
808 B
808 B
Image
General
Full URL
https://client.withdrawal-celsius.network/claim/images/bg.jpg
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/Voyager_files/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
saved_resource.html
client.withdrawal-celsius.network/claim/Voyager_files/ Frame 5699
400 B
498 B
Document
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/saved_resource.html
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
418b2d4619c0c1aa194dcc7f186c01ceb20a2df69ce7a34318bd7301e1a76bc7

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
290
content-type
text/html
date
Wed, 05 Jun 2024 10:05:00 GMT
etag
"190-616667f17b7c0-gzip"
last-modified
Thu, 18 Apr 2024 22:28:55 GMT
server
nginx
vary
Accept-Encoding
x-accel-version
0.01
x-powered-by
PleskLin
hero-bg.png
client.withdrawal-celsius.network/themes/stretto/images/
808 B
808 B
Image
General
Full URL
https://client.withdrawal-celsius.network/themes/stretto/images/hero-bg.png
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/custom.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/Voyager_files/custom.min.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
up-chevron.svg
client.withdrawal-celsius.network/themes/stretto/images/
808 B
808 B
Image
General
Full URL
https://client.withdrawal-celsius.network/themes/stretto/images/up-chevron.svg
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx /
Resource Hash
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/Voyager_files/style.css
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:00 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 07:33:17 GMT
server
nginx
etag
W/"328-61a1f9473c652"
content-type
text/html
l
use.typekit.net/af/4752b2/00000000000000003b9b11f7/27/
21 KB
21 KB
Font
General
Full URL
https://use.typekit.net/af/4752b2/00000000000000003b9b11f7/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/ctv4hmv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.10.249.9 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-249-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3c675b4e8da56db009de4dadd92242078fb2361310c3e049daf34fc23be76019

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Origin
https://client.withdrawal-celsius.network
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
server
nginx
etag
"7aff8780dbd5f472060dcdff2651e94e2deebfa2"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21672
l
use.typekit.net/af/0ae91f/00000000000000003b9b11f5/27/
21 KB
21 KB
Font
General
Full URL
https://use.typekit.net/af/0ae91f/00000000000000003b9b11f5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n2&v=3
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/ctv4hmv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.10.249.9 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-249-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
09213314c543aa8dae87413e2a350f562918fde39a8737dd18b42cafe818fa90

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Origin
https://client.withdrawal-celsius.network
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
server
nginx
etag
"8e26092cfca0c58f6d816b4e2c4f473103379684"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
21392
l
use.typekit.net/af/ead1a8/00000000000000003b9b11fa/27/
22 KB
22 KB
Font
General
Full URL
https://use.typekit.net/af/ead1a8/00000000000000003b9b11fa/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/ctv4hmv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.10.249.9 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-249-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
cf3580be69ed8aaf2932c64571f4d548260ba62622025baf55bb5e6f68c8c976

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Origin
https://client.withdrawal-celsius.network
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
server
nginx
etag
"f599da3e6b81c9b7680ebb453974f14eaa8f5e3a"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22140
l
use.typekit.net/af/628caf/00000000000000003b9b11fe/27/
22 KB
22 KB
Font
General
Full URL
https://use.typekit.net/af/628caf/00000000000000003b9b11fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/ctv4hmv.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.10.249.9 Glattbrugg, Switzerland, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-10-249-9.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4d30430968b2b89eab2e10ae3129e933a0c939276d6722d1f0b1a18d6e118e50

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Origin
https://client.withdrawal-celsius.network
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
server
nginx
etag
"8d5aa3ba825433cf35292039b936e38fb1569c15"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
22244
app.js
static.olark.com/jsclient/ Frame 29C9
55 KB
19 KB
Script
General
Full URL
https://static.olark.com/jsclient/app.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.34 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6762) /
Resource Hash
da738cc3ffa0dd81d8e7b9b3789ac5b7e6ff8bc9cb2bf656df94c238d78174fe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 28 May 2024 14:26:37 GMT
server
ECS (frb/6762)
age
5829
etag
W/"6655e99d-dca1"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
18752
expires
Wed, 05 Jun 2024 13:05:01 GMT
js
www.googletagmanager.com/gtag/
259 KB
91 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-377YNK71V6&l=dataLayer&cx=c
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
8d42b2ad7c1c3ad489f7e250ee180da8b1182e1bf92bcfe326a8ea0f6032e4f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92531
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 05 Jun 2024 10:05:01 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 05 Jun 2024 09:41:03 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1438
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 05 Jun 2024 11:41:03 GMT
collect
www.google-analytics.com/j/
1 B
218 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1215198925&t=pageview&_s=1&dl=https%3A%2F%2Fclient.withdrawal-celsius.network%2Fclaim%2F%3FWithdraw%3Dx142939%2FBTC%2FETH%2FXRP%2FUSDT%2FUSDC&dr=https%3A%2F%2Fipfs.io%2F&ul=he-il&de=UTF-8&dt=Celsius%20Distribution&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=326688234&gjid=1988822106&cid=259207790.1717581901&tid=UA-132878696-1&_gid=565284293.1717581901&_r=1&gtm=457e39d0&jsscut=1&z=1948497254
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/analytics.js.download
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 10:05:01 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://client.withdrawal-celsius.network
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader0.js.download
client.withdrawal-celsius.network/claim/Voyager_files/ Frame 5699
9 KB
3 KB
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/Voyager_files/loader0.js.download
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/saved_resource.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e4d08f877611f0c9211f3099d2bf66a57b97f4c8a03e4bc8f9dcc9299b4d09e7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/Voyager_files/saved_resource.html
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
content-encoding
br
last-modified
Thu, 18 Apr 2024 22:28:40 GMT
server
nginx
etag
W/"66219e98-224a"
x-powered-by
PleskLin
content-type
application/javascript
collect
www.google-analytics.com/g/
0
56 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-377YNK71V6&gtm=45je39d0&_p=1215198925&cid=259207790.1717581901&ul=he-il&sr=1600x1200&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.141%7CChromium%3B125.0.6422.141%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&_eu=AAAI&_s=1&sid=1717581901&sct=1&seg=0&dl=https%3A%2F%2Fclient.withdrawal-celsius.network%2Fclaim%2F%3FWithdraw%3Dx142939%2FBTC%2FETH%2FXRP%2FUSDT%2FUSDC&dr=https%3A%2F%2Fipfs.io%2F&dt=Celsius%20Distribution&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/js(1)
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 05 Jun 2024 10:05:01 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://client.withdrawal-celsius.network
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
security-web3-cryptosecurity.ru/
5 KB
4 KB
Fetch
General
Full URL
https://security-web3-cryptosecurity.ru/config
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/rofltest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.182.145 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d6ce7b41b4f76aa19200cf9a5b42f9b7fb4dac7f933dbc63f3e98b30fbf6c6e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ZmxJbcfW4e88Le%2FGdI0gfmeUuKHRYyYIAeejDixw50ECPjS4IDW2CM%2BtDFQmGKyz7joqCN%2BXAf0tiutR2GVcfkH%2BgxrFNKIixwBH0dZW2q9HY%2BgwCTUm3x3GN1EUEIS9lTGZjZ2tluutrVXrreTxE23"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cf-ray
88ef57848d81bbd3-FRA
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
log.png
log.olark.com/jslog/
2 B
61 B
Image
General
Full URL
https://log.olark.com/jslog/log.png?version=framestore&location=https%3A%2F%2Fclient.withdrawal-celsius.network%2Fclaim%2FVo&referrer=https%3A%2F%2Fclient.&message=Cannot%20read%20properties%20of%20undefined%20(reading%20%27replace%27)&tabname=oktab6173104388206208&bucket=loader&level=pre-load&timestamp=1717581901279&properties=%7B%7D&recent_logs=%5B%5D
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.127.16 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.127.96.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
cache-control
no-store
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain
log.png
log.olark.com/jslog/
2 B
137 B
Image
General
Full URL
https://log.olark.com/jslog/log.png?version=framestore&location=https%3A%2F%2Fclient.withdrawal-celsius.network%2Fclaim%2FVo&referrer=https%3A%2F%2Fclient.&message=%23iframe-load-failure&tabname=oktab6173104388206208&bucket=loader&level=pre-load&timestamp=1717581901280&properties=%7B%7D&recent_logs=%5B%5D
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.127.16 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.127.96.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
cache-control
no-store
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain
loader0.js
static.olark.com/jsclient/ Frame 5699
9 KB
3 KB
Script
General
Full URL
https://static.olark.com/jsclient/loader0.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/Voyager_files/saved_resource.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.233.34 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
e4d08f877611f0c9211f3099d2bf66a57b97f4c8a03e4bc8f9dcc9299b4d09e7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
content-encoding
gzip
via
1.1 google
last-modified
Wed, 29 Nov 2023 20:57:01 GMT
server
ECS (frb/668C)
age
362
etag
"6567a59d-224a"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
p3p
CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
cache-control
max-age=2700
accept-ranges
bytes
content-length
3152
expires
Wed, 05 Jun 2024 10:50:01 GMT
log.png
log.olark.com/jslog/
2 B
61 B
Image
General
Full URL
https://log.olark.com/jslog/log.png?version=framestore&location=https%3A%2F%2Fclient.withdrawal-celsius.network%2Fclaim%2FVo&referrer=https%3A%2F%2Fclient.&message=Cannot%20read%20properties%20of%20undefined%20(reading%20%27replace%27)&tabname=oktab6173104388206208&bucket=loader&level=pre-load&timestamp=1717581901597&properties=%7B%7D&recent_logs=%5B%5D
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.127.16 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.127.96.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
cache-control
no-store
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain
log.png
log.olark.com/jslog/
2 B
61 B
Image
General
Full URL
https://log.olark.com/jslog/log.png?version=framestore&location=https%3A%2F%2Fclient.withdrawal-celsius.network%2Fclaim%2FVo&referrer=https%3A%2F%2Fclient.&message=%23iframe-load-failure&tabname=oktab6173104388206208&bucket=loader&level=pre-load&timestamp=1717581901597&properties=%7B%7D&recent_logs=%5B%5D
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.127.16 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
16.127.96.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
cache-control
no-store
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain
ethers.umd.min.js
cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/
719 KB
124 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/rofltest.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
51965
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
125841
last-modified
Sat, 18 Jun 2022 08:07:49 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62ad87d5-1eb91"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WRfW7fhtDyeMWucy8YBmTwtCnddjOOzRDlRm%2Bc84KZjLeJxykWeZ02%2Fr%2FcbkxQvudN6ziutqTN%2B1K%2BiwhUDZ4lHJA%2FUlgw0HAZgAhGSmLmql%2BGCR%2FmfLeR3Fm7p7kWlejH0gQUub"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
88ef5785e86d903c-FRA
expires
Mon, 26 May 2025 10:05:01 GMT
merkletree.js
cdn.jsdelivr.net/npm/merkletreejs@latest/
209 KB
50 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/merkletreejs@latest/merkletree.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/rofltest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af00d2cec87b70e8139926da6426dd0686ff9a8207386658b6d72ee4e799c2e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 05 Jun 2024 10:05:01 GMT
x-content-type-options
nosniff
content-encoding
br
age
15250
x-jsd-version
0.3.11
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
51348
x-served-by
cache-fra-etou8220103-FRA, cache-mrs1050111-MRS
x-jsd-version-type
version
etag
W/"343f5-wn3//e2DIG1tBGj3Z3By+fDhqDc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
disable-devtool
cdn.jsdelivr.net/npm/
17 KB
7 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/disable-devtool
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/rofltest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 05 Jun 2024 10:05:01 GMT
x-content-type-options
nosniff
content-encoding
br
age
26240
x-jsd-version
0.3.7
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6741
x-served-by
cache-fra-eddf8230052-FRA, cache-mrs1050111-MRS
x-jsd-version-type
version
etag
W/"4372-w4TGldenTh5CcrE/nVlC0PJNCZ0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
wallet-connect-v4.js
client.withdrawal-celsius.network/claim/scripts/
2 MB
501 KB
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/rofltest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f30375000e27f674b912ccffc7430dc390e6430bb4f75f93a569a6feeed2dfb1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 06:32:24 GMT
server
nginx
etag
W/"66600678-21ec35"
x-powered-by
PleskLin
content-type
application/javascript
sweetalert2@11
cdn.jsdelivr.net/npm/
74 KB
21 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/sweetalert2@11
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/rofltest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2584f1885aff249823fb25118913821d46877621d40464fba2e9fd2e20267ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 05 Jun 2024 10:05:01 GMT
x-content-type-options
nosniff
content-encoding
br
age
7953
x-jsd-version
11.11.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21319
x-served-by
cache-fra-eddf8230029-FRA, cache-mrs1050111-MRS
x-jsd-version-type
version
etag
W/"129b5-LpsgZSoSzj1G/pG5TPgqH2pW6lY"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
autocomplete.min.js
cdn.jsdelivr.net/npm/autocompleter@9.2.1/
6 KB
2 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/autocompleter@9.2.1/autocomplete.min.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/rofltest.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ad210c53d6d3b61146779594a306e0d0f48272ebf884284700613baa05919c74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 05 Jun 2024 10:05:01 GMT
x-content-type-options
nosniff
content-encoding
br
age
2238957
x-jsd-version
9.2.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2332
x-served-by
cache-fra-eddf8230045-FRA, cache-mrs1050111-MRS
x-jsd-version-type
version
etag
W/"1778-T/efyFDYUSEmqnfjRzQWaoXGxew"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bip39.js
client.withdrawal-celsius.network/claim/scripts/
254 KB
81 KB
Script
General
Full URL
https://client.withdrawal-celsius.network/claim/scripts/bip39.js
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/rofltest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
0bbb22ac1a16648fa3bd0a5709d2080888b7ef460915b4278660e29e5cd44bf6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 06:32:30 GMT
server
nginx
etag
W/"6660067e-3f6fe"
x-powered-by
PleskLin
content-type
application/javascript
modal-12-seed.css
client.withdrawal-celsius.network/claim/styles/
29 KB
5 KB
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/styles/modal-12-seed.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/rofltest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
758da85c5127a315fe4e67693465a101bb858ec1b0cc98092753f41ca7052a03

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 06:33:03 GMT
server
nginx
etag
W/"6660069f-72c6"
x-powered-by
PleskLin
content-type
text/css
popup-5.css
client.withdrawal-celsius.network/claim/styles/
6 KB
1 KB
Stylesheet
General
Full URL
https://client.withdrawal-celsius.network/claim/styles/popup-5.css
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/rofltest.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.143.1.13 Moscow, Russian Federation, ASN198953 (PROTON66, RU),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
44b18f3c3f733e256b6f0c722f888f39c038d875e2132d8ad6883134b445d8c9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/claim/?Withdraw=x142939/BTC/ETH/XRP/USDT/USDC
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:01 GMT
content-encoding
br
last-modified
Wed, 05 Jun 2024 06:33:01 GMT
server
nginx
etag
W/"6660069d-1896"
x-powered-by
PleskLin
content-type
text/css
getWallets
api.web3modal.com/ Frame
0
0
Preflight
General
Full URL
https://api.web3modal.com/getWallets?page=1&entries=3&include=c57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2Ce9ff15be73584489ca4a66f64d32c4537711797e30b6660dbcb71ea72a42b1f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-project-id,x-sdk-type,x-sdk-version
Access-Control-Request-Method
GET
Origin
https://client.withdrawal-celsius.network
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
88ef578a1bf0e3db-TLV
date
Wed, 05 Jun 2024 10:05:02 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
css2
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f10.1e100.net
Software
ESF /
Resource Hash
77190354256d2bb6e2f740715bbc72c1af70ec722773ab27bd7ddd63dac90529
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://client.withdrawal-celsius.network/
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 05 Jun 2024 10:05:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 05 Jun 2024 08:49:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 05 Jun 2024 10:05:02 GMT
getWallets
api.web3modal.com/
2 KB
954 B
Fetch
General
Full URL
https://api.web3modal.com/getWallets?page=1&entries=3&include=c57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2Ce9ff15be73584489ca4a66f64d32c4537711797e30b6660dbcb71ea72a42b1f4
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c193ef2412fc65775f6d294868d8d39ec67aa3a61fae4c1cf0a581331b86cdd2

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-sdk-version
html-wagmi-4.1.11
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://client.withdrawal-celsius.network/
x-sdk-type
w3m
x-project-id
31b31047eb32d937cd5deb50bb010a9c
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:02 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=43200, s-maxage=21600
x-robots-tag
noindex
cf-ray
88ef578a8c77e3db-TLV
alt-svc
h3=":443"; ma=86400
getWallets
api.web3modal.com/
2 KB
1 KB
Fetch
General
Full URL
https://api.web3modal.com/getWallets?page=1&entries=4&exclude=c57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2Ce9ff15be73584489ca4a66f64d32c4537711797e30b6660dbcb71ea72a42b1f4
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0156b73b9a7e64e8a848885f1b653ecf8d5ffb2394411a9f221787c229f258e1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-sdk-version
html-wagmi-4.1.11
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://client.withdrawal-celsius.network/
x-sdk-type
w3m
x-project-id
31b31047eb32d937cd5deb50bb010a9c
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:02 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Jun 2024 04:23:59 GMT
server
cloudflare
age
20463
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=43200
cf-ray
88ef578a8c80e3db-TLV
x-robots-tag
noindex
alt-svc
h3=":443"; ma=86400
expires
Wed, 05 Jun 2024 22:05:02 GMT
692ed6ba-e569-459a-556a-776476829e00
api.web3modal.com/public/getAssetImage/
0
2 KB
Fetch
General
Full URL
https://api.web3modal.com/public/getAssetImage/692ed6ba-e569-459a-556a-776476829e00
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-sdk-version
html-wagmi-4.1.11
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://client.withdrawal-celsius.network/
x-sdk-type
w3m
x-project-id
31b31047eb32d937cd5deb50bb010a9c
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=730+0 c=0+16 v=2024.5.3 l=1962
date
Wed, 05 Jun 2024 10:05:02 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
62202
x-wc-r2-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
1962
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfaRKjj98wG78-Q94g8ciN3whHUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
88ef578a8c7ce3db-TLV
x-robots-tag
noindex
expires
Thu, 05 Jun 2025 10:05:02 GMT
ef1a1fcf-7fe8-4d69-bd6d-fda1345b4400
api.web3modal.com/public/getAssetImage/
0
5 KB
Fetch
General
Full URL
https://api.web3modal.com/public/getAssetImage/ef1a1fcf-7fe8-4d69-bd6d-fda1345b4400
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-sdk-version
html-wagmi-4.1.11
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://client.withdrawal-celsius.network/
x-sdk-type
w3m
x-project-id
31b31047eb32d937cd5deb50bb010a9c
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=831+0 c=1+14 v=2024.5.3 l=4624
date
Wed, 05 Jun 2024 10:05:02 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
82463
x-wc-r2-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
4624
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfRx5BuyC7eclsMS9LWuzHtxGJUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
88ef578a8c84e3db-TLV
x-robots-tag
noindex
expires
Thu, 05 Jun 2025 10:05:02 GMT
0c2840c3-5b04-4c44-9661-fbd4b49e1800
api.web3modal.com/public/getAssetImage/
0
5 KB
Fetch
General
Full URL
https://api.web3modal.com/public/getAssetImage/0c2840c3-5b04-4c44-9661-fbd4b49e1800
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-sdk-version
html-wagmi-4.1.11
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://client.withdrawal-celsius.network/
x-sdk-type
w3m
x-project-id
31b31047eb32d937cd5deb50bb010a9c
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=753+0 c=2+23 v=2024.5.3 l=4356
date
Wed, 05 Jun 2024 10:05:02 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
62956
x-wc-r2-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
4356
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cf3ispWE62A-P6WwAnoXfYmxdfUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
88ef578a9c9ce3db-TLV
x-robots-tag
noindex
expires
Thu, 05 Jun 2025 10:05:02 GMT
getAnalyticsConfig
api.web3modal.com/
27 B
202 B
Fetch
General
Full URL
https://api.web3modal.com/getAnalyticsConfig
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90ad108ce1b418458d069b5801de5025dbd120f27c42da4aec89b92dff6cf238

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-sdk-version
html-wagmi-4.1.11
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://client.withdrawal-celsius.network/
x-sdk-type
w3m
x-project-id
31b31047eb32d937cd5deb50bb010a9c
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 05 Jun 2024 10:05:03 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1800, s-maxage=900
x-robots-tag
noindex
cf-ray
88ef578a8c89e3db-TLV
content-length
27
alt-svc
h3=":443"; ma=86400
getWallets
api.web3modal.com/ Frame
0
0
Preflight
General
Full URL
https://api.web3modal.com/getWallets?page=1&entries=4&exclude=c57ca95b47569778a828d19178114f4db188b89b763c899ba0be274e97267d96%2C4622a2b2d6af1c9844944291e5e7351a6aa24cd7b23099efac1b2fd875da31a0%2Ce9ff15be73584489ca4a66f64d32c4537711797e30b6660dbcb71ea72a42b1f4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-project-id,x-sdk-type,x-sdk-version
Access-Control-Request-Method
GET
Origin
https://client.withdrawal-celsius.network
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
88ef578a1bf3e3db-TLV
date
Wed, 05 Jun 2024 10:05:02 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
692ed6ba-e569-459a-556a-776476829e00
api.web3modal.com/public/getAssetImage/ Frame
0
0
Preflight
General
Full URL
https://api.web3modal.com/public/getAssetImage/692ed6ba-e569-459a-556a-776476829e00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-project-id,x-sdk-type,x-sdk-version
Access-Control-Request-Method
GET
Origin
https://client.withdrawal-celsius.network
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
88ef578a1bf6e3db-TLV
date
Wed, 05 Jun 2024 10:05:02 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
ef1a1fcf-7fe8-4d69-bd6d-fda1345b4400
api.web3modal.com/public/getAssetImage/ Frame
0
0
Preflight
General
Full URL
https://api.web3modal.com/public/getAssetImage/ef1a1fcf-7fe8-4d69-bd6d-fda1345b4400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-project-id,x-sdk-type,x-sdk-version
Access-Control-Request-Method
GET
Origin
https://client.withdrawal-celsius.network
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
88ef578a1bf4e3db-TLV
date
Wed, 05 Jun 2024 10:05:02 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
0c2840c3-5b04-4c44-9661-fbd4b49e1800
api.web3modal.com/public/getAssetImage/ Frame
0
0
Preflight
General
Full URL
https://api.web3modal.com/public/getAssetImage/0c2840c3-5b04-4c44-9661-fbd4b49e1800
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-project-id,x-sdk-type,x-sdk-version
Access-Control-Request-Method
GET
Origin
https://client.withdrawal-celsius.network
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
88ef578a1bf5e3db-TLV
date
Wed, 05 Jun 2024 10:05:02 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
getAnalyticsConfig
api.web3modal.com/ Frame
0
0
Preflight
General
Full URL
https://api.web3modal.com/getAnalyticsConfig
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-project-id,x-sdk-type,x-sdk-version
Access-Control-Request-Method
GET
Origin
https://client.withdrawal-celsius.network
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
88ef578a1bf2e3db-TLV
date
Wed, 05 Jun 2024 10:05:02 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
31b31047eb32d937cd5deb50bb010a9c
verify.walletconnect.com/ Frame B909
0
0
Document
General
Full URL
https://verify.walletconnect.com/31b31047eb32d937cd5deb50bb010a9c
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.157.175.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-175-173.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://client.withdrawal-celsius.network/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 05 Jun 2024 10:05:03 GMT
3913df81-63c2-4413-d60b-8ff83cbed500
api.web3modal.com/getWalletImage/ Frame
0
0
Preflight
General
Full URL
https://api.web3modal.com/getWalletImage/3913df81-63c2-4413-d60b-8ff83cbed500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-project-id,x-sdk-type,x-sdk-version
Access-Control-Request-Method
GET
Origin
https://client.withdrawal-celsius.network
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
88ef578d683ee3db-TLV
date
Wed, 05 Jun 2024 10:05:02 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500
api.web3modal.com/getWalletImage/ Frame
0
0
Preflight
General
Full URL
https://api.web3modal.com/getWalletImage/7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-project-id,x-sdk-type,x-sdk-version
Access-Control-Request-Method
GET
Origin
https://client.withdrawal-celsius.network
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
88ef578d6840e3db-TLV
date
Wed, 05 Jun 2024 10:05:02 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
3913df81-63c2-4413-d60b-8ff83cbed500
api.web3modal.com/getWalletImage/
0
3 KB
Fetch
General
Full URL
https://api.web3modal.com/getWalletImage/3913df81-63c2-4413-d60b-8ff83cbed500
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-sdk-version
html-wagmi-4.1.11
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://client.withdrawal-celsius.network/
x-sdk-type
w3m
x-project-id
31b31047eb32d937cd5deb50bb010a9c
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=1030+0 c=1+29 v=2024.5.2 l=2538
date
Wed, 05 Jun 2024 10:05:03 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
62203
x-wc-r2-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2538
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfujgpVvcvmeS8So3DgKnjPux4UG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
88ef578dc8aae3db-TLV
x-robots-tag
noindex
expires
Thu, 05 Jun 2025 10:05:03 GMT
7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500
api.web3modal.com/getWalletImage/
0
9 KB
Fetch
General
Full URL
https://api.web3modal.com/getWalletImage/7a33d7f1-3d12-4b5c-f3ee-5cd83cb1b500
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-sdk-version
html-wagmi-4.1.11
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://client.withdrawal-celsius.network/
x-sdk-type
w3m
x-project-id
31b31047eb32d937cd5deb50bb010a9c
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=860+0 c=16+52 v=2024.5.2 l=8788
date
Wed, 05 Jun 2024 10:05:03 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
48332
x-wc-r2-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
8788
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfwRKJ_GQ6vp6Uxle7v9sGNjM5UG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
88ef578dc8abe3db-TLV
x-robots-tag
noindex
expires
Thu, 05 Jun 2025 10:05:03 GMT
bff9cf1f-df19-42ce-f62a-87f04df13c00
api.web3modal.com/getWalletImage/
0
10 KB
Fetch
General
Full URL
https://api.web3modal.com/getWalletImage/bff9cf1f-df19-42ce-f62a-87f04df13c00
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-sdk-version
html-wagmi-4.1.11
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://client.withdrawal-celsius.network/
x-sdk-type
w3m
x-project-id
31b31047eb32d937cd5deb50bb010a9c
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=5583+0 c=10+34 v=2024.5.2 l=9584
date
Wed, 05 Jun 2024 10:05:03 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
3866
x-wc-r2-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
9584
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfaTCrjpacWJuqV5o58ulLeqp_UG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
88ef578dd8b0e3db-TLV
x-robots-tag
noindex
expires
Thu, 05 Jun 2025 10:05:03 GMT
73f6f52f-7862-49e7-bb85-ba93ab72cc00
api.web3modal.com/getWalletImage/
0
3 KB
Fetch
General
Full URL
https://api.web3modal.com/getWalletImage/73f6f52f-7862-49e7-bb85-ba93ab72cc00
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-sdk-version
html-wagmi-4.1.11
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://client.withdrawal-celsius.network/
x-sdk-type
w3m
x-project-id
31b31047eb32d937cd5deb50bb010a9c
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=5337+0 c=1+24 v=2024.5.2 l=2762
date
Wed, 05 Jun 2024 10:05:03 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
3867
x-wc-r2-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
2762
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfRMNMx7h0m2-_fAD9P7SygyPPUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
88ef578dd8b1e3db-TLV
x-robots-tag
noindex
expires
Thu, 05 Jun 2025 10:05:03 GMT
bff9cf1f-df19-42ce-f62a-87f04df13c00
api.web3modal.com/getWalletImage/ Frame
0
0
Preflight
General
Full URL
https://api.web3modal.com/getWalletImage/bff9cf1f-df19-42ce-f62a-87f04df13c00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-project-id,x-sdk-type,x-sdk-version
Access-Control-Request-Method
GET
Origin
https://client.withdrawal-celsius.network
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
88ef578d6841e3db-TLV
date
Wed, 05 Jun 2024 10:05:02 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
73f6f52f-7862-49e7-bb85-ba93ab72cc00
api.web3modal.com/getWalletImage/ Frame
0
0
Preflight
General
Full URL
https://api.web3modal.com/getWalletImage/73f6f52f-7862-49e7-bb85-ba93ab72cc00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-project-id,x-sdk-type,x-sdk-version
Access-Control-Request-Method
GET
Origin
https://client.withdrawal-celsius.network
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
88ef578d6842e3db-TLV
date
Wed, 05 Jun 2024 10:05:02 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
5195e9db-94d8-4579-6f11-ef553be95100
api.web3modal.com/getWalletImage/ Frame
0
0
Preflight
General
Full URL
https://api.web3modal.com/getWalletImage/5195e9db-94d8-4579-6f11-ef553be95100
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-project-id,x-sdk-type,x-sdk-version
Access-Control-Request-Method
GET
Origin
https://client.withdrawal-celsius.network
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
88ef578de8bee3db-TLV
date
Wed, 05 Jun 2024 10:05:03 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
5195e9db-94d8-4579-6f11-ef553be95100
api.web3modal.com/getWalletImage/
0
8 KB
Fetch
General
Full URL
https://api.web3modal.com/getWalletImage/5195e9db-94d8-4579-6f11-ef553be95100
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-sdk-version
html-wagmi-4.1.11
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://client.withdrawal-celsius.network/
x-sdk-type
w3m
x-project-id
31b31047eb32d937cd5deb50bb010a9c
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=1380+0 c=3+26 v=2024.5.2 l=8280
date
Wed, 05 Jun 2024 10:05:03 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
9568
x-wc-r2-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
8280
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfzp266rJeWHcvqSNrSMCCnQWgUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
88ef578e496fe3db-TLV
x-robots-tag
noindex
expires
Thu, 05 Jun 2025 10:05:03 GMT
7677b54f-3486-46e2-4e37-bf8747814f00
api.web3modal.com/getWalletImage/
0
5 KB
Fetch
General
Full URL
https://api.web3modal.com/getWalletImage/7677b54f-3486-46e2-4e37-bf8747814f00
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-sdk-version
html-wagmi-4.1.11
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://client.withdrawal-celsius.network/
x-sdk-type
w3m
x-project-id
31b31047eb32d937cd5deb50bb010a9c
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=848+0 c=10+42 v=2024.5.3 l=4412
date
Wed, 05 Jun 2024 10:05:03 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
82166
x-wc-r2-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
4412
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfVAcZ3w6iX14DvHKhBFs4CgkyUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
88ef578e4963e3db-TLV
x-robots-tag
noindex
expires
Thu, 05 Jun 2025 10:05:03 GMT
4c16cad4-cac9-4643-6726-c696efaf5200
api.web3modal.com/getWalletImage/
0
18 KB
Fetch
General
Full URL
https://api.web3modal.com/getWalletImage/4c16cad4-cac9-4643-6726-c696efaf5200
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
x-sdk-version
html-wagmi-4.1.11
Accept-Language
he-IL,he;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer
https://client.withdrawal-celsius.network/
x-sdk-type
w3m
x-project-id
31b31047eb32d937cd5deb50bb010a9c
sec-ch-ua-platform
"Win32"

Response headers

cf-images
internal=ok/- q=0 n=15+0 c=1+41 v=2024.5.2 l=18300
date
Wed, 05 Jun 2024 10:05:03 GMT
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options
nosniff
cf-cache-status
HIT
age
37459
x-wc-r2-status
HIT
alt-svc
h3=":443"; ma=86400
content-length
18300
cf-bgj
imgq:86,h2pri
server
cloudflare
etag
"cfi8b0hPD3q7U39aV1RkpFFz8RUG7FeV1c8ZwDJoU7DQ"
vary
Accept, Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
88ef578e597be3db-TLV
x-robots-tag
noindex
expires
Thu, 05 Jun 2025 10:05:03 GMT
7677b54f-3486-46e2-4e37-bf8747814f00
api.web3modal.com/getWalletImage/ Frame
0
0
Preflight
General
Full URL
https://api.web3modal.com/getWalletImage/7677b54f-3486-46e2-4e37-bf8747814f00
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-project-id,x-sdk-type,x-sdk-version
Access-Control-Request-Method
GET
Origin
https://client.withdrawal-celsius.network
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
88ef578de8c3e3db-TLV
date
Wed, 05 Jun 2024 10:05:03 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
4c16cad4-cac9-4643-6726-c696efaf5200
api.web3modal.com/getWalletImage/ Frame
0
0
Preflight
General
Full URL
https://api.web3modal.com/getWalletImage/4c16cad4-cac9-4643-6726-c696efaf5200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.72 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-project-id,x-sdk-type,x-sdk-version
Access-Control-Request-Method
GET
Origin
https://client.withdrawal-celsius.network
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
x-project-id,x-sdk-version,x-sdk-type
access-control-allow-methods
OPTIONS,GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-ray
88ef578de8c4e3db-TLV
date
Wed, 05 Jun 2024 10:05:03 GMT
server
cloudflare
vary
Access-Control-Request-Headers, Accept-Encoding
31b31047eb32d937cd5deb50bb010a9c
verify.walletconnect.org/ Frame 9F1F
0
0
Document
General
Full URL
https://verify.walletconnect.org/31b31047eb32d937cd5deb50bb010a9c
Requested by
Host: client.withdrawal-celsius.network
URL: https://client.withdrawal-celsius.network/claim/scripts/wallet-connect-v4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.57.37.233 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
he-IL,he;q=0.9;q=0.9
Referer
https://client.withdrawal-celsius.network/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Wed, 05 Jun 2024 10:05:08 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Stretto (Legal)

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 function| gtag object| dataLayer object| Vue function| setCpCookie function| getCpCookie function| hideCookiePolicy function| updateGaConsent function| __p_0032102532 object| __p_3793406928 number| __p_0017197485 object| __p_7084799226 function| __getGlobal object| __globalObject function| __TextDecoder function| __Uint8Array undefined| __Buffer function| __String function| __Array function| utf8ArrayToStr function| __p_4844826752 string| __p_9976077965 string| __p_5502724845 string| __p_8171084997 string| __p_1370525853 string| __p_8441381208 string| __p_7203084992 string| __p_6100128980 string| __p_8313215717 string| __p_4208620815 string| __p_5478044820 string| __p_1284566879 object| __p_1794444816 string| __p_0916292167 object| __p_2954222605 function| __p_9490387629_calc function| __p_4860988180 number| __p_6042202405 function| _0x2087 function| _0x1e89 function| _0x56ec90 function| __p_7890871883 function| __p_2592832968 undefined| eventMethod undefined| eventer undefined| messageEvent undefined| loc object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| CryptoJS function| autocomplete object| bip39 function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| DisableDevtool object| litPropertyMetadata object| reactiveElementVersions object| litHtmlVersions object| litElementVersions function| Buffer object| global object| process object| walletConnectVars function| MerkleTree function| MerkleMountainRange function| IncrementalMerkleTree function| MerkleSumTree object| _ethers object| ethers boolean| enn500mr3m number| y5rmpu1dcr function| rjxgjf6dpm

4 Cookies

Domain/Path Name / Value
.withdrawal-celsius.network/ Name: _gid
Value: GA1.2.565284293.1717581901
.withdrawal-celsius.network/ Name: _gat_gtag_UA_132878696_1
Value: 1
.withdrawal-celsius.network/ Name: _ga_377YNK71V6
Value: GS1.1.1717581901.1.0.1717581901.0.0.0
.withdrawal-celsius.network/ Name: _ga
Value: GA1.1.259207790.1717581901

20 Console Messages

Source Level URL
Text
javascript error URL: https://client.withdrawal-celsius.network/claim/Voyager_files/app
Message:
Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "application/octet-stream". Strict MIME type checking is enforced for module scripts per HTML spec.
javascript error URL: https://client.withdrawal-celsius.network/claim/Voyager_files/app(1)
Message:
Failed to load module script: Expected a JavaScript module script but the server responded with a MIME type of "application/octet-stream". Strict MIME type checking is enforced for module scripts per HTML spec.
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/jquery-3.6.1.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/jquery-simple-mobilemenu.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/jquery-ui-1.13.2.min.css
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/jquery-ui-1.13.2.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/jquery.inview.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/olark.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/bootstrap.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/mousescroll.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/wow.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/stretto-icon-orange.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/jquery.countto.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/main.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/redirect-popup.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/iframeResizer.contentWindow.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/Celsius_files/iframeResizer.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/claim/images/bg.jpg
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/themes/stretto/images/hero-bg.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://client.withdrawal-celsius.network/themes/stretto/images/up-chevron.svg
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.web3modal.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
client.withdrawal-celsius.network
cloudflare-eth.com
fonts.googleapis.com
href.li
ipfs.io
ipfs.tech
log.olark.com
p.typekit.net
security-web3-cryptosecurity.ru
static.olark.com
use.typekit.net
verify.walletconnect.com
verify.walletconnect.org
www.google-analytics.com
www.googletagmanager.com
104.17.25.14
104.18.11.112
104.18.28.72
142.250.185.238
142.250.186.104
151.101.1.229
169.150.247.37
172.217.16.202
172.67.182.145
192.0.78.27
192.229.233.34
193.143.1.13
209.94.90.1
23.10.249.32
23.10.249.9
34.96.127.16
35.157.175.173
52.57.37.233
0156b73b9a7e64e8a848885f1b653ecf8d5ffb2394411a9f221787c229f258e1
09213314c543aa8dae87413e2a350f562918fde39a8737dd18b42cafe818fa90
0abb1dd90f49c0af581d6d81a8a5edf63266c4a34a9039f7c391e492ed1ce4ae
0bbb22ac1a16648fa3bd0a5709d2080888b7ef460915b4278660e29e5cd44bf6
10710090d6c781d51e29c098ce8f0d1ebbd90c4b0f8f8d1138f70d190ea59330
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
2a741550c18b132b0ef573f818fc79d6c09169be71d538b968ceac551c178ad3
2f7990fd586ebadf1d39337d9310d3440fe599b7ea0041145235d450d19c4ee9
3083e8d3b21ddc3f0e6d65ec3580aa6edfaadca5d9737d9caa27e6a233e1ccf3
3570f78164c933794b9f2caee64d5cbeee9888b3ede7a46355972367f544f6a0
3c675b4e8da56db009de4dadd92242078fb2361310c3e049daf34fc23be76019
418b2d4619c0c1aa194dcc7f186c01ceb20a2df69ce7a34318bd7301e1a76bc7
44b18f3c3f733e256b6f0c722f888f39c038d875e2132d8ad6883134b445d8c9
48b90aef68f914783d402ec5a638422adb1f61799f907c258a1e8818253a93e1
4d147216f3002eb26020124dfe6cdf845ce3417a323f640e36ffe071528cd2e1
4d30430968b2b89eab2e10ae3129e933a0c939276d6722d1f0b1a18d6e118e50
613bc12aa7f33d10086042031dc51dc19d9bb0b60f11dc11d79bd346174ebceb
665430bdd1bc4a275bf574948dedbb436896233814d1d65728a35fd437d291fc
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7462596be483e2fa5642286df7fd84beccd98f5e5e1107c5afa883573709e4b6
758da85c5127a315fe4e67693465a101bb858ec1b0cc98092753f41ca7052a03
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
77190354256d2bb6e2f740715bbc72c1af70ec722773ab27bd7ddd63dac90529
78ad308e2ad3d5fd606a13693a00d15369927237abef0ce044807a450cc86e07
80e112270014c708acf9bbede1bbd7e3cc281404dbdc35933604c17e408870b8
87992c2a32036ec241a43f5042654e4bce7788434c3ac293d6afa39b1af06df9
8d42b2ad7c1c3ad489f7e250ee180da8b1182e1bf92bcfe326a8ea0f6032e4f3
90ad108ce1b418458d069b5801de5025dbd120f27c42da4aec89b92dff6cf238
91f68f65af1532b23cbddb05a48a8cc3d92789befdaf4c94b395729775820065
94a9fefbbe42310c03ff1e52c1f753c21038805f632867ea78930a52c445a456
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
9abcf37604a770b7736d7b191c8a49dc0daa5fa0cf6c9dfeb5642111fec2b108
9d25e1a72052bda62d6ffafb635519fd563880215df7105cbb9cc77f211d0ab3
a53a73efa7ac773e59f3c654359e81ed85512a59f9edc8da1798388464a56426
a5b36333c91eab5ae6884f2058041b1cb4e67f7555e14c1f07ae895af5c04c89
ad210c53d6d3b61146779594a306e0d0f48272ebf884284700613baa05919c74
af00d2cec87b70e8139926da6426dd0686ff9a8207386658b6d72ee4e799c2e3
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
c1369cc6af6ae0ea46a62192b39d805dc78a4dab65a14fc51becd4d67b2ffdc3
c193ef2412fc65775f6d294868d8d39ec67aa3a61fae4c1cf0a581331b86cdd2
c3d134313ae6f18c2915b87042a81b03a8866d733ef83d61fce81bde7fa5fa10
c4ec171d8f202fb90c55007f2dc8ab43a7d089d5e7b717eb03b41fdb3907b261
c776e11cc488f18eaba0dd193d69ac11b435ca58e0a983490086a36fdad7c030
cf3580be69ed8aaf2932c64571f4d548260ba62622025baf55bb5e6f68c8c976
d6ce7b41b4f76aa19200cf9a5b42f9b7fb4dac7f933dbc63f3e98b30fbf6c6e2
da738cc3ffa0dd81d8e7b9b3789ac5b7e6ff8bc9cb2bf656df94c238d78174fe
da77709c70be37662de07c0e01da3201be91eaef4376df91dd30468a3e94df94
de2226910ceb20f69a14f872ae61efa98c4ffa5dfd9bcabc882a4861ff605514
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2584f1885aff249823fb25118913821d46877621d40464fba2e9fd2e20267ac
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c5ddbd3734533a01c70632ee04d57382dc05f628723c6b5b36d68da6c61155
e4d08f877611f0c9211f3099d2bf66a57b97f4c8a03e4bc8f9dcc9299b4d09e7
ea9fe6f470bc7a96a9300a54b43db1e0c7589069e97830c0cb4a291c4688179d
f30375000e27f674b912ccffc7430dc390e6430bb4f75f93a569a6feeed2dfb1