www.bucksnowtoclaim.ga Open in urlscan Pro
162.0.209.96  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.bucksnowtoclaim.ga/	6 KB 2 KB	1113ms 213ms	Document text/html	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 85b0a3b26fd1084f4adb26c90139742834605a688975b8645ef9c516de2aa2b7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ranges bytes content-encoding br content-length 2135 content-type text/html date Sun, 10 Jul 2022 16:00:38 GMT last-modified Thu, 07 Jul 2022 03:33:54 GMT server LiteSpeed vary Accept-Encoding x-turbo-charged-by LiteSpeed
GET H2	200	b8PzS6nOff2e.css www.bucksnowtoclaim.ga/css/	22 KB 5 KB	213ms 212ms	Stylesheet text/css	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 6eb716ad307b61522704d2ff0ebd0289e62cf7246780f7f99456686ec0876cac Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:38 GMT content-encoding br last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 5108 expires Sun, 17 Jul 2022 16:00:38 GMT
GET H2	200	f839a41.js Show response dby7kx9z9yzse.cloudfront.net/	23 KB 7 KB	502ms 379ms	Script application/javascript	2600:9000:223e:ee00:d:dc73:ab80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dby7kx9z9yzse.cloudfront.net/f839a41.js Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223e:ee00:d:dc73:ab80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8dbcaa593b1d8871e34a605b1a7563d873198b8c4ebfb7b15571eae7af190919 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 12:32:02 GMT content-encoding br last-modified Fri, 20 May 2022 16:18:58 GMT server AmazonS3 age 12551 etag W/"5bb52bce4cdc6f88a087fba73d251b85" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript via 1.1 2ba7b49ec4c4de4e67297e603c89a5e4.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P4 x-amz-cf-id k89f8Q-PSKv_znbGFwaWu1ZQ1GkrtIl7WLzsvL7VOOqvV8pzljp0Ag==
GET H2	200	invisible.js Show response www.bucksnowtoclaim.ga/js/	46 KB 16 KB	532ms 529ms	Script application/javascript	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.bucksnowtoclaim.ga/js/invisible.js Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 58d9117f1b2747e2963445380c2a87782e2cb50d479ff014a07a6056278ed9d4 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:38 GMT content-encoding br last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 15872 expires Sun, 17 Jul 2022 16:00:38 GMT
GET H2	200	zQd5QdnmNwp6.png www.bucksnowtoclaim.ga/images/	69 KB 70 KB	737ms 734ms	Image image/png	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/images/zQd5QdnmNwp6.png Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash cb756ae69fa9e292ebf68e215f95cebf85ee6d716539bcc214bc9646c2bf7731 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:38 GMT last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 71038 expires Sun, 17 Jul 2022 16:00:38 GMT
GET H2	200	VAZ0VY2BxFgU.png www.bucksnowtoclaim.ga/images/	106 KB 106 KB	944ms 941ms	Image image/png	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/images/VAZ0VY2BxFgU.png Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash ab0815fed2f00183e3b5c35647e57218a6ccf92c62e5fcbd320c7e6bdbaf14dd Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:38 GMT last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 108381 expires Sun, 17 Jul 2022 16:00:38 GMT
GET H2	200	M4ZU74d3LIva.png www.bucksnowtoclaim.ga/images/	106 KB 106 KB	946ms 943ms	Image image/png	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/images/M4ZU74d3LIva.png Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 7c3a0cced0560eaef0cc18ebcaa3482de6b4b86050ea5f427dba003276a8040e Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:38 GMT last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 108319 expires Sun, 17 Jul 2022 16:00:38 GMT
GET H2	200	TX7hV9d9800R.png www.bucksnowtoclaim.ga/images/	154 KB 154 KB	1150ms 1148ms	Image image/png	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/images/TX7hV9d9800R.png Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 71a6126442405880751eba56384824820563b2b7fe43b3312d2c85179818318b Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:38 GMT last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 157255 expires Sun, 17 Jul 2022 16:00:38 GMT
GET H2	200	o7xGanvGPSdi.svg www.bucksnowtoclaim.ga/fonts/	1 KB 810 B	1151ms 1149ms	Image image/svg+xml	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/fonts/o7xGanvGPSdi.svg Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 3704b95b1f7c52a164ff4d6e8a3f2188c2d05e1454a58eef9e2c00cab5f53d99 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:38 GMT content-encoding br last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 585 expires Sun, 17 Jul 2022 16:00:38 GMT
GET H2	200	Fb5e68bHoBmr.svg www.bucksnowtoclaim.ga/fonts/	2 KB 1 KB	1154ms 1152ms	Image image/svg+xml	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/fonts/Fb5e68bHoBmr.svg Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 02d934a1eb53ac6679fdcdadba19d90d1d2c3d7cbe296d9bdcf49d45f56c2c96 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:38 GMT content-encoding br last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 840 expires Sun, 17 Jul 2022 16:00:38 GMT
GET H2	200	PSKhcwknTwU2.svg www.bucksnowtoclaim.ga/fonts/	1 KB 950 B	1154ms 1153ms	Image image/svg+xml	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/fonts/PSKhcwknTwU2.svg Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 4eb82e773648d8ff47c70e9752ed36f018b5f9f8236c14dc7ffe7dee0523e237 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:38 GMT content-encoding br last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 725 expires Sun, 17 Jul 2022 16:00:38 GMT
GET H2	200	5p69rEpVW38m.svg www.bucksnowtoclaim.ga/fonts/	2 KB 1 KB	1392ms 1391ms	Image image/svg+xml	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/fonts/5p69rEpVW38m.svg Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 17b0d3c42dc50e134084c6ed28c29838a6caf1a84cddeff469ef37ac1e7c8d0b Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT content-encoding br last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 896 expires Sun, 17 Jul 2022 16:00:39 GMT
GET H2	200	zclptxt59jxq.svg www.bucksnowtoclaim.ga/fonts/	1 KB 795 B	1393ms 1392ms	Image image/svg+xml	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/fonts/zclptxt59jxq.svg Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 866764af58566b31c52d7c45d7d7f5ff5557160c317365bb30e12bab6ad85437 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT content-encoding br last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 570 expires Sun, 17 Jul 2022 16:00:39 GMT
GET H2	200	rrrHDUaIdG2m.png www.bucksnowtoclaim.ga/images/	204 KB 205 KB	1394ms 1393ms	Image image/png	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/images/rrrHDUaIdG2m.png Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash b35e1794f4a4c94d1a4b151ba9c6706b063e22622bf069b921ea573fa06ba642 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 209279 expires Sun, 17 Jul 2022 16:00:39 GMT
GET H2	200	cjEgyLZJhS6h.js Show response www.bucksnowtoclaim.ga/js/	86 KB 29 KB	416ms 416ms	Script application/javascript	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.bucksnowtoclaim.ga/js/cjEgyLZJhS6h.js Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 7d4be369b8469e506cb08c1005fbcbf95dc0e8ea3647ec23994398f1d8605be0 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:38 GMT content-encoding br last-modified Wed, 29 Jun 2022 21:55:10 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 29949 expires Sun, 17 Jul 2022 16:00:38 GMT
GET H2	200	JxOH1iXC1bE2.js Show response www.bucksnowtoclaim.ga/js/	66 KB 17 KB	332ms 331ms	Script application/javascript	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.bucksnowtoclaim.ga/js/JxOH1iXC1bE2.js Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash b3e230c9aee0bb6c4a7aea00ab861677cb3a8debeb5e886d2aa0cf6d7c1996dc Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:38 GMT content-encoding br last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 17126 expires Sun, 17 Jul 2022 16:00:38 GMT
GET H2	200	HOK5Nv7dJfrA.js Show response www.bucksnowtoclaim.ga/js/	1 KB 735 B	532ms 529ms	Script application/javascript	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.bucksnowtoclaim.ga/js/HOK5Nv7dJfrA.js Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash fc29ecc95c0cc90176aad89345b4d868d1b1d61f6707e1d9e2bb8ad4eb987aa2 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:38 GMT content-encoding br last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed vary Accept-Encoding content-type application/javascript cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 501 expires Sun, 17 Jul 2022 16:00:38 GMT
GET H2	200	css fonts.googleapis.com/	8 KB 1 KB	179ms 63ms	Stylesheet text/css	2a00:1450:4001:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Open+Sans:300,600,700 Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash a49f57bc571fa524685e97bad7df2e6ad62dac7b66bdc5efb90a2528f9f7c337 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 10 Jul 2022 16:00:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 10 Jul 2022 16:00:38 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 10 Jul 2022 16:00:38 GMT
GET H2	200	html.2750511.da143.0.js Show response d3t3bxixsojwre.cloudfront.net/public/external/v2/	7 KB 7 KB	364ms 218ms	Script application/javascript	2600:9000:225e:4200:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/external/v2/html.2750511.da143.0.js Requested by Host: dby7kx9z9yzse.cloudfront.net URL: https://dby7kx9z9yzse.cloudfront.net/f839a41.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:4200:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash b76cfb9513de7788e26b552d62482a927a2efc2c23360ac7012ca06b62bde2e7 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT via 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 7196 x-amz-cf-id ACPifK_flYFU5zE1FBDkHtMufWAE36LL-M2Zso0Mp93i78MCJtcl9Q==
GET H2	200	css_front.css d3t3bxixsojwre.cloudfront.net/public/external/	6 KB 7 KB	355ms 207ms	Stylesheet text/css	2600:9000:225e:4200:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/external/css_front.css Requested by Host: dby7kx9z9yzse.cloudfront.net URL: https://dby7kx9z9yzse.cloudfront.net/f839a41.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:4200:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT via 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id ElwX_0MsDvMwrpCdHWBUfePgKVLXf9cPVL6403zX_p6LIxU2oDPShw==
GET H2	200	jHicoA1TKssG.png www.bucksnowtoclaim.ga/images/	3 KB 3 KB	1391ms 1391ms	Image image/png	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/images/jHicoA1TKssG.png Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 7b36bbe54cd877406ac837d7938588b58a29a6af772944f5e40fcb8b2b97966f Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 2956 expires Sun, 17 Jul 2022 16:00:39 GMT
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v29/	44 KB 44 KB	171ms 54ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Open+Sans:300,600,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.bucksnowtoclaim.ga accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 04 Jul 2022 12:16:38 GMT x-content-type-options nosniff age 531841 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44800 x-xss-protection 0 last-modified Wed, 11 May 2022 19:25:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 04 Jul 2023 12:16:38 GMT
GET H2	200	1ekHwonKEHaT.jpg www.bucksnowtoclaim.ga/images/	90 KB 90 KB	1387ms 1386ms	Image image/jpeg	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/images/1ekHwonKEHaT.jpg Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 47ef6dde9f9418124d2032a4033d5578dff5fe60978b0ffec7a6d9eb2dba547f Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 91655 expires Sun, 17 Jul 2022 16:00:39 GMT
GET H2	200	eRyzce9FC5y6.jpg www.bucksnowtoclaim.ga/images/	5 KB 5 KB	1390ms 1389ms	Image image/jpeg	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/images/eRyzce9FC5y6.jpg Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 9372befbf239b8e15ebb0756c6a0f90b2c8f059fdde3714d58dad27ba9a05b5e Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 4902 expires Sun, 17 Jul 2022 16:00:39 GMT
GET H2	200	stpmdZELeghI.png www.bucksnowtoclaim.ga/images/	706 B 706 B	1391ms 1390ms	Image image/png	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/images/stpmdZELeghI.png Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 706 expires Sun, 17 Jul 2022 16:00:39 GMT
GET H2	200	iBsoqFBQ0gtS.png www.bucksnowtoclaim.ga/images/	32 KB 33 KB	1391ms 1391ms	Image image/png	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.bucksnowtoclaim.ga/images/iBsoqFBQ0gtS.png Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 02a81cca91b9fd70116ae35540816678a422d8a9c76e5c5d5b520cb1e5296725 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 33252 expires Sun, 17 Jul 2022 16:00:39 GMT
GET H2	200	jOzxfJxQAafc.woff2 www.bucksnowtoclaim.ga/fonts/	38 KB 38 KB	1552ms 1552ms	Font font/woff2	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.bucksnowtoclaim.ga/fonts/jOzxfJxQAafc.woff2 Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 0ff799a36dbc902e54cea7031f11612745fbfe0c9db59b9e6d44301345fd2ab0 Request headers Referer https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css Origin https://www.bucksnowtoclaim.ga accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 39192 expires Sun, 17 Jul 2022 16:00:39 GMT
GET H2	200	aAkXpx1dNvE8.woff2 www.bucksnowtoclaim.ga/fonts/	50 KB 50 KB	1553ms 1553ms	Font font/woff2	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.bucksnowtoclaim.ga/fonts/aAkXpx1dNvE8.woff2 Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash c8de4f2490024b510067c22e355f7cb94033d5823c9058454213e8bb41a4e82e Request headers Referer https://www.bucksnowtoclaim.ga/css/b8PzS6nOff2e.css Origin https://www.bucksnowtoclaim.ga accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT last-modified Wed, 29 Jun 2022 21:55:08 GMT server LiteSpeed content-type font/woff2 cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes content-length 51292 expires Sun, 17 Jul 2022 16:00:39 GMT
GET H2	200	css.css d3t3bxixsojwre.cloudfront.net/public/clockers/CustomButton/	1010 B 1 KB	206ms 205ms	Stylesheet text/css	2600:9000:225e:4200:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/clockers/CustomButton/css.css Requested by Host: dby7kx9z9yzse.cloudfront.net URL: https://dby7kx9z9yzse.cloudfront.net/f839a41.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:4200:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT via 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id bDAzrFarbJJugRM0gd_6pw-69u_poOEx7le7DB2FKsUkhZlHvp_krA==
GET H2	404	pica.js www.bucksnowtoclaim.ga/cdn-cgi/challenge-platform/h/b/scripts/	1 KB 1 KB	1237ms 1237ms	Other text/html	162.0.209.96 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.bucksnowtoclaim.ga/cdn-cgi/challenge-platform/h/b/scripts/pica.js Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 162.0.209.96 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS premium169-1.web-hosting.com Software LiteSpeed / Resource Hash 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Sun, 10 Jul 2022 16:00:39 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	200	guid Show response d3t3bxixsojwre.cloudfront.net/public/	0 286 B	208ms 207ms	Script text/html	2600:9000:225e:4200:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/guid?cpguid=nkdcfxz8l&e=ll&t=1657468839855 Requested by Host: dby7kx9z9yzse.cloudfront.net URL: https://dby7kx9z9yzse.cloudfront.net/f839a41.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:4200:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:39 GMT via 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id 0JZg9-N_6EqSK2tO66PVelyxc70UXiCJMZ5a9h8gOAzjlei7O6ZC-A==
GET H2	200	script.js Show response api.crashlytics.ru/tracking/	110 B 786 B	258ms 129ms	Script text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.crashlytics.ru/tracking/script.js?referrer=https://www.bucksnowtoclaim.ga/ Requested by Host: www.bucksnowtoclaim.ga URL: https://www.bucksnowtoclaim.ga/js/cjEgyLZJhS6h.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/7.2.21 Resource Hash 2213f89e336b110565bfa31f242aadbd6eced06fa3f300df5de01f0c4867d26a Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:40 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-powered-by PHP/7.2.21 access-control-allow-methods GET, POST alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BnUUm%2BQbWYdBwHPvp9QQkDiJ7hM3nfkLzk%2Bq%2BL0l8mUQ0RFSZgD%2F9pBGj%2FaPGqVwXm1Or3GFBKNN8popqcDAH3o2Y5gQCJOTxquRdsKRlESU9gE5OowrGUb8CawD4SitctWXuuY%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 access-control-allow-origin https://www.bucksnowtoclaim.ga access-control-allow-credentials true cf-ray 728a837c2be372e8-LHR access-control-allow-headers X-Requested-With,content-type
GET H2	200	check.php Show response d3t3bxixsojwre.cloudfront.net/public/external/	78 B 372 B	211ms 210ms	Script application/javascript	2600:9000:225e:4200:11:ff71:2680:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3t3bxixsojwre.cloudfront.net/public/external/check.php?it=2750511&time=1657468841240 Requested by Host: dby7kx9z9yzse.cloudfront.net URL: https://dby7kx9z9yzse.cloudfront.net/f839a41.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:4200:11:ff71:2680:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language en-GB,en;q=0.9 Referer https://www.bucksnowtoclaim.ga/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Sun, 10 Jul 2022 16:00:41 GMT via 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA60-P4 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id 34Coxzd82YesWBFr09569BPjy4iVWRjeKvcB62WEfK0ZyGsPBf5xdQ==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| $ function| jQuery object| $root function| mostrar function| ocultar object| targetElements object| scenes string| activo string| vbucks string| cons function| Parallax function| WOW string| LINK object| __CF$cv$params

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.bucksnowtoclaim.ga/	1970-01-20 04:38:52	Name: _cpguid Value: nkdcfxz8l
			www.bucksnowtoclaim.ga/	1970-01-20 04:25:08	Name: PHPPREFS Value: full

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.bucksnowtoclaim.ga/cdn-cgi/challenge-platform/h/b/scripts/pica.js Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.crashlytics.ru
d3t3bxixsojwre.cloudfront.net
dby7kx9z9yzse.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.bucksnowtoclaim.ga
162.0.209.96
188.114.96.3
2600:9000:223e:ee00:d:dc73:ab80:21
2600:9000:225e:4200:11:ff71:2680:21
2a00:1450:4001:803::200a
2a00:1450:4001:82a::2003
02a81cca91b9fd70116ae35540816678a422d8a9c76e5c5d5b520cb1e5296725
02d934a1eb53ac6679fdcdadba19d90d1d2c3d7cbe296d9bdcf49d45f56c2c96
0ff799a36dbc902e54cea7031f11612745fbfe0c9db59b9e6d44301345fd2ab0
17b0d3c42dc50e134084c6ed28c29838a6caf1a84cddeff469ef37ac1e7c8d0b
2213f89e336b110565bfa31f242aadbd6eced06fa3f300df5de01f0c4867d26a
3704b95b1f7c52a164ff4d6e8a3f2188c2d05e1454a58eef9e2c00cab5f53d99
47ef6dde9f9418124d2032a4033d5578dff5fe60978b0ffec7a6d9eb2dba547f
4eb82e773648d8ff47c70e9752ed36f018b5f9f8236c14dc7ffe7dee0523e237
58d9117f1b2747e2963445380c2a87782e2cb50d479ff014a07a6056278ed9d4
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
6eb716ad307b61522704d2ff0ebd0289e62cf7246780f7f99456686ec0876cac
71a6126442405880751eba56384824820563b2b7fe43b3312d2c85179818318b
7b36bbe54cd877406ac837d7938588b58a29a6af772944f5e40fcb8b2b97966f
7c3a0cced0560eaef0cc18ebcaa3482de6b4b86050ea5f427dba003276a8040e
7d4be369b8469e506cb08c1005fbcbf95dc0e8ea3647ec23994398f1d8605be0
85b0a3b26fd1084f4adb26c90139742834605a688975b8645ef9c516de2aa2b7
866764af58566b31c52d7c45d7d7f5ff5557160c317365bb30e12bab6ad85437
8dbcaa593b1d8871e34a605b1a7563d873198b8c4ebfb7b15571eae7af190919
9372befbf239b8e15ebb0756c6a0f90b2c8f059fdde3714d58dad27ba9a05b5e
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a49f57bc571fa524685e97bad7df2e6ad62dac7b66bdc5efb90a2528f9f7c337
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
ab0815fed2f00183e3b5c35647e57218a6ccf92c62e5fcbd320c7e6bdbaf14dd
b35e1794f4a4c94d1a4b151ba9c6706b063e22622bf069b921ea573fa06ba642
b3e230c9aee0bb6c4a7aea00ab861677cb3a8debeb5e886d2aa0cf6d7c1996dc
b76cfb9513de7788e26b552d62482a927a2efc2c23360ac7012ca06b62bde2e7
c8de4f2490024b510067c22e355f7cb94033d5823c9058454213e8bb41a4e82e
cb756ae69fa9e292ebf68e215f95cebf85ee6d716539bcc214bc9646c2bf7731
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fc29ecc95c0cc90176aad89345b4d868d1b1d61f6707e1d9e2bb8ad4eb987aa2