claims-pudgepenguins.org Open in urlscan Pro
104.21.92.152  Malicious Activity! Public Scan

9 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response claims-pudgepenguins.org/	3 MB 1 MB	410ms 300ms	Document text/html	104.21.92.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claims-pudgepenguins.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.92.152 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 55317d69a0199110cda85d6a1e95c06f68b985131613a85066cfb5f711c577be Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f851a7d4b13b406-YYZ content-encoding zstd content-type text/html date Fri, 27 Dec 2024 00:13:13 GMT last-modified Fri, 20 Dec 2024 14:40:39 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rc8YNHDsj4EFSpZGBgQMvTnVW6tDtB3XjMRe0TSoMtlz%2BJ204uUxUbGO3Bf%2FQ7X1WQdXUCm7eLEW4K6iLtQ8ECOcMu8ov%2BpvjBqICcM3OB0tBh85XWVXiY%2BJjyFloKgjUDXqsihQMUuUbo8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=25232&min_rtt=19503&rtt_var=13457&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3945&recv_bytes=2294&delivery_rate=196711&cwnd=254&unsent_bytes=0&cid=1a73dfd06166009a&ts=307&x=0" vary Accept-Encoding
GET H3	404	ff9c6572-e489-4f0d-8476-9f51203fcb7c.js claims-pudgepenguins.org/	0 0	317ms 317ms	Script text/html	104.21.92.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claims-pudgepenguins.org/ff9c6572-e489-4f0d-8476-9f51203fcb7c.js Requested by Host: claims-pudgepenguins.org URL: https://claims-pudgepenguins.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.92.152 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://claims-pudgepenguins.org/ Response headers cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a1Uh2BXmf0uXYpHzd2UO9YIDbYv2oOUYLpvEnz1jhzpl732YtlupuchL0xN3yF0g0TsmxTVAQFiYI5PkUmIhY2Oawxp8kIA0Rx7if9jZddhf2SjkNdnLMZEsofs5oTJfGlgohSEFk%2BzCswU%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f851a7f3b8f54a9-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=36311&min_rtt=22477&rtt_var=17300&sent=16&recv=14&lost=2&retrans=2&sent_bytes=4395&recv_bytes=8446&delivery_rate=1095&cwnd=8400&unsent_bytes=0&cid=d19247edd7aecdee&ts=651&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 27 Dec 2024 00:13:13 GMT content-type text/html; charset=iso-8859-1 vary Accept-Encoding server cloudflare priority u=1,i=?0
GET H3	200	079975ea-53cf-4d00-9e17-07a691cd9d8d.js Show response claims-pudgepenguins.org/	5 MB 2 MB	471ms 471ms	Script text/javascript	104.21.92.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claims-pudgepenguins.org/079975ea-53cf-4d00-9e17-07a691cd9d8d.js Requested by Host: claims-pudgepenguins.org URL: https://claims-pudgepenguins.org/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.92.152 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf0c66fe711eb7352f99ec345e8e28dce38fad34f37506e06dbe807ebe30c89a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://claims-pudgepenguins.org/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding gzip cf-cache-status MISS etag "50f050-629b4a16d711a-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BJervRW1dlIVnCYp3%2FSMTVeiBuwSIaOqqdqnrv7LrFJNd%2B6I1YUEsgAFeiuvLICE7Q5qa8wwElnqubukCJokjkQA23LWe4i8ke7JdMwLP87%2FX%2BA79RNhx03oz48Zhdlm05DM7IfThm2%2BTd8%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8f851a7f3b9054a9-YYZ alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=34388&min_rtt=20925&rtt_var=16821&sent=18&recv=15&lost=2&retrans=2&sent_bytes=5374&recv_bytes=8489&delivery_rate=3145&cwnd=8400&unsent_bytes=0&cid=d19247edd7aecdee&ts=789&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 27 Dec 2024 00:13:13 GMT content-type text/javascript last-modified Fri, 20 Dec 2024 14:40:39 GMT vary Accept-Encoding priority u=1,i=?0
GET H3	200	crypto-js.min.js Show response cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/	59 KB 20 KB	61ms 32ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.2.0/crypto-js.min.js Requested by Host: claims-pudgepenguins.org URL: https://claims-pudgepenguins.org/079975ea-53cf-4d00-9e17-07a691cd9d8d.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://claims-pudgepenguins.org/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "65384d58-4ca5" age 141325 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cZoWqL1JXw7GXBE6tdEkWrb34v%2FdOGA3XEtdkEM%2Be4%2B4SCsMev%2FXOmOuezZz4dI%2FGIg2ijd%2BcCzzSC9yTrHAO4zDYOu33Lhtl2LDCA1dDibLTPa6rbiONzsOzdrj3ugLH1AcNQjX"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Wed, 17 Dec 2025 00:13:29 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 27 Dec 2024 00:13:29 GMT content-type application/javascript; charset=utf-8 last-modified Tue, 24 Oct 2023 23:03:52 GMT vary Accept-Encoding priority u=3,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8f851ae189d3ab96-YYZ accept-ranges bytes access-control-allow-origin * content-length 19621 server cloudflare
GET DATA	200 OK	truncated /	25 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 38aeafc4800bc73720ebad06734b6a1fbbabc772d4f703a027015d5a72548d1c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated /	20 KB 20 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash fd1d69c9fe04a9b4ed9e78286299b09cbbf23efab96c8ab7fffad59ebf3d6f9a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://claims-pudgepenguins.org Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	20 KB 20 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 3932afcb4b34e743459d09ddb48cc47ca1910b27d965f2a23ec56f467c2ef171 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://claims-pudgepenguins.org Referer Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	20 KB 20 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6617feddfedca9f981b2b79ae8fea2e51f8232ac59ed4f1be7f730520f9291cb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://claims-pudgepenguins.org Referer Response headers Content-Type font/woff2
GET H3	200	ethers.umd.min.js Show response cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/	719 KB 124 KB	32ms 31ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/ethers/5.6.9/ethers.umd.min.js Requested by Host: claims-pudgepenguins.org URL: https://claims-pudgepenguins.org/079975ea-53cf-4d00-9e17-07a691cd9d8d.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://claims-pudgepenguins.org/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "62ad87d5-1eb91" age 624286 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=icyz5yiSHzvd24wpDInlmzKS2ht%2F45FpUbtLia8M3J0F%2F9aS%2Bgk%2B9QCRaeljwM%2BtiKgHwZV%2BBTV%2Fp3oVGHOkJXkrdVgcxAsj8qUV5WcDAayVD%2FJhCEnVEuxy4EjnWZGBI0%2Bu8wxM"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Wed, 17 Dec 2025 00:13:29 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 27 Dec 2024 00:13:29 GMT content-type application/javascript; charset=utf-8 last-modified Sat, 18 Jun 2022 08:07:49 GMT vary Accept-Encoding priority u=3,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8f851ae29ac6ab96-YYZ accept-ranges bytes access-control-allow-origin * content-length 125841 server cloudflare
GET DATA	200 OK	truncated /	79 KB 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 04f2d7880b2a9a5b91f6b7763bfed11a1a681075a2fc4122794d2e4f13fecece Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5bf16b463f6472260bbaa51a127d89c94e7151920b56843c6a48ca1fabbf2ef7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
OPTIONS H3	204	/ binance.llamarpc.com/	0 0	174ms 85ms	Preflight	104.26.15.157 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://binance.llamarpc.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.15.157 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://claims-pudgepenguins.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-headers content-type access-control-allow-methods GET,POST,HEAD,PUT,DELETE,PATCH access-control-allow-origin * alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8f851aea6ee7ac5a-YYZ date Fri, 27 Dec 2024 00:13:30 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} priority u=1,i report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SCMIORnPu1s7DjVK7tH%2BFKdrCDL8A5T%2BC7SZf%2BC81g3W7ayeVWv3yosYM4eVP6bh%2FPOZPd%2FMxWroTlgcr2XI%2FO4XYG0R%2BFizBJgnqM%2FZBE3ldcoRtAehYErxw8EJ1jgXxrwjrLNI"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=QUIC&rtt=21389&min_rtt=20994&rtt_var=2920&sent=15&recv=12&lost=2&retrans=2&sent_bytes=5456&recv_bytes=5737&delivery_rate=29509&cwnd=8400&unsent_bytes=0&cid=0159116c702b6326&ts=138&x=1" cfExtPri cfHdrFlush;dur=0 vary Access-Control-Request-Method, Access-Control-Request-Headers, Origin
OPTIONS H2	204	/ bsc-dataseed2.bnbchain.org/	0 0	250ms 89ms	Preflight	52.202.203.252 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bsc-dataseed2.bnbchain.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.203.252 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-203-252.compute-1.amazonaws.com Software / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://claims-pudgepenguins.org Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers * access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin * access-control-max-age 600 date Fri, 27 Dec 2024 00:13:30 GMT referrer-policy origin-when-cross-origin strict-transport-security max-age=31536000; includeSubdomains x-content-type-options nosniff x-frame-options SAMEORIGIN x-xss-protection 1; mode=block
POST H3	200	/ Show response binance.llamarpc.com/	5 KB 3 KB	54ms 53ms	Fetch application/json	104.26.15.157 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://binance.llamarpc.com/ Requested by Host: claims-pudgepenguins.org URL: https://claims-pudgepenguins.org/079975ea-53cf-4d00-9e17-07a691cd9d8d.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.26.15.157 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7fe2bbc8c604effc462aac3ab6163e86faae7976ed66c0737a76dce8b3673fbd Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type application/json Referer https://claims-pudgepenguins.org/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status DYNAMIC report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmMtqK6ff2%2FEpQykxhoU0O89d1USRbJBwemXcti6ExaD5G3qNuAgP110FK8KhZ0ujKtJuA3BDbVdxSy6rJhPrgPMP4Q9F0oJhttnbYsIgRLBXB%2F3S2Seo97PDRHU8unlN870g8Lt"}],"group":"cf-nel","max_age":604800} cf-ray 8f851aeaef7aac5a-YYZ access-control-allow-origin * x-cache true alt-svc h3=":443"; ma=86400 date Fri, 27 Dec 2024 00:13:30 GMT content-type application/json server cloudflare priority u=1,i server-timing cfL4;desc="?proto=QUIC&rtt=23623&min_rtt=20618&rtt_var=6496&sent=18&recv=15&lost=2&retrans=2&sent_bytes=6250&recv_bytes=6289&delivery_rate=11448&cwnd=8400&unsent_bytes=0&cid=0159116c702b6326&ts=192&x=1", cfExtPri, cfHdrFlush;dur=0
POST H2	200	/ Show response bsc-dataseed2.bnbchain.org/	1 KB 593 B	42ms 40ms	Fetch application/json	52.202.203.252 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://bsc-dataseed2.bnbchain.org/ Requested by Host: claims-pudgepenguins.org URL: https://claims-pudgepenguins.org/079975ea-53cf-4d00-9e17-07a691cd9d8d.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.202.203.252 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-202-203-252.compute-1.amazonaws.com Software / Resource Hash e9b0f17a0de2b0e94b440ac0daf5ccaf8ecfd91ee4937c7caf3bfb3b4d6f634f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubdomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Content-Type application/json Referer https://claims-pudgepenguins.org/ Response headers x-frame-options SAMEORIGIN strict-transport-security max-age=31536000; includeSubdomains access-control-max-age 600 content-encoding br access-control-allow-credentials true access-control-allow-methods POST, GET, OPTIONS x-content-type-options nosniff x-nr-trace-id a0cdcdd4939dcac17db9a8f4f718cd14 access-control-allow-origin * date Fri, 27 Dec 2024 00:13:30 GMT x-xss-protection 1; mode=block content-type application/json; charset=utf-8 vary Accept-Encoding referrer-policy origin-when-cross-origin access-control-allow-headers *
GET H2	200	merkletree.js Show response cdn.jsdelivr.net/npm/merkletreejs@latest/	215 KB 47 KB	71ms 20ms	Script application/javascript	151.101.193.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/merkletreejs@latest/merkletree.js Requested by Host: claims-pudgepenguins.org URL: https://claims-pudgepenguins.org/079975ea-53cf-4d00-9e17-07a691cd9d8d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.193.229 San Francisco, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash c277622a66901d9b5b7fa8765ce15798265c5e30d832e08c0d69157e28de7460 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://claims-pudgepenguins.org/ Response headers access-control-expose-headers * content-encoding br etag W/"35cec-voDmHbahh9asSkpxmh+JmyyWCMA" age 41655 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT, HIT date Fri, 27 Dec 2024 00:13:30 GMT content-type application/javascript; charset=utf-8 x-served-by cache-fra-etou8220103-FRA, cache-yyz4557-YYZ vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 47359 x-jsd-version 0.4.0
GET		wallet-connect-v4.js claims-pudgepenguins.org/scripts/	0 0
GET H3	200	popup-6.css claims-pudgepenguins.org/styles/	51 KB 10 KB	328ms 327ms	Stylesheet text/css	104.21.92.152 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://claims-pudgepenguins.org/styles/popup-6.css Requested by Host: claims-pudgepenguins.org URL: https://claims-pudgepenguins.org/079975ea-53cf-4d00-9e17-07a691cd9d8d.js Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.92.152 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f4f2ea8a9fae0fe006897e4d5907c3677086ab3d476e308e2a6a43f43ca8ffaf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://claims-pudgepenguins.org/ Response headers content-encoding gzip cf-cache-status MISS etag "cbe2-629b4a17281f4-gzip" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DHKxPStKdY3ZxW2aWKqZGzHi5q%2BFrRag0%2Fh%2BHB9UfQsNW%2BdM%2FnJnvnxeEDx%2F3QXqX%2BfHIPTSwx%2BF9%2BaedeOFYl%2BR7tJOTmggN%2BBFNyQZVJhHjECjceDQsArB617%2Fahnr5CZzAwaCMqufu%2FA%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=303478&min_rtt=18307&rtt_var=49267&sent=2051&recv=966&lost=213&retrans=216&sent_bytes=2134813&recv_bytes=55331&delivery_rate=2055&cwnd=6790&unsent_bytes=0&cid=d19247edd7aecdee&ts=17990&x=1", cfExtPri, cfHdrFlush;dur=0 date Fri, 27 Dec 2024 00:13:31 GMT content-type text/css last-modified Fri, 20 Dec 2024 14:40:39 GMT vary Accept-Encoding priority u=0,i=?0 cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8f851aeb79cc54a9-YYZ accept-ranges bytes content-length 9992 server cloudflare
GET		wallet-connect-v4.js claims-pudgepenguins.org/scripts/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

claims-pudgepenguins.org

URL

https://claims-pudgepenguins.org/scripts/wallet-connect-v4.js?v=3

Domain

claims-pudgepenguins.org

URL

https://claims-pudgepenguins.org/scripts/wallet-connect-v4.js?v=3

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| finger function| savepage_ShadowLoader object| CryptoJS object| _ethers object| ethers function| __r function| MerkleTree function| MerkleMountainRange function| IncrementalMerkleTree function| MerkleSumTree

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.privy.io/	1970-01-21 02:01:00	Name: __cf_bm Value: Tkno_66MjZLoID2PyvgBjJerHSQw247GWTZ.TdMeU7s-1735258409-1.0.1.1-53EGTkgzA4FCa8wrl4D0_D99NYoc_rIwgDcQAyIEqxCVn2Ks.cLF7OZarJ.wv4flCz_sO8RYfdA1P3KFnlL1Sw
			.privy.io/	1969-12-31 23:59:59	Name: _cfuvid Value: Is.bnyP4tg8XamnBAS1bAI4njRRQQaV6FPy6aAT5smE-1735258409596-0.0.1.1-604800000
			claims-pudgepenguins.org/	1970-01-21 11:36:58	Name: gacfxdn1x7 Value: AZGkHjxsPKQyb17

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://claims-pudgepenguins.org/ff9c6572-e489-4f0d-8476-9f51203fcb7c.js Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://claims-pudgepenguins.org/(Line 1) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://claims-pudgepenguins.org/(Line 1) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://claims-pudgepenguins.org/(Line 1) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://claims-pudgepenguins.org/(Line 1) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://claims-pudgepenguins.org/(Line 57) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://claims-pudgepenguins.org/(Line 57) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://claims-pudgepenguins.org/(Line 57) Message: <link rel=preload> has an invalid `href` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

binance.llamarpc.com
bsc-dataseed2.bnbchain.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
claims-pudgepenguins.org
claims-pudgepenguins.org
104.17.24.14
104.21.92.152
104.26.15.157
151.101.193.229
52.202.203.252
04f2d7880b2a9a5b91f6b7763bfed11a1a681075a2fc4122794d2e4f13fecece
38aeafc4800bc73720ebad06734b6a1fbbabc772d4f703a027015d5a72548d1c
3932afcb4b34e743459d09ddb48cc47ca1910b27d965f2a23ec56f467c2ef171
55317d69a0199110cda85d6a1e95c06f68b985131613a85066cfb5f711c577be
5bf16b463f6472260bbaa51a127d89c94e7151920b56843c6a48ca1fabbf2ef7
6617feddfedca9f981b2b79ae8fea2e51f8232ac59ed4f1be7f730520f9291cb
769a555de553babc35a3338f344dd7aa16260c93cea2c7db290707c90484e7cc
7fe2bbc8c604effc462aac3ab6163e86faae7976ed66c0737a76dce8b3673fbd
95c66625ee20f53d542e23dded002b021b24e9d28c3d193a076d45cba4dc8618
c277622a66901d9b5b7fa8765ce15798265c5e30d832e08c0d69157e28de7460
cf0c66fe711eb7352f99ec345e8e28dce38fad34f37506e06dbe807ebe30c89a
e9b0f17a0de2b0e94b440ac0daf5ccaf8ecfd91ee4937c7caf3bfb3b4d6f634f
f4f2ea8a9fae0fe006897e4d5907c3677086ab3d476e308e2a6a43f43ca8ffaf
fd1d69c9fe04a9b4ed9e78286299b09cbbf23efab96c8ab7fffad59ebf3d6f9a